| |
| |||||||
Log-Analyse und Auswertung: Kein Internetzugriff trotz VerbindungWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
15.04.2013, 14:22
| #1 |
 |  Kein Internetzugriff trotz Verbindung Hallo, beim Googlen bin ich auf ein ähnliches Problem hier im Forum gestoßen, weshalb ich meines nun auch hier beschreibe: Bei Starten des PCs läuft alles wie gewohnt, doch seit Kurzem kommt es häufiger vor, dass ich plötzlich keinen Internetzugriff mehr habe. Es fängt meist damit an, dass ich ein (nicht unbedingt das erste) Youtube-Video anklicke, es nicht lädt und mir dann auffällt, dass ich mit gar keinem Browser mehr irgendeine Seite aufrufen kann und Programme wie Skype auch nicht mehr verbinden, obwohl mir eine bestehende Internetverbindung angezeigt wird. Ich habe bereits vergeblich versucht, kurz den Stecker vom Router zu ziehen, das WLAN vom PC vorübergehend zu deaktivieren, Antivirus-Programm zu deaktivieren und (Nutzer) ab- und anmelden; es funktioniert erst wieder, wenn ich neu starte. Mit anderen Geräten habe ich nach wie vor gewohnten Internetzugang übers WLAN. Danke im Voraus für jede Antwort.  Nachfolgend die logs: 2) Code:
ATTFilter OTL logfile created on: 15.04.2013 13:36:20 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,90 Gb Total Physical Memory | 2,82 Gb Available Physical Memory | 72,36% Memory free 7,80 Gb Paging File | 6,47 Gb Available in Paging File | 82,85% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 284,99 Gb Total Space | 163,54 Gb Free Space | 57,38% Space Free | Partition Type: NTFS Computer Name: ***-PC | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.04.14 19:54:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe PRC - [2013.04.11 19:06:51 | 001,104,280 | ---- | M] (Spotify Ltd) -- C:\Users\***\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe PRC - [2012.12.11 04:52:44 | 003,147,384 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgui.exe PRC - [2012.12.10 12:11:44 | 001,342,024 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe PRC - [2012.11.16 00:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe PRC - [2012.10.22 14:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe PRC - [2010.02.09 20:57:46 | 000,704,032 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe PRC - [2010.01.30 01:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe PRC - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe PRC - [2010.01.08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe PRC - [2009.12.14 10:06:12 | 000,206,072 | ---- | M] () -- C:\Windows\PLFSetI.exe PRC - [2009.09.24 14:14:56 | 000,825,864 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.EXE PRC - [2009.06.05 04:03:32 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe PRC - [2009.06.05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe PRC - [2008.01.16 09:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe PRC - [2007.07.24 20:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe PRC - [2007.01.05 04:48:50 | 000,112,152 | ---- | M] (InterVideo) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe ========== Modules (No Company Name) ========== MOD - [2009.12.14 10:06:12 | 000,206,072 | ---- | M] () -- C:\Windows\PLFSetI.exe ========== Services (SafeList) ========== SRV - [2013.04.11 10:16:34 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2012.12.10 12:11:44 | 001,342,024 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe -- (avgfws) SRV - [2012.11.16 00:34:30 | 005,814,904 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe -- (AVGIDSAgent) SRV - [2012.10.22 14:05:08 | 000,196,664 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe -- (avgwd) SRV - [2010.12.10 18:36:54 | 000,153,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter) SRV - [2010.10.22 14:08:18 | 001,039,360 | ---- | M] (Hewlett-Packard Co.) [Auto | Running] -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL -- (HPSLPSVC) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2010.02.26 19:57:52 | 000,841,248 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc) SRV - [2010.01.30 01:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service) SRV - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service) SRV - [2010.01.08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.06.05 04:03:06 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe -- (IAANTMON) SRV - [2008.01.16 09:51:44 | 000,030,312 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe -- (BcmSqlStartupSvc) SRV - [2007.07.24 20:15:14 | 000,185,632 | ---- | M] (Protexis Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2) SRV - [2007.01.05 04:48:50 | 000,112,152 | ---- | M] (InterVideo) [Auto | Running] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr) ========== Driver Services (SafeList) ========== DRV:64bit: - [2012.11.16 00:33:24 | 000,111,968 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (AvgMfx64) DRV:64bit: - [2012.10.22 14:02:44 | 000,154,464 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver) DRV:64bit: - [2012.10.15 04:48:50 | 000,063,328 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA) DRV:64bit: - [2012.10.02 04:30:38 | 000,185,696 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (AvgLdx64) DRV:64bit: - [2012.09.21 04:46:04 | 000,200,032 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (AvgTdiA) DRV:64bit: - [2012.09.21 04:46:00 | 000,225,120 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga) DRV:64bit: - [2012.09.14 04:05:18 | 000,040,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (AvgRkx64) DRV:64bit: - [2012.09.04 11:39:32 | 000,050,296 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgfwd6a.sys -- (Avgfwfd) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2011.01.07 03:53:02 | 001,410,608 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.04.28 08:21:38 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:64bit: - [2010.04.28 08:21:38 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV:64bit: - [2009.11.13 11:47:00 | 000,067,072 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C) DRV:64bit: - [2009.09.15 06:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64) DRV:64bit: - [2009.09.02 18:54:20 | 007,369,728 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009.08.21 11:18:16 | 002,978,296 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2009.08.11 06:59:50 | 000,686,080 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.06.24 05:00:18 | 000,216,576 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.06.05 03:54:36 | 000,408,600 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) DRV - [2009.03.26 05:16:08 | 000,025,608 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\DKbFltr.sys -- (DKbFltr) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=extensa_5635z&r=27360111b806l04g3z105i6791u207 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKCU\..\URLSearchHook: - No CLSID value found IE - HKCU\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found IE - HKCU\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE416DE416 IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.14 FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.8 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.02.01 23:56:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG8\Firefox [2011.03.21 19:34:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1d5287d1-8a92-0001-1f31-1cec198018d8}: C:\Program Files (x86)\AVG\AVG8\ToolbarFF [2011.03.20 16:40:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.15 10:20:11 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.24 11:26:00 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.02.01 23:56:09 | 000,000,000 | ---D | M] [2012.10.19 15:57:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2013.04.15 10:20:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\wslbkwjy.default\extensions [2013.02.26 19:17:33 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\wslbkwjy.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013.04.15 10:20:14 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\wslbkwjy.default\extensions\ich@maltegoetz.de [2013.02.08 08:49:39 | 000,698,764 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\wslbkwjy.default\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2012.10.19 15:56:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2013.04.15 10:20:11 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.10.11 04:10:32 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.10.11 04:10:32 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.10.11 04:10:32 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.10.11 04:10:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.10.11 04:10:32 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.10.11 04:10:32 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files (x86)\AVG\AVG8\avgtoolbar.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files (x86)\AVG\AVG8\avgtoolbar.dll (AVG Technologies CZ, s.r.o.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Programme\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.EXE (Dritek System Inc.) O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\***\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Java Plug-in 10.13.2) O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (WRC Class) O16 - DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Java Plug-in 1.7.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Java Plug-in 1.7.0_13) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{62084AAF-243D-458F-BBCC-D9B8F02B7453}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ED8E7DFB-10A1-4B65-A2C8-4E8A3BAA9833}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\linkscanner - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O33 - MountPoints2\{25ef34a8-3541-11e2-9462-60eb69578d83}\Shell - "" = AutoRun O33 - MountPoints2\{25ef34a8-3541-11e2-9462-60eb69578d83}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{25ef34c2-3541-11e2-9462-60eb69578d83}\Shell - "" = AutoRun O33 - MountPoints2\{25ef34c2-3541-11e2-9462-60eb69578d83}\Shell\AutoRun\command - "" = E:\AutoRun.exe O33 - MountPoints2\{684c3436-3787-11e0-b16e-60eb69578d83}\Shell - "" = AutoRun O33 - MountPoints2\{684c3436-3787-11e0-b16e-60eb69578d83}\Shell\AutoRun\command - "" = E:\iStudio.exe O33 - MountPoints2\{9b20cd7e-9778-11e2-8bbf-60eb69578d83}\Shell - "" = AutoRun O33 - MountPoints2\{9b20cd7e-9778-11e2-8bbf-60eb69578d83}\Shell\AutoRun\command - "" = E:\Startme.exe O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.04.14 19:54:10 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2013.04.07 13:59:22 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Freemake_do_not_remove_this_folder635009399622121950 [2013.04.07 12:48:34 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Freemake_do_not_remove_this_folder [2013.04.07 12:03:07 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Freemake [2013.04.02 13:45:59 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Mp3tag [2013.04.02 13:41:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mp3tag [2013.03.31 14:29:44 | 000,000,000 | ---D | C] -- C:\Users\***\.android [2013.03.30 15:28:03 | 000,000,000 | ---D | C] -- C:\Users\***\Podcasts [2013.03.30 15:24:26 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Sony [2013.03.30 15:24:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sony Shared [2013.03.30 15:24:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation [2013.03.30 15:15:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony [2013.03.30 15:14:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Media Go Install [2013.03.30 15:14:57 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Sony [2013.03.26 21:42:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp [2013.03.26 21:41:51 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\AVG [2013.03.26 21:37:41 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG [2013.03.26 21:32:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2013.03.26 21:25:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} [2013.03.26 20:28:43 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\AVG2013 [2013.03.26 20:28:05 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\TuneUp Software [2013.03.26 20:27:32 | 000,000,000 | -H-D | C] -- C:\$AVG [2013.03.26 20:27:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013 [2013.03.26 20:25:51 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2013.03.26 20:25:51 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\MFAData [2013.03.26 20:25:51 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2013.03.26 20:25:51 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Avg2013 [2013.03.26 20:25:16 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG8UPG [2013.03.24 12:33:31 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\com.schroedel.bioheuteeinleger [2013.03.24 12:33:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Schroedel [2013.03.24 12:32:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Schroedel ========== Files - Modified Within 30 Days ========== [2013.04.15 13:33:19 | 000,000,000 | ---- | M] () -- C:\Users\***\defogger_reenable [2013.04.15 13:28:55 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.04.15 13:28:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.04.15 13:26:18 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.04.15 13:26:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.04.15 10:03:28 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.04.15 10:03:28 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.04.15 09:54:57 | 3143,311,360 | -HS- | M] () -- C:\hiberfil.sys [2013.04.14 19:55:44 | 000,394,587 | ---- | M] () -- C:\Users\***\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten_ - Trojaner-Board.mht [2013.04.14 19:55:22 | 000,377,856 | ---- | M] () -- C:\Users\***\Desktop\gmer_2.1.19163.exe [2013.04.14 19:54:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2013.04.14 19:51:51 | 000,050,477 | ---- | M] () -- C:\Users\***\Desktop\Defogger.exe [2013.04.13 13:11:10 | 001,646,182 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.04.13 13:11:10 | 000,711,370 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.04.13 13:11:10 | 000,662,950 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.04.13 13:11:10 | 000,153,766 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.04.13 13:11:10 | 000,124,144 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.04.11 09:50:00 | 000,450,416 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.03.30 20:02:15 | 000,000,928 | ---- | M] () -- C:\Windows\wininit.ini [2013.03.30 20:02:03 | 000,001,051 | ---- | M] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013.03.30 01:10:25 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013.03.30 01:10:24 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013.03.29 08:42:11 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013.03.28 15:49:53 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2013.03.26 09:08:59 | 068,106,125 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm [2013.03.23 23:44:29 | 000,205,007 | ---- | M] () -- C:\Users\***\Documents\wie ich denke und arbeite.pdf [2013.03.23 23:44:15 | 000,177,073 | ---- | M] () -- C:\Users\***\Documents\was ich beruflich tun will.pdf [2013.03.23 23:44:02 | 000,201,084 | ---- | M] () -- C:\Users\***\Documents\was ich lernen möchte.pdf ========== Files Created - No Company Name ========== [2013.04.15 13:33:19 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable [2013.04.14 19:55:44 | 000,394,587 | ---- | C] () -- C:\Users\***\Desktop\Für alle Hilfesuchenden! Was muss ich vor der Eröffnung eines Themas beachten_ - Trojaner-Board.mht [2013.04.14 19:55:14 | 000,377,856 | ---- | C] () -- C:\Users\***\Desktop\gmer_2.1.19163.exe [2013.04.14 19:51:49 | 000,050,477 | ---- | C] () -- C:\Users\***\Desktop\Defogger.exe [2013.03.30 01:10:25 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2013.03.30 01:10:24 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2013.03.29 08:42:11 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013.03.28 15:49:53 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2013.03.23 23:44:25 | 000,205,007 | ---- | C] () -- C:\Users\***\Documents\wie ich denke und arbeite.pdf [2013.03.23 23:44:11 | 000,177,073 | ---- | C] () -- C:\Users\***\Documents\was ich beruflich tun will.pdf [2013.03.23 23:43:57 | 000,201,084 | ---- | C] () -- C:\Users\***\Documents\was ich lernen möchte.pdf [2013.01.17 18:19:58 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI [2012.09.16 17:04:42 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2012.04.28 22:53:47 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2012.04.18 17:17:34 | 000,000,032 | ---- | C] () -- C:\Users\***\.simfy [2012.02.09 22:28:07 | 000,000,928 | ---- | C] () -- C:\Windows\wininit.ini [2011.10.12 13:44:11 | 000,001,484 | ---- | C] () -- C:\Users\***\AppData\Local\RecConfig.xml [2011.09.28 14:53:41 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll [2011.07.11 20:20:25 | 000,007,597 | ---- | C] () -- C:\Users\***\AppData\Local\Resmon.ResmonCfg [2010.04.08 16:53:55 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.03.26 21:41:51 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\AVG [2013.03.26 20:28:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\AVG2013 [2013.01.17 18:19:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\BITS [2013.03.24 12:33:31 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\com.schroedel.bioheuteeinleger [2013.04.15 13:29:10 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Dropbox [2013.01.23 20:24:23 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoft [2011.08.26 19:40:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DynaGeo [2013.01.17 18:31:24 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\FlashgetSetup [2012.11.02 19:34:42 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Guitar Pro 6 [2013.04.15 10:19:00 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\ICQ [2012.04.28 22:54:10 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\InterVideo [2011.08.26 19:25:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\JavaEditor [2013.04.13 13:59:46 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Mp3tag [2011.02.20 13:07:31 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenOffice.org [2012.05.05 15:20:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Opera [2011.10.13 12:46:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Philipp Winterberg [2012.12.20 15:05:22 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\PlayFirst [2012.04.18 17:17:33 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Simfy [2013.03.30 15:31:29 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Sony [2013.04.13 20:27:14 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Spotify [2011.09.28 18:18:56 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Synaptics [2012.11.23 13:48:43 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\T-Mobile [2011.09.02 00:14:54 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TeamViewer [2013.03.26 20:28:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TuneUp Software [2012.05.31 20:51:36 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Windows Live Writer ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:AB689DEA @Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:93EB7685 @Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:0B9176C0 @Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:ABE89FFE @Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:5D7E5A8F @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:798A3728 @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:4D066AD2 < End of report > Code:
ATTFilter OTL Extras logfile created on: 15.04.2013 13:36:20 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,90 Gb Total Physical Memory | 2,82 Gb Available Physical Memory | 72,36% Memory free
7,80 Gb Paging File | 6,47 Gb Available in Paging File | 82,85% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284,99 Gb Total Space | 163,54 Gb Free Space | 57,38% Space Free | Partition Type: NTFS
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A6F1B75-D14F-4F4D-B191-D41FBC58649E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{160ADF36-4F7B-4BFD-89A4-76C639FBD244}" = lport=445 | protocol=6 | dir=in | app=system |
"{29B97E47-A8C2-474F-B0BE-735F14536C59}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2B305541-BB27-409A-AD6C-279D8F805FA4}" = rport=445 | protocol=6 | dir=out | app=system |
"{2B805934-E6E4-4499-88E3-40D13A6DBA2C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{47C75FE9-E253-4DAF-A0C3-B4F79FDF4304}" = lport=10243 | protocol=6 | dir=in | app=system |
"{557ED309-A573-4C9B-9C80-3FAA6084FB12}" = rport=10243 | protocol=6 | dir=out | app=system |
"{560255F6-5018-4872-80C2-8FD8E917CCCB}" = rport=138 | protocol=17 | dir=out | app=system |
"{6E8DD6E8-AA13-412F-B205-2C0B38052040}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{70A14002-2E1C-4E22-A9CC-552EB8A26883}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{7453025E-8FD5-486D-A98C-23503F335797}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{8D75CA33-5784-4368-B8E1-5A6F9DC6C5E9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{900B9342-D4A0-46B1-8FD7-AC183BC6D42F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A58BC693-22C4-4A86-BF71-14645956F399}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A69C2847-A6C9-4C49-9914-CD3591615591}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B90FDFC9-D695-4531-809F-FF62A88E2CA1}" = lport=139 | protocol=6 | dir=in | app=system |
"{BF874C2C-A9F4-4D7E-9019-80CD84632668}" = rport=139 | protocol=6 | dir=out | app=system |
"{C63F41A4-0B09-4C3D-B0AB-D814BCEF644F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{C73E3AC6-0796-4EED-A864-3DB92AEFEE04}" = lport=138 | protocol=17 | dir=in | app=system |
"{D13618A8-32F1-495C-96C9-85C02D22B3D3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DD5F9242-6CEA-4C7C-97B2-5F3F0FAF39B4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E3BB3E0B-61C7-4AE5-9804-64F1087B6FBC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E6A79210-088A-46F7-A21A-276DF0ED9A15}" = rport=137 | protocol=17 | dir=out | app=system |
"{F0A843C2-19AC-4620-ADC6-B5223790BD9A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FF780CAC-588F-45FD-82E3-17215A32728F}" = lport=137 | protocol=17 | dir=in | app=system |
"{FFE8677F-B698-4011-B56B-F869558A29B0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0027C082-8BD9-477E-B9E4-2F8EBFFF1D00}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{00C2C8C1-819A-4A2A-ABE7-36F2D3298CAC}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{1406F495-B81C-4CEF-A9F1-ECBD904D6F7A}" = dir=in | app=c:\program files (x86)\avg\avg8\avgnsa.exe |
"{1557272E-7CE9-457B-9708-E8B7EC140346}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{16DB06EA-2315-4376-9FEB-6D767D6043CB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{1B2091DE-13AF-4ECC-8BBA-0AC896422CE7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{1BA3FB78-A1C7-4BF1-A1F6-B27745392E70}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1D368B5D-0A33-4AE3-B57E-7F424B84F2D0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{1F311C7B-C12D-49D4-A66A-0EF708BA6F25}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{1FE590B9-B7A9-43D4-A8B2-B6B6FAF77100}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{225D6E54-AC47-4154-973E-9264DD41E0CE}" = protocol=6 | dir=out | app=system |
"{239C7505-FF1B-4F68-9F92-A5C232C02EE2}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{2B803B61-9E5E-4BFC-851C-BED7AAFEAB2D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{2E47AF2D-4067-4DCD-B5B2-2C16893E0377}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{2F33C027-FDED-4768-B465-0DD36A20531C}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{2FCF675A-C2F1-4135-A079-DA416ED3A25E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{36C78463-61A4-418E-901E-398E15EA4766}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{3BECD327-EB89-4C94-AC01-13F1B3E84DB8}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{3D8D9A90-141A-4C22-8913-2280D893ED5D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{41BF99F5-D640-4034-968A-BEA784A944DE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4D6FB947-C25C-4478-B292-1D5974BAB2D1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4E12E9BC-DDA4-4D7A-8398-035AAE249D2F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4F111577-9BA1-4DE4-8952-02EC303C051D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{4F18B17A-BCBB-47AF-8E7B-F8167BC8DD90}" = protocol=17 | dir=in | app=c:\users\***\appdata\roaming\dropbox\bin\dropbox.exe |
"{557BBEC2-FCDD-473C-91B5-6B0A7E75B794}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{5957DCCB-0906-485C-B924-E411C38F78C6}" = dir=in | app=c:\program files (x86)\avg\avg8\avgam.exe |
"{613110A6-C3D3-4D93-B25B-C0F56789EB42}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{61C7D74E-1B23-4B98-BA26-E8F6E48C6D10}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{668F4751-2399-4BB2-B5A3-C54F863F43BC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{696273CF-1FEC-4407-A5C3-620AC9A8374F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6CB4BF33-1110-4FBA-AD2E-BD1A23751EB1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{706E3018-1DF6-487E-A38B-4AC00C57278A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{735FE7D3-C93C-4C8E-A57B-7627F0384356}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7F01D42A-F331-4E6A-AE1E-985E045422AF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{81DCB1B9-B147-4E2F-924D-3AA1993C852B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8A26DBF3-637E-4ED3-B530-0740C3FE19D4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8C62C77E-EF66-41D6-B2BD-71C8BA2FD81B}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{93537A02-247A-4212-8EA4-DA19EF7BD74E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9C6946B1-260D-44C1-B48E-DD18C761E684}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{A5E4D9A2-6E68-4757-8D18-308E745BAD00}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{ABDD8723-9C21-45A1-B018-3EE41D690EDC}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{B07DD698-64F0-473A-A2CB-1A032AC5C9AD}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{B0910AB2-491D-4E95-877D-94E0514781F1}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{B29D167B-A42D-485B-B1E6-ED15697FF227}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B58331DC-5861-43E6-877D-20E78948C81D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{B5D0761A-78A5-4376-8678-3C87F49E375E}" = dir=in | app=c:\program files (x86)\avg\avg8\avgemc.exe |
"{B78AA718-8F08-440C-81E6-0FF66E649C6A}" = dir=in | app=c:\program files (x86)\avg\avg8\avgdiagex.exe |
"{C03B17FE-F14C-439F-8067-3B85CD97ABDA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{C35823D7-056B-4B16-83B0-31B35D72F995}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C49F6F71-A731-47BE-858F-871C3EA6CB24}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{CA3CB06F-80B0-4F8B-AE76-02BB35BEC824}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{CB3B24CD-A5DA-4EBB-9EBA-AD64CD8A796B}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{CD618F23-07F1-47E5-BEA2-44C3F516EABB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D0E1EB2E-DED5-4221-8B29-9088984A3E59}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D348FF61-2520-41BA-AE51-84BF2F4514AE}" = dir=in | app=c:\program files (x86)\acer\acer vcm\rs_service.exe |
"{D3FF4863-5C63-4C79-9811-029FB8F1953F}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{D4D374A3-C1CE-45B7-BA7E-72E496DC1FBA}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{D5175903-0C27-4CDE-BA1D-310AE5F7FD1E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D76BAAF9-B7EF-41AA-828E-2DBC17910620}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe |
"{D788320A-7320-44FE-89C5-E1AB9FADE996}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D9578855-6560-4825-B15C-AFBA9985333D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DC75C6C3-F9B5-47AB-827E-642C6AA05F3A}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{E139200D-9A7B-480E-AF24-772CA70F527D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{E5C81FFA-8F89-4502-A0DF-8C6BB8942710}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{E6B7BDD0-1CAA-44A0-AD01-16484620125F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{ED78A844-DEF0-4866-BB36-8ED1BF4688D7}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{F0F38695-F5B7-4A30-AA3E-AC8071E14C16}" = dir=in | app=c:\program files (x86)\acer\acer vcm\vc.exe |
"{F1C568BC-6187-4BFF-BFAA-E88A003733E6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F26E96D7-3AAA-48FD-A4B6-284096BFCDC6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{F44CE39F-B46A-4B78-BDB0-FC591319BC44}" = dir=in | app=c:\program files (x86)\avg\avg8\avgupd.exe |
"{F7EBEE7E-F105-4C66-B753-157388FCE3CA}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{F9A5FBAE-5653-4414-9DED-B75D2AEC8F12}" = protocol=6 | dir=in | app=c:\users\***\appdata\roaming\dropbox\bin\dropbox.exe |
"{FA6FBE14-DD29-4E85-94AE-B7F3D8359447}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{FB0C9571-3718-4D0E-A116-AAD8BD9441EC}" = dir=in | app=c:\program files (x86)\avg\avg8\avgdiag.exe |
"{FD728F0D-7D08-45FD-8E67-F7D37ED3B13B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{FD74AA22-DE40-4565-A63C-4F482C114CAE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"TCP Query User{0770B01F-FFFA-4D7D-85F9-1103ED6CE482}C:\users\***\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\***\appdata\roaming\spotify\spotify.exe |
"TCP Query User{BE82E32C-A0D4-4B20-ABAD-A8C78FA8A999}C:\users\***\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\***\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{2B6BE537-9FD8-464E-B0CA-AC8F779BED43}C:\users\***\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\***\appdata\roaming\spotify\spotify.exe |
"UDP Query User{59913581-347E-4D32-95D5-32E48081D8CC}C:\users\***\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\***\appdata\roaming\dropbox\bin\dropbox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{17016DA1-F040-4032-BD36-34DD317BC9D5}" = HP Photosmart All-In-One Driver Software 13.0 Rel. A
"{1FBEA8BA-D40B-48BC-85BC-EE2D5575F27C}" = Microsoft SQL Server VSS Writer
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{7C39E0D1-E138-42B1-B083-213EC2CF7692}" = Microsoft SQL Server Native Client
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AD27BE4B-A261-4F0A-AB5A-476C83EDAED2}" = AVG 2013
"{F5AA006A-1ABE-4F16-B6E1-FEE1F7D38102}" = AVG 2013
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"AVG" = AVG 2013
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Recuva" = Recuva
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{1AE3E621-E0C0-4aa1-B10B-B3E353A8D110}" = c3100_Help
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2A7EF808-14F3-4E93-BE3A-1675EE5332A4}" = AIO_CDA_ProductContext
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{354038F6-0A35-4C55-A80B-F86C4C1A6D38}" = C3100
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64BE88A6-798A-075D-80CF-CC970E912C85}" = Biologie heute CD
"{65FBA21B-7F80-4E4E-B275-0958D2648F94}_is1" = Java-Editor 10.3c, 2010.08.03
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{2733AA87-26FC-41B0-9D2F-3092345BC370}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.de-de_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.de-de_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A7AEE29F-839E-46B5-B347-6D430618129F}" = AIO_CDA_Software
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{ABEE079E-648E-488B-8301-0C3DB48C1BCE}_is1" = Acer GameZone Console
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.4 MUI
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"7-Zip" = 7-Zip 9.20
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AniGra_is1" = AniGra v3.6
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2
"com.schroedel.bioheuteeinleger" = Biologie heute CD
"Derive 6" = Derive 6
"Digital Editions" = Adobe Digital Editions
"DynaGeo_is1" = DynaGeo 3.5d
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Freemake Video Converter_is1" = Freemake Video Converter Version 3.1.2
"Greenfoot_is1" = Greenfoot 2.0.1
"Identity Card" = Identity Card
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"LastFM_is1" = Last.fm Scrobbler 2.1.30
"LManager" = Launch Manager
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"Mp3tag" = Mp3tag v2.54
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"Opera 12.15.1748" = Opera 12.15
"RarZilla Free Unrar" = RarZilla Free Unrar
"TurboPlot_is1" = TurboPlot v3.7c
"VLC media player" = VLC media player 2.0.4
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 06.06.2012 13:29:22 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 06.06.2012 13:29:22 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 06.06.2012 13:29:23 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 06.06.2012 13:29:23 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 06.06.2012 13:29:25 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 06.06.2012 13:29:25 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 06.06.2012 13:29:25 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 06.06.2012 13:29:25 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 06.06.2012 13:29:52 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
Error - 06.06.2012 13:29:52 | Computer Name = ***-PC | Source = Microsoft-Windows-CAPI2 | ID = 4107
Description = Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen
Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>.
Fehler: Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum
gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
.
[ Media Center Events ]
Error - 16.12.2012 08:10:08 | Computer Name = ***-PC | Source = MCUpdate | ID = 0
Description = 13:09:38 - MCESpotlight konnte nicht abgerufen werden (Fehler: Die
zugrunde liegende Verbindung wurde geschlossen: Unbekannter Fehler beim Empfangen..)
Error - 16.12.2012 08:11:13 | Computer Name = ***-PC | Source = MCUpdate | ID = 0
Description = 13:10:38 - MCEClientUX konnte nicht abgerufen werden (Fehler: Die
zugrunde liegende Verbindung wurde geschlossen: Unbekannter Fehler beim Empfangen..)
Error - 16.12.2012 08:11:45 | Computer Name = ***-PC | Source = MCUpdate | ID = 0
Description = 13:11:43 - Broadband konnte nicht abgerufen werden (Fehler: Die zugrunde
liegende Verbindung wurde geschlossen: Unbekannter Fehler beim Empfangen..)
Error - 16.12.2012 09:13:42 | Computer Name = ***-PC | Source = MCUpdate | ID = 0
Description = 14:13:42 - Directory konnte nicht abgerufen werden (Fehler: Die zugrunde
liegende Verbindung wurde geschlossen: Unbekannter Fehler beim Empfangen..)
Error - 21.12.2012 07:49:59 | Computer Name = ***-PC | Source = MCUpdate | ID = 0
Description = 12:49:59 - Directory konnte nicht abgerufen werden (Fehler: Die zugrunde
liegende Verbindung wurde geschlossen: Unbekannter Fehler beim Empfangen..)
Error - 21.12.2012 07:52:42 | Computer Name = ***-PC | Source = MCUpdate | ID = 0
Description = 12:51:49 - MCESpotlight konnte nicht abgerufen werden (Fehler: Die
zugrunde liegende Verbindung wurde geschlossen: Unbekannter Fehler beim Empfangen..)
Error - 21.12.2012 07:53:48 | Computer Name = ***-PC | Source = MCUpdate | ID = 0
Description = 12:53:12 - MCEClientUX konnte nicht abgerufen werden (Fehler: Die
zugrunde liegende Verbindung wurde geschlossen: Unbekannter Fehler beim Empfangen..)
Error - 21.12.2012 07:54:27 | Computer Name = ***-PC | Source = MCUpdate | ID = 0
Description = 12:54:23 - Broadband konnte nicht abgerufen werden (Fehler: Die zugrunde
liegende Verbindung wurde geschlossen: Unbekannter Fehler beim Empfangen..)
Error - 02.01.2013 07:55:51 | Computer Name = ***-PC | Source = MCUpdate | ID = 0
Description = 12:55:45 - Broadband konnte nicht abgerufen werden (Fehler: Timeout
für Vorgang überschritten)
Error - 23.01.2013 07:14:40 | Computer Name = ***-PC | Source = MCUpdate | ID = 0
Description = 12:14:40 - Directory konnte nicht abgerufen werden (Fehler: Die zugrunde
liegende Verbindung wurde geschlossen: Unbekannter Fehler beim Empfangen..)
[ OSession Events ]
Error - 06.01.2012 17:52:51 | Computer Name = ***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 21
seconds with 0 seconds of active time. This session ended with a crash.
Error - 06.01.2012 17:53:49 | Computer Name = ***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.
Error - 06.01.2012 17:54:22 | Computer Name = ***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 14
seconds with 0 seconds of active time. This session ended with a crash.
Error - 06.01.2012 17:56:12 | Computer Name = ***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 28
seconds with 0 seconds of active time. This session ended with a crash.
Error - 06.01.2012 17:59:33 | Computer Name = ***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 141
seconds with 120 seconds of active time. This session ended with a crash.
Error - 06.01.2012 18:10:18 | Computer Name = ***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 22
seconds with 0 seconds of active time. This session ended with a crash.
Error - 03.06.2012 14:10:42 | Computer Name = ***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 19989 seconds with 240 seconds of active time. This session ended with a
crash.
Error - 26.07.2012 18:00:38 | Computer Name = ***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
Error - 12.09.2012 16:11:55 | Computer Name = ***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 11188
seconds with 3720 seconds of active time. This session ended with a crash.
