| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Gmx Mail Account gehackt? Virus?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
30.03.2013, 01:56
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Gmx Mail Account gehackt? Virus? Was ist mit dem anderem Log? Und bitte die Logdateien nicht in Worddokumente gießen, du willst nur reinen Text transportieren da ist das doc oder docx format nicht das Mittel der Wahl
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
30.03.2013, 12:19
| #17 |
 | Gmx Mail Account gehackt? Virus? ---------------------------------------
__________________Malwarebytes Anti-Rootkit BETA 1.01.0.1022 (c) Malwarebytes Corporation 2011-2012 OS version: 6.1.7601 Windows 7 Service Pack 1 x64 Account is Administrative Internet Explorer version: 9.0.8112.16421 Java version: 1.6.0_29 File system is: NTFS Disk drives: C:\ DRIVE_FIXED CPU speed: 2.128000 GHz Memory total: 4258115584, free: 2611482624 ------------ Kernel report ------------ 03/29/2013 01:54:03 ------------ Loaded modules ----------- \SystemRoot\system32\ntoskrnl.exe \SystemRoot\system32\hal.dll \SystemRoot\system32\kdcom.dll \SystemRoot\system32\mcupdate_GenuineIntel.dll \SystemRoot\system32\PSHED.dll \SystemRoot\system32\CLFS.SYS \SystemRoot\system32\CI.dll \SystemRoot\system32\drivers\Wdf01000.sys \SystemRoot\system32\drivers\WDFLDR.SYS \SystemRoot\System32\Drivers\spwt.sys \SystemRoot\System32\Drivers\WMILIB.SYS \SystemRoot\System32\Drivers\SCSIPORT.SYS \SystemRoot\system32\drivers\ACPI.sys \SystemRoot\system32\drivers\msisadrv.sys \SystemRoot\system32\drivers\vdrvroot.sys \SystemRoot\system32\drivers\pci.sys \SystemRoot\System32\drivers\partmgr.sys \SystemRoot\system32\DRIVERS\compbatt.sys \SystemRoot\system32\DRIVERS\BATTC.SYS \SystemRoot\system32\drivers\volmgr.sys \SystemRoot\System32\drivers\volmgrx.sys \SystemRoot\System32\drivers\mountmgr.sys \SystemRoot\system32\drivers\atapi.sys \SystemRoot\system32\drivers\ataport.SYS \SystemRoot\system32\drivers\msahci.sys \SystemRoot\system32\drivers\PCIIDEX.SYS \SystemRoot\system32\drivers\amdxata.sys \SystemRoot\system32\drivers\fltmgr.sys \SystemRoot\system32\drivers\fileinfo.sys \SystemRoot\system32\drivers\TfFsMon.sys \SystemRoot\system32\drivers\TfSysMon.sys \SystemRoot\System32\Drivers\Ntfs.sys \SystemRoot\System32\Drivers\msrpc.sys \SystemRoot\System32\Drivers\ksecdd.sys \SystemRoot\System32\Drivers\cng.sys \SystemRoot\System32\drivers\pcw.sys \SystemRoot\System32\Drivers\Fs_Rec.sys \SystemRoot\system32\drivers\ndis.sys \SystemRoot\system32\drivers\NETIO.SYS \SystemRoot\System32\Drivers\ksecpkg.sys \SystemRoot\System32\drivers\tcpip.sys \SystemRoot\System32\drivers\fwpkclnt.sys \SystemRoot\system32\drivers\volsnap.sys \SystemRoot\System32\Drivers\spldr.sys \SystemRoot\System32\drivers\rdyboost.sys \SystemRoot\System32\Drivers\mup.sys \SystemRoot\System32\drivers\hwpolicy.sys \SystemRoot\System32\DRIVERS\fvevol.sys \SystemRoot\system32\DRIVERS\disk.sys \SystemRoot\system32\DRIVERS\CLASSPNP.SYS \SystemRoot\system32\DRIVERS\cdrom.sys \SystemRoot\System32\Drivers\Null.SYS \SystemRoot\System32\Drivers\Beep.SYS \SystemRoot\System32\drivers\vga.sys \SystemRoot\System32\drivers\VIDEOPRT.SYS \SystemRoot\System32\drivers\watchdog.sys \SystemRoot\System32\DRIVERS\RDPCDD.sys \SystemRoot\system32\drivers\rdpencdd.sys \SystemRoot\system32\drivers\rdprefmp.sys \SystemRoot\System32\Drivers\Msfs.SYS \SystemRoot\System32\Drivers\Npfs.SYS \SystemRoot\system32\DRIVERS\tdx.sys \SystemRoot\system32\DRIVERS\TDI.SYS \SystemRoot\system32\drivers\afd.sys \SystemRoot\System32\DRIVERS\netbt.sys \SystemRoot\system32\DRIVERS\wfplwf.sys \SystemRoot\system32\DRIVERS\pacer.sys \SystemRoot\system32\DRIVERS\vwififlt.sys \SystemRoot\system32\DRIVERS\netbios.sys \SystemRoot\system32\DRIVERS\wanarp.sys \SystemRoot\system32\drivers\termdd.sys \SystemRoot\system32\DRIVERS\rdbss.sys \SystemRoot\system32\drivers\nsiproxy.sys \SystemRoot\system32\drivers\mssmbios.sys \SystemRoot\System32\drivers\discache.sys \SystemRoot\System32\Drivers\dfsc.sys \SystemRoot\system32\DRIVERS\blbdrive.sys \SystemRoot\system32\DRIVERS\avkmgr.sys \SystemRoot\system32\DRIVERS\avipbb.sys \SystemRoot\system32\DRIVERS\tunnel.sys \SystemRoot\system32\DRIVERS\atikmpag.sys \SystemRoot\system32\DRIVERS\atikmdag.sys \SystemRoot\System32\drivers\dxgkrnl.sys \SystemRoot\System32\drivers\dxgmms1.sys \SystemRoot\system32\drivers\HDAudBus.sys \SystemRoot\system32\DRIVERS\usbuhci.sys \SystemRoot\system32\DRIVERS\USBPORT.SYS \SystemRoot\system32\DRIVERS\usbehci.sys \SystemRoot\system32\DRIVERS\bcmwl664.sys \SystemRoot\system32\DRIVERS\vwifibus.sys \SystemRoot\system32\DRIVERS\k57nd60a.sys \SystemRoot\system32\drivers\1394ohci.sys \SystemRoot\system32\drivers\sdbus.sys \SystemRoot\system32\DRIVERS\rimmpx64.sys \SystemRoot\system32\DRIVERS\rimspx64.sys \SystemRoot\system32\DRIVERS\rixdpx64.sys \SystemRoot\system32\drivers\i8042prt.sys \SystemRoot\system32\drivers\kbdclass.sys \SystemRoot\system32\DRIVERS\SynTP.sys \SystemRoot\system32\DRIVERS\USBD.SYS \SystemRoot\system32\drivers\mouclass.sys \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys \SystemRoot\system32\DRIVERS\intelppm.sys \SystemRoot\system32\drivers\wmiacpi.sys \SystemRoot\system32\DRIVERS\CmBatt.sys \SystemRoot\system32\drivers\CompositeBus.sys \SystemRoot\system32\DRIVERS\AgileVpn.sys \SystemRoot\system32\DRIVERS\rasl2tp.sys \SystemRoot\system32\DRIVERS\ndistapi.sys \SystemRoot\system32\DRIVERS\ndiswan.sys \SystemRoot\system32\DRIVERS\raspppoe.sys \SystemRoot\system32\DRIVERS\raspptp.sys \SystemRoot\system32\DRIVERS\rassstp.sys \SystemRoot\system32\drivers\swenum.sys \SystemRoot\system32\drivers\ks.sys \SystemRoot\system32\drivers\umbus.sys \SystemRoot\system32\DRIVERS\usbhub.sys \SystemRoot\System32\Drivers\NDProxy.SYS \SystemRoot\system32\drivers\AtihdW76.sys \SystemRoot\system32\drivers\portcls.sys \SystemRoot\system32\drivers\drmk.sys \SystemRoot\system32\drivers\ksthunk.sys \SystemRoot\system32\drivers\HdAudio.sys \SystemRoot\system32\DRIVERS\usbccgp.sys \SystemRoot\System32\Drivers\crashdmp.sys \SystemRoot\System32\Drivers\dump_dumpata.sys \SystemRoot\System32\Drivers\dump_msahci.sys \SystemRoot\System32\Drivers\dump_dumpfve.sys \SystemRoot\System32\win32k.sys \SystemRoot\System32\drivers\Dxapi.sys \SystemRoot\System32\Drivers\usbvideo.sys \SystemRoot\system32\DRIVERS\CtClsFlt.sys \SystemRoot\system32\DRIVERS\monitor.sys \SystemRoot\System32\TSDDD.dll \SystemRoot\System32\cdd.dll \SystemRoot\system32\drivers\luafv.sys \SystemRoot\system32\DRIVERS\avgntflt.sys \SystemRoot\system32\DRIVERS\lltdio.sys \SystemRoot\system32\DRIVERS\nwifi.sys \SystemRoot\system32\DRIVERS\ndisuio.sys \SystemRoot\system32\DRIVERS\rspndr.sys \SystemRoot\system32\DRIVERS\vwifimp.sys \SystemRoot\system32\drivers\HTTP.sys \SystemRoot\system32\DRIVERS\bowser.sys \SystemRoot\System32\drivers\mpsdrv.sys \SystemRoot\system32\DRIVERS\mrxsmb.sys \SystemRoot\system32\DRIVERS\mrxsmb10.sys \SystemRoot\system32\DRIVERS\mrxsmb20.sys \SystemRoot\system32\drivers\peauth.sys \SystemRoot\System32\Drivers\secdrv.SYS \SystemRoot\System32\drivers\tcpipreg.sys \SystemRoot\system32\drivers\BCM42RLY.sys \SystemRoot\system32\DRIVERS\LVPr2M64.sys \??\C:\Windows\system32\drivers\TfNetMon.sys \SystemRoot\System32\DRIVERS\srvnet.sys \SystemRoot\System32\DRIVERS\srv2.sys \SystemRoot\System32\DRIVERS\srv.sys \SystemRoot\System32\Drivers\fastfat.SYS \??\C:\Windows\system32\drivers\mbamchameleon.sys \??\C:\Windows\system32\drivers\mbamswissarmy.sys \Windows\System32\ntdll.dll \Windows\System32\smss.exe \Windows\System32\apisetschema.dll ----------- End ----------- <<<1>>> Upper Device Name: \Device\Harddisk0\DR0 Upper Device Object: 0xfffffa8004ca6790 Upper Device Driver Name: \Driver\Disk\ Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\ Lower Device Object: 0xfffffa8004b031f0 Lower Device Driver Name: \Driver\atapi\ Driver name found: atapi Initialization returned 0x0 Port sub-driver loaded: \??\C:\Windows\System32\drivers\ataport.sys (0x0) Load Function returned 0x0 Downloaded database version: v2013.03.30.03 Downloaded database version: v2013.03.25.01 Initializing... Done! <<<2>>> Device number: 0, partition: 3 Physical Sector Size: 512 Drive: 0, DevicePointer: 0xfffffa8004ca6790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ --------- Disk Stack ------ DevicePointer: 0xfffffa8004ca6250, DeviceName: Unknown, DriverName: \Driver\partmgr\ DevicePointer: 0xfffffa8004ca6790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ DevicePointer: 0xfffffa8004b031f0, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\ ------------ End ---------- Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\ Upper DeviceData: 0xfffff8a00e5057b0, 0xfffffa8004ca6790, 0xfffffa8005fdd790 Lower DeviceData: 0xfffff8a01021e830, 0xfffffa8004b031f0, 0xfffffa80048f8130 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes Scanning directory: C:\Windows\system32\drivers... <<<2>>> Device number: 0, partition: 3 <<<3>>> Volume: C: File system type: NTFS SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes File user open failed: C:\Windows\system32\drivers\sptd.sys (0x00000020) Done! Drive 0 Scanning MBR on drive 0... Inspecting partition table: MBR Signature: 55AA Disk Signature: 7ABE6F4D Partition information: Partition 0 type is Other (0xde) Partition is NOT ACTIVE. Partition starts at LBA: 63 Numsec = 80262 Partition 1 type is Primary (0x7) Partition is ACTIVE. Partition starts at LBA: 80325 Numsec = 30720000 Partition file system is NTFS Partition is bootable Partition 2 type is Primary (0x7) Partition is NOT ACTIVE. Partition starts at LBA: 30800325 Numsec = 945970795 Partition 3 type is Empty (0x0) Partition is NOT ACTIVE. Partition starts at LBA: 0 Numsec = 0 Disk Size: 500107862016 bytes Sector size: 512 bytes Scanning physical sectors of unpartitioned space on drive 0 (1-62-976753168-976773168)... Done! Performing system, memory and registry scan... Done! Scan finished ======================================= Geändert von knightthreat (30.03.2013 um 12:34 Uhr) |
|
30.03.2013, 15:55
| #18 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Gmx Mail Account gehackt? Virus? Das ist das falsche Log von MBAR, bitte die Anleitungen sorgfältiger umsetzen.
__________________Außerdem bat ich darum, die Logs in CODE-Tags zu posten  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
31.03.2013, 00:40
| #19 |
| | Gmx Mail Account gehackt? Virus? sorry... |
|
31.03.2013, 01:03
| #20 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Gmx Mail Account gehackt? Virus? Was soll das jetzt bitte im Anhang? 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.04.2013, 13:05
| #21 |
| | Gmx Mail Account gehackt? Virus? das ist die datei, die du wolltest. ich hatte das programm durchlaufen lassen und er hat nichts schädliches erkannt! Ich weiß sonst nicht was Du meinst.. Ist Dir bislang denn was schädliches aufgefallen? Die Log-Ins gehen weiter, trotz, dass ich das PW von Dritten ändern lasse und meinen Lap-Top bzw. Geräte in meinem W-Lan auslasse... Daher ist ein Virus auf dem Lap doch eigentl. auszuschließen?! |
|
01.04.2013, 20:36
| #22 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Gmx Mail Account gehackt? Virus? Es geht mir nicht um das Log an sich, aber was hab ich dick und fett denn vorher gepostet? Hast du meinen vorherigen Beitrag denn überhaupt komplett gelesen?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.04.2013, 21:59
| #23 |
| | Gmx Mail Account gehackt? Virus?Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1022
www.malwarebytes.org
Database version: v2013.03.30.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Juliane :: User [administrator]
30.03.2013 12:09:17
mbar-log-2013-03-30 (12-09-17).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 28735
Time elapsed: 14 minute(s), 10 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
|
|
01.04.2013, 23:28
| #24 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Gmx Mail Account gehackt? Virus? aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.04.2013, 22:23
| #25 |
| | Gmx Mail Account gehackt? Virus?HTML-Code: aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-04 23:04:36
-----------------------------
23:04:36.092 OS Version: Windows x64 6.1.7601 Service Pack 1
23:04:36.092 Number of processors: 2 586 0x170A
23:04:36.107 ComputerName: user-PC UserName: user
23:04:39.181 Initialize success
23:10:13.939 AVAST engine defs: 13040401
23:12:52.097 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
23:12:52.097 Disk 0 Vendor: WDC_WD5000BEVT-75ZAT0 01.01A01 Size: 476940MB BusType: 11
23:12:52.112 Disk 0 MBR read successfully
23:12:52.112 Disk 0 MBR scan
23:12:52.143 Disk 0 Windows VISTA default MBR code
23:12:52.143 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 39 MB offset 63
23:12:52.159 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 15000 MB offset 80325
23:12:52.175 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 461899 MB offset 30800325
23:12:52.206 Disk 0 scanning C:\Windows\system32\drivers
23:13:08.088 Service scanning
23:13:38.960 Modules scanning
23:13:38.976 Disk 0 trace - called modules:
23:13:39.007 ntoskrnl.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0xfffffa80049d12c0]<<sprt.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
23:13:39.506 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004cc3530]
23:13:39.506 3 CLASSPNP.SYS[fffff880013c243f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004b261f0]
23:13:39.522 \Driver\atapi[0xfffffa8004aeb690] -> IRP_MJ_CREATE -> 0xfffffa80049d12c0
23:13:42.377 AVAST engine scan C:\Windows
23:13:44.748 AVAST engine scan C:\Windows\system32
23:18:12.557 AVAST engine scan C:\Windows\system32\drivers
23:18:28.360 AVAST engine scan C:\Users\user
23:20:13.052 Disk 0 MBR has been saved successfully to "C:\Users\user\Desktop\MBR.dat"
23:20:13.068 The log file has been saved successfully to "C:\Users\user\Desktop\aswMBR.txt"
Code:
ATTFilter 23:20:49.0504 3924 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
23:20:49.0644 3924 ============================================================
23:20:49.0644 3924 Current date / time: 2013/04/04 23:20:49.0644
23:20:49.0644 3924 SystemInfo:
23:20:49.0644 3924
23:20:49.0644 3924 OS Version: 6.1.7601 ServicePack: 1.0
23:20:49.0644 3924 Product type: Workstation
23:20:49.0644 3924 ComputerName: USER-PC
23:20:49.0644 3924 UserName: User
23:20:49.0644 3924 Windows directory: C:\Windows
23:20:49.0644 3924 System windows directory: C:\Windows
23:20:49.0644 3924 Running under WOW64
23:20:49.0644 3924 Processor architecture: Intel x64
23:20:49.0644 3924 Number of processors: 2
23:20:49.0644 3924 Page size: 0x1000
23:20:49.0644 3924 Boot type: Normal boot
23:20:49.0644 3924 ============================================================
23:21:06.0430 3924 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:21:06.0430 3924 ============================================================
23:21:06.0430 3924 \Device\Harddisk0\DR0:
23:21:06.0430 3924 MBR partitions:
23:21:06.0430 3924 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x1D4C000
23:21:06.0430 3924 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D5F9C5, BlocksNum 0x38625E6B
23:21:06.0430 3924 ============================================================
23:21:06.0492 3924 C: <-> \Device\Harddisk0\DR0\Partition2
23:21:06.0492 3924 ============================================================
23:21:06.0492 3924 Initialize success
23:21:06.0492 3924 ============================================================
23:21:27.0037 4520 ============================================================
23:21:27.0037 4520 Scan started
23:21:27.0037 4520 Mode: Manual; SigCheck; TDLFS;
23:21:27.0037 4520 ============================================================
23:21:27.0973 4520 ================ Scan system memory ========================
23:21:27.0973 4520 System memory - ok
23:21:27.0973 4520 ================ Scan services =============================
23:21:28.0176 4520 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
23:21:28.0285 4520 1394ohci - ok
23:21:28.0316 4520 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
23:21:28.0348 4520 ACPI - ok
23:21:28.0379 4520 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
23:21:28.0441 4520 AcpiPmi - ok
23:21:28.0535 4520 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:21:28.0550 4520 AdobeARMservice - ok
23:21:28.0706 4520 [ EA856F4A46320389D1899B2CAA7BF40F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:21:28.0722 4520 AdobeFlashPlayerUpdateSvc - ok
23:21:28.0784 4520 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
23:21:28.0800 4520 adp94xx - ok
23:21:28.0831 4520 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
23:21:28.0847 4520 adpahci - ok
23:21:28.0862 4520 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
23:21:28.0878 4520 adpu320 - ok
23:21:28.0909 4520 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:21:29.0050 4520 AeLookupSvc - ok
23:21:29.0096 4520 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
23:21:29.0174 4520 AFD - ok
23:21:29.0206 4520 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:21:29.0221 4520 agp440 - ok
23:21:29.0237 4520 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
23:21:29.0315 4520 ALG - ok
23:21:29.0330 4520 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
23:21:29.0346 4520 aliide - ok
23:21:29.0377 4520 [ E20DDDFBD0DBE7D8EAD4D7A51D654367 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:21:29.0440 4520 AMD External Events Utility - ok
23:21:29.0455 4520 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
23:21:29.0471 4520 amdide - ok
23:21:29.0502 4520 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
23:21:29.0549 4520 AmdK8 - ok
23:21:29.0830 4520 [ 4284FB1240537A33E6EC417EFD87D40F ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
23:21:30.0142 4520 amdkmdag - ok
23:21:30.0220 4520 [ 6C25C497E05EFD0CB6033A0444FC9B51 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
23:21:30.0266 4520 amdkmdap - ok
23:21:30.0282 4520 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
23:21:30.0329 4520 AmdPPM - ok
23:21:30.0376 4520 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
23:21:30.0391 4520 amdsata - ok
23:21:30.0438 4520 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
23:21:30.0454 4520 amdsbs - ok
23:21:30.0485 4520 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
23:21:30.0500 4520 amdxata - ok
23:21:30.0844 4520 [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
23:21:30.0859 4520 AntiVirSchedulerService - ok
23:21:30.0937 4520 [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
23:21:30.0953 4520 AntiVirService - ok
23:21:31.0000 4520 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
23:21:31.0187 4520 AppID - ok
23:21:31.0202 4520 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
23:21:31.0265 4520 AppIDSvc - ok
23:21:31.0312 4520 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
23:21:31.0358 4520 Appinfo - ok
23:21:31.0436 4520 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:21:31.0452 4520 Apple Mobile Device - ok
23:21:31.0483 4520 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
23:21:31.0499 4520 arc - ok
23:21:31.0530 4520 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
23:21:31.0546 4520 arcsas - ok
23:21:31.0561 4520 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:21:31.0608 4520 AsyncMac - ok
23:21:31.0655 4520 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
23:21:31.0670 4520 atapi - ok
23:21:31.0717 4520 [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
23:21:31.0920 4520 AtiHDAudioService - ok
