| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Windows7 Explorer funktioniert nicht mehrWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
10.06.2013, 14:20
| #1 |
| |  Windows7 Explorer funktioniert nicht mehr Hallo, bei mir stürtzt immer der Explorer ab, wenn ich bsp. Bilder übertragen möchte vielleicht Kontexmenü als auslöser für den Absturz. Da ich ihn geöffnet stehen lassen kann ohne zu arbeiten entsteht kein Fehler. Ich habe ein 64 bit System Windows 7 Home Edition. Habe Fehlerhafte Systemdateien gefunden über cmd im Startmenü und dann den Befehl scannow ausführen lassen. Antwort: Der Windows Resourcenschutz hat beschädigte Dateien gefunden und konnte einige der beschädigten Datein nicht reparieren. Details finden sie in der Datei "CBS.Log" <windir\Logs\CBS\CBS.log>, zB. "C:\windows\logs\CBS\CBS.log" Wie gehe ich hier weiter richtig vor? Kann ja nicht in den Explorer weil der immer abstürzt bis ich mich durchgeklickt habe?!!! Dankeschön im Voraus! |
|
11.06.2013, 14:57
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Windows7 Explorer funktioniert nicht mehr Hallo und
__________________ Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die jemals fündig geworden? Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520 Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!  Lesestoff:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
11.06.2013, 20:58
| #3 |
| | Windows7 Explorer funktioniert nicht mehr Nur noch Avira die hat folgende Datei
__________________ADWARE/installcore.gen unter Quarantäne gestellt. Hoffe aber nicht dass das ein Virus ist.  Habe sonst kein Virenprogramm.  Hatte auch Jahrelang keine PC Probleme weil ich immer XP benutzte das war super!!! Jetzt seit ca einem Jahr hab ich mir einen Lappi zugelegt da war dass 7er Windows drauf auch ohne CD wie des ja aktuell so ist und  Aber tja etz muss ich irgendwie diesen Explorer wieder in Gang bekommen, ansonsten läuft ja alles gestern ist mir der Mozilla mal kurz flöten gegangen war eine Meldung konnte Protokoll nicht schreiben... Aber läuft jetzt wieder.... Hast du irgendwelche Ideen wie ich diesen Fehler besser analisieren kann?! Bin kein PC-Checker nur Serienmäßiger bediener und Googler :-) Thx |
|
11.06.2013, 22:45
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows7 Explorer funktioniert nicht mehr Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Erstmal eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
12.06.2013, 07:57
| #5 |
| | Windows7 Explorer funktioniert nicht mehr Hallo Cosinus, hab gleich schon die erste Frage. Wo bekomme ich das OLC Programm her, hab mir das TuneUP und TeamViewer Programm heruntergeladen und Installiert.... Oder ist OLC mit TuneUp gemeint aber habe hier eine andere Plattform  Tschuldige das OTL Programm Wer lesen kann ist klar im Vorteil :-) OTL link gefunden :-) Oje was da alles steht  OTL Logfile: Code:
ATTFilter OTL logfile created on: 12.06.2013 09:14:05 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tobillix\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16576) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,91 Gb Total Physical Memory | 2,07 Gb Available Physical Memory | 52,99% Memory free 7,81 Gb Paging File | 5,92 Gb Available in Paging File | 75,83% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 119,24 Gb Total Space | 69,29 Gb Free Space | 58,11% Space Free | Partition Type: NTFS Drive D: | 153,85 Gb Total Space | 48,21 Gb Free Space | 31,34% Space Free | Partition Type: NTFS Drive E: | 7,13 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF Drive H: | 698,64 Gb Total Space | 198,90 Gb Free Space | 28,47% Space Free | Partition Type: NTFS Computer Name: TOBILLIX-PC | User Name: Tobillix | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Tobillix\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Program Files\VLC\vlc.exe (VideoLAN) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe (Adobe Systems, Inc.) PRC - C:\Program Files (x86)\Protected Search\ProtectedSearch.exe (Simplygen) PRC - C:\Program Files\Mozillafirefo9crome\plugin-container.exe (Mozilla Corporation) PRC - C:\Program Files\Mozillafirefo9crome\firefox.exe (Mozilla Corporation) PRC - C:\Windows\AsScrPro.exe (ASUS) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (ASUSTeK Computer Inc.) PRC - C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe (ASUS) PRC - C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS) PRC - C:\Windows\SysWOW64\ACEngSvr.exe (ASUSTeK) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus) PRC - C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe () PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS) PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS) PRC - C:\Windows\SysWOW64\BRSVC01A.EXE (brother Industries Ltd) PRC - C:\Windows\SysWOW64\BRSS01A.EXE (brother Industries Ltd) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\af525b4bec3b9941b7be8ffbf813da80\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f878765b06a1d56b04f4bd23a9c60985\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7eac0dbe9aa20b55e37235f8ee030e6b\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll () MOD - C:\Program Files\VLC\libvlccore.dll () MOD - C:\Program Files\VLC\plugins\gui\libqt4_plugin.dll () MOD - C:\Program Files\VLC\plugins\codec\libpng_plugin.dll () MOD - C:\Program Files\VLC\plugins\audio_output\libwaveout_plugin.dll () MOD - C:\Program Files\VLC\plugins\audio_output\libaout_directx_plugin.dll () MOD - C:\Program Files\VLC\plugins\codec\libdts_plugin.dll () MOD - C:\Program Files\VLC\plugins\codec\libcdg_plugin.dll () MOD - C:\Program Files\VLC\plugins\codec\liblibass_plugin.dll () MOD - C:\Program Files\VLC\plugins\codec\libtheora_plugin.dll () MOD - C:\Program Files\VLC\plugins\codec\libmpeg_audio_plugin.dll () MOD - C:\Program Files\VLC\plugins\codec\liba52_plugin.dll () MOD - C:\Program Files\VLC\plugins\codec\libaes3_plugin.dll () MOD - C:\Program Files\VLC\plugins\codec\libvorbis_plugin.dll () MOD - C:\Program Files\VLC\plugins\codec\libschroedinger_plugin.dll () MOD - C:\Program Files\VLC\plugins\codec\libopus_plugin.dll () MOD - C:\Program Files\VLC\plugins\codec\liblpcm_plugin.dll () MOD - C:\Program Files\VLC\plugins\codec\libspudec_plugin.dll () MOD - C:\Program Files\VLC\plugins\codec\libavcodec_plugin.dll () MOD - C:\Program Files\VLC\plugins\codec\libfaad_plugin.dll () MOD - C:\Program Files\VLC\plugins\codec\libflac_plugin.dll () MOD - C:\Program Files\VLC\plugins\codec\libfluidsynth_plugin.dll () MOD - C:\Program Files\VLC\plugins\codec\libspeex_plugin.dll () MOD - C:\Program Files\VLC\plugins\control\libhotkeys_plugin.dll () MOD - C:\Program Files\VLC\plugins\codec\libaraw_plugin.dll () MOD - C:\Program Files\VLC\plugins\control\libglobalhotkeys_plugin.dll () MOD - C:\Program Files\VLC\plugins\video_filter\libyuvp_plugin.dll () MOD - C:\Program Files\VLC\plugins\audio_mixer\libfloat32_mixer_plugin.dll () MOD - C:\Program Files\VLC\plugins\video_filter\libswscale_plugin.dll () MOD - C:\Program Files\VLC\plugins\lua\liblua_plugin.dll () MOD - C:\Program Files\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll () MOD - C:\Program Files\VLC\plugins\video_filter\libscale_plugin.dll () MOD - C:\Program Files\VLC\plugins\audio_filter\libsamplerate_plugin.dll () MOD - C:\Program Files\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll () MOD - C:\Program Files\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll () MOD - C:\Program Files\VLC\plugins\audio_filter\libaudio_format_plugin.dll () MOD - C:\Program Files\VLC\plugins\audio_filter\libconverter_fixed_plugin.dll () MOD - C:\Program Files\VLC\plugins\audio_filter\libdtstospdif_plugin.dll () MOD - C:\Program Files\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll () MOD - C:\Program Files\VLC\plugins\audio_filter\libugly_resampler_plugin.dll () MOD - C:\Program Files\VLC\plugins\audio_filter\liba52tospdif_plugin.dll () MOD - C:\Program Files\VLC\plugins\meta_engine\libtaglib_plugin.dll () MOD - C:\Program Files\VLC\plugins\audio_filter\libscaletempo_plugin.dll () MOD - C:\Program Files\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll () MOD - C:\Program Files\VLC\plugins\misc\libxml_plugin.dll () MOD - C:\Program Files\VLC\plugins\mmx\libi420_rgb_mmx_plugin.dll () MOD - C:\Program Files\VLC\plugins\mmx\libi420_yuy2_mmx_plugin.dll () MOD - C:\Program Files\VLC\plugins\mmx\libi422_yuy2_mmx_plugin.dll () MOD - C:\Program Files\VLC\plugins\mmxext\libmemcpymmxext_plugin.dll () MOD - C:\Program Files\VLC\plugins\text_renderer\libfreetype_plugin.dll () MOD - C:\Program Files\VLC\plugins\video_chroma\libi420_rgb_plugin.dll () MOD - C:\Program Files\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll () MOD - C:\Program Files\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll () MOD - C:\Program Files\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll () MOD - C:\Program Files\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll () MOD - C:\Program Files\VLC\plugins\video_chroma\libi422_i420_plugin.dll () MOD - C:\Program