Error - 23.11.2012 08:36:33 | Computer Name = ***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 13, Application Name: Microsoft Office OneNote, Application Version:
12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1674
seconds with 60 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 14.04.2013 04:29:03 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
Error - 14.04.2013 13:04:01 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
Error - 14.04.2013 13:05:18 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
Error - 14.04.2013 13:05:19 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
Error - 14.04.2013 13:40:01 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
Error - 14.04.2013 13:41:17 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
Error - 14.04.2013 13:41:21 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
Error - 14.04.2013 17:28:38 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
Error - 15.04.2013 03:55:12 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
Error - 15.04.2013 03:55:17 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
< End of report >
Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-04-15 14:40:08
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD32 rev.01.0 298,09GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\***\AppData\Local\Temp\kwldapow.sys
---- User code sections - GMER 2.1 ----
.text c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2280] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 69 0000000074c61465 2 bytes [C6, 74]
.text c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe[2280] C:\Windows\syswow64\psapi.dll!GetModuleInformation + 155 0000000074c614bb 2 bytes [C6, 74]
.text ... * 2
---- Files - GMER 2.1 ----
File C:\Windows\winsxs\amd64_microsoft-windows-i..l-keyboard-00010445_31bf3856ad364e35_6.1.7600.16385_none_e81b1b936f56560a 0 bytes
File C:\Windows\winsxs\amd64_microsoft-windows-i..l-keyboard-00010445_31bf3856ad364e35_6.1.7600.16385_none_e81b1b936f56560a\KBDINBE1.DLL 7168 bytes executable
File C:\Windows\winsxs\amd64_microsoft-windows-irftp.resources_31bf3856ad364e35_6.1.7600.16385_de-de_e9477992d4579b98 0 bytes
File C:\Windows\winsxs\amd64_microsoft-windows-irftp.resources_31bf3856ad364e35_6.1.7600.16385_de-de_e9477992d4579b98\irftp.exe.mui 19456 bytes executable
File C:\Windows\winsxs\amd64_microsoft-windows-i..itiator_service_mof_31bf3856ad364e35_6.1.7600.16385_none_05625057cf7e206b 0 bytes
---- EOF - GMER 2.1 ----
Fehlers fehlgeschlagen: %%5 |
|
15.04.2013, 20:55
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Kein Internetzugriff trotz Verbindung Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
15.04.2013, 22:01
| #3 |
| | Kein Internetzugriff trotz Verbindung Hallo,
__________________ich habe nur befolgt, wozu im Thread "Für alle Hilfesuchenden" aufgefordert wurde (ohne viel Ahnung von der Materie). Hab also alles gepostet, was ich an Logs erstellt hab. Virenscans hab ich davor schon (mit AVG) durchgeführt, ohne Befund. |
|
16.04.2013, 08:35
| #4 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kein Internetzugriff trotz VerbindungZitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.04.2013, 09:16
| #5 |
| | Kein Internetzugriff trotz Verbindung Hm, AVG wurde vor Kurzem geupgradet, bei dieser neuen Version finde ich auch in der Historie nichts. Bei der vorherigen gab es mal zwei Meldungen, die ich dann auch wieder für harmlos hielt (mir fiel daraufhin nichts weiter ungewöhnliches auf). Weiß leider nicht mehr, was das war. :s Ich hab zwischenzeitlich übrigens mal weiter gegooglet und festgestellt, dass ich nicht den gleichen Fehler wie dieser Herr aus dem Forum hxxp://www.traum-projekt.com/forum/66-betriebssysteme/126979-internet-verbindung-ploetzlich-weg.html#post961973 habe |
|
16.04.2013, 11:04
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kein Internetzugriff trotz Verbindung Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Bitte die drei Tools MBAR / aswMBR / TDSSkiller nun ausführen und die Logs in CODE-Tags posten MBAR (Malwarebytes Anti-Rootkit) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ --> Kein Internetzugriff trotz Verbindung |
|
16.04.2013, 13:29
| #7 |
| | Kein Internetzugriff trotz Verbindung Danke für deine schnellen Antworten. MBAR Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.05.0.1001
www.malwarebytes.org
Database version: v2013.04.16.05
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16540
*** :: ***-PC [administrator]
16.04.2013 12:43:03
mbar-log-2013-04-16 (12-43-03).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 30733
Time elapsed: 14 minute(s), 49 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-04-16 12:48:08
-----------------------------
12:48:08.694 OS Version: Windows x64 6.1.7601 Service Pack 1
12:48:08.694 Number of processors: 2 586 0x170A
12:48:08.699 ComputerName: ***-PC UserName: ***
12:48:10.156 Initialize success
13:19:35.230 AVAST engine defs: 13041600
13:25:06.799 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:25:06.804 Disk 0 Vendor: WDC_WD32 01.0 Size: 305245MB BusType: 3
13:25:06.954 Disk 0 MBR read successfully
13:25:06.959 Disk 0 MBR scan
13:25:06.969 Disk 0 Windows 7 default MBR code
13:25:06.974 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13312 MB offset 2048
13:25:06.999 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 100 MB offset 27265024
13:25:07.009 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 291831 MB offset 27469824
13:25:07.159 Disk 0 scanning C:\Windows\system32\drivers
13:25:21.336 Service scanning
13:26:03.986 Modules scanning
13:26:03.996 Disk 0 trace - called modules:
13:26:04.021 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
13:26:04.359 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80057a2060]
13:26:04.369 3 CLASSPNP.SYS[fffff8800120143f] -> nt!IofCallDriver -> [0xfffffa8004698a40]
13:26:04.379 5 ACPI.sys[fffff88000f9e7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004731050]
13:26:06.011 AVAST engine scan C:\Windows
13:26:09.538 AVAST engine scan C:\Windows\system32
13:31:49.313 AVAST engine scan C:\Windows\system32\drivers
13:32:08.244 AVAST engine scan C:\Users\***
13:58:02.753 AVAST engine scan C:\ProgramData
14:01:22.354 Scan finished successfully
14:05:44.103 Disk 0 MBR has been saved successfully to "C:\Users\***\Desktop\MBR.dat"
14:05:44.113 The log file has been saved successfully to "C:\Users\***\Desktop\aswMBR.txt"
Code:
ATTFilter 14:12:42.0218 6100 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:12:43.0030 6100 ============================================================
14:12:43.0030 6100 Current date / time: 2013/04/16 14:12:43.0030
14:12:43.0030 6100 SystemInfo:
14:12:43.0030 6100
14:12:43.0030 6100 OS Version: 6.1.7601 ServicePack: 1.0
14:12:43.0030 6100 Product type: Workstation
14:12:43.0030 6100 ComputerName: ***-PC
14:12:43.0030 6100 UserName: ***
14:12:43.0030 6100 Windows directory: C:\Windows
14:12:43.0030 6100 System windows directory: C:\Windows
14:12:43.0030 6100 Running under WOW64
14:12:43.0030 6100 Processor architecture: Intel x64
14:12:43.0030 6100 Number of processors: 2
14:12:43.0030 6100 Page size: 0x1000
14:12:43.0030 6100 Boot type: Normal boot
14:12:43.0030 6100 ============================================================
14:12:43.0669 6100 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:12:43.0685 6100 ============================================================
14:12:43.0685 6100 \Device\Harddisk0\DR0:
14:12:43.0685 6100 MBR partitions:
14:12:43.0685 6100 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
14:12:43.0685 6100 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x239FB800
14:12:43.0685 6100 ============================================================
14:12:43.0700 6100 C: <-> \Device\Harddisk0\DR0\Partition2
14:12:43.0700 6100 ============================================================
14:12:43.0700 6100 Initialize success
14:12:43.0700 6100 ============================================================
14:14:20.0155 5856 ============================================================
14:14:20.0155 5856 Scan started
14:14:20.0155 5856 Mode: Manual; SigCheck; TDLFS;
14:14:20.0155 5856 ============================================================
14:14:20.0686 5856 ================ Scan system memory ========================
14:14:20.0686 5856 System memory - ok
14:14:20.0686 5856 ================ Scan services =============================
14:14:20.0920 5856 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:14:21.0076 5856 1394ohci - ok
14:14:21.0138 5856 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:14:21.0185 5856 ACPI - ok
14:14:21.0232 5856 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:14:21.0325 5856 AcpiPmi - ok
14:14:21.0497 5856 [ 479901C99FA62D1C3261B7ACB1228DAD ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:14:21.0528 5856 AdobeFlashPlayerUpdateSvc - ok
14:14:21.0591 5856 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:14:21.0622 5856 adp94xx - ok
14:14:21.0653 5856 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:14:21.0700 5856 adpahci - ok
14:14:21.0700 5856 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:14:21.0731 5856 adpu320 - ok
14:14:21.0778 5856 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:14:21.0949 5856 AeLookupSvc - ok
14:14:22.0027 5856 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
14:14:22.0121 5856 AFD - ok
14:14:22.0168 5856 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
14:14:22.0199 5856 agp440 - ok
14:14:22.0230 5856 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
14:14:22.0324 5856 ALG - ok
14:14:22.0371 5856 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
14:14:22.0386 5856 aliide - ok
14:14:22.0402 5856 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
14:14:22.0433 5856 amdide - ok
14:14:22.0464 5856 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:14:22.0573 5856 AmdK8 - ok
14:14:22.0589 5856 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:14:22.0636 5856 AmdPPM - ok
14:14:22.0698 5856 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:14:22.0729 5856 amdsata - ok
14:14:22.0761 5856 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:14:22.0792 5856 amdsbs - ok
14:14:22.0807 5856 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:14:22.0839 5856 amdxata - ok
14:14:22.0885 5856 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
14:14:23.0104 5856 AppID - ok
14:14:23.0135 5856 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:14:23.0229 5856 AppIDSvc - ok
14:14:23.0307 5856 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
14:14:23.0369 5856 Appinfo - ok
14:14:23.0416 5856 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
14:14:23.0431 5856 arc - ok
14:14:23.0447 5856 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:14:23.0478 5856 arcsas - ok
14:14:23.0509 5856 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:14:23.0587 5856 AsyncMac - ok
14:14:23.0650 5856 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
14:14:23.0681 5856 atapi - ok
14:14:23.0759 5856 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:14:23.0884 5856 AudioEndpointBuilder - ok
14:14:23.0931 5856 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:14:24.0009 5856 AudioSrv - ok
14:14:24.0087 5856 [ 3D1FFAA3358CA0D8A298DEA8BECFC468 ] Avgfwfd C:\Windows\system32\DRIVERS\avgfwd6a.sys
14:14:24.0102 5856 Avgfwfd - ok
14:14:24.0305 5856 [ D0BE22C910E46550C6308D50DDA76B94 ] avgfws C:\Program Files (x86)\AVG\AVG2013\avgfws.exe
14:14:25.0927 5856 avgfws - ok
14:14:26.0130 5856 [ 4AFC14AFA58878FAA1D249E7E90EA54B ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe
14:14:26.0411 5856 AVGIDSAgent - ok
14:14:26.0473 5856 [ 388056EBD5FE6718FE669078DBE37897 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
14:14:26.0505 5856 AVGIDSDriver - ok
14:14:26.0551 5856 [ 550E981747D6A6C55078C77346FFC2C6 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
14:14:26.0583 5856 AVGIDSHA - ok
14:14:26.0645 5856 [ 5989592A91A17587799792A81E1541D4 ] AvgLdx64 C:\Windows\system32\DRIVERS\avgldx64.sys
14:14:26.0676 5856 AvgLdx64 - ok
14:14:26.0739 5856 [ 3FC43AA02545FCDDC22817829114DEC8 ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
14:14:26.0754 5856 Avgloga - ok
14:14:26.0832 5856 [ 841C40C193889730848849AC220D9242 ] AvgMfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
14:14:26.0848 5856 AvgMfx64 - ok
14:14:26.0879 5856 [ FE4F444DBE4BBBDFD8FECF49398DEFC7 ] AvgRkx64 C:\Windows\system32\Drivers\avgrkx64.sys
14:14:26.0910 5856 AvgRkx64 - ok
14:14:26.0941 5856 [ 6E634525613D48A1D1657FB21F21F3B2 ] AvgTdiA C:\Windows\system32\DRIVERS\avgtdia.sys
14:14:26.0973 5856 AvgTdiA - ok
14:14:27.0019 5856 [ 6B72E1E329C4E98C6B6FDD2D265E3BA3 ] avgwd C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe
14:14:27.0035 5856 avgwd - ok
14:14:27.0097 5856 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:14:27.0160 5856 AxInstSV - ok
14:14:27.0222 5856 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:14:27.0269 5856 b06bdrv - ok
14:14:27.0316 5856 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:14:27.0394 5856 b57nd60a - ok
14:14:27.0519 5856 [ B44879610F2DC4A046B14BEFA3AE72DE ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
14:14:27.0659 5856 BCM43XX - ok
14:14:27.0753 5856 [ 6163664C7E9CD110AF70180C126C3FDC ] BcmSqlStartupSvc C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
14:14:27.0784 5856 BcmSqlStartupSvc - ok
14:14:27.0815 5856 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
14:14:27.0862 5856 BDESVC - ok
14:14:27.0909 5856 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
14:14:28.0018 5856 Beep - ok
14:14:28.0096 5856 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
14:14:28.0189 5856 BFE - ok
14:14:28.0236 5856 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\System32\qmgr.dll
14:14:28.0361 5856 BITS - ok
14:14:28.0408 5856 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:14:28.0455 5856 blbdrive - ok
14:14:28.0501 5856 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:14:28.0548 5856 bowser - ok
14:14:28.0579 5856 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:14:28.0689 5856 BrFiltLo - ok
14:14:28.0720 5856 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:14:28.0751 5856 BrFiltUp - ok
14:14:28.0798 5856 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
14:14:28.0860 5856 Browser - ok
14:14:28.0891 5856 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:14:28.0938 5856 Brserid - ok
14:14:28.0954 5856 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:14:29.0001 5856 BrSerWdm - ok
14:14:29.0032 5856 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:14:29.0094 5856 BrUsbMdm - ok
14:14:29.0094 5856 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:14:29.0157 5856 BrUsbSer - ok
14:14:29.0172 5856 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:14:29.0219 5856 BTHMODEM - ok
14:14:29.0250 5856 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
14:14:29.0359 5856 bthserv - ok
14:14:29.0406 5856 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:14:29.0484 5856 cdfs - ok
14:14:29.0562 5856 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:14:29.0609 5856 cdrom - ok
14:14:29.0687 5856 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
14:14:29.0781 5856 CertPropSvc - ok
14:14:29.0827 5856 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:14:29.0874 5856 circlass - ok
14:14:29.0921 5856 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
14:14:29.0952 5856 CLFS - ok
14:14:30.0046 5856 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:14:30.0061 5856 clr_optimization_v2.0.50727_32 - ok
14:14:30.0108 5856 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:14:30.0124 5856 clr_optimization_v2.0.50727_64 - ok
14:14:30.0280 5856 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:14:30.0295 5856 clr_optimization_v4.0.30319_32 - ok
14:14:30.0373 5856 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:14:30.0389 5856 clr_optimization_v4.0.30319_64 - ok
14:14:30.0451 5856 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:14:30.0514 5856 CmBatt - ok
14:14:30.0561 5856 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:14:30.0576 5856 cmdide - ok
14:14:30.0623 5856 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
14:14:30.0717 5856 CNG - ok
14:14:30.0810 5856 [ 20F3F8674D7DEE5D90A352B775D5D5BA ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
14:14:30.0904 5856 CnxtHdAudService - ok
14:14:31.0044 5856 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:14:31.0075 5856 Compbatt - ok
14:14:31.0138 5856 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:14:31.0185 5856 CompositeBus - ok
14:14:31.0231 5856 COMSysApp - ok
14:14:31.0263 5856 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:14:31.0294 5856 crcdisk - ok
14:14:31.0403 5856 [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:14:31.0450 5856 CryptSvc - ok
14:14:31.0528 5856 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:14:31.0637 5856 DcomLaunch - ok
14:14:31.0668 5856 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
14:14:31.0762 5856 defragsvc - ok
14:14:31.0809 5856 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:14:31.0902 5856 DfsC - ok
14:14:31.0965 5856 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
14:14:32.0027 5856 Dhcp - ok
14:14:32.0058 5856 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
14:14:32.0121 5856 discache - ok
14:14:32.0152 5856 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:14:32.0183 5856 Disk - ok
14:14:32.0245 5856 [ D5BCB77BE83CF99F508943945D46343D ] DKbFltr C:\Windows\SysWOW64\Drivers\DKbFltr.sys
14:14:32.0277 5856 DKbFltr - ok
14:14:32.0339 5856 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:14:32.0401 5856 Dnscache - ok
14:14:32.0479 5856 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
14:14:32.0557 5856 dot3svc - ok
14:14:32.0620 5856 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
14:14:32.0667 5856 Dot4 - ok
14:14:32.0729 5856 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
14:14:32.0776 5856 Dot4Print - ok
14:14:32.0823 5856 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
14:14:32.0854 5856 dot4usb - ok
14:14:32.0901 5856 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
14:14:32.0994 5856 DPS - ok
14:14:33.0025 5856 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:14:33.0072 5856 drmkaud - ok
14:14:33.0135 5856 [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:14:33.0197 5856 DXGKrnl - ok
14:14:33.0259 5856 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
14:14:33.0369 5856 EapHost - ok
14:14:33.0462 5856 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:14:33.0634 5856 ebdrv - ok
14:14:33.0665 5856 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
14:14:33.0743 5856 EFS - ok
14:14:33.0837 5856 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:14:33.0899 5856 ehRecvr - ok
14:14:33.0946 5856 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
14:14:33.0977 5856 ehSched - ok
14:14:34.0024 5856 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:14:34.0055 5856 elxstor - ok
14:14:34.0149 5856 [ D3FA244EF742B359093F8596011CB815 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
14:14:34.0195 5856 ePowerSvc - ok
14:14:34.0242 5856 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:14:34.0289 5856 ErrDev - ok
14:14:34.0383 5856 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
14:14:34.0492 5856 EventSystem - ok
14:14:34.0523 5856 ew_hwusbdev - ok
14:14:34.0539 5856 ew_usbenumfilter - ok
14:14:34.0554 5856 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
14:14:34.0632 5856 exfat - ok
14:14:34.0663 5856 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:14:34.0757 5856 fastfat - ok
14:14:34.0835 5856 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
14:14:34.0897 5856 Fax - ok
14:14:34.0929 5856 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:14:34.0960 5856 fdc - ok
14:14:34.0991 5856 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
14:14:35.0069 5856 fdPHost - ok
14:14:35.0100 5856 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
14:14:35.0178 5856 FDResPub - ok
14:14:35.0209 5856 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:14:35.0225 5856 FileInfo - ok
14:14:35.0256 5856 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:14:35.0350 5856 Filetrace - ok
14:14:35.0381 5856 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:14:35.0412 5856 flpydisk - ok
14:14:35.0475 5856 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:14:35.0506 5856 FltMgr - ok
14:14:35.0584 5856 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
14:14:35.0662 5856 FontCache - ok
14:14:35.0724 5856 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:14:35.0740 5856 FontCache3.0.0.0 - ok
14:14:35.0771 5856 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:14:35.0802 5856 FsDepends - ok
14:14:35.0849 5856 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:14:35.0880 5856 Fs_Rec - ok
14:14:35.0927 5856 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:14:35.0958 5856 fvevol - ok