23:21:31.0967 4520 [ 38467FF83C2B4265D51F418812A91E3C ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
23:21:31.0982 4520 AtiHdmiService - ok
23:21:32.0216 4520 [ 4284FB1240537A33E6EC417EFD87D40F ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
23:21:32.0372 4520 atikmdag - ok
23:21:32.0513 4520 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:21:32.0591 4520 AudioEndpointBuilder - ok
23:21:32.0622 4520 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
23:21:32.0653 4520 AudioSrv - ok
23:21:32.0731 4520 [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
23:21:32.0747 4520 avgntflt - ok
23:21:32.0809 4520 [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
23:21:32.0809 4520 avipbb - ok
23:21:32.0856 4520 [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
23:21:32.0872 4520 avkmgr - ok
23:21:32.0887 4520 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
23:21:32.0996 4520 AxInstSV - ok
23:21:33.0043 4520 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
23:21:33.0074 4520 b06bdrv - ok
23:21:33.0121 4520 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
23:21:33.0184 4520 b57nd60a - ok
23:21:33.0215 4520 [ E001DD475A7C27EBE5A0DB45C11BAD71 ] BCM42RLY C:\Windows\system32\drivers\BCM42RLY.sys
23:21:33.0230 4520 BCM42RLY - ok
23:21:33.0308 4520 [ F4CD5F52850BF2C978DE178F256BA372 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
23:21:33.0418 4520 BCM43XX - ok
23:21:33.0464 4520 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
23:21:33.0511 4520 BDESVC - ok
23:21:33.0542 4520 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
23:21:33.0636 4520 Beep - ok
23:21:33.0683 4520 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
23:21:33.0745 4520 BFE - ok
23:21:33.0792 4520 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
23:21:33.0886 4520 BITS - ok
23:21:33.0917 4520 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
23:21:33.0948 4520 blbdrive - ok
23:21:34.0088 4520 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:21:34.0104 4520 Bonjour Service - ok
23:21:34.0135 4520 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:21:34.0166 4520 bowser - ok
23:21:34.0198 4520 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:21:34.0229 4520 BrFiltLo - ok
23:21:34.0260 4520 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:21:34.0276 4520 BrFiltUp - ok
23:21:34.0307 4520 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
23:21:34.0354 4520 Browser - ok
23:21:34.0369 4520 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
23:21:34.0416 4520 Brserid - ok
23:21:34.0447 4520 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
23:21:34.0478 4520 BrSerWdm - ok
23:21:34.0478 4520 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
23:21:34.0510 4520 BrUsbMdm - ok
23:21:34.0541 4520 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
23:21:34.0572 4520 BrUsbSer - ok
23:21:34.0603 4520 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
23:21:34.0697 4520 BthEnum - ok
23:21:34.0697 4520 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
23:21:34.0728 4520 BTHMODEM - ok
23:21:34.0759 4520 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
23:21:34.0790 4520 BthPan - ok
23:21:34.0822 4520 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
23:21:34.0900 4520 BTHPORT - ok
23:21:34.0931 4520 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
23:21:34.0993 4520 bthserv - ok
23:21:35.0024 4520 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
23:21:35.0071 4520 BTHUSB - ok
23:21:35.0102 4520 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:21:35.0149 4520 cdfs - ok
23:21:35.0258 4520 [ D6696435EEFD7BBDB4226C60A5B343DC ] CDMA Device Service C:\Program Files (x86)\Samsung\USB Drivers\26_VIA_driver2\amd64\VIAService.exe
23:21:35.0274 4520 CDMA Device Service ( UnsignedFile.Multi.Generic ) - warning
23:21:35.0274 4520 CDMA Device Service - detected UnsignedFile.Multi.Generic (1)
23:21:35.0321 4520 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:21:35.0336 4520 cdrom - ok
23:21:35.0368 4520 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
23:21:35.0430 4520 CertPropSvc - ok
23:21:35.0461 4520 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
23:21:35.0477 4520 circlass - ok
23:21:35.0524 4520 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
23:21:35.0539 4520 CLFS - ok
23:21:35.0633 4520 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:21:35.0648 4520 clr_optimization_v2.0.50727_32 - ok
23:21:35.0726 4520 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:21:35.0758 4520 clr_optimization_v2.0.50727_64 - ok
23:21:35.0820 4520 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:21:35.0898 4520 clr_optimization_v4.0.30319_32 - ok
23:21:35.0929 4520 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:21:35.0945 4520 clr_optimization_v4.0.30319_64 - ok
23:21:36.0007 4520 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:21:36.0038 4520 CmBatt - ok
23:21:36.0054 4520 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:21:36.0070 4520 cmdide - ok
23:21:36.0116 4520 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
23:21:36.0179 4520 CNG - ok
23:21:36.0210 4520 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:21:36.0226 4520 Compbatt - ok
23:21:36.0257 4520 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
23:21:36.0304 4520 CompositeBus - ok
23:21:36.0304 4520 COMSysApp - ok
23:21:36.0444 4520 cpuz132 - ok
23:21:36.0460 4520 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
23:21:36.0475 4520 crcdisk - ok
23:21:36.0506 4520 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:21:36.0584 4520 CryptSvc - ok
23:21:36.0631 4520 [ ED5CF92396A62F4C15110DCDB5E854D9 ] CtClsFlt C:\Windows\system32\DRIVERS\CtClsFlt.sys
23:21:36.0678 4520 CtClsFlt - ok
23:21:36.0740 4520 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:21:36.0803 4520 DcomLaunch - ok
23:21:36.0834 4520 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
23:21:36.0896 4520 defragsvc - ok
23:21:36.0928 4520 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:21:36.0974 4520 DfsC - ok
23:21:37.0021 4520 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
23:21:37.0084 4520 Dhcp - ok
23:21:37.0099 4520 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
23:21:37.0146 4520 discache - ok
23:21:37.0162 4520 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
23:21:37.0177 4520 Disk - ok
23:21:37.0208 4520 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:21:37.0271 4520 Dnscache - ok
23:21:37.0302 4520 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
23:21:37.0364 4520 dot3svc - ok
23:21:37.0411 4520 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
23:21:37.0458 4520 DPS - ok
23:21:37.0552 4520 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:21:37.0630 4520 drmkaud - ok
23:21:37.0723 4520 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:21:37.0786 4520 DXGKrnl - ok
23:21:37.0801 4520 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
23:21:37.0879 4520 EapHost - ok
23:21:37.0957 4520 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
23:21:38.0066 4520 ebdrv - ok
23:21:38.0144 4520 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
23:21:38.0160 4520 EFS - ok
23:21:38.0254 4520 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:21:38.0347 4520 ehRecvr - ok
23:21:38.0394 4520 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
23:21:38.0472 4520 ehSched - ok
23:21:38.0519 4520 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
23:21:38.0550 4520 elxstor - ok
23:21:38.0566 4520 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:21:38.0597 4520 ErrDev - ok
23:21:38.0675 4520 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
23:21:38.0737 4520 EventSystem - ok
23:21:38.0768 4520 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
23:21:38.0831 4520 exfat - ok
23:21:38.0878 4520 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:21:38.0940 4520 fastfat - ok
23:21:38.0971 4520 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
23:21:39.0049 4520 Fax - ok
23:21:39.0096 4520 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:21:39.0127 4520 fdc - ok
23:21:39.0158 4520 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
23:21:39.0221 4520 fdPHost - ok
23:21:39.0236 4520 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
23:21:39.0283 4520 FDResPub - ok
23:21:39.0314 4520 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:21:39.0330 4520 FileInfo - ok
23:21:39.0330 4520 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:21:39.0392 4520 Filetrace - ok
23:21:39.0424 4520 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:21:39.0502 4520 flpydisk - ok
23:21:39.0548 4520 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:21:39.0564 4520 FltMgr - ok
23:21:39.0626 4520 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
23:21:39.0704 4520 FontCache - ok
23:21:39.0782 4520 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:21:39.0798 4520 FontCache3.0.0.0 - ok
23:21:39.0829 4520 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
23:21:39.0845 4520 FsDepends - ok
23:21:39.0892 4520 [ 53DAB1791917A72738539AD25C4EED7F ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
23:21:39.0907 4520 fssfltr - ok
23:21:39.0985 4520 [ 45B52394F9624237F33A8A3D73C0B221 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
23:21:40.0048 4520 fsssvc - ok
23:21:40.0079 4520 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:21:40.0094 4520 Fs_Rec - ok
23:21:40.0126 4520 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
23:21:40.0157 4520 fvevol - ok
23:21:40.0172 4520 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
23:21:40.0188 4520 gagp30kx - ok
23:21:40.0250 4520 [ C1BBCE4B30B45410178EE674C818D10C ] GameConsoleService C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe
23:21:40.0297 4520 GameConsoleService - ok
23:21:40.0375 4520 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:21:40.0391 4520 GEARAspiWDM - ok
23:21:40.0516 4520 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
23:21:40.0578 4520 gpsvc - ok
23:21:40.0687 4520 [ 35272104234FA49A1DDAF165D54721B1 ] GSService C:\Windows\SysWOW64\GSService.exe
23:21:40.0718 4520 GSService - ok
23:21:40.0750 4520 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
23:21:40.0796 4520 hcw85cir - ok
23:21:40.0843 4520 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:21:40.0890 4520 HdAudAddService - ok
23:21:40.0921 4520 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
23:21:40.0952 4520 HDAudBus - ok
23:21:40.0968 4520 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
23:21:40.0999 4520 HidBatt - ok
23:21:41.0015 4520 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
23:21:41.0030 4520 HidBth - ok
23:21:41.0077 4520 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
23:21:41.0108 4520 HidIr - ok
23:21:41.0171 4520 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
23:21:41.0218 4520 hidserv - ok
23:21:41.0264 4520 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
23:21:41.0280 4520 HidUsb - ok
23:21:41.0311 4520 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:21:41.0374 4520 hkmsvc - ok
23:21:41.0420 4520 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:21:41.0483 4520 HomeGroupListener - ok
23:21:41.0514 4520 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:21:41.0545 4520 HomeGroupProvider - ok
23:21:41.0576 4520 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
23:21:41.0592 4520 HpSAMD - ok
23:21:41.0639 4520 [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64 C:\Windows\system32\Drivers\ANDROIDUSB.sys
23:21:41.0717 4520 HTCAND64 - ok
23:21:41.0748 4520 [ B8B1B284362E1D8135112573395D5DA5 ] htcnprot C:\Windows\system32\DRIVERS\htcnprot.sys
23:21:41.0764 4520 htcnprot - ok
23:21:41.0795 4520 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:21:41.0873 4520 HTTP - ok
23:21:41.0904 4520 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
23:21:41.0920 4520 hwpolicy - ok
23:21:41.0951 4520 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
23:21:41.0966 4520 i8042prt - ok
23:21:41.0998 4520 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
23:21:42.0029 4520 iaStorV - ok
23:21:42.0091 4520 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:21:42.0154 4520 idsvc - ok
23:21:42.0185 4520 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
23:21:42.0200 4520 iirsp - ok
23:21:42.0263 4520 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
23:21:42.0341 4520 IKEEXT - ok
23:21:42.0372 4520 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
23:21:42.0388 4520 intelide - ok
23:21:42.0403 4520 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:21:42.0434 4520 intelppm - ok
23:21:42.0450 4520 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:21:42.0512 4520 IPBusEnum - ok
23:21:42.0544 4520 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:21:42.0606 4520 IpFilterDriver - ok
23:21:42.0653 4520 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:21:42.0700 4520 iphlpsvc - ok
23:21:42.0778 4520 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
23:21:42.0809 4520 IPMIDRV - ok
23:21:42.0824 4520 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
23:21:42.0887 4520 IPNAT - ok
23:21:42.0980 4520 [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:21:43.0027 4520 iPod Service - ok
23:21:43.0043 4520 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:21:43.0090 4520 IRENUM - ok
23:21:43.0121 4520 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:21:43.0136 4520 isapnp - ok
23:21:43.0168 4520 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
23:21:43.0199 4520 iScsiPrt - ok
23:21:43.0230 4520 [ 7DBAFE10C1B777305C80BEA42FBDA710 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
23:21:43.0261 4520 k57nd60a - ok
23:21:43.0277 4520 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
23:21:43.0292 4520 kbdclass - ok
23:21:43.0324 4520 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
23:21:43.0355 4520 kbdhid - ok
23:21:43.0370 4520 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
23:21:43.0386 4520 KeyIso - ok
23:21:43.0433 4520 [ 07071C1E3CD8F0F9114AAC8B072CA1E5 ] KMWDFILTER C:\Windows\system32\DRIVERS\KMWDFILTER.sys
23:21:43.0448 4520 KMWDFILTER - ok
23:21:43.0480 4520 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:21:43.0495 4520 KSecDD - ok
23:21:43.0511 4520 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
23:21:43.0526 4520 KSecPkg - ok
23:21:43.0558 4520 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
23:21:43.0620 4520 ksthunk - ok
23:21:43.0651 4520 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
23:21:43.0714 4520 KtmRm - ok
23:21:43.0745 4520 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
23:21:43.0792 4520 LanmanServer - ok
23:21:43.0838 4520 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:21:43.0885 4520 LanmanWorkstation - ok
23:21:43.0916 4520 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:21:43.0963 4520 lltdio - ok
23:21:44.0010 4520 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:21:44.0072 4520 lltdsvc - ok
23:21:44.0088 4520 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:21:44.0135 4520 lmhosts - ok
23:21:44.0150 4520 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
23:21:44.0166 4520 LSI_FC - ok
23:21:44.0182 4520 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
23:21:44.0197 4520 LSI_SAS - ok
23:21:44.0228 4520 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:21:44.0244 4520 LSI_SAS2 - ok
23:21:44.0260 4520 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:21:44.0275 4520 LSI_SCSI - ok
23:21:44.0291 4520 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
23:21:44.0322 4520 luafv - ok
23:21:44.0369 4520 [ B2085E335F2B57077B0CBADB6F1245CD ] lvpopf64 C:\Windows\system32\DRIVERS\lvpopf64.sys
23:21:44.0384 4520 lvpopf64 - ok
23:21:44.0416 4520 [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
23:21:44.0416 4520 LVPr2M64 - ok
23:21:44.0431 4520 [ DED333DBDBBCC3555A6E6244522E2F1A ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
23:21:44.0431 4520 LVPr2Mon - ok
23:21:44.0525 4520 [ A35679E56E78091E1042A2D7ADBF2958 ] LVPrcS64 C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
23:21:44.0540 4520 LVPrcS64 - ok
23:21:44.0587 4520 [ 986C1CB787A007BAA5F74E7D316D7246 ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
23:21:44.0603 4520 LVRS64 - ok
23:21:44.0759 4520 [ 5747BC465ABEA2858C5D037252AED84E ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
23:21:44.0962 4520 LVUVC64 - ok
23:21:44.0993 4520 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:21:45.0024 4520 Mcx2Svc - ok
23:21:45.0071 4520 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
23:21:45.0086 4520 megasas - ok
23:21:45.0102 4520 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
23:21:45.0118 4520 MegaSR - ok
23:21:45.0149 4520 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
23:21:45.0211 4520 MMCSS - ok
23:21:45.0227 4520 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
23:21:45.0274 4520 Modem - ok
23:21:45.0289 4520 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:21:45.0336 4520 monitor - ok
23:21:45.0398 4520 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\drivers\mouclass.sys
23:21:45.0414 4520 mouclass - ok
23:21:45.0445 4520 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:21:45.0492 4520 mouhid - ok
23:21:45.0554 4520 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
23:21:45.0570 4520 mountmgr - ok
23:21:45.0679 4520 [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
23:21:45.0695 4520 MozillaMaintenance - ok
23:21:45.0726 4520 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
23:21:45.0742 4520 mpio - ok
23:21:45.0773 4520 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:21:45.0820 4520 mpsdrv - ok
23:21:45.0882 4520 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:21:45.0944 4520 MpsSvc - ok
23:21:45.0991 4520 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:21:46.0022 4520 MRxDAV - ok
23:21:46.0054 4520 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:21:46.0132 4520 mrxsmb - ok
23:21:46.0178 4520 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:21:46.0210 4520 mrxsmb10 - ok
23:21:46.0241 4520 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:21:46.0272 4520 mrxsmb20 - ok
23:21:46.0303 4520 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
23:21:46.0319 4520 msahci - ok
23:21:46.0350 4520 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:21:46.0366 4520 msdsm - ok
23:21:46.0412 4520 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
23:21:46.0444 4520 MSDTC - ok
23:21:46.0475 4520 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:21:46.0522 4520 Msfs - ok
23:21:46.0537 4520 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
23:21:46.0600 4520 mshidkmdf - ok
23:21:46.0615 4520 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:21:46.0631 4520 msisadrv - ok
23:21:46.0678 4520 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:21:46.0740 4520 MSiSCSI - ok
23:21:46.0740 4520 msiserver - ok
23:21:46.0756 4520 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:21:46.0818 4520 MSKSSRV - ok
23:21:46.0818 4520 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:21:46.0880 4520 MSPCLOCK - ok
23:21:46.0912 4520 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:21:46.0974 4520 MSPQM - ok
23:21:47.0005 4520 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:21:47.0021 4520 MsRPC - ok
23:21:47.0036 4520 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
23:21:47.0052 4520 mssmbios - ok
23:21:47.0052 4520 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:21:47.0114 4520 MSTEE - ok