Files\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll () MOD - C:\Program Files\VLC\plugins\access\libdshow_plugin.dll () MOD - C:\Program Files\VLC\plugins\sse2\libi420_rgb_sse2_plugin.dll () MOD - C:\Program Files\VLC\plugins\video_output\libdirect3d_plugin.dll () MOD - C:\Program Files\VLC\plugins\video_output\libdirectx_plugin.dll () MOD - C:\Program Files\VLC\plugins\sse2\libi420_yuy2_sse2_plugin.dll () MOD - C:\Program Files\VLC\plugins\sse2\libi422_yuy2_sse2_plugin.dll () MOD - C:\Program Files\VLC\plugins\access\libaccess_vdr_plugin.dll () MOD - C:\Program Files\VLC\plugins\access\libdvdnav_plugin.dll () MOD - C:\Program Files\VLC\plugins\access\liblibbluray_plugin.dll () MOD - C:\Program Files\VLC\plugins\access\libzip_plugin.dll () MOD - C:\Program Files\VLC\plugins\access\libfilesystem_plugin.dll () MOD - C:\Program Files\VLC\plugins\access\libaccess_bd_plugin.dll () MOD - C:\Program Files\VLC\plugins\access\libstream_filter_rar_plugin.dll () MOD - C:\Program Files\VLC\plugins\demux\libplaylist_plugin.dll () MOD - C:\Program Files\VLC\plugins\demux\libavi_plugin.dll () MOD - C:\Program Files\VLC\plugins\demux\libmp4_plugin.dll () MOD - C:\Program Files\VLC\plugins\stream_filter\libstream_filter_dash_plugin.dll () MOD - C:\Program Files\VLC\plugins\stream_filter\libstream_filter_httplive_plugin.dll () MOD - C:\Program Files\VLC\libvlc.dll () MOD - C:\Program Files\VLC\plugins\stream_filter\libstream_filter_record_plugin.dll () MOD - C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\libcef.dll () MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll () MOD - C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll () MOD - C:\Program Files\Mozillafirefo9crome\mozjs.dll () MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll () MOD - C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll () MOD - C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll () MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe () MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll () MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll () ========== Services (SafeList) ========== SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.) SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (TuneUp Software) SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) SRV - (BrYNSvc) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe (Brother Industries, Ltd.) SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (ASUS InstantOn) -- C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe (ASUS) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS) SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (Brother XP spl Service) -- C:\Windows\SysWOW64\BRSVC01A.EXE (brother Industries Ltd) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (Ser2pl) -- C:\Windows\SysNative\drivers\ser2pl64.sys (Prolific Technology Inc.) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation) DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation) DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation) DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc) DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.) DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( ) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation) DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation) DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation) DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation) DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys (TuneUp Software) DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1136809362-2212667915-2443606012-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-search.com/?affID=119293&tt=gc_&babsrc=HP_ss&mntrId=248486D53D120BDE IE - HKU\S-1-5-21-1136809362-2212667915-2443606012-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&affID=119293&tt=gc_&babsrc=SP_ss&mntrId=248486D53D120BDE IE - HKU\S-1-5-21-1136809362-2212667915-2443606012-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: "false" FF - prefs.js..extensions.enabledAddons: testpilot@labs.mozilla.com:1.2.2 FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozillafirefo9crome\components [2012.06.04 12:43:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozillafirefo9crome\plugins [2011.12.08 18:08:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.23 13:13:12 | 000,000,000 | ---D | M] [2011.12.08 17:55:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobillix\AppData\Roaming\mozilla\Extensions [2013.05.29 19:31:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobillix\AppData\Roaming\mozilla\Firefox\Profiles\tu3kxf86.default\extensions [2012.01.20 15:25:03 | 000,000,000 | ---D | M] (Wincore Mediabar) -- C:\Users\Tobillix\AppData\Roaming\mozilla\Firefox\Profiles\tu3kxf86.