14:14:35.0989 5856 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:14:36.0005 5856 gagp30kx - ok
14:14:36.0067 5856 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
14:14:36.0161 5856 gpsvc - ok
14:14:36.0270 5856 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
14:14:36.0286 5856 GREGService - ok
14:14:36.0411 5856 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:14:36.0442 5856 gupdate - ok
14:14:36.0473 5856 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:14:36.0489 5856 gupdatem - ok
14:14:36.0520 5856 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:14:36.0535 5856 hcw85cir - ok
14:14:36.0613 5856 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:14:36.0660 5856 HdAudAddService - ok
14:14:36.0707 5856 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:14:36.0754 5856 HDAudBus - ok
14:14:36.0785 5856 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:14:36.0832 5856 HidBatt - ok
14:14:36.0847 5856 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:14:36.0894 5856 HidBth - ok
14:14:36.0894 5856 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:14:36.0957 5856 HidIr - ok
14:14:36.0988 5856 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
14:14:37.0066 5856 hidserv - ok
14:14:37.0144 5856 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:14:37.0159 5856 HidUsb - ok
14:14:37.0222 5856 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:14:37.0300 5856 hkmsvc - ok
14:14:37.0362 5856 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:14:37.0409 5856 HomeGroupListener - ok
14:14:37.0471 5856 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:14:37.0534 5856 HomeGroupProvider - ok
14:14:37.0659 5856 [ 1DAE5C46D42B02A6D5862E1482EFB390 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
14:14:37.0690 5856 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
14:14:37.0690 5856 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
14:14:37.0721 5856 [ 99E8EEF42FE2F4AF29B08C3355DD7685 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
14:14:37.0737 5856 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
14:14:37.0737 5856 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
14:14:37.0783 5856 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:14:37.0815 5856 HpSAMD - ok
14:14:37.0893 5856 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
14:14:37.0971 5856 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
14:14:37.0971 5856 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
14:14:38.0033 5856 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:14:38.0127 5856 HTTP - ok
14:14:38.0158 5856 huawei_cdcacm - ok
14:14:38.0173 5856 huawei_enumerator - ok
14:14:38.0173 5856 huawei_ext_ctrl - ok
14:14:38.0205 5856 huawei_wwanecm - ok
14:14:38.0251 5856 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:14:38.0267 5856 hwpolicy - ok
14:14:38.0329 5856 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:14:38.0361 5856 i8042prt - ok
14:14:38.0439 5856 [ 7548066DF68A8A1A56B043359F915F37 ] IAANTMON C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
14:14:38.0454 5856 IAANTMON - ok
14:14:38.0517 5856 [ 1D004CB1DA6323B1F55CAEF7F94B61D9 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
14:14:38.0548 5856 iaStor - ok
14:14:38.0610 5856 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:14:38.0641 5856 iaStorV - ok
14:14:38.0719 5856 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:14:38.0766 5856 idsvc - ok
14:14:38.0969 5856 [ 2D18C9E1F23970DE32D78D3B1CDDA0A7 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:14:39.0281 5856 igfx - ok
14:14:39.0328 5856 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:14:39.0343 5856 iirsp - ok
14:14:39.0406 5856 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
14:14:39.0499 5856 IKEEXT - ok
14:14:39.0531 5856 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
14:14:39.0562 5856 intelide - ok
14:14:39.0593 5856 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:14:39.0624 5856 intelppm - ok
14:14:39.0655 5856 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:14:39.0733 5856 IPBusEnum - ok
14:14:39.0780 5856 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:14:39.0858 5856 IpFilterDriver - ok
14:14:39.0921 5856 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:14:39.0999 5856 iphlpsvc - ok
14:14:40.0045 5856 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:14:40.0092 5856 IPMIDRV - ok
14:14:40.0123 5856 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:14:40.0217 5856 IPNAT - ok
14:14:40.0233 5856 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:14:40.0311 5856 IRENUM - ok
14:14:40.0357 5856 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:14:40.0389 5856 isapnp - ok
14:14:40.0420 5856 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:14:40.0451 5856 iScsiPrt - ok
14:14:40.0545 5856 [ 213822072085B5BBAD9AF30AB577D817 ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
14:14:40.0560 5856 IviRegMgr - ok
14:14:40.0607 5856 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
14:14:40.0638 5856 kbdclass - ok
14:14:40.0669 5856 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:14:40.0701 5856 kbdhid - ok
14:14:40.0732 5856 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
14:14:40.0763 5856 KeyIso - ok
14:14:40.0810 5856 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:14:40.0825 5856 KSecDD - ok
14:14:40.0872 5856 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:14:40.0903 5856 KSecPkg - ok
14:14:40.0935 5856 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:14:41.0028 5856 ksthunk - ok
14:14:41.0059 5856 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
14:14:41.0137 5856 KtmRm - ok
14:14:41.0215 5856 [ 9C46A5421DE9D116C47155317CABB522 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
14:14:41.0262 5856 L1C - ok
14:14:41.0340 5856 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:14:41.0434 5856 LanmanServer - ok
14:14:41.0481 5856 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:14:41.0559 5856 LanmanWorkstation - ok
14:14:41.0621 5856 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:14:41.0730 5856 lltdio - ok
14:14:41.0761 5856 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:14:41.0855 5856 lltdsvc - ok
14:14:41.0871 5856 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:14:41.0933 5856 lmhosts - ok
14:14:41.0964 5856 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:14:41.0995 5856 LSI_FC - ok
14:14:42.0011 5856 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:14:42.0042 5856 LSI_SAS - ok
14:14:42.0058 5856 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:14:42.0073 5856 LSI_SAS2 - ok
14:14:42.0089 5856 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:14:42.0120 5856 LSI_SCSI - ok
14:14:42.0136 5856 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
14:14:42.0229 5856 luafv - ok
14:14:42.0261 5856 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:14:42.0307 5856 Mcx2Svc - ok
14:14:42.0323 5856 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:14:42.0354 5856 megasas - ok
14:14:42.0354 5856 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:14:42.0385 5856 MegaSR - ok
14:14:42.0495 5856 [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
14:14:42.0510 5856 Microsoft Office Groove Audit Service - ok
14:14:42.0541 5856 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
14:14:42.0635 5856 MMCSS - ok
14:14:42.0682 5856 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
14:14:42.0760 5856 Modem - ok
14:14:42.0791 5856 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:14:42.0822 5856 monitor - ok
14:14:42.0853 5856 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:14:42.0885 5856 mouclass - ok
14:14:42.0916 5856 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:14:42.0947 5856 mouhid - ok
14:14:42.0994 5856 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:14:43.0009 5856 mountmgr - ok
14:14:43.0072 5856 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
14:14:43.0103 5856 mpio - ok
14:14:43.0134 5856 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:14:43.0212 5856 mpsdrv - ok
14:14:43.0275 5856 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:14:43.0368 5856 MpsSvc - ok
14:14:43.0415 5856 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:14:43.0462 5856 MRxDAV - ok
14:14:43.0509 5856 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:14:43.0587 5856 mrxsmb - ok
14:14:43.0633 5856 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:14:43.0665 5856 mrxsmb10 - ok
14:14:43.0680 5856 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:14:43.0727 5856 mrxsmb20 - ok
14:14:43.0758 5856 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
14:14:43.0789 5856 msahci - ok
14:14:43.0805 5856 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:14:43.0836 5856 msdsm - ok
14:14:43.0867 5856 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
14:14:43.0899 5856 MSDTC - ok
14:14:43.0945 5856 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:14:44.0008 5856 Msfs - ok
14:14:44.0023 5856 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:14:44.0101 5856 mshidkmdf - ok
14:14:44.0133 5856 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:14:44.0164 5856 msisadrv - ok
14:14:44.0211 5856 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:14:44.0289 5856 MSiSCSI - ok
14:14:44.0304 5856 msiserver - ok
14:14:44.0335 5856 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:14:44.0413 5856 MSKSSRV - ok
14:14:44.0429 5856 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:14:44.0507 5856 MSPCLOCK - ok
14:14:44.0523 5856 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:14:44.0616 5856 MSPQM - ok
14:14:44.0663 5856 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:14:44.0694 5856 MsRPC - ok
14:14:44.0741 5856 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:14:44.0772 5856 mssmbios - ok
14:14:44.0835 5856 MSSQL$MSSMLBIZ - ok
14:14:44.0897 5856 [ 1D89EB4E2A99CABD4E81225F4F4C4B25 ] MSSQLServerADHelper c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqladhlp90.exe
14:14:44.0913 5856 MSSQLServerADHelper - ok
14:14:44.0944 5856 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:14:45.0022 5856 MSTEE - ok
14:14:45.0037 5856 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:14:45.0084 5856 MTConfig - ok
14:14:45.0115 5856 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
14:14:45.0147 5856 Mup - ok
14:14:45.0193 5856 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
14:14:45.0287 5856 napagent - ok
14:14:45.0381 5856 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:14:45.0427 5856 NativeWifiP - ok
14:14:45.0474 5856 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:14:45.0537 5856 NDIS - ok
14:14:45.0568 5856 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:14:45.0646 5856 NdisCap - ok
14:14:45.0677 5856 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:14:45.0755 5856 NdisTapi - ok
14:14:45.0817 5856 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:14:45.0880 5856 Ndisuio - ok
14:14:45.0911 5856 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:14:45.0989 5856 NdisWan - ok
14:14:46.0036 5856 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:14:46.0129 5856 NDProxy - ok
14:14:46.0207 5856 [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:14:46.0207 5856 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:14:46.0207 5856 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:14:46.0270 5856 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:14:46.0332 5856 NetBIOS - ok
14:14:46.0379 5856 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:14:46.0457 5856 NetBT - ok
14:14:46.0473 5856 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
14:14:46.0504 5856 Netlogon - ok
14:14:46.0566 5856 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
14:14:46.0675 5856 Netman - ok
14:14:46.0722 5856 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
14:14:46.0831 5856 netprofm - ok
14:14:46.0863 5856 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:14:46.0878 5856 NetTcpPortSharing - ok
14:14:47.0097 5856 [ 4D85A450EDEF10C38882182753A49AAE ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
14:14:47.0377 5856 NETw5s64 - ok
14:14:47.0533 5856 [ 64428DFDAF6E88366CB51F45A79C5F69 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
14:14:47.0736 5856 netw5v64 - ok
14:14:47.0752 5856 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:14:47.0783 5856 nfrd960 - ok
14:14:47.0845 5856 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:14:47.0892 5856 NlaSvc - ok
14:14:47.0923 5856 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:14:47.0986 5856 Npfs - ok
14:14:48.0033 5856 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
14:14:48.0111 5856 nsi - ok
14:14:48.0126 5856 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:14:48.0204 5856 nsiproxy - ok
14:14:48.0282 5856 [ B8965FB53551B5455630A4B804D0791F ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:14:48.0391 5856 Ntfs - ok
14:14:48.0501 5856 [ 28C59F594044CBF8598B18C927097091 ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
14:14:48.0532 5856 NTIBackupSvc - ok
14:14:48.0579 5856 [ 710263B44C1D1AEE07525A53401FBE48 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
14:14:48.0594 5856 NTIDrvr - ok
14:14:48.0657 5856 [ B8D903B2894FF9AFBD99CA51C35590D7 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
14:14:48.0735 5856 NTISchedulerSvc - ok
14:14:48.0781 5856 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
14:14:48.0859 5856 Null - ok
14:14:48.0922 5856 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:14:48.0953 5856 nvraid - ok
14:14:49.0015 5856 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:14:49.0047 5856 nvstor - ok
14:14:49.0078 5856 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:14:49.0109 5856 nv_agp - ok
14:14:49.0203 5856 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:14:49.0234 5856 odserv - ok
14:14:49.0265 5856 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:14:49.0312 5856 ohci1394 - ok
14:14:49.0359 5856 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:14:49.0374 5856 ose - ok
14:14:49.0452 5856 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:14:49.0483 5856 p2pimsvc - ok
14:14:49.0530 5856 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
14:14:49.0561 5856 p2psvc - ok
14:14:49.0593 5856 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:14:49.0624 5856 Parport - ok
14:14:49.0655 5856 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:14:49.0686 5856 partmgr - ok
14:14:49.0733 5856 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:14:49.0795 5856 PcaSvc - ok
14:14:49.0827 5856 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
14:14:49.0858 5856 pci - ok
14:14:49.0889 5856 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
14:14:49.0905 5856 pciide - ok
14:14:49.0951 5856 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:14:49.0983 5856 pcmcia - ok
14:14:49.0983 5856 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
14:14:50.0014 5856 pcw - ok
14:14:50.0045 5856 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:14:50.0139 5856 PEAUTH - ok
14:14:50.0248 5856 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:14:50.0295 5856 PerfHost - ok
14:14:50.0373 5856 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
14:14:50.0513 5856 pla - ok
14:14:50.0591 5856 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:14:50.0653 5856 PlugPlay - ok
14:14:50.0700 5856 [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:14:50.0731 5856 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:14:50.0731 5856 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:14:50.0778 5856 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:14:50.0825 5856 PNRPAutoReg - ok
14:14:50.0872 5856 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:14:50.0903 5856 PNRPsvc - ok
14:14:50.0965 5856 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:14:51.0043 5856 PolicyAgent - ok
14:14:51.0106 5856 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
14:14:51.0215 5856 Power - ok
14:14:51.0262 5856 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:14:51.0340 5856 PptpMiniport - ok
14:14:51.0371 5856 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:14:51.0418 5856 Processor - ok
14:14:51.0480 5856 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
14:14:51.0527 5856 ProfSvc - ok
14:14:51.0558 5856 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:14:51.0574 5856 ProtectedStorage - ok
14:14:51.0636 5856 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:14:51.0714 5856 Psched - ok
14:14:51.0792 5856 [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
14:14:51.0808 5856 PSI_SVC_2 - ok
14:14:51.0886 5856 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:14:51.0979 5856 ql2300 - ok
14:14:52.0026 5856 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:14:52.0057 5856 ql40xx - ok
14:14:52.0073 5856 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
14:14:52.0120 5856 QWAVE - ok
14:14:52.0151 5856 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:14:52.0198 5856 QWAVEdrv - ok
14:14:52.0229 5856 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:14:52.0307 5856 RasAcd - ok
14:14:52.0354 5856 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:14:52.0432 5856 RasAgileVpn - ok
14:14:52.0447 5856 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
14:14:52.0525 5856 RasAuto - ok
14:14:52.0541 5856 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:14:52.0635 5856 Rasl2tp - ok
14:14:52.0681 5856 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
14:14:52.0759 5856 RasMan - ok
14:14:52.0806 5856 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:14:52.0884 5856 RasPppoe - ok
14:14:52.0900 5856 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:14:52.0978 5856 RasSstp - ok
14:14:53.0025 5856 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:14:53.0118 5856 rdbss - ok
14:14:53.0134 5856 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:14:53.0181 5856 rdpbus - ok
14:14:53.0196 5856 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:14:53.0274 5856 RDPCDD - ok
14:14:53.0305 5856 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:14:53.0383 5856 RDPENCDD - ok
14:14:53.0399 5856 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:14:53.0461 5856 RDPREFMP - ok
14:14:53.0508 5856 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:14:53.0555 5856 RDPWD - ok
14:14:53.0617 5856 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:14:53.0649 5856 rdyboost - ok
14:14:53.0664 5856 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:14:53.0742 5856 RemoteAccess - ok
14:14:53.0773 5856 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:14:53.0851 5856 RemoteRegistry - ok
14:14:53.0883 5856 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:14:53.0976 5856 RpcEptMapper - ok
14:14:54.0007 5856 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
14:14:54.0054 5856 RpcLocator - ok
14:14:54.0101 5856 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
14:14:54.0179 5856 RpcSs - ok
14:14:54.0226 5856 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:14:54.0319 5856 rspndr - ok
14:14:54.0366 5856 [ A5DF2F732A6C95554E548FCB6932BD31 ] RSUSBSTOR C:\Windows\system32\Drivers\RtsUStor.sys
14:14:54.0382 5856 RSUSBSTOR - ok
14:14:54.0475 5856 [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A ] RS_Service C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
14:14:54.0507 5856 RS_Service - ok
14:14:54.0553 5856 RtsUIR - ok
14:14:54.0585 5856 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
14:14:54.0600 5856 SamSs - ok
14:14:54.0663 5856 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:14:54.0694 5856 sbp2port - ok
14:14:54.0725 5856 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:14:54.0803 5856 SCardSvr - ok
14:14:54.0850 5856 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:14:54.0912 5856 scfilter - ok
14:14:54.0975 5856 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
14:14:55.0115 5856 Schedule - ok
14:14:55.0162 5856 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
14:14:55.0224 5856 SCPolicySvc - ok
14:14:55.0271 5856 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:14:55.0318 5856 SDRSVC - ok
14:14:55.0380 5856 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:14:55.0443 5856 secdrv - ok
14:14:55.0489 5856 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
14:14:55.0583 5856 seclogon - ok
14:14:55.0614 5856 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
14:14:55.0708 5856 SENS - ok
14:14:55.0739 5856 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:14:55.0755 5856 SensrSvc - ok
14:14:55.0801 5856 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:14:55.0833 5856 Serenum - ok
14:14:55.0848 5856 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:14:55.0895 5856 Serial - ok
14:14:55.0942 5856 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:14:55.0989 5856 sermouse - ok
14:14:56.0051 5856 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
14:14:56.0129 5856 SessionEnv - ok