23:21:47.0146 4520 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
23:21:47.0192 4520 MTConfig - ok
23:21:47.0192 4520 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
23:21:47.0208 4520 Mup - ok
23:21:47.0255 4520 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
23:21:47.0333 4520 napagent - ok
23:21:47.0380 4520 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:21:47.0426 4520 NativeWifiP - ok
23:21:47.0473 4520 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:21:47.0504 4520 NDIS - ok
23:21:47.0536 4520 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
23:21:47.0598 4520 NdisCap - ok
23:21:47.0614 4520 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:21:47.0660 4520 NdisTapi - ok
23:21:47.0707 4520 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:21:47.0754 4520 Ndisuio - ok
23:21:47.0785 4520 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:21:47.0848 4520 NdisWan - ok
23:21:47.0879 4520 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:21:47.0941 4520 NDProxy - ok
23:21:47.0957 4520 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:21:48.0019 4520 NetBIOS - ok
23:21:48.0050 4520 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
23:21:48.0097 4520 NetBT - ok
23:21:48.0097 4520 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
23:21:48.0128 4520 Netlogon - ok
23:21:48.0160 4520 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
23:21:48.0222 4520 Netman - ok
23:21:48.0238 4520 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
23:21:48.0316 4520 netprofm - ok
23:21:48.0347 4520 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:21:48.0378 4520 NetTcpPortSharing - ok
23:21:48.0378 4520 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
23:21:48.0394 4520 nfrd960 - ok
23:21:48.0440 4520 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:21:48.0456 4520 NlaSvc - ok
23:21:48.0503 4520 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:21:48.0534 4520 Npfs - ok
23:21:48.0565 4520 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
23:21:48.0628 4520 nsi - ok
23:21:48.0643 4520 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:21:48.0690 4520 nsiproxy - ok
23:21:48.0752 4520 [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:21:48.0815 4520 Ntfs - ok
23:21:48.0830 4520 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
23:21:48.0893 4520 Null - ok
23:21:48.0908 4520 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:21:48.0924 4520 nvraid - ok
23:21:48.0955 4520 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:21:48.0986 4520 nvstor - ok
23:21:49.0018 4520 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:21:49.0033 4520 nv_agp - ok
23:21:49.0142 4520 [ 1F0E05DFF4F5A833168E49BE1256F002 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:21:49.0189 4520 odserv - ok
23:21:49.0236 4520 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
23:21:49.0252 4520 ohci1394 - ok
23:21:49.0298 4520 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:21:49.0314 4520 ose - ok
23:21:49.0361 4520 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
23:21:49.0392 4520 p2pimsvc - ok
23:21:49.0439 4520 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
23:21:49.0486 4520 p2psvc - ok
23:21:49.0517 4520 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
23:21:49.0548 4520 Parport - ok
23:21:49.0564 4520 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:21:49.0579 4520 partmgr - ok
23:21:49.0642 4520 [ 5F731DD45D3B176C071E4CCEEB87B06B ] PassThru Service C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
23:21:49.0673 4520 PassThru Service ( UnsignedFile.Multi.Generic ) - warning
23:21:49.0673 4520 PassThru Service - detected UnsignedFile.Multi.Generic (1)
23:21:49.0704 4520 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
23:21:49.0735 4520 PcaSvc - ok
23:21:49.0813 4520 [ 4B5F5774FF1C577B9515FDD2B5C535C5 ] PCDSRVC{1E208CE0-FB7451FF-06020200}_0 c:\program files\dell support center\pcdsrvc_x64.pkms
23:21:49.0860 4520 PCDSRVC{1E208CE0-FB7451FF-06020200}_0 - ok
23:21:49.0891 4520 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
23:21:49.0907 4520 pci - ok
23:21:49.0938 4520 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
23:21:49.0954 4520 pciide - ok
23:21:49.0985 4520 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:21:50.0000 4520 pcmcia - ok
23:21:50.0032 4520 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
23:21:50.0047 4520 pcw - ok
23:21:50.0063 4520 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:21:50.0125 4520 PEAUTH - ok
23:21:50.0203 4520 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
23:21:50.0234 4520 PerfHost - ok
23:21:50.0312 4520 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
23:21:50.0437 4520 pla - ok
23:21:50.0515 4520 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:21:50.0578 4520 PlugPlay - ok
23:21:50.0624 4520 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
23:21:50.0687 4520 PNRPAutoReg - ok
23:21:50.0718 4520 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
23:21:50.0734 4520 PNRPsvc - ok
23:21:50.0780 4520 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:21:50.0843 4520 PolicyAgent - ok
23:21:50.0874 4520 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
23:21:50.0936 4520 Power - ok
23:21:50.0968 4520 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:21:51.0030 4520 PptpMiniport - ok
23:21:51.0061 4520 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
23:21:51.0092 4520 Processor - ok
23:21:51.0124 4520 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
23:21:51.0202 4520 ProfSvc - ok
23:21:51.0217 4520 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:21:51.0233 4520 ProtectedStorage - ok
23:21:51.0280 4520 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
23:21:51.0326 4520 Psched - ok
23:21:51.0373 4520 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
23:21:51.0436 4520 ql2300 - ok
23:21:51.0482 4520 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
23:21:51.0498 4520 ql40xx - ok
23:21:51.0529 4520 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
23:21:51.0560 4520 QWAVE - ok
23:21:51.0576 4520 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:21:51.0607 4520 QWAVEdrv - ok
23:21:51.0638 4520 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:21:51.0685 4520 RasAcd - ok
23:21:51.0701 4520 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
23:21:51.0763 4520 RasAgileVpn - ok
23:21:51.0810 4520 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
23:21:51.0872 4520 RasAuto - ok
23:21:51.0904 4520 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:21:51.0966 4520 Rasl2tp - ok
23:21:51.0997 4520 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
23:21:52.0091 4520 RasMan - ok
23:21:52.0106 4520 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:21:52.0169 4520 RasPppoe - ok
23:21:52.0184 4520 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:21:52.0231 4520 RasSstp - ok
23:21:52.0325 4520 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:21:52.0372 4520 rdbss - ok
23:21:52.0387 4520 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
23:21:52.0434 4520 rdpbus - ok
23:21:52.0434 4520 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:21:52.0496 4520 RDPCDD - ok
23:21:52.0512 4520 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:21:52.0559 4520 RDPENCDD - ok
23:21:52.0590 4520 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
23:21:52.0637 4520 RDPREFMP - ok
23:21:52.0668 4520 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:21:52.0699 4520 RDPWD - ok
23:21:52.0746 4520 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
23:21:52.0762 4520 rdyboost - ok
23:21:52.0808 4520 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:21:52.0855 4520 RemoteAccess - ok
23:21:52.0902 4520 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:21:52.0949 4520 RemoteRegistry - ok
23:21:52.0980 4520 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
23:21:53.0011 4520 RFCOMM - ok
23:21:53.0058 4520 [ 6FAF5B04BEDC66D300D9D233B2D222F0 ] rimmptsk C:\Windows\system32\DRIVERS\rimmpx64.sys
23:21:53.0089 4520 rimmptsk - ok
23:21:53.0105 4520 [ 67F50C31713106FD1B0F286F86AA2B2E ] rimsptsk C:\Windows\system32\DRIVERS\rimspx64.sys
23:21:53.0152 4520 rimsptsk - ok
23:21:53.0152 4520 [ 4D7EF3D46346EC4C58784DB964B365DE ] rismxdp C:\Windows\system32\DRIVERS\rixdpx64.sys
23:21:53.0183 4520 rismxdp - ok
23:21:53.0198 4520 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
23:21:53.0261 4520 RpcEptMapper - ok
23:21:53.0292 4520 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
23:21:53.0323 4520 RpcLocator - ok
23:21:53.0370 4520 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
23:21:53.0401 4520 RpcSs - ok
23:21:53.0448 4520 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:21:53.0526 4520 rspndr - ok
23:21:53.0542 4520 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
23:21:53.0557 4520 SamSs - ok
23:21:53.0604 4520 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:21:53.0620 4520 sbp2port - ok
23:21:53.0713 4520 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:21:53.0760 4520 SCardSvr - ok
23:21:53.0838 4520 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
23:21:53.0885 4520 scfilter - ok
23:21:53.0963 4520 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
23:21:54.0088 4520 Schedule - ok
23:21:54.0119 4520 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
23:21:54.0150 4520 SCPolicySvc - ok
23:21:54.0181 4520 [ 111E0EBC0AD79CB0FA014B907B231CF0 ] sdbus C:\Windows\system32\drivers\sdbus.sys
23:21:54.0228 4520 sdbus - ok
23:21:54.0259 4520 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:21:54.0306 4520 SDRSVC - ok
23:21:54.0384 4520 [ 206387AB881E93A1A6EB89966C8651F1 ] SDScannerService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
23:21:54.0431 4520 SDScannerService - ok
23:21:54.0478 4520 [ A529CFE32565C0B145578FFB2B32C9A5 ] SDUpdateService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
23:21:54.0540 4520 SDUpdateService - ok
23:21:54.0571 4520 [ CB63BDB77BB86549FC3303C2F11EDC18 ] SDWSCService C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
23:21:54.0587 4520 SDWSCService - ok
23:21:54.0602 4520 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:21:54.0665 4520 secdrv - ok
23:21:54.0680 4520 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
23:21:54.0743 4520 seclogon - ok
23:21:54.0790 4520 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
23:21:54.0852 4520 SENS - ok
23:21:54.0852 4520 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
23:21:54.0914 4520 SensrSvc - ok
23:21:54.0930 4520 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
23:21:54.0946 4520 Serenum - ok
23:21:54.0977 4520 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
23:21:54.0992 4520 Serial - ok
23:21:55.0024 4520 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
23:21:55.0039 4520 sermouse - ok
23:21:55.0102 4520 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
23:21:55.0164 4520 SessionEnv - ok
23:21:55.0211 4520 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
23:21:55.0242 4520 sffdisk - ok
23:21:55.0258 4520 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:21:55.0289 4520 sffp_mmc - ok
23:21:55.0320 4520 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
23:21:55.0351 4520 sffp_sd - ok
23:21:55.0367 4520 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
23:21:55.0414 4520 sfloppy - ok
23:21:55.0507 4520 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:21:55.0570 4520 SharedAccess - ok
23:21:55.0632 4520 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:21:55.0679 4520 ShellHWDetection - ok
23:21:55.0694 4520 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:21:55.0710 4520 SiSRaid2 - ok
23:21:55.0726 4520 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
23:21:55.0741 4520 SiSRaid4 - ok
23:21:55.0944 4520 [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
23:21:56.0069 4520 Skype C2C Service - ok
23:21:56.0131 4520 [ 8C4F0DCC6A5100D48F9B2F950CDD220F ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
23:21:56.0147 4520 SkypeUpdate - ok
23:21:56.0162 4520 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:21:56.0209 4520 Smb - ok
23:21:56.0240 4520 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:21:56.0287 4520 SNMPTRAP - ok
23:21:56.0318 4520 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
23:21:56.0334 4520 spldr - ok
23:21:56.0381 4520 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
23:21:56.0428 4520 Spooler - ok
23:21:56.0537 4520 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
23:21:56.0693 4520 sppsvc - ok
23:21:56.0755 4520 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
23:21:56.0802 4520 sppuinotify - ok
23:21:56.0849 4520 [ 602884696850C86434530790B110E8EB ] sptd C:\Windows\system32\Drivers\sptd.sys
23:21:56.0849 4520 Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 602884696850C86434530790B110E8EB
23:21:56.0864 4520 sptd ( LockedFile.Multi.Generic ) - warning
23:21:56.0864 4520 sptd - detected LockedFile.Multi.Generic (1)
23:21:56.0911 4520 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
23:21:56.0974 4520 srv - ok
23:21:57.0020 4520 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:21:57.0052 4520 srv2 - ok
23:21:57.0083 4520 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:21:57.0114 4520 srvnet - ok
23:21:57.0192 4520 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:21:57.0239 4520 SSDPSRV - ok
23:21:57.0286 4520 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:21:57.0317 4520 SstpSvc - ok
23:21:57.0348 4520 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
23:21:57.0364 4520 stexstor - ok
23:21:57.0364 4520 STHDA - ok
23:21:57.0410 4520 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
23:21:57.0442 4520 stisvc - ok
23:21:57.0473 4520 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
23:21:57.0488 4520 swenum - ok
23:21:57.0504 4520 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
23:21:57.0582 4520 swprv - ok
23:21:57.0613 4520 [ 1657B7442D5CE30533F5C4317716B468 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
23:21:57.0629 4520 SynTP - ok
23:21:57.0691 4520 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
23:21:57.0754 4520 SysMain - ok
23:21:57.0785 4520 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:21:57.0832 4520 TabletInputService - ok
23:21:57.0894 4520 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
23:21:57.0956 4520 TapiSrv - ok
23:21:57.0988 4520 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
23:21:58.0050 4520 TBS - ok
23:21:58.0112 4520 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:21:58.0190 4520 Tcpip - ok
23:21:58.0222 4520 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
23:21:58.0268 4520 TCPIP6 - ok
23:21:58.0315 4520 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:21:58.0331 4520 tcpipreg - ok
23:21:58.0362 4520 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:21:58.0393 4520 TDPIPE - ok
23:21:58.0440 4520 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:21:58.0471 4520 TDTCP - ok
23:21:58.0518 4520 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:21:58.0565 4520 tdx - ok
23:21:58.0721 4520 [ 2BBB318EA9F34FDC508CEA4AAB98D770 ] TeamViewer7 C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
23:21:58.0814 4520 TeamViewer7 - ok
23:21:58.0846 4520 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
23:21:58.0861 4520 TermDD - ok
23:21:58.0908 4520 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
23:21:58.0970 4520 TermService - ok
23:21:59.0002 4520 [ FA5BFB71E561D279EDAE7E118435C1C9 ] TfFsMon C:\Windows\system32\drivers\TfFsMon.sys
23:21:59.0017 4520 TfFsMon - ok
23:21:59.0048 4520 [ FA8400D74345EC4BF10E476CA0AAA2DF ] TfNetMon C:\Windows\system32\drivers\TfNetMon.sys
23:21:59.0064 4520 TfNetMon - ok
23:21:59.0080 4520 [ F11AA1A704A4C027E5E8E0F355523834 ] TfSysMon C:\Windows\system32\drivers\TfSysMon.sys
23:21:59.0095 4520 TfSysMon - ok
23:21:59.0126 4520 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
23:21:59.0173 4520 Themes - ok
23:21:59.0204 4520 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
23:21:59.0251 4520 THREADORDER - ok
23:21:59.0298 4520 ThreatFire - ok
23:21:59.0314 4520 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
23:21:59.0376 4520 TrkWks - ok
23:21:59.0470 4520 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:21:59.0516 4520 TrustedInstaller - ok
23:21:59.0548 4520 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:21:59.0594 4520 tssecsrv - ok
23:21:59.0626 4520 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
23:21:59.0672 4520 TsUsbFlt - ok
23:21:59.0704 4520 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:21:59.0750 4520 tunnel - ok
23:21:59.0782 4520 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
23:21:59.0797 4520 uagp35 - ok
23:21:59.0844 4520 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:21:59.0938 4520 udfs - ok
23:21:59.0969 4520 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:22:00.0016 4520 UI0Detect - ok
23:22:00.0031 4520 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:22:00.0047 4520 uliagpkx - ok
23:22:00.0094 4520 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
23:22:00.0109 4520 umbus - ok
23:22:00.0109 4520 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
23:22:00.0140 4520 UmPass - ok
23:22:00.0172 4520 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
23:22:00.0250 4520 upnphost - ok
23:22:00.0296 4520 [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
23:22:00.0343 4520 USBAAPL64 - ok
23:22:00.0359 4520 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
23:22:00.0406 4520 usbaudio - ok
23:22:00.0437 4520 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:22:00.0468 4520 usbccgp - ok
23:22:00.0515 4520 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:22:00.0530 4520 usbcir - ok
23:22:00.0546 4520 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:22:00.0562 4520 usbehci - ok
23:22:00.0640 4520 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:22:00.0702 4520 usbhub - ok
23:22:00.0718 4520 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:22:00.0733 4520 usbohci - ok
23:22:00.0764 4520 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:22:00.0811 4520 usbprint - ok
23:22:00.0842 4520 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:22:00.0858 4520 usbscan - ok
23:22:00.0874 4520 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:22:00.0905 4520 USBSTOR - ok
23:22:00.0920 4520 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
23:22:00.0952 4520 usbuhci - ok
23:22:00.0967 4520 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
23:22:00.0998 4520 usbvideo - ok
23:22:01.0045 4520 [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
23:22:01.0123 4520 usb_rndisx - ok
23:22:01.0154 4520 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
23:22:01.0217 4520 UxSms - ok
23:22:01.0232 4520 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
23:22:01.0248 4520 VaultSvc - ok
23:22:01.0264 4520 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
23:22:01.0279 4520 vdrvroot - ok
23:22:01.0310 4520 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
23:22:01.0373 4520 vds - ok
23:22:01.0388 4520 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:22:01.0404 4520 vga - ok
23:22:01.0420 4520 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
23:22:01.0482 4520 VgaSave - ok
23:22:01.0513 4520 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
23:22:01.0529 4520 vhdmp - ok
23:22:01.0560 4520 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