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0} [2012.11.16 15:07:36 | 000,000,000 | ---D | M] (DownTango Launcher) -- C:\Users\Tobillix\AppData\Roaming\mozilla\Firefox\Profiles\tu3kxf86.default\extensions\{411beae9-8c58-477c-8903-201536f61512} [2012.09.15 10:19:06 | 000,621,521 | ---- | M] () (No name found) -- C:\Users\Tobillix\AppData\Roaming\mozilla\firefox\profiles\tu3kxf86.default\extensions\testpilot@labs.mozilla.com.xpi [2013.05.29 19:06:26 | 000,006,503 | ---- | M] () -- C:\Users\Tobillix\AppData\Roaming\mozilla\firefox\profiles\tu3kxf86.default\searchplugins\babylon.xml [2013.05.29 19:06:33 | 000,001,294 | ---- | M] () -- C:\Users\Tobillix\AppData\Roaming\mozilla\firefox\profiles\tu3kxf86.default\searchplugins\delta.xml ========== Chrome ========== CHR - default_search_provider: Delta Search (Enabled) CHR - default_search_provider: search_url = hxxp://www.delta-search.com/?q={searchTerms}&affID=119293&tt=gc_&babsrc=SP_ss&mntrId=248486D53D120BDE CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: hxxp://www.delta-search.com/?affID=119293&tt=gc_&babsrc=HP_ss&mntrId=248486D53D120BDE CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Users\Tobillix\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: Google-Suche = C:\Users\Tobillix\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\ CHR - Extension: Google Mail = C:\Users\Tobillix\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2 - BHO: (Wincore Mediabar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Users\Tobillix\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll () O2 - BHO: (DownTango Launcher) - {e327b07a-0e11-4fd4-bef2-b2c5605b59c6} - C:\Users\Tobillix\AppData\Roaming\DownTangoFTToolbar\DownTangoFTToolbar.dll (Simplytech Ltd.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (Wincore Mediabar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Users\Tobillix\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll () O3 - HKLM\..\Toolbar: (DownTango Launcher) - {e327b07a-0e11-4fd4-bef2-b2c5605b59c6} - C:\Users\Tobillix\AppData\Roaming\DownTangoFTToolbar\DownTangoFTToolbar.dll (Simplytech Ltd.) O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated) O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.) O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe (ecareme) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus) O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - Startup: C:\Users\Tobillix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\S-1-5-21-1136809362-2212667915-2443606012-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D9FB8A97-64B7-46D0-BCAF-B10735B25125}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1B2404B-6A93-4894-867E-985A2BA1157C}: DhcpNameServer = 192.168.3.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O32 - Unable to obtain root file information for disk H:\ O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.06.11 22:10:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer [2013.06.11 22:02:32 | 000,035,104 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe [2013.06.11 22:02:31 | 000,026,400 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll [2013.06.11 22:02:31 | 000,021,792 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll [2013.06.11 22:02:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013 [2013.06.11 22:02:12 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\TuneUp Software [2013.06.11 22:02:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013 [2013.06.11 22:01:28 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2013.06.11 22:00:45 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} [2013.06.11 22:00:45 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2013.06.10 13:52:44 | 000,000,000 | ---D | C] -- C:\LocalDumps [2013.05.30 01:55:44 | 000,083,160 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys [2013.05.29 19:55:09 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\Avira [2013.05.29 19:49:34 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2013.05.29 19:49:34 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2013.05.29 19:49:34 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2013.05.29 19:49:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2013.05.29 