14:14:56.0160 5856 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:14:56.0207 5856 sffdisk - ok
14:14:56.0223 5856 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:14:56.0269 5856 sffp_mmc - ok
14:14:56.0285 5856 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:14:56.0332 5856 sffp_sd - ok
14:14:56.0363 5856 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:14:56.0410 5856 sfloppy - ok
14:14:56.0441 5856 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:14:56.0535 5856 SharedAccess - ok
14:14:56.0581 5856 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:14:56.0659 5856 ShellHWDetection - ok
14:14:56.0691 5856 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:14:56.0706 5856 SiSRaid2 - ok
14:14:56.0722 5856 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:14:56.0753 5856 SiSRaid4 - ok
14:14:56.0769 5856 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:14:56.0831 5856 Smb - ok
14:14:56.0878 5856 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:14:56.0925 5856 SNMPTRAP - ok
14:14:56.0940 5856 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
14:14:56.0971 5856 spldr - ok
14:14:57.0034 5856 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
14:14:57.0065 5856 Spooler - ok
14:14:57.0190 5856 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
14:14:57.0393 5856 sppsvc - ok
14:14:57.0424 5856 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:14:57.0502 5856 sppuinotify - ok
14:14:57.0549 5856 [ 86EBD8B1F23E743AAD21F4D5B4D40985 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
14:14:57.0580 5856 SQLBrowser - ok
14:14:57.0705 5856 [ 3C432A96363097870995E2A3C8B66ABD ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
14:14:57.0736 5856 SQLWriter - ok
14:14:57.0798 5856 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
14:14:57.0861 5856 srv - ok
14:14:57.0876 5856 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:14:57.0923 5856 srv2 - ok
14:14:57.0923 5856 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:14:57.0970 5856 srvnet - ok
14:14:58.0032 5856 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:14:58.0141 5856 SSDPSRV - ok
14:14:58.0173 5856 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:14:58.0235 5856 SstpSvc - ok
14:14:58.0282 5856 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:14:58.0297 5856 stexstor - ok
14:14:58.0360 5856 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
14:14:58.0407 5856 stisvc - ok
14:14:58.0453 5856 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
14:14:58.0485 5856 swenum - ok
14:14:58.0547 5856 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
14:14:58.0656 5856 swprv - ok
14:14:58.0734 5856 [ DDBE73EA697AB792A049D2126B951E29 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
14:14:58.0828 5856 SynTP - ok
14:14:58.0906 5856 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
14:14:59.0015 5856 SysMain - ok
14:14:59.0062 5856 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:14:59.0093 5856 TabletInputService - ok
14:14:59.0155 5856 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
14:14:59.0233 5856 TapiSrv - ok
14:14:59.0280 5856 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
14:14:59.0374 5856 TBS - ok
14:14:59.0467 5856 [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:14:59.0561 5856 Tcpip - ok
14:14:59.0639 5856 [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:14:59.0717 5856 TCPIP6 - ok
14:14:59.0764 5856 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:14:59.0779 5856 tcpipreg - ok
14:14:59.0826 5856 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:14:59.0857 5856 TDPIPE - ok
14:14:59.0904 5856 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:14:59.0951 5856 TDTCP - ok
14:14:59.0998 5856 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:15:00.0076 5856 tdx - ok
14:15:00.0091 5856 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
14:15:00.0123 5856 TermDD - ok
14:15:00.0185 5856 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
14:15:00.0279 5856 TermService - ok
14:15:00.0325 5856 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
14:15:00.0372 5856 Themes - ok
14:15:00.0403 5856 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
14:15:00.0481 5856 THREADORDER - ok
14:15:00.0528 5856 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
14:15:00.0622 5856 TrkWks - ok
14:15:00.0700 5856 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:15:00.0809 5856 TrustedInstaller - ok
14:15:00.0856 5856 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:15:00.0918 5856 tssecsrv - ok
14:15:00.0981 5856 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:15:01.0027 5856 TsUsbFlt - ok
14:15:01.0105 5856 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:15:01.0199 5856 tunnel - ok
14:15:01.0246 5856 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:15:01.0261 5856 uagp35 - ok
14:15:01.0293 5856 [ 40079B0B801C5432BA435B5AD61CE6E3 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
14:15:01.0308 5856 UBHelper - ok
14:15:01.0355 5856 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:15:01.0449 5856 udfs - ok
14:15:01.0495 5856 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:15:01.0527 5856 UI0Detect - ok
14:15:01.0558 5856 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:15:01.0573 5856 uliagpkx - ok
14:15:01.0636 5856 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
14:15:01.0667 5856 umbus - ok
14:15:01.0698 5856 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:15:01.0729 5856 UmPass - ok
14:15:01.0839 5856 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
14:15:01.0854 5856 Updater Service - ok
14:15:01.0932 5856 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
14:15:02.0010 5856 upnphost - ok
14:15:02.0073 5856 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:15:02.0104 5856 usbccgp - ok
14:15:02.0135 5856 USBCCID - ok
14:15:02.0197 5856 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:15:02.0229 5856 usbcir - ok
14:15:02.0260 5856 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:15:02.0307 5856 usbehci - ok
14:15:02.0353 5856 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:15:02.0400 5856 usbhub - ok
14:15:02.0416 5856 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:15:02.0463 5856 usbohci - ok
14:15:02.0494 5856 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:15:02.0541 5856 usbprint - ok
14:15:02.0603 5856 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:15:02.0634 5856 usbscan - ok
14:15:02.0650 5856 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:15:02.0697 5856 USBSTOR - ok
14:15:02.0728 5856 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:15:02.0775 5856 usbuhci - ok
14:15:02.0837 5856 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
14:15:02.0868 5856 usbvideo - ok
14:15:02.0915 5856 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
14:15:02.0993 5856 UxSms - ok
14:15:03.0024 5856 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
14:15:03.0055 5856 VaultSvc - ok
14:15:03.0102 5856 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:15:03.0118 5856 vdrvroot - ok
14:15:03.0180 5856 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
14:15:03.0274 5856 vds - ok
14:15:03.0321 5856 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:15:03.0352 5856 vga - ok
14:15:03.0383 5856 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
14:15:03.0461 5856 VgaSave - ok
14:15:03.0508 5856 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:15:03.0523 5856 vhdmp - ok
14:15:03.0586 5856 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
14:15:03.0601 5856 viaide - ok
14:15:03.0633 5856 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:15:03.0664 5856 volmgr - ok
14:15:03.0679 5856 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:15:03.0726 5856 volmgrx - ok
14:15:03.0742 5856 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:15:03.0773 5856 volsnap - ok
14:15:03.0820 5856 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:15:03.0835 5856 vsmraid - ok
14:15:03.0929 5856 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
14:15:04.0054 5856 VSS - ok
14:15:04.0085 5856 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:15:04.0132 5856 vwifibus - ok
14:15:04.0163 5856 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:15:04.0194 5856 vwififlt - ok
14:15:04.0241 5856 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
14:15:04.0319 5856 W32Time - ok
14:15:04.0335 5856 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:15:04.0381 5856 WacomPen - ok
14:15:04.0444 5856 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:15:04.0522 5856 WANARP - ok
14:15:04.0522 5856 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:15:04.0584 5856 Wanarpv6 - ok
14:15:04.0662 5856 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
14:15:04.0756 5856 wbengine - ok
14:15:04.0787 5856 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:15:04.0818 5856 WbioSrvc - ok
14:15:04.0865 5856 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:15:04.0912 5856 wcncsvc - ok
14:15:04.0943 5856 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:15:04.0974 5856 WcsPlugInService - ok
14:15:04.0990 5856 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:15:05.0021 5856 Wd - ok
14:15:05.0083 5856 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:15:05.0130 5856 Wdf01000 - ok
14:15:05.0177 5856 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:15:05.0239 5856 WdiServiceHost - ok
14:15:05.0239 5856 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:15:05.0286 5856 WdiSystemHost - ok
14:15:05.0333 5856 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
14:15:05.0395 5856 WebClient - ok
14:15:05.0411 5856 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:15:05.0489 5856 Wecsvc - ok
14:15:05.0536 5856 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:15:05.0629 5856 wercplsupport - ok
14:15:05.0676 5856 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
14:15:05.0754 5856 WerSvc - ok
14:15:05.0785 5856 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:15:05.0863 5856 WfpLwf - ok
14:15:05.0879 5856 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:15:05.0910 5856 WIMMount - ok
14:15:05.0926 5856 WinDefend - ok
14:15:05.0941 5856 WinHttpAutoProxySvc - ok
14:15:06.0035 5856 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:15:06.0129 5856 Winmgmt - ok
14:15:06.0222 5856 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
14:15:06.0378 5856 WinRM - ok
14:15:06.0456 5856 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:15:06.0503 5856 WinUsb - ok
14:15:06.0565 5856 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
14:15:06.0643 5856 Wlansvc - ok
14:15:06.0706 5856 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:15:06.0737 5856 WmiAcpi - ok
14:15:06.0799 5856 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:15:06.0846 5856 wmiApSrv - ok
14:15:06.0877 5856 WMPNetworkSvc - ok
14:15:06.0893 5856 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:15:06.0924 5856 WPCSvc - ok
14:15:06.0971 5856 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:15:07.0002 5856 WPDBusEnum - ok
14:15:07.0049 5856 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:15:07.0127 5856 ws2ifsl - ok
14:15:07.0143 5856 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\System32\wscsvc.dll
14:15:07.0189 5856 wscsvc - ok
14:15:07.0205 5856 WSearch - ok
14:15:07.0314 5856 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
14:15:07.0486 5856 wuauserv - ok
14:15:07.0533 5856 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:15:07.0564 5856 WudfPf - ok
14:15:07.0611 5856 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:15:07.0642 5856 WUDFRd - ok
14:15:07.0673 5856 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:15:07.0704 5856 wudfsvc - ok
14:15:07.0767 5856 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
14:15:07.0813 5856 WwanSvc - ok
14:15:07.0860 5856 ================ Scan global ===============================
14:15:07.0891 5856 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:15:07.0938 5856 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
14:15:07.0954 5856 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
14:15:08.0016 5856 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:15:08.0063 5856 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:15:08.0063 5856 [Global] - ok
14:15:08.0063 5856 ================ Scan MBR ==================================
14:15:08.0110 5856 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:15:08.0578 5856 \Device\Harddisk0\DR0 - ok
14:15:08.0578 5856 ================ Scan VBR ==================================
14:15:08.0578 5856 [ D0BF517B22F6EBE4365BAC843FF5AC2A ] \Device\Harddisk0\DR0\Partition1
14:15:08.0578 5856 \Device\Harddisk0\DR0\Partition1 - ok
14:15:08.0609 5856 [ CB6707EC7E313A42A94E4C49B52C168B ] \Device\Harddisk0\DR0\Partition2
14:15:08.0625 5856 \Device\Harddisk0\DR0\Partition2 - ok
14:15:08.0625 5856 ============================================================
14:15:08.0625 5856 Scan finished
14:15:08.0625 5856 ============================================================
14:15:08.0640 5484 Detected object count: 5
14:15:08.0640 5484 Actual detected object count: 5
14:15:48.0124 5484 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
14:15:48.0124 5484 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:15:48.0139 5484 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:15:48.0139 5484 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:15:48.0139 5484 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
14:15:48.0139 5484 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:15:48.0139 5484 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:15:48.0139 5484 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:15:48.0139 5484 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:15:48.0139 5484 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
14:16:15.0159 5956 Deinitialize success
|
|
16.04.2013, 13:57
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kein Internetzugriff trotz Verbindung Dann bitte jetzt Combofix ausführen: Scan mit Combofix
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.04.2013, 14:39
| #9 |
| | Kein Internetzugriff trotz VerbindungCode:
ATTFilter ComboFix 13-04-15.01 - *** 16.04.2013 15:14:57.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.3997.2416 [GMT 2:00]
ausgeführt von:: c:\users\***\Desktop\ComboFix.exe
AV: AVG Anti-Virus plus Firewall *Disabled/Updated* {0C939084-9E57-CBDB-EA61-0B0C7F62AF82}
AV: AVG Internet Security 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
FW: AVG Firewall *Disabled* {34A811A1-D438-CA83-C13E-A23981B1E8F9}
FW: AVG Internet Security 2013 *Disabled* {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
SP: AVG Anti-Virus plus Firewall *Disabled/Updated* {B7F27160-B86D-C455-D0D1-307E04E5E53F}
SP: AVG Internet Security 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-03-16 bis 2013-04-16 ))))))))))))))))))))))))))))))
.
.
2013-04-16 13:23 . 2013-04-16 13:23 -------- d-----w- c:\users\Gast\AppData\Local\temp
2013-04-16 13:23 . 2013-04-16 13:23 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-04-16 10:24 . 2013-04-16 10:24 -------- d-----w- c:\programdata\Malwarebytes
2013-04-15 08:20 . 2013-04-15 08:20 26520 ----a-w- c:\program files (x86)\Mozilla Firefox\plugin-hang-ui.exe
2013-04-10 08:29 . 2013-02-15 06:08 44032 ----a-w- c:\windows\system32\tsgqec.dll
2013-04-10 08:29 . 2013-02-15 06:02 158720 ----a-w- c:\windows\system32\aaclient.dll
2013-04-10 08:29 . 2013-02-15 04:34 131584 ----a-w- c:\windows\SysWow64\aaclient.dll
2013-04-10 08:29 . 2013-02-15 03:25 36864 ----a-w- c:\windows\SysWow64\tsgqec.dll
2013-04-10 08:29 . 2013-02-15 06:06 3717632 ----a-w- c:\windows\system32\mstscax.dll
2013-04-10 08:29 . 2013-02-15 04:37 3217408 ----a-w- c:\windows\SysWow64\mstscax.dll
2013-04-10 08:27 . 2013-03-01 03:36 3153408 ----a-w- c:\windows\system32\win32k.sys
2013-04-10 08:27 . 2013-03-02 06:04 1655656 ----a-w- c:\windows\system32\drivers\ntfs.sys
2013-04-10 08:21 . 2013-01-24 06:01 223752 ----a-w- c:\windows\system32\drivers\fvevol.sys
2013-04-10 08:21 . 2013-03-19 06:04 5550424 ----a-w- c:\windows\system32\ntoskrnl.exe
2013-04-10 08:21 . 2013-03-19 05:04 3968856 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe
2013-04-10 08:21 . 2013-03-19 05:46 43520 ----a-w- c:\windows\system32\csrsrv.dll
2013-04-10 08:21 . 2013-03-19 05:04 3913560 ----a-w- c:\windows\SysWow64\ntoskrnl.exe
2013-04-10 08:21 . 2013-03-19 04:47 6656 ----a-w- c:\windows\SysWow64\apisetschema.dll
2013-04-10 08:21 . 2013-03-19 03:06 112640 ----a-w- c:\windows\system32\smss.exe
2013-04-02 11:45 . 2013-04-13 11:59 -------- d-----w- c:\users\***\AppData\Roaming\Mp3tag
2013-04-02 11:41 . 2013-04-02 11:41 -------- d-----w- c:\program files (x86)\Mp3tag
2013-03-31 12:29 . 2013-03-31 12:44 -------- d-----w- c:\users\***\.android
2013-03-30 13:28 . 2013-03-30 13:28 -------- d-----w- c:\users\***\Podcasts
2013-03-30 13:24 . 2013-03-30 13:31 -------- d-----w- c:\users\***\AppData\Local\Sony
2013-03-30 13:24 . 2013-03-30 15:59 -------- d-----w- c:\program files (x86)\Common Files\Sony Shared
2013-03-30 13:24 . 2013-03-30 13:24 -------- d-----w- c:\programdata\Sony Corporation
2013-03-30 13:15 . 2013-03-30 15:56 -------- d-----w- c:\program files (x86)\Sony
2013-03-30 13:14 . 2013-03-30 13:31 -------- d-----w- c:\users\***\AppData\Roaming\Sony
2013-03-30 13:14 . 2013-03-30 13:15 -------- d-----w- c:\program files (x86)\Sony Media Go Install
2013-03-30 09:13 . 2013-03-30 09:13 -------- d-----w- c:\windows\SysWow64\wbem\en-US
2013-03-30 09:13 . 2013-03-30 09:13 -------- d-----w- c:\windows\system32\wbem\en-US
2013-03-26 19:41 . 2013-03-26 19:41 -------- d-----w- c:\users\***\AppData\Roaming\AVG
2013-03-26 19:37 . 2013-03-26 19:43 -------- d-----w- c:\programdata\AVG
2013-03-26 19:32 . 2013-03-26 19:32 -------- d-----w- c:\users\Default\AppData\Roaming\TuneUp Software
2013-03-26 19:25 . 2013-03-26 19:25 -------- d-sh--w- c:\programdata\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F}
2013-03-26 18:28 . 2013-03-26 18:28 -------- d-----w- c:\users\***\AppData\Roaming\TuneUp Software
2013-03-26 18:27 . 2013-03-26 18:27 -------- d-----w- C:\$AVG
2013-03-26 18:25 . 2013-04-16 09:11 -------- d-----w- c:\programdata\MFAData
2013-03-26 18:25 . 2013-03-26 19:28 -------- d-----w- c:\users\***\AppData\Local\Avg2013
2013-03-26 18:25 . 2013-03-26 18:25 -------- d--h--w- c:\programdata\Common Files
2013-03-26 18:25 . 2013-03-26 18:25 -------- d-----w- c:\users\***\AppData\Local\MFAData
2013-03-26 12:53 . 2013-03-15 06:28 9311288 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{029FDC28-30AE-4D94-B4D5-7104F2E624A2}\mpengine.dll
2013-03-24 10:33 . 2013-03-24 10:33 -------- d-----w- c:\users\***\AppData\Roaming\com.schroedel.bioheuteeinleger
2013-03-24 10:32 . 2013-03-24 10:32 -------- d-----w- c:\program files (x86)\Schroedel
2013-03-20 20:05 . 2013-02-12 04:12 19968 ----a-w- c:\windows\system32\drivers\usb8023.sys
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-04-11 08:16 . 2012-04-07 08:18 691592 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-04-11 08:16 . 2011-05-23 19:17 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-04-10 20:56 . 2011-02-01 16:15 72702784 ----a-w- c:\windows\system32\MRT.exe
2013-02-12 05:45 . 2013-03-14 06:49 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2013-02-12 05:45 . 2013-03-14 06:49 308736 ----a-w- c:\windows\apppatch\AppPatch64\AcGenral.dll
2013-02-12 05:45 . 2013-03-14 06:49 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2013-02-12 05:45 . 2013-03-14 06:49 111104 ----a-w- c:\windows\apppatch\AppPatch64\acspecfc.dll
2013-02-12 04:48 . 2013-03-14 06:49 474112 ----a-w- c:\windows\apppatch\AcSpecfc.dll
2013-02-12 04:48 . 2013-03-14 06:49 2176512 ----a-w- c:\windows\apppatch\AcGenral.dll
2013-02-05 05:58 . 2013-02-05 05:58 95648 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-02-05 05:58 . 2012-09-01 21:46 861088 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2013-02-05 05:58 . 2011-01-30 13:41 782240 ----a-w- c:\windows\SysWow64\deployJava1.dll
2013-01-17 00:28 . 2011-03-20 16:19 273840 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 129272 ----a-w- c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2010-09-02 13351304]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Spotify Web Helper"="c:\users\***\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2013-04-11 1104280]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2009-09-24 825864]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"AVG_UI"="c:\program files (x86)\AVG\AVG2013\avgui.exe" [2012-12-11 3147384]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"Z1"="c:\users\***\Desktop\mbar-1.05.0.1001\mbar\mbar.exe" [2013-03-22 1398856]
.
c:\users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe [2013-3-12 29106336]
OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk - c:\program files (x86)\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2010-4-8 704032]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
.