23:22:01.0576 4520 viaide - ok
23:22:01.0607 4520 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:22:01.0622 4520 volmgr - ok
23:22:01.0669 4520 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:22:01.0685 4520 volmgrx - ok
23:22:01.0732 4520 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:22:01.0747 4520 volsnap - ok
23:22:01.0747 4520 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
23:22:01.0763 4520 vsmraid - ok
23:22:01.0825 4520 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
23:22:01.0919 4520 VSS - ok
23:22:01.0934 4520 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
23:22:01.0966 4520 vwifibus - ok
23:22:01.0997 4520 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
23:22:02.0028 4520 vwififlt - ok
23:22:02.0059 4520 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
23:22:02.0075 4520 vwifimp - ok
23:22:02.0168 4520 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
23:22:02.0262 4520 W32Time - ok
23:22:02.0309 4520 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
23:22:02.0340 4520 WacomPen - ok
23:22:02.0387 4520 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
23:22:02.0449 4520 WANARP - ok
23:22:02.0449 4520 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:22:02.0480 4520 Wanarpv6 - ok
23:22:02.0543 4520 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
23:22:02.0605 4520 wbengine - ok
23:22:02.0621 4520 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
23:22:02.0636 4520 WbioSrvc - ok
23:22:02.0699 4520 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:22:02.0730 4520 wcncsvc - ok
23:22:02.0746 4520 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:22:02.0792 4520 WcsPlugInService - ok
23:22:02.0824 4520 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
23:22:02.0839 4520 Wd - ok
23:22:02.0980 4520 [ 96C4C98FE4866C16FC64E4578A0AA975 ] WDBackup C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
23:22:03.0026 4520 WDBackup - ok
23:22:03.0058 4520 [ A3D04EBF5227886029B4532F20D026F7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
23:22:03.0073 4520 WDC_SAM - ok
23:22:03.0104 4520 [ B5B84712111414DD1B14C2346E9868BE ] WDDriveService C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
23:22:03.0120 4520 WDDriveService - ok
23:22:03.0182 4520 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:22:03.0229 4520 Wdf01000 - ok
23:22:03.0260 4520 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:22:03.0339 4520 WdiServiceHost - ok
23:22:03.0339 4520 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:22:03.0355 4520 WdiSystemHost - ok
23:22:03.0417 4520 [ FD2D1C60CDBDFAB63EF182539D8FFC2D ] WDRulesService C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe
23:22:03.0464 4520 WDRulesService - ok
23:22:03.0480 4520 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
23:22:03.0527 4520 WebClient - ok
23:22:03.0558 4520 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:22:03.0620 4520 Wecsvc - ok
23:22:03.0636 4520 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:22:03.0698 4520 wercplsupport - ok
23:22:03.0714 4520 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
23:22:03.0761 4520 WerSvc - ok
23:22:03.0776 4520 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
23:22:03.0807 4520 WfpLwf - ok
23:22:03.0854 4520 [ B14EF15BD757FA488F9C970EEE9C0D35 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
23:22:03.0870 4520 WimFltr - ok
23:22:03.0901 4520 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
23:22:03.0932 4520 WIMMount - ok
23:22:03.0948 4520 WinDefend - ok
23:22:03.0948 4520 WinHttpAutoProxySvc - ok
23:22:04.0041 4520 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:22:04.0119 4520 Winmgmt - ok
23:22:04.0197 4520 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
23:22:04.0291 4520 WinRM - ok
23:22:04.0322 4520 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
23:22:04.0353 4520 WinUsb - ok
23:22:04.0416 4520 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
23:22:04.0478 4520 Wlansvc - ok
23:22:04.0634 4520 [ 98F138897EF4246381D197CB81846D62 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:22:04.0712 4520 wlidsvc - ok
23:22:04.0743 4520 [ 13B0A570E1AE451C92DA550085D72CF3 ] wltrysvc C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE
23:22:04.0775 4520 wltrysvc ( UnsignedFile.Multi.Generic ) - warning
23:22:04.0775 4520 wltrysvc - detected UnsignedFile.Multi.Generic (1)
23:22:04.0806 4520 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:22:04.0821 4520 WmiAcpi - ok
23:22:04.0868 4520 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:22:04.0931 4520 wmiApSrv - ok
23:22:04.0946 4520 WMPNetworkSvc - ok
23:22:04.0977 4520 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:22:05.0009 4520 WPCSvc - ok
23:22:05.0040 4520 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:22:05.0087 4520 WPDBusEnum - ok
23:22:05.0118 4520 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:22:05.0180 4520 ws2ifsl - ok
23:22:05.0211 4520 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
23:22:05.0243 4520 wscsvc - ok
23:22:05.0243 4520 WSearch - ok
23:22:05.0336 4520 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
23:22:05.0430 4520 wuauserv - ok
23:22:05.0461 4520 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:22:05.0492 4520 WudfPf - ok
23:22:05.0508 4520 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:22:05.0523 4520 WUDFRd - ok
23:22:05.0555 4520 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:22:05.0601 4520 wudfsvc - ok
23:22:05.0633 4520 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
23:22:05.0679 4520 WwanSvc - ok
23:22:05.0679 4520 ================ Scan global ===============================
23:22:05.0757 4520 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:22:05.0804 4520 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:22:05.0820 4520 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
23:22:05.0851 4520 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:22:05.0898 4520 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:22:05.0929 4520 [Global] - ok
23:22:05.0929 4520 ================ Scan MBR ==================================
23:22:05.0945 4520 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
23:22:06.0272 4520 \Device\Harddisk0\DR0 - ok
23:22:06.0272 4520 ================ Scan VBR ==================================
23:22:06.0272 4520 [ 49A101F3BFA5690F9FC687C0EDE1DBFE ] \Device\Harddisk0\DR0\Partition1
23:22:06.0272 4520 \Device\Harddisk0\DR0\Partition1 - ok
23:22:06.0303 4520 [ 07A292A955696A8B3465CCD1765C50BC ] \Device\Harddisk0\DR0\Partition2
23:22:06.0303 4520 \Device\Harddisk0\DR0\Partition2 - ok
23:22:06.0319 4520 ============================================================
23:22:06.0319 4520 Scan finished
23:22:06.0319 4520 ============================================================
23:22:06.0319 3652 Detected object count: 4
23:22:06.0319 3652 Actual detected object count: 4
23:24:55.0934 3652 CDMA Device Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:24:55.0934 3652 CDMA Device Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:24:55.0934 3652 PassThru Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:24:55.0934 3652 PassThru Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:24:55.0934 3652 sptd ( LockedFile.Multi.Generic ) - skipped by user
23:24:55.0934 3652 sptd ( LockedFile.Multi.Generic ) - User select action: Skip
23:24:55.0934 3652 wltrysvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:24:55.0934 3652 wltrysvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:25:09.0335 5108 Deinitialize success
|
|
04.04.2013, 23:36
| #26 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Gmx Mail Account gehackt? Virus? Dann bitte jetzt Combofix ausführen: Scan mit Combofix
__________________ Logfiles bitte immer in CODE-Tags posten |
|
05.04.2013, 22:37
| #27 |
| | Gmx Mail Account gehackt? Virus?Code:
ATTFilter ComboFix 13-04-05.01 - User 05.04.2013 21:23:08.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4061.2561 [GMT 2:00]
ausgeführt von:: c:\users\User\Downloads\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Spybot - Search and Destroy *Disabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\6032\AddOnDownloaded\07287f2e-4f82-4848-8132-7055ef322318.dll
c:\programdata\PCDr\6032\AddOnDownloaded\2d5007b2-cc36-4b97-a231-d0c427a69035.dll
c:\programdata\PCDr\6032\AddOnDownloaded\330761e0-2594-472d-8455-796592cf88dc.dll
c:\programdata\PCDr\6032\AddOnDownloaded\3d9332d1-0b48-40cc-9189-068cf64600b6.dll
c:\programdata\PCDr\6032\AddOnDownloaded\f04a4d58-1eb6-4e35-b4b4-db6bab11e49b.dll
c:\users\User\AppData\Local\lame_enc.dll
c:\users\User\AppData\Local\no23xwrapper.dll
c:\users\User\AppData\Local\ogg.dll
c:\users\User\AppData\Local\vorbis.dll
c:\users\User\AppData\Local\vorbisenc.dll
c:\users\User\AppData\Local\vorbisfile.dll
c:\users\User\AppData\Roaming\Desktopicon
c:\users\User\AppData\Roaming\Desktopicon\eBay.ico
c:\users\User\AppData\Roaming\Local
c:\users\User\AppData\Roaming\Local\Temp\DDM\Settings\0.ddi
c:\users\User\AppData\Roaming\Local\Temp\DDM\Settings\1.ddi
c:\users\User\AppData\Roaming\Local\Temp\DDM\Settings\2.ddi
c:\users\User\AppData\Roaming\Local\Temp\DDM\Settings\3.ddi
c:\users\User\AppData\Roaming\Local\Temp\DDM\Settings\Inception_Trailer_592.divx.ddr
c:\users\User\AppData\Roaming\Local\Temp\DDM\Settings\isd_cosbydxvid_s01e01.avi.ddr
c:\users\User\AppData\Roaming\Local\Temp\DDM\Settings\isd_cosbydxvid_s02e06.avi.ddr
c:\users\User\AppData\Roaming\Local\Temp\DDM\Settings\isd_cosbyxvid_s06e01.avi.ddr
c:\users\User\AppData\Roaming\Local\Temp\DDM\Settings\settings.ddi
c:\users\User\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\Inception_Trailer_592.divx
c:\users\User\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\isd_cosbydxvid_s01e01.avi.ddp
c:\users\User\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\isd_cosbydxvid_s02e06.avi.ddp
c:\users\User\AppData\Roaming\Local\Temp\DDM\Settings\Temporary Downloaded Files\isd_cosbyxvid_s06e01.avi.ddp
c:\windows\SysWow64\SET10F.tmp
c:\windows\SysWow64\SETE948.tmp
c:\windows\SysWow64\System32\MASetupCleaner.exe
c:\windows\SysWow64\System32\muzapp.exe
c:\windows\TEMP\logishrd\LVPrcInj01.dll . . . . Nicht in der Lage zu löschen
c:\windows\TEMP\logishrd\LVPrcInj02.dll . . . . Nicht in der Lage zu löschen
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-03-05 bis 2013-04-05 ))))))))))))))))))))))))))))))
.
.
2013-04-05 19:34 . 2013-04-05 19:34 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-03 21:37 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9FB55737-6B2B-469F-A504-59962D23E8A8}\mpengine.dll
2013-03-28 23:47 . 2013-03-29 00:07 -------- d-----w- c:\program files (x86)\RegCleaner
2013-03-28 23:29 . 2013-03-28 23:29 -------- d-----w- c:\users\User\AppData\Roaming\Avira
2013-03-28 23:23 . 2013-03-28 22:54 28600 ----a-w- c:\windows\system32\drivers\avkmgr.sys
2013-03-28 23:23 . 2013-03-28 22:54 130016 ----a-w- c:\windows\system32\drivers\avipbb.sys
2013-03-28 23:23 . 2013-03-28 22:54 100712 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2013-03-28 23:23 . 2013-03-28 23:23 -------- d-----w- c:\programdata\Avira
2013-03-28 23:23 . 2013-03-28 23:23 -------- d-----w- c:\program files (x86)\Avira
2013-03-28 21:52 . 2011-02-22 12:57 74824 ----a-w- c:\windows\system32\drivers\TfSysMon.sys
2013-03-28 21:52 . 2011-02-22 12:57 41888 ----a-w- c:\windows\system32\drivers\TfNetMon.sys
2013-03-28 21:52 . 2011-02-22 12:57 65072 ----a-w- c:\windows\system32\drivers\TfFsMon.sys
2013-03-28 21:52 . 2013-03-28 21:52 -------- d-----w- c:\program files (x86)\ThreatFire
2013-03-28 21:52 . 2013-03-28 21:52 -------- d-----w- c:\programdata\PC Tools
2013-03-28 21:07 . 2013-03-28 21:07 -------- d-----w- c:\programdata\Malwarebytes
2013-03-26 22:15 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
2013-03-22 23:42 . 2013-04-05 19:40 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2
2013-03-22 23:42 . 2013-03-22 23:42 -------- d-----w- c:\users\User\AppData\Local\Programs
2013-03-16 00:33 . 2012-08-21 12:01 33240 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2013-03-16 00:33 . 2013-03-16 00:33 -------- d-----w- c:\program files\iPod
2013-03-16 00:33 . 2013-03-16 00:33 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-03-16 00:33 . 2013-03-16 00:33 -------- d-----w- c:\program files\iTunes
2013-03-16 00:33 . 2013-03-16 00:33 -------- d-----w- c:\program files (x86)\iTunes
2013-03-16 00:32 . 2013-03-16 00:32 -------- d-----w- c:\program files (x86)\Apple Software Update
2013-03-16 00:32 . 2013-03-16 00:32 -------- d-----w- c:\program files\Common Files\Apple
2013-03-16 00:32 . 2013-03-16 00:32 -------- d-----w- c:\program files\Bonjour
2013-03-16 00:32 . 2013-03-16 00:32 -------- d-----w- c:\program files (x86)\Bonjour
2013-03-16 00:24 . 2013-03-16 00:33 -------- d-----w- c:\program files (x86)\Common Files\Apple
2013-03-15 23:04 . 2013-03-15 23:04 -------- d-----w- c:\programdata\Apple Computer
2013-03-15 23:03 . 2013-03-15 23:03 -------- d-----w- c:\users\User\AppData\Local\Apple
2013-03-15 23:01 . 2013-03-15 23:02 -------- d-----w- c:\programdata\Apple
2013-03-14 22:01 . 2013-02-02 06:38 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2013-03-14 22:01 . 2013-02-02 07:37 182816 ----a-w- c:\program files\Internet Explorer\sqmapi.dll
2013-03-14 22:01 . 2013-02-02 06:44 304640 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2013-03-14 22:01 . 2013-02-02 06:38 96768 ----a-w- c:\windows\system32\mshtmled.dll
2013-03-14 22:01 . 2013-02-02 04:19 149552 ----a-w- c:\program files (x86)\Internet Explorer\sqmapi.dll
2013-03-14 22:01 . 2013-02-02 03:26 420864 ----a-w- c:\windows\SysWow64\vbscript.dll
2013-03-14 22:01 . 2013-02-02 03:23 2382848 ----a-w- c:\windows\SysWow64\mshtml.tlb
2013-03-14 22:01 . 2013-02-02 03:27 194048 ----a-w- c:\program files (x86)\Internet Explorer\IEShims.dll
2013-03-12 18:29 . 2013-03-12 18:29 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-03-13 22:03 . 2010-01-16 22:45 72013344 ----a-w- c:\windows\system32\MRT.exe
2013-03-12 19:09 . 2012-07-05 20:49 693976 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-03-12 19:09 . 2011-11-18 02:21 73432 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-02-24 22:25 . 2013-02-24 22:26 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-24 22:25 . 2012-04-06 10:51 861088 ----a-w- c:\windows\SysWow64\npdeployJava1.dll
2013-02-24 22:25 . 2010-06-08 15:18 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-02-12 05:45 . 2013-03-13 22:04 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-13 22:04 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-13 22:04 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-13 22:04 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-13 22:04 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-13 22:04 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-01-17 00:28 . 2010-01-11 21:28 273840 ------w- c:\windows\system32\MpSigStub.exe
2013-01-13 21:17 . 2013-02-27 22:00 9728 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 21:17 . 2013-02-27 22:00 2560 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 21:16 . 2013-02-27 22:00 10752 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 21:12 . 2013-02-27 22:00 3584 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 21:11 . 2013-02-27 22:00 4096 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 22:00 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 22:00 5632 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 21:11 . 2013-02-27 22:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 21:11 . 2013-02-27 22:00 3072 ---ha-w- c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 22:00 9728 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 22:00 2560 ---ha-w- c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-01-13 20:35 . 2013-02-27 22:00 10752 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-01-13 20:32 . 2013-02-27 22:00 3584 ---ha-w- c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-01-13 20:31 . 2013-02-27 22:00 4096 ---ha-w- c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 22:00 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 22:00 5632 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-01-13 20:31 . 2013-02-27 22:00 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 22:00 3072 ---ha-w- c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-01-13 20:31 . 2013-02-27 22:00 1247744 ----a-w- c:\windows\SysWow64\DWrite.dll
2013-01-13 20:22 . 2013-02-27 22:00 1988096 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2013-01-13 20:20 . 2013-02-27 22:00 293376 ----a-w- c:\windows\SysWow64\dxgi.dll
2013-01-13 20:09 . 2013-02-27 22:00 249856 ----a-w- c:\windows\SysWow64\d3d10_1core.dll
2013-01-13 20:08 . 2013-02-27 22:00 220160 ----a-w- c:\windows\SysWow64\d3d10core.dll
2013-01-13 20:08 . 2013-02-27 22:00 1504768 ----a-w- c:\windows\SysWow64\d3d11.dll
2013-01-13 19:59 . 2013-02-27 22:00 1643520 ----a-w- c:\windows\system32\DWrite.dll
2013-01-13 19:58 . 2013-02-27 22:00 1175552 ----a-w- c:\windows\system32\FntCache.dll
2013-01-13 19:54 . 2013-02-27 22:00 604160 ----a-w- c:\windows\SysWow64\d3d10level9.dll
2013-01-13 19:53 . 2013-02-27 22:00 207872 ----a-w- c:\windows\SysWow64\WindowsCodecsExt.dll
2013-01-13 19:53 . 2013-02-27 22:00 187392 ----a-w- c:\windows\SysWow64\UIAnimation.dll
2013-01-13 19:51 . 2013-02-27 22:00 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2013-01-13 19:49 . 2013-02-27 22:00 363008 ----a-w- c:\windows\system32\dxgi.dll
2013-01-13 19:48 . 2013-02-27 22:00 161792 ----a-w- c:\windows\SysWow64\d3d10_1.dll
2013-01-13 19:46 . 2013-02-27 22:00 1080832 ----a-w- c:\windows\SysWow64\d3d10.dll
2013-01-13 19:43 . 2013-02-27 22:00 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2013-01-13 19:38 . 2013-02-27 22:00 333312 ----a-w- c:\windows\system32\d3d10_1core.dll
2013-01-13 19:38 . 2013-02-27 22:00 1887232 ----a-w- c:\windows\system32\d3d11.dll
2013-01-13 19:38 . 2013-02-27 22:00 296960 ----a-w- c:\windows\system32\d3d10core.dll
2013-01-13 19:37 . 2013-02-27 22:00 3419136 ----a-w- c:\windows\SysWow64\d2d1.dll
2013-01-13 19:25 . 2013-02-27 22:00 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2013-01-13 19:24 . 2013-02-27 22:00 648192 ----a-w- c:\windows\system32\d3d10level9.dll
2013-01-13 19:24 . 2013-02-27 22:00 221184 ----a-w- c:\windows\system32\UIAnimation.dll
2013-01-13 19:20 . 2013-02-27 22:00 194560 ----a-w- c:\windows\system32\d3d10_1.dll
2013-01-13 19:20 . 2013-02-27 22:00 1238528 ----a-w- c:\windows\system32\d3d10.dll
2013-01-13 19:15 . 2013-02-27 22:00 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2013-01-13 19:10 . 2013-02-27 22:00 3928064 ----a-w- c:\windows\system32\d2d1.dll
2013-01-13 19:02 . 2013-02-27 22:00 417792 ----a-w- c:\windows\SysWow64\WMPhoto.dll
2013-01-13 18:34 . 2013-02-27 22:00 364544 ----a-w- c:\windows\SysWow64\XpsGdiConverter.dll
2013-01-13 18:32 . 2013-02-27 22:00 465920 ----a-w- c:\windows\system32\WMPhoto.dll
2013-01-13 18:09 . 2013-02-27 22:00 522752 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2013-01-13 17:26 . 2013-02-27 22:00 1158144 ----a-w- c:\windows\SysWow64\XpsPrint.dll
2013-01-13 17:05 . 2013-02-27 22:00 1682432 ----a-w- c:\windows\system32\XpsPrint.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"AMD AVT"="start AMD Accelerated Video Transcoding device initialization" [X]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]
"ThreatFire"="c:\program files (x86)\ThreatFire\TFTray.exe" [2011-02-22 378128]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-03-28 345312]
.