19:49:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2013.05.29 19:35:35 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2013.05.29 19:06:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon [2013.05.29 19:06:20 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\Babylon [2013.05.29 19:06:18 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\GoforFiles [2013.05.29 18:58:04 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\SpeedMaxPc [2013.05.29 18:58:04 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\DriverCure [2013.05.29 18:57:56 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedMaxPc [2013.05.29 18:34:47 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Local\Downloaded Installations [2013.05.29 18:34:15 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\Zip Opener Packages [2013.05.29 18:34:11 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\DSite [2013.05.29 18:34:10 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\DealPly [2013.05.29 18:34:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer [2013.05.29 15:38:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Easy [2013.05.29 15:38:24 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Easy [2013.05.29 15:38:04 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Local\Programs [2013.05.23 19:46:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2013.05.23 19:44:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2013.05.23 19:44:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2013.05.23 19:43:39 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll [2013.05.23 19:43:39 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll [2013.05.23 19:43:39 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe [2013.05.23 19:43:38 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys [2013.05.23 19:43:38 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll [2013.05.23 19:43:38 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll [2013.05.23 19:43:38 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys [2013.05.23 19:43:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys [2013.05.23 19:43:38 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll [2013.05.23 19:43:37 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2013.05.23 19:43:37 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2013.05.23 19:43:37 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe [2013.05.23 19:43:37 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll [2013.05.23 19:43:37 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll [2013.05.23 19:43:37 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll [2013.05.23 19:43:37 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll [2013.05.23 19:43:37 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll [2013.05.23 19:43:37 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe [2013.05.23 19:43:37 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll [2013.05.23 19:43:37 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll [2013.05.23 19:43:37 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll [2013.05.23 19:43:37 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll [2013.05.23 19:43:36 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2013.05.23 19:43:36 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll [2013.05.23 19:43:35 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2013.05.23 19:40:29 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2013.05.23 19:40:27 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2013.05.23 19:40:27 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2013.05.23 19:31:01 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\vlc [2013.05.23 13:26:51 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\Systweak [2013.05.23 13:26:50 | 000,018,832 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe [2013.05.23 13:26:44 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\Canneverbe Limited [2013.05.23 13:26:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited [2013.05.23 13:26:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDBurnerXP [2013.05.23 13:13:22 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\Thunderbird [2013.05.23 13:13:22 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Local\Thunderbird [2013.05.23 13:13:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird [2013.05.23 12:48:05 | 000,057,344 | ---- | C] (brother Industries Ltd) -- C:\Windows\SysWow64\BRSVC01A.EXE [2013.05.23 12:48:05 | 000,045,056 | ---- | C] (brother Industries Ltd) -- C:\Windows\SysWow64\BRSS01A.EXE [2013.05.23 11:19:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother Personal Utilities [2013.05.23 10:54:09 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark [2013.05.22 14:37:21 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\ControlCenter4 [2013.05.22 14:33:42 | 000,000,000 | ---D | C] -- C:\Brother [2013.05.22 14:33:40 | 000,000,000 | ---D | C] -- C:\ProgramData\ControlCenter4 [2013.05.22 14:33:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Browny02 [2013.05.22 14:32:55 | 000,245,760 | ---- | C] (brother) -- C:\Windows\SysWow64\NSSearch.dll [2013.05.22 14:32:55 | 000,005,632 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2L.dll [2013.05.22 14:32:55 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2S.dll [2013.05.22 14:32:54 | 000,073,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2.dll [2013.05.22 14:32:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Brother [2013.05.22 14:32:49 | 000,180,224 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysWow64\BroSNMP.dll [2013.05.22 14:29:20 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\InstallShield [2013.05.22 12:07:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother [2013.05.22 12:07:26 | 000,316,928 | ---- | C] (brother) -- C:\Windows\SysNative\NSSRH64.dll [2013.05.22 12:07:26 | 000,084,480 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\BrNetSti.dll [2013.05.22 12:07:26 | 000,058,880 | ---- | C] (Brother Industries,Ltd.) -- C:\Windows\SysNative\BrWiaNCp.dll [2013.05.22 12:07:26 | 000,054,272 | R--- | C] (Brother Industries,Ltd) -- C:\Windows\SysNative\Brnsplg.dll [2013.05.22 12:07:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ControlCenter4 [2013.05.22 12:01:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother [2013.05.15 08:06:19 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.05.15 08:06:19 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.05.15 08:06:18 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.05.15 08:06:17 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.05.15 08:06:17 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.05.15 08:06:17 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.05.15 08:06:17 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.05.15 08:06:17 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.05.15 08:06:17 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.05.15 08:06:17 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.05.15 08:06:17 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.05.15 08:06:17 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.05.15 08:06:14 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.05.15 08:06:14 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.05.15 08:06:13 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.05.15 07:52:23 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2013.05.15 07:52:23 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2013.05.15 07:52:09 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2013.05.15 07:52:08 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll [2013.05.15 07:52:07 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll [2013.05.15 07:52:07 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2013.05.15 07:51:56 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll ========== Files - Modified Within 30 Days ========== [2013.06.12 08:39:00 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.06.12 08:32:29 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.06.12 08:32:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.06.11 22:10:38 | 000,001,168 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk [2013.06.11 22:02:29 | 000,002,215 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2013.06.11 22:02:29 | 000,002,195 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk [2013.06.11 21:04:33 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.06.11 21:04:33 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.06.11 20:56:33 | 3145,826,304 | -HS- | M] () -- C:\hiberfil.sys [2013.06.11 09:48:19 | 001,531,014 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.06.11 09:48:19 | 000,666,256 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.06.11 09:48:19 | 000,628,098 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.06.11 09:48:19 | 000,134,178 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.06.11 09:48:19 | 000,110,560 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.06.10 