R2 AVGIDSAgent;AVGIDSAgent;c:\program files (x86)\AVG\AVG2013\avgidsagent.exe [2012-11-15 5814904]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [x]
R3 ew_usbenumfilter;huawei_CompositeFilter;c:\windows\system32\DRIVERS\ew_usbenumfilter.sys [x]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [x]
R3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [x]
R3 huawei_ext_ctrl;huawei_ext_ctrl;c:\windows\system32\DRIVERS\ew_juextctrl.sys [x]
R3 huawei_wwanecm;huawei_wwanecm;c:\windows\system32\DRIVERS\ew_juwwanecm.sys [x]
R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;c:\windows\system32\DRIVERS\NETw5s64.sys [2009-09-15 6952960]
R3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;c:\windows\system32\DRIVERS\netw5v64.sys [2009-06-10 5434368]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2010-04-16 50432]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys [2009-06-24 216576]
R3 RtsUIR;Realtek IR Driver;c:\windows\system32\DRIVERS\Rts516xIR.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S0 AVGIDSHA;AVGIDSHA;c:\windows\system32\DRIVERS\avgidsha.sys [2012-10-15 63328]
S0 Avgloga;AVG Logging Driver;c:\windows\system32\DRIVERS\avgloga.sys [2012-09-21 225120]
S0 AvgMfx64;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\DRIVERS\avgmfx64.sys [2012-11-15 111968]
S0 AvgRkx64;AVG Anti-Rootkit Driver;c:\windows\System32\Drivers\avgrkx64.sys [2012-09-14 40800]
S1 Avgfwfd;AVG network filter service;c:\windows\system32\DRIVERS\avgfwd6a.sys [2012-09-04 50296]
S1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\DRIVERS\avgidsdrivera.sys [2012-10-22 154464]
S1 AvgLdx64;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx64.sys [2012-10-02 185696]
S1 AvgTdiA;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdia.sys [2012-09-21 200032]
S2 avgfws;AVG Firewall;c:\program files (x86)\AVG\AVG2013\avgfws.exe [2012-12-10 1342024]
S2 avgwd;AVG WatchDog;c:\program files (x86)\AVG\AVG2013\avgwdsvc.exe [2012-10-22 196664]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2010-02-26 841248]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2010-04-16 144640]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2009-11-13 67072]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 53231499
*NewlyCreated* - ASWMBR
*Deregistered* - 53231499
*Deregistered* - aswMBR
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2013-04-16 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-07 08:16]
.
2013-04-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-29 16:38]
.
2013-04-16 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-29 16:38]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32 162552 ----a-w- c:\users\***\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="c:\program files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2009-07-20 503864]
"Acer ePower Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2010-02-26 818720]
"PLFSetI"="c:\windows\PLFSetI.exe" [2009-12-14 206072]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-02 159232]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-02 380928]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-02 358912]
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - LocalService
FontCache
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = about:blank
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\***\AppData\Roaming\Mozilla\Firefox\Profiles\wslbkwjy.default\
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: !HIDDEN! 2011-02-01 22:56; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-04-16 15:26:44
ComboFix-quarantined-files.txt 2013-04-16 13:26
.
Vor Suchlauf: 9 Verzeichnis(se), 174.614.564.864 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 174.374.322.176 Bytes frei
.
- - End Of File - - F7CB671068F422D034CADA45AF170E2D
|
|
16.04.2013, 15:13
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kein Internetzugriff trotz Verbindung JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
16.04.2013, 16:16
| #11 |
| | Kein Internetzugriff trotz Verbindung JRT Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.3 (04.05.2013:1)
OS: Windows 7 Home Premium x64
Ran by *** on 16.04.2013 at 16:19:22,94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] hkey_current_user\software\softonic
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduit
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\softonic_ggl_1_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\softonic_ggl_1_rasmancs
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\Users\***\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\***\appdata\locallow\softonic"
Failed to delete: [Folder] "C:\Program Files (x86)\icq6toolbar"
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{05BD5F76-39DC-4A50-AE2D-E3D9A18F4628}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{0B711627-1824-4261-A4C9-08C82B1EEF32}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{0C4711E1-B58F-48C8-9649-EE47E3E4BD1E}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{0E47855D-BA0B-4633-9BAF-A40898820D1C}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{0F4F7389-8887-457B-9B7A-C75D1FB077D2}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{134DE70A-96CA-4D28-BC1B-38B554E5AE5A}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{1F25026A-A020-4581-A11D-018DED159244}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{2A794871-9412-4F80-A733-525CC88FFFCE}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{2C820DA7-D70B-4D08-8AEA-CA7AE5BA94F8}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{2F872082-3DD2-4CC7-9ADE-1A1CFE1E04E0}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{366465DB-FDB6-4051-B911-7E7BD1567F54}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{3909437A-C3F8-466B-B7FB-28C1A3BB6C17}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{39F3CDAA-943B-4828-A531-F07AAC1A1AF0}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{3E322BB2-5D01-483B-AB4E-6C2F722334B2}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{410B9730-2F71-41B4-9885-6885F10A36CC}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{41B853B5-962E-49A3-8FD7-F38C1CE73F50}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{42379285-6C4F-479C-968B-42F28E6956F4}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{43E9FFB2-47F0-41BE-9058-08CA893BB0AF}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{4449FA34-9B4A-4E12-B6CC-515A4979EDC4}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{499D8808-6119-4E70-94A2-603EEFAEDF0B}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{4CFEBD6B-57E6-4803-8BA8-15B0E269AD5A}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{4ED856DD-79ED-42E6-AC05-FBC0241745A8}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{4FE2D869-CCDF-4C6A-AED0-5BF4D497950C}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{502BA589-1270-4B26-8373-11198C0B9F8C}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{57F21B14-72BE-4E31-BE67-43E5FD3770C3}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{5A9D2181-2F54-488D-AC6D-C499DDD3124A}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{5F1756CC-8CC7-47AE-82B4-7F72EA132749}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{65C9D907-95A7-4568-88D8-53A989BF3C16}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{66523735-19D0-4A48-A3C7-21E4E76BD07B}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{6F48D116-755C-406A-8B95-D00FB52C10B3}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{6FD8692C-671A-4A76-90FF-38F5EDF04764}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{70D0CB77-B64A-4561-9F64-588CB21B5EE9}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{71FAE2B6-B675-4867-8CD9-6DF435FDF8EC}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{722E18DB-6FB8-4042-93F5-CE806A60848D}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{76822C73-26A6-4234-A198-0D67E915F9AE}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{8093EE5C-932F-45B3-9D07-0F282092BF32}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{83C1E8DA-CED6-45CC-B378-783463295561}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{89CF99E8-B6EE-4B91-A03E-570A814CF2C2}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{8BF564BE-D796-4F44-94EA-9C582436F9C3}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{8D9F963C-BCAE-4431-9E71-0FB40465FA72}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{90625142-4BAC-4774-A18D-7CA9B0B2F5FC}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{942E84C6-3FBF-4227-A68C-93B9E40A472C}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{946DC9CE-86C3-4A4D-846D-2CBED6797CBF}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{9FD45BA4-F210-42FC-882A-FD68A3CD6CF6}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{A057F712-7FBD-47C6-94C5-65D2DEF2CA06}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{A10FE078-615C-414F-93E4-52C1C0E89178}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{A24A5074-71F9-47A5-A38F-F409F4F9FBAE}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{A4C2A157-612F-43D0-B795-11BF037CD28D}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{A4DA0E05-CF2D-4FA1-ADBA-B8983B6B94AF}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{A61EDED7-E764-4182-82E5-476DDA6248B1}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{A6BBEF7A-7E68-4C3D-B411-4FCC19248838}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{AE3E0232-0EC8-4314-9869-4FDE7A8B0F4D}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{B1717678-F95A-42FF-9B62-94C06F0F93D0}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{BAED5C5E-AEDC-4BAD-B49F-78FE76F71FB3}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{BC06486F-166B-4FBE-A77F-AF34F763F241}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{BC41D226-16F3-474F-A085-778E5DC001B1}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{BE1B7B79-DAE1-45B5-94C7-878AED0F6907}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{BECE633F-8687-484A-9F04-3B3D2A9D71BB}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{BFD80E8C-EB26-461E-ADFC-1245424451A4}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{C53B6A53-DA7E-4EAD-B331-52D8E0CFB2B3}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{CB83CD4B-B7C0-44C5-B306-B4C8712EE71C}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{CE9ADAD1-46DA-4E52-9021-FECAD958B347}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{D28385A3-9BE8-4919-B0AA-C8C35CB12D9F}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{D64FE46B-2A64-4681-89CE-4ED668B56A6A}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{D6EEA0A4-9C07-4C92-8D1B-451AF37D98BB}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{D87FD0B9-844E-4E67-A94E-4D264AEA633A}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{E01E247E-61C6-4F20-BA06-2F81F6262914}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{E4368A7A-A211-47D9-956F-19C60FC9C3F5}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{E4496525-7016-4CD5-8D9A-F7C29BEA5477}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{ED5D8E7F-101E-49CF-A9DE-37C1A09D7405}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{ED91BDAE-3927-4DDB-9F0A-0C1818B4F3C0}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{F3B35D8F-A19F-47FF-BD8F-1C82FE4B79E4}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{F430F257-30D6-4AD7-873E-F0612B7DB5E2}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{F620DF8F-B19A-490F-8BD0-07F3340DA9DE}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{F770A20B-9796-48DF-98A1-7C218F72CB48}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{FB88EA59-CDD7-4BCE-90F5-00274003C58A}
Successfully deleted: [Empty Folder] C:\Users\***\appdata\local\{FFF905BA-8451-4E3A-B121-99F6AC2256F2}
~~~ FireFox
Successfully deleted: [File] C:\user.js
Emptied folder: C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\wslbkwjy.default\minidumps [31 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 16.04.2013 at 16:29:35,79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter # AdwCleaner v2.200 - Datei am 16/04/2013 um 16:41:27 erstellt
# Aktualisiert am 02/04/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : *** - ***-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\***\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\wslbkwjy.default\foxydeal.sqlite
Gelöscht mit Neustart : C:\Program Files (x86)\ICQ6Toolbar
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\Users\***\AppData\Local\PackageAware
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16537
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - ICQ Search] = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd --> hxxp://www.google.com
-\\ Mozilla Firefox v20.0.1 (de)
Datei : C:\Users\***\AppData\Roaming\Mozilla\Firefox\Profiles\wslbkwjy.default\prefs.js
[OK] Die Datei ist sauber.
Datei : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\qj6c35yz.default\prefs.js
[OK] Die Datei ist sauber.