c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-3-12 29106336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2013-01-08 161536]
R3 GSService;GSService;c:\windows\SysWOW64\GSService.exe [2012-12-30 403832]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys [2010-06-25 36928]
R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys [2009-10-07 271640]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2009-10-07 327704]
R3 LVUVC64;Logitech Webcam 200(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2009-10-07 6379288]
R3 PCDSRVC{1E208CE0-FB7451FF-06020200}_0;PCDSRVC{1E208CE0-FB7451FF-06020200}_0 - PCDR Kernel Mode Service Helper Driver;c:\program files\dell support center\pcdsrvc_x64.pkms [2012-09-04 25584]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-07-09 52736]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [2011-12-16 14464]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2010-01-11 834544]
S0 TfFsMon;TfFsMon;c:\windows\system32\drivers\TfFsMon.sys [2011-02-22 65072]
S0 TfSysMon;TfSysMon;c:\windows\system32\drivers\TfSysMon.sys [2011-02-22 74824]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2013-03-28 28600]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2012-07-04 238080]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2013-03-28 86752]
S2 CDMA Device Service;CDMA Device Service;c:\program files (x86)\Samsung\USB Drivers\26_VIA_driver2\amd64\VIAService.exe [2011-08-02 159232]
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-06 191000]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [2012-10-08 166912]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-10-02 3064000]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-07-16 2673064]
S2 ThreatFire;ThreatFire;c:\program files (x86)\ThreatFire\TFService.exe service [x]
S2 WDBackup;WD Backup;c:\program files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2012-09-19 1157056]
S2 WDDriveService;WD Drive Manager;c:\program files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2012-09-06 248248]
S2 WDRulesService;WD Rules;c:\program files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe [2012-09-19 1177536]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [2012-02-23 95760]
S3 CtClsFlt;Creative Camera Class Upper Filter Driver;c:\windows\system32\DRIVERS\CtClsFlt.sys [2009-06-15 172704]
S3 k57nd60a;Broadcom NetLink (TM)-Gigabit-Ethernet - NDIS 6.0;c:\windows\system32\DRIVERS\k57nd60a.sys [2009-06-10 270848]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys [2009-10-06 30232]
S3 TfNetMon;TfNetMon;c:\windows\system32\drivers\TfNetMon.sys [2011-02-22 41888]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2013-04-04 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-05 19:09]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Broadcom Wireless Manager UI"="c:\program files\Dell\Dell Wireless WLAN Card\WLTRAY.exe" [2009-07-17 4968960]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://home.mywebsearch.com/index.jhtml?n=77DE8857&p2=^HJ^xdm255^YY^de&ptb=EAAEB22B-6C35-4FB0-866C-BB2E56545B86&si=CJi409_t7bQCFcpZ3godIHMASQ
uDefault_Search_URL = hxxp://search.qip.ru
uInternet Settings,ProxyServer = ftp=localhost:8080;gopher=localhost:8080;http=localhost:8080;https=localhost:8080;socks=localhost:1080
uInternet Settings,ProxyOverride = <local>;*.local
uSearchAssistant = hxxp://search.qip.ru/ie
IE: Free YouTube to MP3 Converter - c:\users\User\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: olb.de\www
TCP: DhcpNameServer = 192.168.178.1
DPF: {271A3CF5-5A54-447B-A08F-BE805F0DA60B} - hxxps://www.olb.de/olb_fb3_1857/plugin/AXFOAM.CAB
FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\j9uyos9z.default\
FF - prefs.js: browser.search.selectedEngine - My Web Search
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
FF - prefs.js: keyword.URL - hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=EAAEB22B-6C35-4FB0-866C-BB2E56545B86&n=77fc1ea6&ind=2013011622&p2=^HJ^xdm255^YY^de&si=CJi409_t7bQCFcpZ3godIHMASQ&searchfor=
FF - prefs.js: network.proxy.type - 0
FF - user.js: extensions.claro.tlbrSrchUrl -
FF - user.js: extensions.claro.id - 4c228e7d000000000000701a04ae1e8e
FF - user.js: extensions.claro.appId - {C3110516-8EFC-49D6-8B72-69354F332062}
FF - user.js: extensions.claro.instlDay - 15700
FF - user.js: extensions.claro.vrsn - 1.8.8.5
FF - user.js: extensions.claro.vrsni - 1.8.8.5
FF - user.js: extensions.claro_i.vrsnTs - 1.8.8.519:38
FF - user.js: extensions.claro.prtnrId - claro
FF - user.js: extensions.claro.prdct - claro
FF - user.js: extensions.claro.aflt - babsst
FF - user.js: extensions.claro_i.smplGrp - none
FF - user.js: extensions.claro.tlbrId - claro
FF - user.js: extensions.claro.instlRef - sst
FF - user.js: extensions.claro.dfltLng - en
FF - user.js: extensions.claro_i.excTlbr - false
FF - user.js: extensions.claro.excTlbr - false
FF - user.js: extensions.claro.admin - false
FF - user.js: extensions.claro.autoRvrt - false
FF - user.js: extensions.claro.rvrt - false
FF - user.js: extensions.claro_i.newTab - false
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6Oz0uqRyqb&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - 4c228e7d000000000000701a04ae1e8e
FF - user.js: extensions.incredibar_i.instlDay - 15721
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1422:40
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef -
FF - user.js: extensions.incredibar_i.dfltLng -
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id -
FF - user.js: extensions.incredibar_i.upn2 - 6Oz0uqRyqb
FF - user.js: extensions.incredibar_i.upn2n - 92262808948976791
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10665
FF - user.js: extensions.incredibar_i.ppd - t213
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{40c3cc16-7269-4b32-9531-17f2950fb06f} - (no file)
URLSearchHooks-{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - (no file)
BHO-{0974BA1E-64EC-11DE-B2A5-E43756D89593} - (no file)
BHO-{1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - (no file)
Toolbar-Locked - (no file)
Toolbar-{0974BA1E-64EC-11DE-B2A5-E43756D89593} - (no file)
SafeBoot-mcmscsvc
SafeBoot-MCODS
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-{7B63B2922B174135AFC0E1377DD81EC2} - c:\program files (x86)\DivX\DivXCodecUninstall.exe
AddRemove-{8ADFC4160D694100B5B8A22DE9DCABD9} - c:\program files (x86)\DivX\DivXPlayerUninstall.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\PCDSRVC{1E208CE0-FB7451FF-06020200}_0]
"ImagePath"="\??\c:\program files\dell support center\pcdsrvc_x64.pkms"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\ThreatFire]
"AlternateImagePath"=""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
c:\program files (x86)\ThreatFire\TFService.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-04-05 21:49:59 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-04-05 19:49
.
Vor Suchlauf: 13 Verzeichnis(se), 376.964.653.056 Bytes frei
Nach Suchlauf: 17 Verzeichnis(se), 377.106.616.320 Bytes frei
.
- - End Of File - - 8CC7E142F0956F021271053E19CD0240
|
|
06.04.2013, 16:41
| #28 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Gmx Mail Account gehackt? Virus? JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
07.04.2013, 23:06
| #29 |
| | Gmx Mail Account gehackt? Virus?Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.3 (04.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by User on 07.04.2013 at 22:42:04,63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\\bprotectordefaultscope
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\toolbar\\{0974ba1e-64ec-11de-b2a5-e43756d89593}
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{a55f9c95-2bb1-4ea2-bc77-dfaab78832ce}
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-1324757305-1681669773-3064394410-1001\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-1324757305-1681669773-3064394410-1001\software\microsoft\internet explorer\searchscopes\\DefaultScope
~~~ Registry Keys
Successfully deleted: [Registry Key] hkey_classes_root\appid\babylonhelper.exe
Successfully deleted: [Registry Key] hkey_local_machine\software\conduit
Failed to delete: [Registry Key] hkey_local_machine\software\datamngr
Failed to delete: [Registry Key] hkey_current_user\software\datamngr_toolbar
Successfully deleted: [Registry Key] hkey_current_user\software\im
Successfully deleted: [Registry Key] hkey_local_machine\software\iminent
Successfully deleted: [Registry Key] hkey_current_user\software\softonic
Successfully deleted: [Registry Key] hkey_local_machine\software\systweak
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduitsearchscopes
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\smartbar
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\toolbar
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\windows\currentversion\ext\bprotectsettings
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\conduit.engine
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\prod.cap
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\babylon_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\babylon_rasmancs
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\babylontc_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\babylontc_rasmancs
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\conduitinstaller_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\conduitinstaller_rasmancs
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\incredibar_install_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\incredibar_install_rasmancs
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\incredibartoolbar_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\incredibartoolbar_rasmancs
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\mybabylontb_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\mybabylontb_rasmancs
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\sweetim_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\sweetim_rasmancs
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\sweetpacksupdatemanager_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\sweetpacksupdatemanager_rasmancs
Failed to delete: [Registry Key] hkey_local_machine\software\wow6432node\datamngr
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT2319825
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT2625848
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{0974ba1e-64ec-11de-b2a5-e43756d89593}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{9bb47c17-9c68-4bb3-b188-dd9af0fd2a69}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{9bb47c17-9c68-4bb3-b188-dd9af0fd2a69}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{a55f9c95-2bb1-4ea2-bc77-dfaab78832ce}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{a55f9c95-2bb1-4ea2-bc77-dfaab78832ce}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{a55f9c95-2bb1-4ea2-bc77-dfaab78832ce}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{a55f9c95-2bb1-4ea2-bc77-dfaab78832ce}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
~~~ Files
Successfully deleted: [File] "C:\Users\User\AppData\Roaming\microsoft\internet explorer\qipsearchbar.dll"
Successfully deleted: [File] "C:\end"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\fighters"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\dvdvideosoftiehelpers"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\fighters"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\performersoft"
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\User\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\User\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
~~~ FireFox
Successfully deleted: [File] C:\user.js
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\j9uyos9z.default\user.js
Successfully deleted: [File] C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\j9uyos9z.default\searchplugins\conduit.xml
Successfully deleted: [File] C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\j9uyos9z.default\searchplugins\my-web-search.xml
Successfully deleted: [File] C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\j9uyos9z.default\searchplugins\qip-search.xml
Successfully deleted: [Folder] C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\j9uyos9z.default\conduitcommon
Successfully deleted: [Folder] C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\j9uyos9z.default\smartbar
Successfully deleted: [Folder] C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\j9uyos9z.default\extensions\ffxtlbr@incredibar.com
Successfully deleted the following from C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\j9uyos9z.default\prefs.js
user_pref("CT2319825.ValidationData_Toolbar", 0);
user_pref("CT2625848.1000082.isDisplayHidden", "true");
user_pref("CT2625848.1000082.muteState", "off");
user_pref("CT2625848.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description\":\"California Rock\",\"url\":\"hxxp://feedlive.net/california.asx\"}");
user_pref("CT2625848.2625848a129894023611240511000000paramsGK1", "eyJ1cGRhdGVSZXFUaW1lIjoxMzUwMDgyMzMyNTc1LCJ1cGRhdGVSZXNwVGltZSI6MTM1MDA4MjMzMzExOCwiZGF0YSI6eyJzZXR0aW5ncyI6e
user_pref("CT2625848.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2625848.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2625848.FacebookTemplate_2625848a129894023611240511000000_lang", "REU=");
user_pref("CT2625848.Facebook_Template_CacheTime_2625848a129894023611240511000000", "MTM1MDA4MjQyMjU3Mg==");
user_pref("CT2625848.Facebook_Template_Events_2625848a129894023611240511000000", "JTdCJTIyZXJyb3IlMjIlM0ElN0IlMjJtZXNzYWdlJTIyJTNBJTIyQW4lMjBhY2Nlc3MlMjB0b2tlbiUyMGlzJTIwcmVxd
user_pref("CT2625848.Facebook_Template_Info_2625848a129894023611240511000000", "JTdCJTIybmFtZSUyMiUzQSUyMkRWRFZpZGVvU29mdCUyRmRlJTIyJTJDJTIyaXNfcHVibGlzaGVkJTIyJTNBdHJ1ZSUyQyU
user_pref("CT2625848.Facebook_Template_Likes_2625848a129894023611240511000000", "bnVsbA==");
user_pref("CT2625848.Facebook_Template_Photos_2625848a129894023611240511000000", "JTVCJTdCJTIyaWQlMjIlM0ElMjI0MzI2ODg0MTAxMTQ1NjIlMjIlMkMlMjJmcm9tJTIyJTNBJTdCJTIybmFtZSUyMiUzQ
user_pref("CT2625848.Facebook_Template_Video_2625848a129894023611240511000000", "bnVsbA==");
user_pref("CT2625848.Facebook_Template_Wall_2625848a129894023611240511000000", "JTdCJTIyZXJyb3IlMjIlM0ElN0IlMjJtZXNzYWdlJTIyJTNBJTIyQW4lMjBhY2Nlc3MlMjB0b2tlbiUyMGlzJTIwcmVxdWl
user_pref("CT2625848.FirstTime", "true");
user_pref("CT2625848.FirstTimeFF3", "true");
user_pref("CT2625848.UserID", "UN76046234433250830");
user_pref("CT2625848.addressBarTakeOverEnabledInHidden", "true");
user_pref("CT2625848.autoDisableScopes", -1);
user_pref("CT2625848.cachedprofile2625848a129894023611240511000000", "RFZEVmlkZW9Tb2Z0LmRl");
user_pref("CT2625848.defaultSearch", "false");
user_pref("CT2625848.embeddedsData", "[{\"appId\":\"129181467799155027\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"get
user_pref("CT2625848.enableAlerts", "false");
user_pref("CT2625848.enableSearchFromAddressBar", "true");
user_pref("CT2625848.firstTimeDialogOpened", "true");
user_pref("CT2625848.fixPageNotFoundError", "true");
user_pref("CT2625848.fixPageNotFoundErrorInHidden", "true");
user_pref("CT2625848.fixUrls", true);
user_pref("CT2625848.hxxp___fbtemplate_conduitapps_com.APP_WIN_FEATURES", "cmVzaXphYmxlPTAsaHNjcm9sbD0wLHZzY3JvbGw9MCx0aXRsZWJhcj0xLGNsb3NlYnV0dG9uPTEsc2F2ZXJlc2l6ZWRzaXplPTAs
user_pref("CT2625848.installId", "ConduitNSISIntegration");
user_pref("CT2625848.installType", "ConduitNSISIntegration");
user_pref("CT2625848.isCheckedStartAsHidden", true);
user_pref("CT2625848.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2625848.isFirstTimeToolbarLoading", "false");
user_pref("CT2625848.isNewTabEnabled", false);
user_pref("CT2625848.isPerformedSmartBarTransition", "true");
user_pref("CT2625848.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
user_pref("CT2625848.migrateAppsAndComponents", true);
user_pref("CT2625848.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about%3Aaddons\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp:/
user_pref("CT2625848.openThankYouPage", "false");
user_pref("CT2625848.openUninstallPage", "true");
user_pref("CT2625848.search.searchAppId", "129181467799155027");
user_pref("CT2625848.search.searchCount", "0");
user_pref("CT2625848.searchInNewTabEnabled", "false");
user_pref("CT2625848.searchInNewTabEnabledInHidden", "true");
user_pref("CT2625848.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2625848.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
user_pref("CT2625848.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2625848\"}");
user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://DVDVideoSoftTBDE.OurToolbar.com//xpi\"}");
user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"DVDVideoSoftTB DE\"}");
user_pref("CT2625848.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
user_pref("CT2625848.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1350082328840");
user_pref("CT2625848.serviceLayer_services_appsMetadata_lastUpdate", "1350082328484");
user_pref("CT2625848.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1350082329272");
user_pref("CT2625848.serviceLayer_services_login_10.13.1.89_lastUpdate", "1350082329197");
user_pref("CT2625848.serviceLayer_services_optimizer_lastUpdate", "1350082328827");
user_pref("CT2625848.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1350082329644");
user_pref("CT2625848.serviceLayer_services_searchAPI_lastUpdate", "1350082327878");
user_pref("CT2625848.serviceLayer_services_serviceMap_lastUpdate", "1350082327451");
user_pref("CT2625848.serviceLayer_services_toolbarContextMenu_lastUpdate", "1350082329590");
user_pref("CT2625848.serviceLayer_services_toolbarSettings_lastUpdate", "1350082327737");
user_pref("CT2625848.serviceLayer_services_translation_lastUpdate", "1350082328492");
user_pref("CT2625848.settingsINI", true);
user_pref("CT2625848.shouldFirstTimeDialog", "false");
user_pref("CT2625848.smartbar.CTID", "CT2625848");
user_pref("CT2625848.smartbar.Uninstall", "0");
user_pref("CT2625848.smartbar.toolbarName", "DVDVideoSoftTB DE ");
user_pref("CT2625848.startPage", "false");
user_pref("CT2625848.toolbarBornServerTime", "13-10-2012");
user_pref("CT2625848.toolbarCurrentServerTime", "13-10-2012");
user_pref("CT2625848.toolbarDisabled", "true");
user_pref("CT2625848_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1350082554306,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}
user_pref("CT480833..clientLogIsEnabled", true);
user_pref("CT480833.AppTrackingLastCheckTime", "Thu Jul 28 2011 11:35:08 GMT+0200");
user_pref("CT480833.CTID", "CT480833");
user_pref("CT480833.CommunitiesChangesLastCheckTime", "0");
user_pref("CT480833.CurrentServerDate", "9-8-2011");
user_pref("CT480833.DialogsAlignMode", "LTR");
user_pref("CT480833.DialogsGetterLastCheckTime", "Sat Aug 06 2011 21:33:59 GMT+0200");
user_pref("CT480833.DownloadReferralCookieData", "");