-\\ Opera v12.15.1748.0
Datei : C:\Users\***\AppData\Roaming\Opera\Opera\operaprefs.ini
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [2051 octets] - [16/04/2013 16:41:27]
########## EOF - C:\AdwCleaner[S1].txt - [2111 octets] ##########
Code:
ATTFilter OTL logfile created on: 16.04.2013 16:49:20 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,90 Gb Total Physical Memory | 2,59 Gb Available Physical Memory | 66,31% Memory free 7,80 Gb Paging File | 6,38 Gb Available in Paging File | 81,80% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 284,99 Gb Total Space | 162,45 Gb Free Space | 57,00% Space Free | Partition Type: NTFS Computer Name: ***-PC | User Name: *** | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\***\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Users\***\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) PRC - C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated) PRC - C:\Program Files (x86)\Acer\Acer VCM\VC.exe (Acer Incoporated) PRC - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated) PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Group) PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated) PRC - C:\Windows\PLFSetI.exe () PRC - C:\Program Files (x86)\Launch Manager\LManager.EXE (Dritek System Inc.) PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) PRC - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) ========== Modules (No Company Name) ========== MOD - C:\Windows\PLFSetI.exe () ========== Services (SafeList) ========== SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (avgfws) -- C:\Program Files (x86)\AVG\AVG2013\avgfws.exe (AVG Technologies CZ, s.r.o.) SRV - (AVGIDSAgent) -- C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe (AVG Technologies CZ, s.r.o.) SRV - (avgwd) -- C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (SQLWriter) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ePowerSvc) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated) SRV - (RS_Service) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated) SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Group) SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (IAANTMON) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (BcmSqlStartupSvc) -- C:\Program Files (x86)\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe (Microsoft Corporation) SRV - (PSI_SVC_2) -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.) SRV - (IviRegMgr) -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe (InterVideo) ========== Driver Services (SafeList) ========== DRV:64bit: - (AvgMfx64) -- C:\Windows\SysNative\drivers\avgmfx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (AVGIDSDriver) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys (AVG Technologies CZ, s.r.o. ) DRV:64bit: - (AVGIDSHA) -- C:\Windows\SysNative\drivers\avgidsha.sys (AVG Technologies CZ, s.r.o. ) DRV:64bit: - (AvgLdx64) -- C:\Windows\SysNative\drivers\avgldx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (AvgTdiA) -- C:\Windows\SysNative\drivers\avgtdia.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (Avgloga) -- C:\Windows\SysNative\drivers\avgloga.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (AvgRkx64) -- C:\Windows\SysNative\drivers\avgrkx64.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (Avgfwfd) -- C:\Windows\SysNative\drivers\avgfwd6a.sys (AVG Technologies CZ, s.r.o.) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NTI Corporation) DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NTI Corporation) DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.) DRV:64bit: - (NETw5s64) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation) DRV:64bit: - (CnxtHdAudService) -- C:\Windows\SysNative\drivers\CHDRT64.sys (Conexant Systems Inc.) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.) DRV:64bit: - (netw5v64) -- C:\Windows\SysNative\drivers\netw5v64.sys (Intel Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (DKbFltr) -- C:\Windows\SysWOW64\drivers\DKbFltr.sys (Dritek System Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3475164740-3824372139-2480031196-1004\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-3475164740-3824372139-2480031196-1004\..\URLSearchHook: - No CLSID value found IE - HKU\S-1-5-21-3475164740-3824372139-2480031196-1004\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found IE - HKU\S-1-5-21-3475164740-3824372139-2480031196-1004\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-3475164740-3824372139-2480031196-1004\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-3475164740-3824372139-2480031196-1004\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE416DE416 IE - HKU\S-1-5-21-3475164740-3824372139-2480031196-1004\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-3475164740-3824372139-2480031196-1004\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.14 FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.8 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - prefs.js..network.proxy.type: 0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_169.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll File not found FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.02.01 23:56:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files (x86)\AVG\AVG8\Firefox [2011.03.21 19:34:09 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1d5287d1-8a92-0001-1f31-1cec198018d8}: C:\Program Files (x86)\AVG\AVG8\ToolbarFF [2011.03.20 16:40:15 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.15 10:20:11 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.24 11:26:00 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.02.01 23:56:09 | 000,000,000 | ---D | M] [2012.10.19 15:57:18 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Extensions [2013.04.15 10:20:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\wslbkwjy.default\extensions [2013.02.26 19:17:33 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\wslbkwjy.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013.04.15 10:20:14 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\***\AppData\Roaming\mozilla\Firefox\Profiles\wslbkwjy.default\extensions\ich@maltegoetz.de [2013.02.08 08:49:39 | 000,698,764 | ---- | M] () (No name found) -- C:\Users\***\AppData\Roaming\mozilla\firefox\profiles\wslbkwjy.default\extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2012.10.19 15:56:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions [2013.04.15 10:20:11 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2012.10.11 04:10:32 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.10.11 04:10:32 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2012.10.11 04:10:32 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2012.10.11 04:10:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2012.10.11 04:10:32 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2012.10.11 04:10:32 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml O1 HOSTS File: ([2013.04.16 15:23:10 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files (x86)\AVG\AVG8\avgtoolbar.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\Program Files (x86)\AVG\AVG8\avgtoolbar.dll (AVG Technologies CZ, s.r.o.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKU\S-1-5-21-3475164740-3824372139-2480031196-1004\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [cAudioFilterAgent] C:\Programme\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe (Conexant Systems, Inc.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2013\avgui.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.EXE (Dritek System Inc.) O4 - HKU\S-1-5-21-3475164740-3824372139-2480031196-1004..\Run: [Spotify Web Helper] C:\Users\***\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O4 - Startup: C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\***\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3475164740-3824372139-2480031196-1004\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-3475164740-3824372139-2480031196-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.) O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.) O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Java Plug-in 10.13.2) O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (WRC Class) O16 - DPF: {CAFEEFAC-0017-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Java Plug-in 1.7.0_13) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_13-windows-i586.cab (Java Plug-in 1.7.0_13) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{62084AAF-243D-458F-BBCC-D9B8F02B7453}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{ED8E7DFB-10A1-4B65-A2C8-4E8A3BAA9833}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\linkscanner - No CLSID value found O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG8\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.04.16 16:19:20 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.04.16 16:19:09 | 000,000,000 | ---D | C] -- C:\JRT [2013.04.16 16:17:10 | 000,551,587 | ---- | C] (Oleg N. Scherbakov) -- C:\Users\***\Desktop\JRT.exe [2013.04.16 15:33:34 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013.04.16 15:11:18 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013.04.16 15:11:18 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013.04.16 15:11:18 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013.04.16 15:11:04 | 000,000,000 | ---D | C] -- C:\Qoobox [2013.04.16 15:10:48 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013.04.16 15:06:12 | 005,054,270 | R--- | C] (Swearware) -- C:\Users\***\Desktop\ComboFix.exe [2013.04.16 14:07:14 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\***\Desktop\tdsskiller.exe [2013.04.16 12:44:59 | 004,745,728 | ---- | C] (AVAST Software) -- C:\Users\***\Desktop\aswMBR.exe [2013.04.16 12:24:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.04.16 12:22:37 | 000,000,000 | ---D | C] -- C:\Users\***\Desktop\mbar-1.05.0.1001 [2013.04.14 19:54:10 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2013.04.10 22:54:24 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.04.10 22:54:24 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.04.10 22:54:24 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.04.10 22:54:23 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.04.10 22:54:23 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.04.10 22:54:23 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.04.10 22:54:23 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.04.10 22:54:23 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.04.10 22:54:23 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.04.10 22:54:23 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.04.10 22:54:23 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.04.10 22:54:22 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.04.10 22:54:20 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.04.10 22:54:20 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.04.10 22:54:19 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.04.10 10:29:25 | 000,158,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll [2013.04.10 10:29:25 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll [2013.04.10 10:29:25 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll [2013.04.10 10:29:25 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll [2013.04.10 10:29:24 | 003,717,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2013.04.10 10:29:24 | 003,217,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2013.04.10 10:21:47 | 005,550,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013.04.10 10:21:45 | 003,968,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013.04.10 10:21:44 | 003,913,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2013.04.10 10:21:44 | 000,112,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe [2013.04.10 10:21:44 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2013.04.10 10:21:44 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll [2013.04.07 13:59:22 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Freemake_do_not_remove_this_folder635009399622121950 [2013.04.07 12:48:34 | 000,000,000 | -H-D | C] -- C:\Users\***\Documents\Freemake_do_not_remove_this_folder [2013.04.07 12:03:07 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\Freemake [2013.04.02 13:45:59 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Mp3tag [2013.04.02 13:41:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mp3tag [2013.03.31 14:29:44 | 000,000,000 | ---D | C] -- C:\Users\***\.android [2013.03.30 15:28:03 | 000,000,000 | ---D | C] -- C:\Users\***\Podcasts [2013.03.30 15:24:26 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Sony [2013.03.30 15:24:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Sony Shared [2013.03.30 15:24:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation [2013.03.30 15:15:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony [2013.03.30 15:14:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony Media Go Install [2013.03.30 15:14:57 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Sony [2013.03.30 01:10:29 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013.03.30 01:10:29 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013.03.30 01:10:29 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013.03.30 01:10:28 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013.03.30 01:10:28 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013.03.30 01:10:28 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013.03.30 01:10:28 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013.03.30 01:10:28 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013.03.30 01:10:28 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.03.30 01:10:28 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013.03.30 01:10:27 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.03.30 01:10:27 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013.03.30 01:10:27 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013.03.30 01:10:27 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013.03.30 01:10:27 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013.03.30 01:10:27 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013.03.30 01:10:27 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013.03.30 01:10:26 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.03.30 01:10:26 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013.03.30 01:10:26 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013.03.30 01:10:26 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013.03.30 01:10:26 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.03.30 01:10:26 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013.03.30 01:10:26 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013.03.30 01:10:26 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013.03.30 01:10:25 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013.03.30 01:10:25 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013.03.30 01:10:25 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013.03.30 01:10:25 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013.03.30 01:10:25 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013.03.30 01:10:24 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013.03.30 01:10:24 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013.03.30 01:10:24 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013.03.30 01:10:24 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.03.30 01:10:24 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013.03.30 01:10:23 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.03.30 01:10:23 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013.03.30 01:10:23 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.03.30 01:10:23 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013.03.30 01:10:22 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.03.30 01:10:22 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013.03.30 01:10:22 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013.03.30 01:10:21 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.03.30 01:10:21 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013.03.30 01:10:21 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013.03.30 01:10:21 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013.03.30 01:10:21 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013.03.30 01:10:21 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013.03.30 01:10:21 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013.03.30 01:10:20 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013.03.30 01:10:20 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013.03.30 01:10:20 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013.03.30 01:10:20 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013.03.26 21:42:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp [2013.03.26 21:41:51 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\AVG [2013.03.26 21:37:41 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG [2013.03.26 21:32:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG [2013.03.26 21:25:32 | 000,000,000 | -HSD | C] -- C:\ProgramData\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} [2013.03.26 20:28:43 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\AVG2013 [2013.03.26 20:28:05 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\TuneUp Software [2013.03.26 20:27:32 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG2013 [2013.03.26 20:27:32 | 000,000,000 | ---D | C] -- C:\$AVG [2013.03.26 20:25:51 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2013.03.26 20:25:51 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\MFAData [2013.03.26 20:25:51 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData [2013.03.26 20:25:51 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Avg2013 [2013.03.26 20:25:16 | 000,000,000 | ---D | C] -- C:\ProgramData\AVG8UPG [2013.03.24 12:33:31 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\com.schroedel.bioheuteeinleger [2013.03.24 12:33:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Schroedel [2013.03.24 12:32:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Schroedel [2013.03.20 22:05:07 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys ========== Files - Modified Within 30 Days ========== [2013.04.16 16:52:56 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.04.16 16:52:56 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.04.16 16:44:55 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.04.16 16:44:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.04.16 16:44:04 | 3143,311,360 | -HS- | M] () -- C:\hiberfil.sys [2013.04.16 16:28:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.04.16 16:20:11 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.04.16 16:17:43 | 000,613,083 | ---- | M] () -- C:\Users\***\Desktop\adwcleaner.exe [2013.04.16 16:17:25 | 000,551,587 | ---- | M] (Oleg N. Scherbakov) -- C:\Users\***\Desktop\JRT.exe [2013.04.16 15:23:10 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013.04.16 15:08:02 | 005,054,270 | R--- | M] (Swearware) -- C:\Users\***\Desktop\ComboFix.exe [2013.04.16 14:08:02 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\***\Desktop\tdsskiller.exe [2013.04.16 14:05:44 | 000,000,512 | ---- | M] () -- C:\Users\***\Desktop\MBR.dat [2013.04.16 12:46:43 | 004,745,728 | ---- | M] (AVAST Software) -- C:\Users\***\Desktop\aswMBR.exe [2013.04.16 12:22:09 | 012,917,756 | ---- | M] () -- C:\Users\***\Desktop\mbar-1.05.0.1001.zip [2013.04.15 14:43:02 | 705,616,237 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.04.15 13:33:19 | 000,000,000 | ---- | M] () -- C:\Users\***\defogger_reenable [2013.04.14 19:55:22 | 000,377,856 | ---- | M] () -- C:\Users\***\Desktop\gmer_2.1.19163.exe [2013.04.14 19:54:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe [2013.04.14 19:51:51 | 000,050,477 | ---- | M] () -- C:\Users\***\Desktop\Defogger.exe [2013.04.13 13:11:10 | 001,646,182 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.04.13 13:11:10 | 000,711,370 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.04.13 13:11:10 | 000,662,950 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.04.13 13:11:10 | 000,153,766 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.04.13 13:11:10 | 000,124,144 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.04.11 10:16:34 | 000,691,592 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.04.11 10:16:34 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.04.11 09:50:00 | 000,450,416 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.03.30 20:02:15 | 000,000,928 | ---- | M] () -- C:\Windows\wininit.ini [2013.03.30 20:02:03 | 000,001,051 | ---- | M] () -- C:\Users\***\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013.03.30 01:10:29 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013.03.30 01:10:29 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013.03.30 01:10:29 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013.03.30 01:10:28 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013.03.30 01:10:28 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013.03.30 01:10:28 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013.03.30 01:10:28 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013.03.30 01:10:28 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013.03.30 01:10:28 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013.03.30 01:10:28 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013.03.30 01:10:27 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013.03.30 01:10:27 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013.03.30 01:10:27 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013.03.30 01:10:27 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013.03.30 01:10:27 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013.03.30 01:10:27 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013.03.30 01:10:27 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013.03.30 01:10:26 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013.03.30 01:10:26 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013.03.30 01:10:26 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013.03.30 01:10:26 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013.03.30 01:10:26 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013.03.30 01:10:26 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013.03.30 01:10:26 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013.03.30 01:10:26 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013.03.30 01:10:25 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013.03.30 01:10:25 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013.03.30 01:10:25 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013.03.30 01:10:25 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013.03.30 01:10:25 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013.03.30 01:10:25 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013.03.30 01:10:24 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013.03.30 01:10:24 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013.03.30 01:10:24 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013.03.30 01:10:24 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013.03.30 01:10:24 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013.03.30 01:10:24 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013.03.30 01:10:23 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013.03.30 01:10:23 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013.03.30 01:10:23 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013.03.30 01:10:23 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013.03.30 01:10:22 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013.03.30 01:10:22 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013.03.30 01:10:22 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013.03.30 01:10:21 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013.03.30 01:10:21 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013.03.30 01:10:21 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013.03.30 01:10:21 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013.03.30 01:10:21 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013.03.30 01:10:21 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013.03.30 01:10:21 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013.03.30 01:10:20 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013.03.30 01:10:20 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013.03.30 01:10:20 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013.03.30 01:10:20 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013.03.29 08:42:11 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013.03.28 15:49:53 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2013.03.26 09:08:59 | 068,106,125 | ---- | M] () -- C:\Windows\SysNative\drivers\Avg\incavi.avm [2013.03.23 23:44:29 | 000,205,007 | ---- | M] () -- C:\Users\***\Documents\wie ich denke und arbeite.pdf [2013.03.23 23:44:15 | 000,177,073 | ---- | M] () -- C:\Users\***\Documents\was ich beruflich tun will.pdf [2013.03.23 23:44:02 | 000,201,084 | ---- | M] () -- C:\Users\***\Documents\was ich lernen möchte.pdf [2013.03.19 08:04:06 | 005,550,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe [2013.03.19 07:46:56 | 000,043,520 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\csrsrv.dll [2013.03.19 07:04:13 | 003,968,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe [2013.03.19 07:04:10 | 003,913,560 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe [2013.03.19 06:47:50 | 000,006,656 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\apisetschema.dll [2013.03.19 05:06:33 | 000,112,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\smss.exe ========== Files Created - No Company Name ========== [2013.04.16 16:17:29 | 000,613,083 | ---- | C] () -- C:\Users\***\Desktop\adwcleaner.exe [2013.04.16 15:11:18 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013.04.16 15:11:18 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013.04.16 15:11:18 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013.04.16 15:11:18 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013.04.16 15:11:18 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013.04.16 14:05:44 | 000,000,512 | ---- | C] () -- C:\Users\***\Desktop\MBR.dat [2013.04.16 12:17:35 | 012,917,756 | ---- | C] () -- C:\Users\***\Desktop\mbar-1.05.0.1001.zip [2013.04.15 14:43:02 | 705,616,237 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013.04.15 13:33:19 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable [2013.04.14 19:55:14 | 000,377,856 | ---- | C] () -- C:\Users\***\Desktop\gmer_2.1.19163.exe [2013.04.14 19:51:49 | 000,050,477 | ---- | C] () -- C:\Users\***\Desktop\Defogger.exe [2013.03.30 01:10:25 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2013.03.30 01:10:24 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2013.03.29 08:42:11 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013.03.28 15:49:53 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf [2013.03.23 23:44:25 | 000,205,007 | ---- | C] () -- C:\Users\***\Documents\wie ich denke und arbeite.pdf [2013.03.23 23:44:11 | 000,177,073 | ---- | C] () -- C:\Users\***\Documents\was ich beruflich tun will.pdf [2013.03.23 23:43:57 | 000,201,084 | ---- | C] () -- C:\Users\***\Documents\was ich lernen möchte.pdf [2013.01.17 18:19:58 | 000,000,025 | ---- | C] () -- C:\Windows\libem.INI [2012.09.16 17:04:42 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2012.04.28 22:53:47 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys [2012.04.18 17:17:34 | 000,000,032 | ---- | C] () -- C:\Users\***\.simfy [2012.02.09 22:28:07 | 000,000,928 | ---- | C] () -- C:\Windows\wininit.ini [2011.10.12 13:44:11 | 000,001,484 | ---- | C] () -- C:\Users\***\AppData\Local\RecConfig.xml [2011.09.28 14:53:41 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll [2011.07.11 20:20:25 | 000,007,597 | ---- | C] () -- C:\Users\***\AppData\Local\Resmon.ResmonCfg ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Alternate Data Streams ========== @Alternate Data Stream - 145 bytes -> C:\ProgramData\TEMP:AB689DEA @Alternate Data Stream - 141 bytes -> C:\ProgramData\TEMP:93EB7685 @Alternate Data Stream - 135 bytes -> C:\ProgramData\TEMP:0B9176C0 @Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:ABE89FFE @Alternate Data Stream - 132 bytes -> C:\ProgramData\TEMP:5D7E5A8F @Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:798A3728 @Alternate Data Stream - 125 bytes -> C:\ProgramData\TEMP:4D066AD2 < End of report > Code:
ATTFilter OTL Extras logfile created on: 16.04.2013 16:49:20 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,90 Gb Total Physical Memory | 2,59 Gb Available Physical Memory | 66,31% Memory free
7,80 Gb Paging File | 6,38 Gb Available in Paging File | 81,80% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 284,99 Gb Total Space | 162,45 Gb Free Space | 57,00% Space Free | Partition Type: NTFS
Computer Name: ***-PC | User Name: *** | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe" = C:\Program Files (x86)\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0A6F1B75-D14F-4F4D-B191-D41FBC58649E}" = lport=2869 | protocol=6 | dir=in | app=system |
"{160ADF36-4F7B-4BFD-89A4-76C639FBD244}" = lport=445 | protocol=6 | dir=in | app=system |
"{29B97E47-A8C2-474F-B0BE-735F14536C59}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2B305541-BB27-409A-AD6C-279D8F805FA4}" = rport=445 | protocol=6 | dir=out | app=system |
"{2B805934-E6E4-4499-88E3-40D13A6DBA2C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{47C75FE9-E253-4DAF-A0C3-B4F79FDF4304}" = lport=10243 | protocol=6 | dir=in | app=system |
"{557ED309-A573-4C9B-9C80-3FAA6084FB12}" = rport=10243 | protocol=6 | dir=out | app=system |
"{560255F6-5018-4872-80C2-8FD8E917CCCB}" = rport=138 | protocol=17 | dir=out | app=system |
"{6E8DD6E8-AA13-412F-B205-2C0B38052040}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{70A14002-2E1C-4E22-A9CC-552EB8A26883}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{7453025E-8FD5-486D-A98C-23503F335797}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{8D75CA33-5784-4368-B8E1-5A6F9DC6C5E9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{900B9342-D4A0-46B1-8FD7-AC183BC6D42F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A58BC693-22C4-4A86-BF71-14645956F399}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{A69C2847-A6C9-4C49-9914-CD3591615591}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B90FDFC9-D695-4531-809F-FF62A88E2CA1}" = lport=139 | protocol=6 | dir=in | app=system |
"{BF874C2C-A9F4-4D7E-9019-80CD84632668}" = rport=139 | protocol=6 | dir=out | app=system |
"{C63F41A4-0B09-4C3D-B0AB-D814BCEF644F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{C73E3AC6-0796-4EED-A864-3DB92AEFEE04}" = lport=138 | protocol=17 | dir=in | app=system |
"{D13618A8-32F1-495C-96C9-85C02D22B3D3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{DD5F9242-6CEA-4C7C-97B2-5F3F0FAF39B4}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E3BB3E0B-61C7-4AE5-9804-64F1087B6FBC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E6A79210-088A-46F7-A21A-276DF0ED9A15}" = rport=137 | protocol=17 | dir=out | app=system |
"{F0A843C2-19AC-4620-ADC6-B5223790BD9A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FF780CAC-588F-45FD-82E3-17215A32728F}" = lport=137 | protocol=17 | dir=in | app=system |
"{FFE8677F-B698-4011-B56B-F869558A29B0}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0027C082-8BD9-477E-B9E4-2F8EBFFF1D00}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe |
"{00C2C8C1-819A-4A2A-ABE7-36F2D3298CAC}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{1406F495-B81C-4CEF-A9F1-ECBD904D6F7A}" = dir=in | app=c:\program files (x86)\avg\avg8\avgnsa.exe |
"{1557272E-7CE9-457B-9708-E8B7EC140346}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{16DB06EA-2315-4376-9FEB-6D767D6043CB}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqfxt08.exe |
"{1B2091DE-13AF-4ECC-8BBA-0AC896422CE7}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxs08.exe |
"{1BA3FB78-A1C7-4BF1-A1F6-B27745392E70}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1D368B5D-0A33-4AE3-B57E-7F424B84F2D0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe |
"{1F311C7B-C12D-49D4-A66A-0EF708BA6F25}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqcopy2.exe |
"{1FE590B9-B7A9-43D4-A8B2-B6B6FAF77100}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe |
"{225D6E54-AC47-4154-973E-9264DD41E0CE}" = protocol=6 | dir=out | app=system |
"{239C7505-FF1B-4F68-9F92-A5C232C02EE2}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{2B803B61-9E5E-4BFC-851C-BED7AAFEAB2D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposfx08.exe |
"{2E47AF2D-4067-4DCD-B5B2-2C16893E0377}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe |
"{2F33C027-FDED-4768-B465-0DD36A20531C}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{2FCF675A-C2F1-4135-A079-DA416ED3A25E}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe |
"{36C78463-61A4-418E-901E-398E15EA4766}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{3BECD327-EB89-4C94-AC01-13F1B3E84DB8}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{3D8D9A90-141A-4C22-8913-2280D893ED5D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe |
"{41BF99F5-D640-4034-968A-BEA784A944DE}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4D6FB947-C25C-4478-B292-1D5974BAB2D1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{4E12E9BC-DDA4-4D7A-8398-035AAE249D2F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4F111577-9BA1-4DE4-8952-02EC303C051D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe |
"{4F18B17A-BCBB-47AF-8E7B-F8167BC8DD90}" = protocol=17 | dir=in | app=c:\users\***\appdata\roaming\dropbox\bin\dropbox.exe |
"{557BBEC2-FCDD-473C-91B5-6B0A7E75B794}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{5957DCCB-0906-485C-B924-E411C38F78C6}" = dir=in | app=c:\program files (x86)\avg\avg8\avgam.exe |
"{613110A6-C3D3-4D93-B25B-C0F56789EB42}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{61C7D74E-1B23-4B98-BA26-E8F6E48C6D10}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{668F4751-2399-4BB2-B5A3-C54F863F43BC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe |
"{696273CF-1FEC-4407-A5C3-620AC9A8374F}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{6CB4BF33-1110-4FBA-AD2E-BD1A23751EB1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqsudi.exe |
"{706E3018-1DF6-487E-A38B-4AC00C57278A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe |
"{735FE7D3-C93C-4C8E-A57B-7627F0384356}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{7F01D42A-F331-4E6A-AE1E-985E045422AF}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{81DCB1B9-B147-4E2F-924D-3AA1993C852B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{8A26DBF3-637E-4ED3-B530-0740C3FE19D4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8C62C77E-EF66-41D6-B2BD-71C8BA2FD81B}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{93537A02-247A-4212-8EA4-DA19EF7BD74E}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9C6946B1-260D-44C1-B48E-DD18C761E684}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{A5E4D9A2-6E68-4757-8D18-308E745BAD00}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpofxm08.exe |
"{ABDD8723-9C21-45A1-B018-3EE41D690EDC}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{B07DD698-64F0-473A-A2CB-1A032AC5C9AD}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{B0910AB2-491D-4E95-877D-94E0514781F1}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{B29D167B-A42D-485B-B1E6-ED15697FF227}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B58331DC-5861-43E6-877D-20E78948C81D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{B5D0761A-78A5-4376-8678-3C87F49E375E}" = dir=in | app=c:\program files (x86)\avg\avg8\avgemc.exe |
"{B78AA718-8F08-440C-81E6-0FF66E649C6A}" = dir=in | app=c:\program files (x86)\avg\avg8\avgdiagex.exe |
"{C03B17FE-F14C-439F-8067-3B85CD97ABDA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpse.exe |
"{C35823D7-056B-4B16-83B0-31B35D72F995}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C49F6F71-A731-47BE-858F-871C3EA6CB24}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{CA3CB06F-80B0-4F8B-AE76-02BB35BEC824}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{CB3B24CD-A5DA-4EBB-9EBA-AD64CD8A796B}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgemca.exe |
"{CD618F23-07F1-47E5-BEA2-44C3F516EABB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D0E1EB2E-DED5-4221-8B29-9088984A3E59}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D348FF61-2520-41BA-AE51-84BF2F4514AE}" = dir=in | app=c:\program files (x86)\acer\acer vcm\rs_service.exe |
"{D3FF4863-5C63-4C79-9811-029FB8F1953F}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"{D4D374A3-C1CE-45B7-BA7E-72E496DC1FBA}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{D5175903-0C27-4CDE-BA1D-310AE5F7FD1E}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D76BAAF9-B7EF-41AA-828E-2DBC17910620}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqnrs08.exe |
"{D788320A-7320-44FE-89C5-E1AB9FADE996}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{D9578855-6560-4825-B15C-AFBA9985333D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{DC75C6C3-F9B5-47AB-827E-642C6AA05F3A}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{E139200D-9A7B-480E-AF24-772CA70F527D}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{E5C81FFA-8F89-4502-A0DF-8C6BB8942710}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgnsa.exe |
"{E6B7BDD0-1CAA-44A0-AD01-16484620125F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{ED78A844-DEF0-4866-BB36-8ED1BF4688D7}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgdiagex.exe |
"{F0F38695-F5B7-4A30-AA3E-AC8071E14C16}" = dir=in | app=c:\program files (x86)\acer\acer vcm\vc.exe |
"{F1C568BC-6187-4BFF-BFAA-E88A003733E6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F26E96D7-3AAA-48FD-A4B6-284096BFCDC6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpzwiz01.exe |
"{F44CE39F-B46A-4B78-BDB0-FC591319BC44}" = dir=in | app=c:\program files (x86)\avg\avg8\avgupd.exe |
"{F7EBEE7E-F105-4C66-B753-157388FCE3CA}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{F9A5FBAE-5653-4414-9DED-B75D2AEC8F12}" = protocol=6 | dir=in | app=c:\users\***\appdata\roaming\dropbox\bin\dropbox.exe |
"{FA6FBE14-DD29-4E85-94AE-B7F3D8359447}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqpsapp.exe |
"{FB0C9571-3718-4D0E-A116-AAD8BD9441EC}" = dir=in | app=c:\program files (x86)\avg\avg8\avgdiag.exe |
"{FD728F0D-7D08-45FD-8E67-F7D37ED3B13B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{FD74AA22-DE40-4565-A63C-4F482C114CAE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe |
"TCP Query User{0770B01F-FFFA-4D7D-85F9-1103ED6CE482}C:\users\***\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\***\appdata\roaming\spotify\spotify.exe |
"TCP Query User{BE82E32C-A0D4-4B20-ABAD-A8C78FA8A999}C:\users\***\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\***\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{2B6BE537-9FD8-464E-B0CA-AC8F779BED43}C:\users\***\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\***\appdata\roaming\spotify\spotify.exe |
"UDP Query User{59913581-347E-4D32-95D5-32E48081D8CC}C:\users\***\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\***\appdata\roaming\dropbox\bin\dropbox.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05EFBF37-0E52-4579-875C-7EEF0DFB4FCB}" = Network64
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{17016DA1-F040-4032-BD36-34DD317BC9D5}" = HP Photosmart All-In-One Driver Software 13.0 Rel. A
"{1FBEA8BA-D40B-48BC-85BC-EE2D5575F27C}" = Microsoft SQL Server VSS Writer
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{7C39E0D1-E138-42B1-B083-213EC2CF7692}" = Microsoft SQL Server Native Client
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{AD27BE4B-A261-4F0A-AB5A-476C83EDAED2}" = AVG 2013
"{F5AA006A-1ABE-4F16-B6E1-FEE1F7D38102}" = AVG 2013
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"AVG" = AVG 2013
"CCleaner" = CCleaner
"CNXT_AUDIO_HDA" = Conexant HD Audio
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.51
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPOCR" = OCR Software by I.R.I.S. 13.0
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Recuva" = Recuva
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{021C4C4F-C93C-4425-BFFD-C2D16776BFAE}" = Visual C++ 8.0 Runtime Setup Package (x64)
"{028ED9C4-25EE-4DEE-9CF4-91034BC89B18}" = Microsoft SQL Server 2005 Express Edition (MSSMLBIZ)
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{0E532C84-4275-41B3-9D81-D4A1A20D8EE7}" = PlayStation(R)Store
"{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}" = Status
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{1AE3E621-E0C0-4aa1-B10B-B3E353A8D110}" = c3100_Help
"{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}" = TrayApp
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2A7EF808-14F3-4E93-BE3A-1675EE5332A4}" = AIO_CDA_ProductContext
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{2FF8C687-DB7D-4adc-A5DC-57983EC25046}" = DeviceDiscovery
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{354038F6-0A35-4C55-A80B-F86C4C1A6D38}" = C3100
"{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}" = Copy
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{440B915A-0C85-45DB-92AE-75AE14704A64}" = Fax
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4cb9f93c-9edc-4be9-ae61-af128ddbecfa}" = Business Contact Manager für Outlook 2007 SP2
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{64BE88A6-798A-075D-80CF-CC970E912C85}" = Biologie heute CD
"{65FBA21B-7F80-4E4E-B275-0958D2648F94}_is1" = Java-Editor 10.3c, 2010.08.03
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.1.0.0
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{2733AA87-26FC-41B0-9D2F-3092345BC370}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.de-de_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.de-de_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B362566-EC1B-4700-BB9C-EC661BDE2175}" = DocProc
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A436F67F-687E-4736-BD2B-537121A804CF}" = HP Product Detection
"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker
"{A7AEE29F-839E-46B5-B347-6D430618129F}" = AIO_CDA_Software
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{ABEE079E-648E-488B-8301-0C3DB48C1BCE}_is1" = Acer GameZone Console
"{AC76BA86-7AD7-FFFF-7B44-A91000000001}" = Adobe Reader 9.5.4 MUI
"{AED2DD42-9853-407E-A6BC-8A1D6B715909}" = Windows Live Messenger
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D2041A37-5FEC-49F0-AE5C-3F2FFDFAA4F4}" = Windows Live Call
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}" = AIO_Scan
"{DC635845-46D3-404B-BCB1-FC4A91091AFA}" = SmartWebPrinting
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"7-Zip" = 7-Zip 9.20
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AniGra_is1" = AniGra v3.6
"Business Contact Manager" = Business Contact Manager für Outlook 2007 SP2
"com.schroedel.bioheuteeinleger" = Biologie heute CD
"Derive 6" = Derive 6
"Digital Editions" = Adobe Digital Editions
"DynaGeo_is1" = DynaGeo 3.5d
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Freemake Video Converter_is1" = Freemake Video Converter Version 3.1.2
"Greenfoot_is1" = Greenfoot 2.0.1
"Identity Card" = Identity Card
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{5FEBF468-5AC2-4C66-AD80-DF85C085AA73}" = InterVideo WinDVD 8
"LastFM_is1" = Last.fm Scrobbler 2.1.30
"LManager" = Launch Manager
"Microsoft SQL Server 2005" = Microsoft SQL Server 2005
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"Mp3tag" = Mp3tag v2.54
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"Opera 12.15.1748" = Opera 12.15
"RarZilla Free Unrar" = RarZilla Free Unrar
"TurboPlot_is1" = TurboPlot v3.7c
"VLC media player" = VLC media player 2.0.4
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3475164740-3824372139-2480031196-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Spotify" = Spotify
========== Last 20 Event Log Errors ==========
[ OSession Events ]
Error - 06.01.2012 17:52:51 | Computer Name = ***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 21
seconds with 0 seconds of active time. This session ended with a crash.
Error - 06.01.2012 17:53:49 | Computer Name = ***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 12
seconds with 0 seconds of active time. This session ended with a crash.
Error - 06.01.2012 17:54:22 | Computer Name = ***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 14
seconds with 0 seconds of active time. This session ended with a crash.
Error - 06.01.2012 17:56:12 | Computer Name = ***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 28
seconds with 0 seconds of active time. This session ended with a crash.
Error - 06.01.2012 17:59:33 | Computer Name = ***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 141
seconds with 120 seconds of active time. This session ended with a crash.
Error - 06.01.2012 18:10:18 | Computer Name = ***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 22
seconds with 0 seconds of active time. This session ended with a crash.
Error - 03.06.2012 14:10:42 | Computer Name = ***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 3, Application Name: Microsoft Office PowerPoint, Application
Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session
lasted 19989 seconds with 240 seconds of active time. This session ended with a
crash.
Error - 26.07.2012 18:00:38 | Computer Name = ***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2
seconds with 0 seconds of active time. This session ended with a crash.
Error - 12.09.2012 16:11:55 | Computer Name = ***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 11188
seconds with 3720 seconds of active time. This session ended with a crash.
Error - 23.11.2012 08:36:33 | Computer Name = ***-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 13, Application Name: Microsoft Office OneNote, Application Version:
12.0.6606.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1674
seconds with 60 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 16.04.2013 10:44:17 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
Error - 16.04.2013 10:44:22 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7006
Description = Der Aufruf "ScRegSetValueExW" ist für "FailureActions" aufgrund folgenden
Fehlers fehlgeschlagen: %%5
Error - 16.04.2013 10:45:43 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Windows Search erreicht.
Error - 16.04.2013 10:45:43 | Computer Name = ***-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 16.04.2013 10:45:43 | Computer Name = ***-PC | Source = DCOM | ID = 10005
Description =
< End of report >
|
|
16.04.2013, 23:25
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kein Internetzugriff trotz Verbindung Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes - denk bitte vorher daran, Malwarebytes über den Updatebutton zu aktualisieren Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt: ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.04.2013, 10:48
| #13 |
| | Kein Internetzugriff trotz Verbindung Malwarebytes Code:
ATTFilter Malwarebytes Anti-Malware (Test) 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.04.17.02 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 10.0.9200.16540 *** :: ***-PC [Administrator] Schutz: Aktiviert 17.04.2013 09:14:41 mbam-log-2013-04-17 (09-14-41).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 267874 Laufzeit: 5 Minute(n), 1 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=b79ef797227c394fa7104f8b65de23f2
# engine=13635
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-04-17 09:31:17
# local_time=2013-04-17 11:31:17 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1045 16777213 100 94 10044 53325061 0 0
# compatibility_mode=5893 16776574 100 94 1868570 117820927 0 0
# scanned=148870
# found=0
# cleaned=0
# scan_time=6544
|
|
17.04.2013, 12:34
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Kein Internetzugriff trotz Verbindung Sieht soweit ok aus  Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie ) Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird. Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.04.2013, 17:37
| #15 |
| | Kein Internetzugriff trotz Verbindung Hey, vielen lieben Dank für deine schnelle und ausführliche Hilfe! Hatte eigentlich schon vorher im Browser eingestellt, er solle die Cookies bei Beenden löschen, aber gut. Das Problem, das ich eingangs beschrieben habe, besteht nach wie vor, wie es aussieht. ^^ Immer beim Youtuben: Beim x-ten Video lädt es plötzlich nicht mehr und ich kann nicht mehr aufs Internet zugreifen. Hab ich was falsch gemacht? Oder liegt es doch an was anderem und meine Anfrage war hier nicht passend? |
|
| Themen zu Kein Internetzugriff trotz Verbindung |
| 7-zip, abbruch, autorun, avg security toolbar, bho, browser, converter, error, excel, fehler, firefox, flash player, google, home, iexplore.exe, install.exe, internet, kein internetzugriff, launch, logfile, mp3, office 2007, plug-in, problem, realtek, recuva, registry, rundll, scan, security, server, software, spotify web helper, starten, svchost.exe, trotz verbindung, visual studio, windows |
Linear-Darstellung