user_pref("CT480833.FeedLastCount128464652422732116", 326);
user_pref("CT480833.FeedLastCount129293721773875330", 50);
user_pref("CT480833.FeedPollDate12137983", "Fri Aug 13 2010 21:48:10 GMT+0200");
user_pref("CT480833.FeedPollDate128228684300575752", "Tue Aug 09 2011 18:34:36 GMT+0200");
user_pref("CT480833.FeedPollDate128464652331013297", "Tue Aug 09 2011 18:34:36 GMT+0200");
user_pref("CT480833.FeedPollDate128464742632106849", "Tue Aug 09 2011 19:05:18 GMT+0200");
user_pref("CT480833.FeedPollDate128464758859606989", "Tue Aug 09 2011 18:34:36 GMT+0200");
user_pref("CT480833.FeedPollDate128529966709831336", "Tue Aug 09 2011 19:05:24 GMT+0200");
user_pref("CT480833.FeedPollDate128531191518568813", "Fri Feb 18 2011 19:18:38 GMT+0100");
user_pref("CT480833.FeedPollDate128787310209019403", "Sun Dec 19 2010 14:58:43 GMT+0100");
user_pref("CT480833.FeedPollDate129293721774656582", "Fri Mar 11 2011 18:03:13 GMT+0100");
user_pref("CT480833.FeedPollDate129429357594507043", "Tue Aug 09 2011 18:34:36 GMT+0200");
user_pref("CT480833.FeedPollDate129453746300862858", "Tue Aug 09 2011 18:34:36 GMT+0200");
user_pref("CT480833.FeedPollDate129498648551069323", "Tue Aug 09 2011 18:34:36 GMT+0200");
user_pref("CT480833.FeedPollDate129550728696565272", "Tue Aug 09 2011 19:05:18 GMT+0200");
user_pref("CT480833.FeedTTL129293721774656582", 40);
user_pref("CT480833.FeedTTL129429357594507043", 90);
user_pref("CT480833.FeedTTL129453746300862858", 90);
user_pref("CT480833.FirstServerDate", "16-5-2010");
user_pref("CT480833.FirstTime", true);
user_pref("CT480833.FirstTimeFF3", true);
user_pref("CT480833.FirstTimeSettingsDone", true);
user_pref("CT480833.FixPageNotFoundErrors", true);
user_pref("CT480833.GroupingInvalidateCache", false);
user_pref("CT480833.GroupingLastCheckTime", "0");
user_pref("CT480833.GroupingLastServerUpdateTime", "0");
user_pref("CT480833.GroupingServerCheckInterval", 1440);
user_pref("CT480833.HasUserGlobalKeys", true);
user_pref("CT480833.HomePageProtectorEnabled", false);
user_pref("CT480833.Initialize", true);
user_pref("CT480833.InitializeCommonPrefs", true);
user_pref("CT480833.InstallationAndCookieDataSentCount", 3);
user_pref("CT480833.InstalledDate", "Sun May 16 2010 18:01:27 GMT+0200");
user_pref("CT480833.InvalidateCache", false);
user_pref("CT480833.IsAlertDBUpdated", true);
user_pref("CT480833.IsGrouping", false);
user_pref("CT480833.IsMulticommunity", false);
user_pref("CT480833.IsOpenThankYouPage", true);
user_pref("CT480833.IsOpenUninstallPage", true);
user_pref("CT480833.LanguagePackLastCheckTime", "Mon Aug 08 2011 21:50:33 GMT+0200");
user_pref("CT480833.LanguagePackReloadIntervalMM", 1440);
user_pref("CT480833.LastLogin_2.6.0.15", "Sat Apr 30 2011 16:55:06 GMT+0200");
user_pref("CT480833.LastLogin_3.3.3.2", "Thu Jun 23 2011 23:43:05 GMT+0200");
user_pref("CT480833.LastLogin_3.5.0.12", "Sat Aug 06 2011 21:33:59 GMT+0200");
user_pref("CT480833.LastLogin_3.6.0.10", "Tue Aug 09 2011 18:34:36 GMT+0200");
user_pref("CT480833.LatestVersion", "3.5.0.12");
user_pref("CT480833.Locale", "en-us");
user_pref("CT480833.LoginCache", 4);
user_pref("CT480833.MCDetectTooltipHeight", "83");
user_pref("CT480833.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT480833.MCDetectTooltipWidth", "295");
user_pref("CT480833.MyStuffEnabledAtInstallation", true);
user_pref("CT480833.RadioIsPodcast", false);
user_pref("CT480833.RadioLastCheckTime", "Thu Aug 12 2010 23:32:42 GMT+0200");
user_pref("CT480833.RadioLastUpdateIPServer", "0");
user_pref("CT480833.RadioLastUpdateServer", "129229423815130000");
user_pref("CT480833.RadioMediaID", "12122371");
user_pref("CT480833.RadioMediaType", "Media Player");
user_pref("CT480833.RadioMenuSelectedID", "EBRadioMenu_CT48083312122371");
user_pref("CT480833.RadioShrinked", "expanded");
user_pref("CT480833.RadioStationName", "%231%20-%20MjTunes%20Radio");
user_pref("CT480833.RadioStationURL", "hxxp://www.mjtunes.com/mjtunesradio.asx");
user_pref("CT480833.SHRINK_TOOLBAR", 1);
user_pref("CT480833.SearchBoxWidth", 178);
user_pref("CT480833.SearchEngineBeforeUnload", "ICQ Search");
user_pref("CT480833.SearchFromAddressBarIsInit", true);
user_pref("CT480833.SearchInNewTabEnabled", true);
user_pref("CT480833.SearchInNewTabIntervalMM", 1440);
user_pref("CT480833.SearchInNewTabLastCheckTime", "Mon Aug 08 2011 21:50:32 GMT+0200");
user_pref("CT480833.SearchProtectorEnabled", false);
user_pref("CT480833.SearchProtectorToolbarDisabled", true);
user_pref("CT480833.ServiceMapLastCheckTime", "Mon Aug 08 2011 21:50:32 GMT+0200");
user_pref("CT480833.SettingsCheckIntervalMin", 120);
user_pref("CT480833.SettingsLastCheckTime", "Tue Aug 09 2011 18:34:35 GMT+0200");
user_pref("CT480833.SettingsLastUpdate", "1312887586");
user_pref("CT480833.ThirdPartyComponentsInterval", 504);
user_pref("CT480833.ThirdPartyComponentsLastCheck", "Sat Aug 06 2011 21:33:59 GMT+0200");
user_pref("CT480833.ThirdPartyComponentsLastUpdate", "1278461689");
user_pref("CT480833.ToolbarDisabled", true);
user_pref("CT480833.UserID", "UN14386421722871197");
user_pref("CT480833.ValidationData_Search", 2);
user_pref("CT480833.ValidationData_Toolbar", 2);
user_pref("CT480833.alertChannelId", "6985");
user_pref("CT480833.backendstorage.480833a1295651783996573350000000paramsgk8", "7B2275706461746552657154696D65223A313331323930373637373038332C227570646174655265737054696D65223
user_pref("CT480833.backendstorage.480833a1295651783996573350000000twittertemplate_notify_followers", "3078303033332C3078303033302C3078303033392C3078303033392C3078303033352C30
user_pref("CT480833.backendstorage.480833a1295651783996573350000000twittertemplate_notify_followers_count", "3331");
user_pref("CT480833.backendstorage.480833a1295651783996573350000000twittertemplate_notify_following", "3078303033322C3078303033392C3078303033322C3078303033352C3078303033332C30
user_pref("CT480833.backendstorage.480833a1295651783996573350000000twittertemplate_notify_following_count", "3331");
user_pref("CT480833.backendstorage.480833a1295651783996573350000000twittertemplate_notify_home", "3078303033312C3078303033302C3078303033302C3078303033392C3078303033372C3078303
user_pref("CT480833.backendstorage.480833a1295651783996573350000000twittertemplate_notify_home_count", "3135");
user_pref("CT480833.backendstorage.piskapiskapiskapiskapiskapiskapiskapiskapiskapiskapiskapiskapiskapiskapiskapiska", "7069736B61");
user_pref("CT480833.backendstorage.supertemplate_fb480833a1295651783996573350000000_count", "30");
user_pref("CT480833.backendstorage.supertemplate_twitter480833a1295651783996573350000000_count", "3737");
user_pref("CT480833.backendstorage.supertemplate_youtube480833a1295651783996573350000000_count", "34");
user_pref("CT480833.clientLogIsEnabled", true);
user_pref("CT480833.globalFirstTimeInfoLastCheckTime", "Tue Aug 09 2011 18:34:36 GMT+0200");
user_pref("CT480833.homepageProtectorEnableByLogin", true);
user_pref("CT480833.initDone", true);
user_pref("CT480833.isAppTrackingManagerOn", true);
user_pref("CT480833.myStuffEnabled", true);
user_pref("CT480833.myStuffPublihserMinWidth", 400);
user_pref("CT480833.myStuffServiceIntervalMM", 1440);
user_pref("CT480833.oldAppsList", "128298644512568894,128527886319125688,111,129261880804603027,128289445440231597,129072439591793443,128532221997319200,128659747827812842,128
user_pref("CT480833.searchProtectorDialogDelayInSec", 10);
user_pref("CT480833.searchProtectorEnableByLogin", true);
user_pref("CT480833.testingCtid", "");
user_pref("CT480833.toolbarAppMetaDataLastCheckTime", "Mon Aug 08 2011 21:50:42 GMT+0200");
user_pref("CT480833.toolbarContextMenuLastCheckTime", "Sat Aug 06 2011 21:34:00 GMT+0200");
user_pref("CT480833.usagesFlag", 2);
user_pref("CommunityToolbar.EngineOwner", "");
user_pref("CommunityToolbar.EngineOwnerGuid", "{a3f96249-7650-49a8-b54e-9cbf46fbbdf7}");
user_pref("CommunityToolbar.EngineOwnerToolbarId", "mjtunes.com");
user_pref("CommunityToolbar.IsEngineShown", true);
user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.5.0.12");
user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://www.mjtunes.com/playerflashv2/playertoolbarflash.php", "1152x69");
user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://www.mjtunes.com/playertoolbarflash.php", "385x103");
user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://www.mjtunes.com/playerflashv2/playertoolbarflash.php", "33x0");
user_pref("CommunityToolbar.OriginalEngineOwner", "CT480833");
user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{a3f96249-7650-49a8-b54e-9cbf46fbbdf7}");
user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "mjtunes.com");
user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.icq.com/search/afe_results.php?ch_id=afex&q=");
user_pref("CommunityToolbar.ToolbarsList", "CT480833");
user_pref("CommunityToolbar.ToolbarsList2", "CT480833");
user_pref("CommunityToolbar.ToolbarsList4", "");
user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Fri May 06 2011 18:01:57 GMT+0200");
user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Thu Jun 23 2011 00:37:41 GMT+0200");
user_pref("CommunityToolbar.alert.firstTimeAlertShown", true);
user_pref("CommunityToolbar.alert.locale", "en");
user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
user_pref("CommunityToolbar.alert.loginLastCheckTime", "Fri Jun 24 2011 00:13:40 GMT+0200");
user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559");
user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
user_pref("CommunityToolbar.alert.showTrayIcon", false);
user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.alert.userId", "{8acdfa47-8e63-49da-8e2f-6caaaa4bb609}");
user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Sat Aug 13 2011 20:45:49 GMT+0200");
user_pref("CommunityToolbar.globalUserId", "894cae84-ab77-44bd-8b64-7d419b5fc06e");
user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2319825");
user_pref("CommunityToolbar.killedEngine", true);
user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Aug 06 2011 21:34:00 GMT+0200");
user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sat Aug 13 2011 20:45:54 GMT+0200");
user_pref("CommunityToolbar.notifications.firstTimeAlertShown", true);
user_pref("CommunityToolbar.notifications.locale", "en");
user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sat Aug 13 2011 20:45:47 GMT+0200");
user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1305622559");
user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
user_pref("CommunityToolbar.notifications.showTrayIcon", false);
user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.notifications.userId", "40b47262-ed16-4ab6-a00f-1c4d2cf18aad");
user_pref("CommunityToolbar.twitter.user_48307962.LastCheckTime", "Fri Mar 11 2011 18:03:17 GMT+0100");
user_pref("CommunityToolbar.undefined", "");
user_pref("browser.search.defaultenginename", "My Web Search");
user_pref("browser.search.selectedEngine", "My Web Search");
user_pref("extensions.BabylonToolbar_i.newTab", true);
user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.claro-search.com/?affID=114506&tt=5212_8&babsrc=NT_clro&mntrId=4c228e7d000000000000701a04ae1e8e");
user_pref("extensions.claro.admin", false);
user_pref("extensions.claro.aflt", "babsst");
user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}");
user_pref("extensions.claro.autoRvrt", "false");
user_pref("extensions.claro.dfltLng", "en");
user_pref("extensions.claro.excTlbr", false);
user_pref("extensions.claro.id", "4c228e7d000000000000701a04ae1e8e");
user_pref("extensions.claro.instlDay", "15700");
user_pref("extensions.claro.instlRef", "sst");
user_pref("extensions.claro.prdct", "claro");
user_pref("extensions.claro.prtnrId", "claro");
user_pref("extensions.claro.rvrt", "false");
user_pref("extensions.claro.tlbrId", "claro");
user_pref("extensions.claro.tlbrSrchUrl", "");
user_pref("extensions.claro.vrsn", "1.8.8.5");
user_pref("extensions.claro.vrsni", "1.8.8.5");
user_pref("extensions.claro_i.excTlbr", false);
user_pref("extensions.claro_i.newTab", false);
user_pref("extensions.claro_i.smplGrp", "none");
user_pref("extensions.claro_i.vrsnTs", "1.8.8.519:38:23");
user_pref("extensions.incredibar_i.aflt", "orgnl");
user_pref("extensions.incredibar_i.dfltLng", "");
user_pref("extensions.incredibar_i.did", "10665");
user_pref("extensions.incredibar_i.excTlbr", false);
user_pref("extensions.incredibar_i.id", "4c228e7d000000000000701a04ae1e8e");
user_pref("extensions.incredibar_i.installerproductid", "26");
user_pref("extensions.incredibar_i.instlDay", "15721");
user_pref("extensions.incredibar_i.instlRef", "");
user_pref("extensions.incredibar_i.ms_url_id", "");
user_pref("extensions.incredibar_i.newTab", false);
user_pref("extensions.incredibar_i.ppd", "t213");
user_pref("extensions.incredibar_i.prdct", "incredibar");
user_pref("extensions.incredibar_i.productid", "26");
user_pref("extensions.incredibar_i.prtnrId", "Incredibar");
user_pref("extensions.incredibar_i.smplGrp", "none");
user_pref("extensions.incredibar_i.tlbrId", "base");
user_pref("extensions.incredibar_i.tlbrSrchUrl", "hxxp://mystart.Incredibar.com/?a=6Oz0uqRyqb&loc=IB_TB&i=26&search=");
user_pref("extensions.incredibar_i.upn2", "6Oz0uqRyqb");
user_pref("extensions.incredibar_i.upn2n", "92262808948976791");
user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");
user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1422:40:33");
user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");
user_pref("extensions.mywebsearch.prevDefaultEngine", "Google");
user_pref("extensions.mywebsearch.prevKwdEnabled", true);
user_pref("extensions.mywebsearch.prevKwdURL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=EAAEB22B-6C35-4FB0-866C-BB2E56545B86&n=77fc1ea6&ind=201301162
user_pref("extensions.mywebsearch.prevSelectedEngine", "Google");
user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=EAAEB22B-6C35-4FB0-866C-BB2E56545B86&n=77fc1ea6&p2=^HJ^xdm255^YY^de
user_pref("extensions.toolbar.mindspark._4zMembers_.hp.enabled", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.hp.lastGuardTime", 1163651444);
user_pref("extensions.toolbar.mindspark._4zMembers_.hp.numGuards", 1);
user_pref("extensions.toolbar.mindspark._4zMembers_.initialized", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.contextKey", "");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.installDate", "2013011622");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerId", "^HJ^xdm255^YY^de");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerSubId", "CJi409_t7bQCFcpZ3godIHMASQ");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.success", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.toolbarId", "EAAEB22B-6C35-4FB0-866C-BB2E56545B86");
user_pref("extensions.toolbar.mindspark._4zMembers_.lastActivePing", "1358373092764");
user_pref("extensions.toolbar.mindspark._4zMembers_.options.defaultSearch", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.options.homePageEnabled", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.options.keywordEnabled", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.options.tabEnabled", true);
user_pref("extensions.toolbar.mindspark.hp.enabled", true);
user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "videodownloadconverter@mindspark.com");
user_pref("extensions.toolbar.mindspark.lastInstalled", "videodownloadconverter@mindspark.com");
user_pref("keyword.URL", "hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?st=kwd&ptb=EAAEB22B-6C35-4FB0-866C-BB2E56545B86&n=77fc1ea6&ind=2013011622&p2=^HJ^xdm255^YY^de&
Emptied folder: C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\j9uyos9z.default\minidumps [190 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.04.2013 at 0:00:12,02
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter # AdwCleaner v2.200 - Datei am 08/04/2013 um 00:08:09 erstellt
# Aktualisiert am 02/04/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : User - USER-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\User\Downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\j9uyos9z.default\searchplugins\claro.xml
Datei Gelöscht : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\j9uyos9z.default\searchplugins\icqplugin.xml
Datei Gelöscht : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\j9uyos9z.default\searchplugins\icqplugin-1.xml
Datei Gelöscht : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\j9uyos9z.default\searchplugins\icqplugin-2.xml
Datei Gelöscht : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\j9uyos9z.default\searchplugins\icqplugin-3.xml
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\Users\User\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\j9uyos9z.default\Conduit
Ordner Gelöscht : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\j9uyos9z.default\extensions\4zffxtbr-bs@VideoDownloadConverter_4z.com
Ordner Gelöscht : C:\Users\User\AppData\Roaming\OCS
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A55F9C95-2BB1-4EA2-BC77-DFAAB78832CE}
Schlüssel Gelöscht : HKCU\Software\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{17B10E59-09E1-4C39-A738-6774D7AB7778}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16470
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Default_Search_URL] = hxxp://search.qip.ru --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://search.qip.ru/ie --> hxxp://www.google.com
-\\ Mozilla Firefox v19.0.2 (de)
Datei : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\j9uyos9z.default\prefs.js
Gelöscht : user_pref("CT2625848.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Gelöscht : user_pref("CT2625848.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gelöscht : user_pref("CT2625848.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Gelöscht : user_pref("CT2625848.embeddedsData", "[{\"appId\":\"129181467799155027\",\"apiPermissions\":{\"cross[...]
Gelöscht : user_pref("CT2625848.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gelöscht : user_pref("CT2625848.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Gelöscht : user_pref("CT2625848.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"about[...]
Gelöscht : user_pref("CT2625848.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Gelöscht : user_pref("CT2625848.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Gelöscht : user_pref("CT2625848.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Gelöscht : user_pref("CT2625848.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Gelöscht : user_pref("CT2625848_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Gelöscht : user_pref("icqtoolbar.allowSendURL", false);
Gelöscht : user_pref("icqtoolbar.engineVerified", false);
Gelöscht : user_pref("icqtoolbar.geolastmodified", 1312659239);
Gelöscht : user_pref("icqtoolbar.hiddenElements", "itb_options");
Gelöscht : user_pref("icqtoolbar.history", "megan%20nicole%20single||durchfall%20ausbleiben%20regel||Bin%20heut[...]
Gelöscht : user_pref("icqtoolbar.icqgeo", 49);
Gelöscht : user_pref("icqtoolbar.installTime", "1308609454");
Gelöscht : user_pref("icqtoolbar.newtab_state", "1");
Gelöscht : user_pref("icqtoolbar.numberOfSearches", 0);
Gelöscht : user_pref("icqtoolbar.previousFFVersion", "5.0");
Gelöscht : user_pref("icqtoolbar.skip_default_search", "no");
Gelöscht : user_pref("icqtoolbar.suggestions", false);
Gelöscht : user_pref("icqtoolbar.uninstStatSent", true);
Gelöscht : user_pref("icqtoolbar.uniqueID", "126324545612632454551263247365314");
Gelöscht : user_pref("icqtoolbar.usageStatstTimestamp", 1312928659);
Gelöscht : user_pref("icqtoolbar.voucherHideClicks", 0);
Gelöscht : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Gelöscht : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Gelöscht : user_pref("icqtoolbar.voucherWasShown", 0);
Gelöscht : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Gelöscht : user_pref("icqtoolbar.xmlLanguage", "de");
-\\ Google Chrome v [Version kann nicht ermittelt werden]
Datei : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [7300 octets] - [08/04/2013 00:08:09]
########## EOF - C:\AdwCleaner[S1].txt - [7360 octets] ##########
|
|
07.04.2013, 23:29
| #30 |
| | Gmx Mail Account gehackt? Virus? OTL EXTRAS Logfile: Code:
ATTFilter OTL logfile created on: 08.04.2013 00:14:52 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,97 Gb Total Physical Memory | 2,08 Gb Available Physical Memory | 52,52% Memory free 7,93 Gb Paging File | 5,88 Gb Available in Paging File | 74,16% Paging File free Paging file location(s): C:\pagefile.sys 0 0 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 451,07 Gb Total Space | 350,84 Gb Free Space | 77,78% Space Free | Partition Type: NTFS Computer Name: USER-PC | User Name: User | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Users\User\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_180.exe (Adobe Systems, Inc.) PRC - C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.) PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe (Safer-Networking Ltd.) PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe (Safer-Networking Ltd.) PRC - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe (Safer-Networking Ltd.) PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.) PRC - C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe (Western Digital ) PRC - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe (Western Digital ) PRC - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Western Digital) PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\ThreatFire\TFTray.exe (PC Tools) PRC - C:\Program Files (x86)\ThreatFire\TFService.exe (PC Tools) PRC - C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Logitech Inc.) ========== Modules (No Company Name) ========== MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll () MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl () MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl () MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl () MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl () MOD - C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl () ========== Services (SafeList) ========== SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD) SRV:64bit: - (wltrysvc) -- C:\Program Files\Dell\Dell Wireless WLAN Card\WLTRYSVC.EXE () SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (GSService) -- C:\Windows\SysWOW64\GSService.exe () SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe () SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.) SRV - (WDRulesService) -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDRulesEngine.exe (Western Digital ) SRV - (WDBackup) -- C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe (Western Digital ) SRV - (WDDriveService) -- C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe (Western Digital) SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (CDMA Device Service) -- C:\Program Files (x86)\Samsung\USB Drivers\26_VIA_driver2\amd64\VIAService.exe () SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (ThreatFire) -- C:\Program Files (x86)\ThreatFire\TFService.exe (PC Tools) SRV - (WinHttpAutoProxySvc) -- winhttp.dll (Microsoft Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (LVPrcS64) -- C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (GameConsoleService) -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe (WildTangent, Inc.) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.) DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.) DRV:64bit: - (atikmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices) DRV:64bit: - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (TfSysMon) -- C:\Windows\SysNative\drivers\TfSysMon.sys (PC Tools) DRV:64bit: - (TfNetMon) -- C:\Windows\SysNative\drivers\TfNetMon.sys (PC Tools) DRV:64bit: - (TfFsMon) -- C:\Windows\SysNative\drivers\TfFsMon.sys (PC Tools) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation) DRV:64bit: - (htcnprot) -- C:\Windows\SysNative\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider) DRV:64bit: - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys () DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation) DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.) DRV:64bit: - (LVRS64) -- C:\Windows\SysNative\drivers\lvrs64.sys (Logitech Inc.) DRV:64bit: - (lvpopf64) -- C:\Windows\SysNative\drivers\lvpopf64.sys (Logitech Inc.) DRV:64bit: - (LVPr2Mon) -- C:\Windows\SysNative\drivers\LVPr2M64.sys () DRV:64bit: - (LVPr2M64) -- C:\Windows\SysNative\drivers\LVPr2M64.sys () DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (BCM42RLY) -- C:\Windows\SysNative\drivers\bcm42rly.sys (Broadcom Corporation) DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (rimmptsk) -- C:\Windows\SysNative\drivers\rimmpx64.sys (REDC) DRV:64bit: - (rismxdp) -- C:\Windows\SysNative\drivers\rixdpx64.sys (REDC) DRV:64bit: - (rimsptsk) -- C:\Windows\SysNative\drivers\rimspx64.sys (REDC) DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.) DRV:64bit: - (k57nd60a) -- C:\Windows\SysNative\drivers\k57nd60a.sys (Broadcom Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Research Inc.) DRV:64bit: - (KMWDFILTER) -- C:\Windows\SysNative\drivers\KMWDFILTER.sys (Windows (R) Codename Longhorn DDK provider) DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation) DRV - (PCDSRVC{1E208CE0-FB7451FF-06020200}_0) -- c:\Programme\Dell Support Center\pcdsrvc_x64.pkms (PC-Doctor, Inc.) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{EEBC724E-4BFE-4464-9D97-20B6AFD8E567}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{160B65D0-06C6-4356-B0DC-E23E359F5430}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\.DEFAULT\..\SearchScopes,defaultscope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-18\..\SearchScopes,defaultscope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-19\..\SearchScopes,defaultscope = IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-20\..\SearchScopes,defaultscope = IE - HKU\S-1-5-21-1324757305-1681669773-3064394410-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com IE - HKU\S-1-5-21-1324757305-1681669773-3064394410-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-21-1324757305-1681669773-3064394410-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com IE - HKU\S-1-5-21-1324757305-1681669773-3064394410-1001\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-21-1324757305-1681669773-3064394410-1001\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1324757305-1681669773-3064394410-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1324757305-1681669773-3064394410-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>;*.local IE - HKU\S-1-5-21-1324757305-1681669773-3064394410-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = ftp=localhost:8080;gopher=localhost:8080;http=localhost:8080;https=localhost:8080;socks=localhost:1080 ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..extensions.enabledAddons: %7B59c81df5-4b7a-477b-912d-4e0fdf64e5f2%7D:0.9.90 FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.14 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:19.0.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {a3f96249-7650-49a8-b54e-9cbf46fbbdf7}:2.6.0.15 FF - prefs.js..extensions.enabledItems: {32a1fd71-835e-4b11-8e54-886fda0b4c89}:1.1 FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655 FF - prefs.js..extensions.enabledItems: {3474c305-9dad-11d8-9207-00055d74c2e4}:0.4.11 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: {800b5000-a755-47e1-992b-48a1c1357f07}:1.1.7 FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.0.900 FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.0.900 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.1.1 FF - prefs.js..extensions.enabledItems: {271A3CF5-5A54-447B-A08F-BE805F0DA60A}:3.3.5.0 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX OVS Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.15.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (the VideoLAN Team) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin1017325.dll (Amazon.com, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2010.12.12 21:02:04 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2010.12.12 21:02:05 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.10 22:14:13 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.10 22:14:11 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.03.10 22:14:13 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 19.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.03.10 22:14:11 | 000,000,000 | ---D | M] [2010.01.11 23:30:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Extensions [2013.04.08 00:08:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\j9uyos9z.default\extensions [2013.02.12 23:49:26 | 000,000,000 | ---D | M] (ChatZilla) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\j9uyos9z.default\extensions\{59c81df5-4b7a-477b-912d-4e0fdf64e5f2} [2013.02.23 20:43:49 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\User\AppData\Roaming\mozilla\Firefox\Profiles\j9uyos9z.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2011.03.05 15:30:45 | 000,000,950 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\j9uyos9z.default\searchplugins\icqplugin-10.xml [2011.03.06 14:06:41 | 000,000,950 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\j9uyos9z.default\searchplugins\icqplugin-11.xml [2011.04.30 16:54:54 | 000,000,950 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\j9uyos9z.default\searchplugins\icqplugin-12.xml [2011.04.30 17:28:43 | 000,000,950 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\j9uyos9z.default\searchplugins\icqplugin-13.xml [2011.06.24 00:39:42 | 000,000,950 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\j9uyos9z.default\searchplugins\icqplugin-14.xml [2011.08.13 20:47:25 | 000,000,950 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\j9uyos9z.default\searchplugins\icqplugin-15.xml [2010.10.16 21:25:42 | 000,000,828 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\j9uyos9z.default\searchplugins\icqplugin-4.xml [2010.10.16 21:25:42 | 000,000,828 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\j9uyos9z.default\searchplugins\icqplugin-5.xml [2010.10.16 21:25:34 | 000,000,950 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\j9uyos9z.default\searchplugins\icqplugin-6.xml [2010.11.01 00:16:33 | 000,000,950 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\j9uyos9z.default\searchplugins\icqplugin-7.xml [2010.11.17 01:46:12 | 000,000,950 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\j9uyos9z.default\searchplugins\icqplugin-8.xml [2010.12.11 16:38:45 | 000,000,950 | ---- | M] () -- C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\j9uyos9z.default\searchplugins\icqplugin-9.xml [2013.03.10 22:14:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.03.10 22:14:10 | 000,000,000 | ---D | M] ("ICQ Toolbar") -- C:\Program Files (x86)\mozilla firefox\extensions\{800b5000-a755-47e1-992b-48a1c1357f07} [2013.03.10 22:14:10 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013.03.10 22:14:13 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.04.29 00:27:36 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.09.01 14:49:11 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.04.29 00:27:36 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.04.29 00:27:36 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.04.29 00:27:36 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.04.29 00:27:36 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.0.900_0\ CHR - Extension: No name found = C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.0.900_0\ O1 HOSTS File: ([2013.04.05 21:39:39 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2:64bit: - BHO: (Windows Live Family Safety Browser Helper Class) - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Programme\Windows Live\Family Safety\fssbho.dll (Microsoft Corporation) O2:64bit: - BHO: (Windows Live ID-Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.) O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-1324757305-1681669773-3064394410-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Programme\Dell\Dell Wireless WLAN Card\WLTRAY.EXE (Dell Inc.) O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation) O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.) O4 - HKLM..\Run: [ThreatFire] C:\Program Files (x86)\ThreatFire\TFTray.exe (PC Tools) O4 - HKU\S-1-5-21-1324757305-1681669773-3064394410-1001..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.) O4 - Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1324757305-1681669773-3064394410-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1324757305-1681669773-3064394410-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0 O7 - HKU\S-1-5-21-1324757305-1681669773-3064394410-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\User\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\User\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files (x86)\ICQ7.2\ICQ.exe (ICQ, LLC.) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-1324757305-1681669773-3064394410-1001\..Trusted Domains: olb.de ([www] * in Trusted sites) O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {271A3CF5-5A54-447B-A08F-BE805F0DA60B} https://www.olb.de/olb_fb3_1857/plugin/AXFOAM.CAB (B+S Banksysteme AG DDBAC Plug-In) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Reg Error: Value error.) O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.15.2) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1F2BD488-0247-4145-8CAF-5FB3A87B6F37}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{72457032-14D2-43E6-97CB-46A7F3B1BE77}: DhcpNameServer = 192.168.42.129 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9ADD10C5-E4D4-4F4E-AB38-B29C3B2F9387}: DhcpNameServer = 192.168.181.211 192.168.181.254 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL () O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - Explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O29:64bit: - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (credssp.dll) - credssp.dll (Microsoft Corporation) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.04.07 22:42:01 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.04.07 22:41:48 | 000,000,000 | ---D | C] -- C:\JRT [2013.04.06 00:48:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype [2013.04.05 23:39:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 [2013.04.05 23:39:40 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe [2013.04.05 21:42:09 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN [2013.04.05 21:19:55 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013.04.05 21:19:55 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013.04.05 21:19:55 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013.04.05 21:19:41 | 000,000,000 | ---D | C] -- C:\ComboFix [2013.04.05 21:15:31 | 000,000,000 | ---D | C] -- C:\Qoobox [2013.04.05 21:14:33 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013.03.31 00:31:51 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\ich [2013.03.30 12:53:47 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\mbar [2013.03.29 01:47:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RegCleaner [2013.03.29 01:29:26 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Roaming\Avira [2013.03.29 01:23:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira [2013.03.29 01:23:30 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2013.03.29 01:23:30 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2013.03.29 01:23:30 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2013.03.29 01:23:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2013.03.29 01:23:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2013.03.28 23:52:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ThreatFire [2013.03.28 23:52:39 | 000,074,824 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\TfSysMon.sys [2013.03.28 23:52:39 | 000,065,072 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\TfFsMon.sys [2013.03.28 23:52:39 | 000,041,888 | ---- | C] (PC Tools) -- C:\Windows\SysNative\drivers\TfNetMon.sys [2013.03.28 23:52:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ThreatFire [2013.03.28 23:52:38 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools [2013.03.28 23:07:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.03.28 22:45:57 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\CD [2013.03.27 00:15:11 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys [2013.03.23 01:42:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2 [2013.03.23 01:42:28 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Programs [2013.03.21 19:00:34 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\shades 3-3 [2013.03.18 01:04:51 | 000,000,000 | ---D | C] -- C:\Users\User\Desktop\I-phone 5 Töne-Musik [2013.03.16 02:33:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes [2013.03.16 02:33:31 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys [2013.03.16 02:33:06 | 000,000,000 | ---D | C] -- C:\Program Files\iPod [2013.03.16 02:33:05 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes [2013.03.16 02:33:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes [2013.03.16 02:33:05 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 [2013.03.16 02:32:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update [2013.03.16 02:32:13 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Apple [2013.03.16 02:32:01 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2013.03.16 02:32:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2013.03.16 02:24:03 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple [2013.03.16 01:04:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer [2013.03.16 01:03:20 | 000,000,000 | ---D | C] -- C:\Users\User\AppData\Local\Apple [2013.03.16 01:01:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple [2013.03.15 00:01:01 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.03.15 00:01:01 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.03.15 00:00:59 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.03.15 00:00:59 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.03.15 00:00:59 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.03.15 00:00:59 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.03.15 00:00:57 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.03.15 00:00:57 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.03.15 00:00:55 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.03.15 00:00:55 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.03.15 00:00:55 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.03.15 00:00:55 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.03.15 00:00:52 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.03.15 00:00:52 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.03.15 00:00:52 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.03.12 20:29:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype [2013.03.10 22:14:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2007.08.13 17:46:00 | 000,102,912 | ---- | C] (Albert L Faber) -- C:\Users\User\AppData\Local\CDRip.dll [2007.01.18 21:09:54 | 000,623,616 | ---- | C] (Ivan Bischof ©2003 - 2005) -- C:\Users\User\AppData\Local\No23 Recorder.exe [2006.12.11 19:13:14 | 000,013,872 | ---- | C] (Un4seen Developments) -- C:\Users\User\AppData\Local\basscd.dll [2006.12.11 19:13:12 | 000,097,336 | ---- | C] (Un4seen Developments) -- C:\Users\User\AppData\Local\bass.dll [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.04.08 00:18:28 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.04.08 00:18:28 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.04.08 00:17:47 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.04.08 00:17:47 | 000,654,400 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.04.08 00:17:47 | 000,616,242 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.04.08 00:17:47 | 000,130,240 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.04.08 00:17:47 | 000,106,622 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.04.08 00:10:47 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.04.08 00:10:44 | 3193,585,664 | -HS- | M] () -- C:\hiberfil.sys [2013.04.08 00:08:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.04.05 23:39:46 | 000,002,179 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk [2013.04.05 21:39:39 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013.04.02 00:03:45 | 000,001,057 | ---- | M] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013.04.01 23:58:00 | 011,717,930 | ---- | M] () -- C:\Users\User\Desktop\Mein Film.wmv [2013.04.01 23:50:30 | 000,019,456 | ---- | M] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013.03.29 01:47:32 | 000,000,964 | ---- | M] () -- C:\Users\User\Desktop\RegCleaner.lnk [2013.03.29 01:23:58 | 000,001,996 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2013.03.29 00:54:33 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2013.03.29 00:54:33 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2013.03.29 00:54:33 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2013.03.28 23:52:40 | 000,000,940 | ---- | M] () -- C:\Users\Public\Desktop\ThreatFire.lnk [2013.03.23 21:59:14 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\drivers\lvuvc.hs [2013.03.23 07:32:18 | 000,003,276 | ---- | M] () -- C:\Windows\WININIT.INI [2013.03.16 02:33:39 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk [2013.03.12 21:09:28 | 000,693,976 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.03.12 21:09:28 | 000,073,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.03.12 20:29:24 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk [1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.04.05 23:39:46 | 000,002,191 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk [2013.04.05 23:39:46 | 000,002,179 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk [2013.04.05 21:19:55 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013.04.05 21:19:55 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013.04.05 21:19:55 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013.04.05 21:19:55 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013.04.05 21:19:55 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013.04.02 00:03:45 | 000,001,057 | ---- | C] () -- C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013.04.01 23:57:20 | 011,717,930 | ---- | C] () -- C:\Users\User\Desktop\Mein Film.wmv [2013.03.29 01:47:32 | 000,000,964 | ---- | C] () -- C:\Users\User\Desktop\RegCleaner.lnk [2013.03.29 01:23:58 | 000,001,996 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk [2013.03.28 23:52:40 | 000,000,940 | ---- | C] () -- C:\Users\Public\Desktop\ThreatFire.lnk [2013.03.16 02:33:39 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk [2013.03.16 02:32:30 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk [2013.03.05 00:37:14 | 000,000,970 | ---- | C] () -- C:\Users\User\.recently-used.xbel [2013.01.17 00:21:39 | 000,403,832 | ---- | C] () -- C:\Windows\SysWow64\GSService.exe [2012.11.08 18:56:56 | 000,000,355 | ---- | C] () -- C:\Users\User\Computer - Verknüpfung.lnk [2012.07.04 07:34:16 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat [2012.07.04 07:34:16 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat [2012.04.18 20:39:10 | 000,028,672 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll [2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat [2011.07.26 17:26:46 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll [2011.07.26 17:26:46 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll [2011.07.26 17:26:46 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll [2011.07.26 17:26:46 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll [2011.06.19 20:10:04 | 000,007,620 | ---- | C] () -- C:\Users\User\AppData\Local\Resmon.ResmonCfg [2010.09.13 00:42:30 | 000,000,367 | ---- | C] () -- C:\Users\User\Zuletzt besucht - Verknüpfung.lnk [2010.08.15 16:49:45 | 000,001,594 | ---- | C] () -- C:\Users\User\AppData\Local\RecConfig.xml [2010.07.07 17:45:07 | 000,019,456 | ---- | C] () -- C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.01.18 00:27:37 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 08.04.2013 00:14:52 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\User\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,97 Gb Total Physical Memory | 2,08 Gb Available Physical Memory | 52,52% Memory free
7,93 Gb Paging File | 5,88 Gb Available in Paging File | 74,16% Paging File free
Paging file location(s): C:\pagefile.sys 0 0 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,07 Gb Total Space | 350,84 Gb Free Space | 77,78% Space Free | Partition Type: NTFS
Computer Name: USER-PC | User Name: User | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Reg Error: Value error.] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-1324757305-1681669773-3064394410-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0AB26960-8350-44B2-B0FA-2B7400E819C0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1141BA51-7121-4C28-9D74-4D91809575CB}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{187A5B22-A6ED-46A0-A772-3F69ACD7BE95}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{209B3ABB-45E5-4AE4-8B2D-BF80A9FF03A8}" = rport=445 | protocol=6 | dir=out | app=system |
"{2517CFD7-62D5-473A-9402-B9180D511F6A}" = lport=10243 | protocol=6 | dir=in | app=system |
"{25E9C926-EF53-42D5-9A7B-68FDC6C6887B}" = lport=139 | protocol=6 | dir=in | app=system |
"{2B32C260-58FA-45EC-A2CA-7852CF5DADA5}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2F18FAD3-A049-42DB-9EA7-0468A15168F0}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3B3DC4FC-2B40-4506-A466-CE225364626C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3C88919F-5D7A-410C-B5DF-B5F7584AFAEF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{3E21119D-EA76-48ED-9535-ECBAB5210457}" = rport=138 | protocol=17 | dir=out | app=system |
"{4B1B9866-4905-4186-9525-51329206556E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{4B369935-56CD-4CB2-8E60-85E2EB57DAF0}" = rport=10243 | protocol=6 | dir=out | app=system |
"{6BFA01DB-EF78-44D7-81DD-13CADB39EF59}" = lport=137 | protocol=17 | dir=in | app=system |
"{7087B074-CD02-4665-9784-4B2BE04BE6D6}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{877B2D00-F6E4-40C7-84A8-73FFDFF34489}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8F068D7E-1055-4185-BCD4-719C1D78AD8F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A08EB336-5DAA-43CA-B330-6F786852A271}" = lport=2869 | protocol=6 | dir=in | app=system |
"{B5B554CD-1AED-40DC-A710-A14A89066671}" = lport=138 | protocol=17 | dir=in | app=system |
"{BC189F16-B577-41E9-8DE3-709A9707C280}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C332BAAF-3DCE-4EEF-AEC7-C17FC1EE519C}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{C526AE44-2FC9-476D-8714-0C337D015F05}" = rport=137 | protocol=17 | dir=out | app=system |
"{C536234D-1977-4DEE-8776-9C60B5B69235}" = rport=139 | protocol=6 | dir=out | app=system |
"{D18B1200-EBE8-43CB-BD48-7882808F18DB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D6E84E1E-F7C2-4184-945F-D3C5F0C89BCF}" = lport=445 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0959AA25-A5C3-4E5C-947F-84ABAF9E9861}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{0EDC1694-B4AC-47AA-B296-F55E416A043C}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe |
"{10CE22B3-C4A1-4B25-8C80-0DEEE4AEA13A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{1157232F-614B-4B4D-8A83-40E0B35A6255}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"{12CD27BB-E9AB-4CFD-B605-3BBCF606B987}" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"{12F84A8B-B92B-406A-8765-F008BD33A060}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{16BCBD78-4E48-4376-AE51-B23D6CAA84CB}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{170CBFE1-BC87-41F3-98B3-4247402D2C65}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe |
"{17B19F5D-6BEA-432A-9BF7-D82EB59E97D0}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"{196F21D1-9F0D-4E2A-96A2-47A34396A5FA}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{1B2083E3-0170-4DFC-8E34-E50090D38255}" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"{2400AA90-7C39-4A2D-8CDB-C70409BF7BEF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{2A23C189-BE0B-423A-A74E-D2A9971EB3D2}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{2AE371DF-2972-46A4-B3C3-F7AFCAB40DEB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2B625286-DF83-48EF-B526-35E2E4A6BF63}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{2B7FE7E5-1DC0-446B-A02F-60BCC5D6EABC}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{31F73393-076F-477D-8634-AE61420C5BE8}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{39A25565-0691-4B0D-BD08-7BC0D6D3C8D6}" = protocol=17 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{3AA278C1-4B01-451A-835B-B386DA954F32}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{3C66AD6E-89D6-418D-97C3-840DDEB286D3}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3DF232FB-3B57-40EC-8294-4EF25426B6B4}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe |
"{4288F167-07E5-457A-80A3-537DE63905B5}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{53CC31D3-ED57-4432-A2AD-DE5D575E1C1C}" = protocol=6 | dir=in | app=c:\windows\syswow64\msiexec.exe |
"{54F75903-9E85-4866-8F4D-373DAC18AEDA}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"{5519FD56-CC3D-4EC9-8298-9A4ADE979917}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe |
"{564C3D70-904A-4FF0-8984-51C31E7D97C2}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{5A10DC39-BA8B-4E50-9B92-1DE672EFBE15}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{5F955A1D-3278-44C8-93AD-8266881B5C58}" = protocol=6 | dir=out | app=system |
"{5FB958BB-409D-4E1F-A7B6-171F37312E3F}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6AF71CBB-3BD9-4A65-A6CA-70EEF3E58285}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6C2B9D81-BD8D-4BD3-AEB8-3BD2740F803E}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{7305E180-DC97-4868-B682-5AA7DCC32955}" = protocol=6 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{733FF932-29AE-4CD2-8907-AD8FFCABA7DC}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{73981C6E-09D6-4BEB-91E2-1A4D58DB41E8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{77A5B253-7C19-486A-A314-06D0B084FD60}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{7B1DC45B-B73F-4BB7-A0FF-E23AFBF5DE6C}" = protocol=17 | dir=in |
app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{80F63E0E-C351-43DD-B0F9-17544DB60126}" = protocol=6 | dir=in |
app=c:\program files (x86)\icq6.5\icq.exe |
"{8FC5C7DC-457E-444B-845F-33D26F9A409E}" = protocol=17 | dir=in | app=c:\users\User\downloads\videoconvertersdm.exe |
"{959FFDBD-C8CE-4EA7-A7D3-6066CB44BEC4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9C95ACC2-CEA7-4036-9C12-11AAF4859D52}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{9E8B8C41-97CB-4657-95EB-2421834F745F}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{A8CE5EEC-D29F-493B-B8DB-A0187FE7C0CB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AB452E3F-E83E-4ECF-8CFD-904265000CE7}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{AEE11A6C-F89E-4DDE-BA54-A406FF3C510E}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B2082065-ACBE-4FBD-B9DC-0AC775916BA9}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{B48CE8BB-61CE-4B43-A971-3379017AEFE4}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\icq.exe |
"{BC2E7D95-8A77-478C-9A21-ED54B664C350}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{BD2941C3-F26F-492C-89CD-13EC4E6C418B}" = protocol=6 | dir=in | app=c:\users\User\downloads\videoconvertersdm.exe |
"{C6F040A7-DE01-4AD7-9E42-F858DBCB65B4}" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"{CC58CB6B-3A0A-4713-B47F-9D237F555D7A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CFA56FC3-00AD-47FC-8E68-97B10F2870B1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D3404745-6BA2-4B55-AA95-6D8A7D9F5284}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe |
"{DF5CEB55-CB82-47CE-8964-523CD0F60032}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe |
"{E0071BE9-2754-45A0-990A-9AB0CC91B11E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E4A52448-BFD0-4645-A705-F9514029EBC4}" = protocol=17 | dir=in | app=c:\program files (x86)\sweetim\communicator\sweetpacksupdatemanager.exe |
"{E5DA7BA1-8F7C-4261-BF55-86E8009AFAEF}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe |
"{F3282EDC-ACEE-4BC8-9C29-F0B1BACEC0E9}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F59895A2-0474-48D7-A233-B2338E133DC5}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe |
"{F5FBC175-A869-4C3C-A22B-8FC845390D69}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{FE533851-3574-436F-AF4F-541773DFE334}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.2\aolload.exe |
"TCP Query User{2F88FB5D-17B4-4680-80BE-97D7776B44E5}C:\program files
"TCP Query User{68AC2514-1E3D-4034-897B-8FB8F24E6CF6}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"TCP Query User{7162CB2E-21F9-484D-9C87-687168434A1B}C:\program files (x86)\your freedom\freedom.exe" = protocol=6 | dir=in | app=c:\program files (x86)\your freedom\freedom.exe |
"TCP Query User{AA1AE0B4-4985-493F-AB4A-3108392460EE}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"TCP Query User{B7F4A38D-E44E-4AD3-B10D-7EA42E397B24}C:\program files (x86)\miranda im\miranda32.exe" = protocol=6 | dir=in | app=c:\program files (x86)\miranda im\miranda32.exe |
"TCP Query User{EE844CEA-B283-4E2C-B418-210401CE24F1}C:\program files (x86)\logitech\vid\vid.exe" = protocol=6 | dir=in | app=c:\program files (x86)\logitech\vid\vid.exe |
"TCP Query User{F794ECAE-1918-4CC9-AEF6-CD3B43C95790}C:\users\User\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\User\appdata\local\akamai\netsession_win.exe |
"UDP Query User{23EEF42F-BA64-456A-9DD8-112A407F1675}C:\program files (x86)\your freedom\freedom.exe" = protocol=17 | dir=in | app=c:\program files (x86)\your freedom\freedom.exe |
"UDP Query User{406EA9E5-4D2F-414D-B196-B68E18D0E4E5}C:\program files (x86)\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\firefox.exe |
"UDP Query User{78950AA8-22CB-47A2-B2E8-752DBEA43CAA}C:\program files (x86)\logitech\vid\vid.exe" = protocol=17 | dir=in | app=c:\program files (x86)\logitech\vid\vid.exe |
"UDP Query User{BFD06161-5118-4935-873B-9B31F947FE9E}C:\users\User\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\User\appdata\local\akamai\netsession_win.exe |
"UDP Query User{DE27C456-21BD-4148-9B4A-7EDBA6AE2F18}C:\program files (x86)\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\plugin\geplugin.exe |
"UDP Query User{E624290D-C61F-4F1F-AA08-474F8233AFA2}C:\program files (x86)\miranda im\miranda32.exe" = protocol=17 | dir=in | app=c:\program files (x86)\miranda im\miranda32.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1012456A-D118-37E0-E837-34AA28602013}" = AMD Drag and Drop Transcoding
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{17B77355-3934-4D0E-8FAC-C420482C8E7D}" = Windows Live Family Safety
"{26A24AE4-039D-4CA4-87B4-2F86416014FF}" = Java(TM) 6 Update 14 (64-bit)
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{68CA3A47-3F7E-0E92-DC0D-5B0C02D9AFAD}" = ccc-utility64
"{6BB150E8-6CBB-5F8F-CAE7-BE21B2C92D31}" = AMD Accelerated Video Transcoding
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6FE8A1DA-8CA6-4801-BF0F-0F2FED143FF4}" = WD SmartWare
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{914F7627-B645-9895-F723-BAEAAC865E75}" = AMD Catalyst Install Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{987FE247-4E69-4A2E-A961-D14F901FDBF6}" = Logitech Webcam Software
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID-Anmelde-Assistent
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{DA3372D5-F228-5C71-3FAC-177D4AEE8659}" = AMD Media Foundation Decoders
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"Dell Wireless WLAN Card Utility" = Dell Wireless WLAN Card Utility
"lvdrivers_12.10" = Logitech Webcam Software-Treiberpaket
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"PC-Doctor for Windows" = Dell Support Center
"SynTPDeinstKey" = Dell Touchpad
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{03D45A4B-D7F5-C03E-1650-885756303D13}" = CCC Help Norwegian
"{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22B0E143-2B0B-435B-9F56-136A3D16065F}" = No23 Recorder
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83216014FF}" = Java(TM) 6 Update 29
"{26A24AE4-039D-4CA4-87B4-2F83217015FF}" = Java 7 Update 15
"{284E9E9A-D8BE-3588-D0BA-E9BB61970A1D}" = CCC Help Hungarian
"{30E18A93-982E-AF1B-D646-E8C5DAECA390}" = CCC Help French
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{31A559C1-9E4D-423B-9DD3-34A6C5398752}" = HTC BMP USB Driver
"{3A07247E-0645-8BCF-8419-FD857790108D}" = Skins
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = erLT
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{4021F8B5-E8BB-D0F9-AF28-4970013FAE3D}" = Catalyst Control Center
"{470D66DF-B597-124E-EDCE-8B966AA5F230}" = CCC Help Portuguese
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{483924A6-52C5-9169-0280-14272D5FBA70}" = CCC Help Chinese Standard
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CEEE5D0-F905-4688-B9F9-ECC710507796}" = HTC Driver Installer
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{57AE1BE1-24E8-4169-D52C-ABE31BD91562}" = CCC Help Finnish
"{5B5745F7-23EF-9E5E-6689-512C9FA08222}" = CCC Help English
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{625031C9-E249-2A53-C282-C1E9872B211E}" = CCC Help Turkish
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{655E0B5A-7ADF-A052-587F-64F0E59B58E7}" = CCC Help Dutch
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{6D6664A9-3342-4948-9B7E-034EFE366F0F}" = HTC Driver Installer
"{6DED41BC-C9EF-4330-B4E5-46CB2C5C6E2D}" = No23 Recorder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72E40002-8CEC-47C1-A099-83AC8E173BF0}" = WD Drive Utilities
"{72EFBFE4-C74F-4187-AEFD-73EA3BE968D6}" = ICQ7.2
"{74437563-D720-0307-90FC-1C351B1041D7}" = Catalyst Control Center Localization All
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A4D10-821B-3FA5-52B0-F0FAEEDED9F4}" = CCC Help Czech
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B63B2922B174135AFC0E1377DD81EC2}" =
"{7BA14A92-C229-5E00-3ADE-8D22F81B849E}" = CCC Help German
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{80A5B901-C7BD-D300-17BA-9E02F18EAB77}" = CCC Help Danish
"{82F505E6-5879-B30A-12B7-7795969D3BBB}" = CCC Help Polish
"{83270912-15C7-4336-822E-E8F1B1BBCA60}" = WD Security
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8476003F-6927-8393-C6F4-FAF47D61D00B}" = CCC Help Korean
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89A2D79E-B3AD-A83A-795F-5645EFF922D3}" = CCC Help Greek
"{89C0F58F-9E5B-2B45-D9DF-7988A54BECA8}" = CCC Help Italian
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8B91D776-792D-F02B-DE43-BF398549C729}" = CCC Help Spanish
"{8E5233E1-7495-44FB-8DEB-4BE906D59619}" = Junk Mail filter update
"{8F272838-BDD6-B433-D650-25E231AEFA8A}" = Catalyst Control Center InstallProxy
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A0516415-ED61-419A-981D-93596DA74165}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{E64BA721-2310-4B55-BE5A-2925F9706192}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{983BE967-28E9-5C78-8851-638DAC4AF66E}" = CCC Help Swedish
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A707240D-18D3-07F4-AE2E-6AE76C220192}" = CCC Help Japanese
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.1) - Deutsch
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B95AC87D-630B-603F-3F12-AA22B3BBA69C}" = CCC Help Chinese Traditional
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C55C6A62-CBAF-495E-BA8D-7CF765F6C436}" = DDBAC
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2F0AF23-FE2F-4222-9A43-55E63CC41EF1}" = Catalyst Control Center - Branding
"{EB1C554C-5343-9A69-1B8C-666AF192CA19}" = CCC Help Russian
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F32D24DD-D787-10F9-D21E-BC3FAB3064CB}" = Catalyst Control Center Graphics Previews Common
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F8D90583-7BB5-75A9-B23F-A353AD4674BC}" = CCC Help Thai
"3554AA4B-9B0B-451a-A269-2B5F53982209_is1" = ThreatFire
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
"AudibleManager" = AudibleManager
"Avira AntiVir Desktop" = Avira Free Antivirus
"Dell Webcam Central" = Dell Webcam Central
"DivX Setup.divx.com" = DivX-Setup
"FormatFactory" = FormatFactory 3.0.1
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 7.2
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.33.1005
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Mozilla Firefox 19.0.2 (x86 de)" = Mozilla Firefox 19.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PhotoBookWorld_is1" = PhotoBookWorld 2.1
"TeamViewer 7" = TeamViewer 7
"VLC media player" = VLC media player 1.1.2
"WildTangent dell Master Uninstall" = WildTangent-Spiele
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1324757305-1681669773-3064394410-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
========== Last 20 Event Log Errors ==========
[ OSession Events ]
Error - 02.01.2011 08:35:32 | Computer Name = User-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1
seconds with 0 seconds of active time. This session ended with a crash.
Error - 15.01.2011 12:53:19 | Computer Name = User-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
Error - 23.01.2011 14:52:21 | Computer Name = User-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6500.5000, Microsoft Office Version: 12.0.6425.1000. This session
lasted 3 seconds with 0 seconds of active time. This session ended with a crash.
Error - 29.01.2011 10:45:18 | Computer Name = User-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
Error - 08.02.2011 12:48:21 | Computer Name = User-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 13.03.2011 19:10:35 | Computer Name = User-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4
seconds with 0 seconds of active time. This session ended with a crash.
Error - 18.05.2011 17:27:16 | Computer Name = User-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 13.08.2011 12:53:37 | Computer Name = User-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 17.12.2011 10:35:12 | Computer Name = User-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3
seconds with 0 seconds of active time. This session ended with a crash.
Error - 04.01.2012 09:59:29 | Computer Name = User-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6514.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
[ Spybot - Search and Destroy Events ]
Error - 23.03.2013 01:31:35 | Computer Name = User-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
Error - 23.03.2013 01:32:18 | Computer Name = User-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
Error - 05.04.2013 18:16:58 | Computer Name = User-PC | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
[ System Events ]
Error - 07.04.2013 18:09:58 | Computer Name = User-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%1058
Error - 07.04.2013 18:11:32 | Computer Name = User-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%1058
Error - 07.04.2013 18:11:41 | Computer Name = User-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%1058
Error - 07.04.2013 18:11:41 | Computer Name = User-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Peernetzwerk-Gruppenzuordnung" ist vom Dienst "Peer Name
Resolution-Protokoll" abhängig, der aufgrund folgenden Fehlers nicht gestartet
wurde: %%1058
< End of report >
|
|
| Themen zu Gmx Mail Account gehackt? Virus? |
| altes, automatisch, automatische, ebenfalls, einloggen, einstellungen, gehackt, gen, geändert, gmx, gmx account, gmx mail, gmx.de, hallo zusammen, internetseite, keylogger, komische, log-in, mail, mails, neues, nichts, passwort, problem, ratlos, seite, seltsam, sich automatisch, virus, virus? |
Linear-Darstellung