21:58:56 | 000,045,056 | ---- | M] () -- C:\Windows\SysWow64\acovcnt.exe [2013.06.08 00:43:00 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\ASUS SmartLogon Console Sensor.job [2013.05.30 14:18:51 | 000,002,046 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini [2013.05.30 14:18:35 | 000,001,240 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini [2013.05.30 01:55:19 | 000,083,160 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys [2013.05.29 19:47:57 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2013.05.29 19:47:57 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2013.05.29 19:47:57 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2013.05.29 19:35:36 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013.05.29 14:10:24 | 000,001,059 | ---- | M] () -- C:\Users\Tobillix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013.05.29 14:10:11 | 000,001,033 | ---- | M] () -- C:\Users\Tobillix\Desktop\Dropbox.lnk [2013.05.24 12:32:08 | 000,080,962 | ---- | M] () -- C:\Users\Tobillix\Desktop\MotivationsschreibenMH.pdf [2013.05.24 12:24:16 | 000,288,597 | ---- | M] () -- C:\Users\Tobillix\Desktop\MeisterbriefArbeitszeugniss.pdf [2013.05.24 12:15:53 | 000,005,052 | ---- | M] () -- C:\Users\Tobillix\AppData\Local\recently-used.xbel [2013.05.24 12:03:05 | 000,092,813 | ---- | M] () -- C:\Users\Tobillix\Desktop\LebenslaufBild2013.pdf [2013.05.24 09:45:07 | 000,084,822 | ---- | M] () -- C:\Users\Tobillix\Desktop\ArbeitszeugnisHTG.jpg [2013.05.24 09:43:54 | 000,102,919 | ---- | M] () -- C:\Users\Tobillix\Desktop\Meister1.jpg [2013.05.24 09:38:01 | 000,074,880 | ---- | M] () -- C:\Users\Tobillix\Desktop\Lebenslauf2013.pdf [2013.05.23 19:30:50 | 000,000,742 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2013.05.23 19:25:43 | 000,001,142 | ---- | M] () -- C:\Users\Tobillix\Desktop\ASUS Produktregistrierung.lnk [2013.05.23 13:26:34 | 000,001,955 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk [2013.05.23 13:13:15 | 000,002,092 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2013.05.23 12:48:08 | 000,000,184 | ---- | M] () -- C:\Windows\SysWow64\brsvc01a.bsi [2013.05.23 12:48:08 | 000,000,030 | ---- | M] () -- C:\Windows\SysWow64\brss01a.ini [2013.05.23 12:48:01 | 000,000,055 | ---- | M] () -- C:\Windows\SysWow64\BRDPJ140W.DAT [2013.05.19 18:35:42 | 000,247,887 | ---- | M] () -- C:\Users\Tobillix\Desktop\Strangfeld.jpg [2013.05.15 21:22:41 | 000,277,352 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT ========== Files Created - No Company Name ========== [2013.06.11 22:10:38 | 000,001,180 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk [2013.06.11 22:10:38 | 000,001,168 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk [2013.06.11 22:02:29 | 000,002,215 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk [2013.06.11 22:02:29 | 000,002,207 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk [2013.06.11 22:02:29 | 000,002,195 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk [2013.06.08 00:43:00 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\ASUS SmartLogon Console Sensor.job [2013.05.29 19:35:36 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk [2013.05.24 12:32:06 | 000,080,962 | ---- | C] () -- C:\Users\Tobillix\Desktop\MotivationsschreibenMH.pdf [2013.05.24 12:24:14 | 000,288,597 | ---- | C] () -- C:\Users\Tobillix\Desktop\MeisterbriefArbeitszeugniss.pdf [2013.05.24 12:15:53 | 000,005,052 | ---- | C] () -- C:\Users\Tobillix\AppData\Local\recently-used.xbel [2013.05.24 12:03:03 | 000,092,813 | ---- | C] () -- C:\Users\Tobillix\Desktop\LebenslaufBild2013.pdf [2013.05.24 09:58:24 | 000,247,887 | ---- | C] () -- C:\Users\Tobillix\Desktop\Strangfeld.jpg [2013.05.24 09:45:07 | 000,084,822 | ---- | C] () -- C:\Users\Tobillix\Desktop\ArbeitszeugnisHTG.jpg [2013.05.24 09:43:53 | 000,102,919 | ---- | C] () -- C:\Users\Tobillix\Desktop\Meister1.jpg [2013.05.24 09:37:58 | 000,074,880 | ---- | C] () -- C:\Users\Tobillix\Desktop\Lebenslauf2013.pdf [2013.05.23 19:30:50 | 000,000,742 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2013.05.23 19:25:43 | 000,001,142 | ---- | C] () -- C:\Users\Tobillix\Desktop\ASUS Produktregistrierung.lnk [2013.05.23 13:26:34 | 000,001,955 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk [2013.05.23 13:26:34 | 000,001,905 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk [2013.05.23 13:13:14 | 000,002,092 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2013.05.23 12:48:08 | 000,000,184 | ---- | C] () -- C:\Windows\SysWow64\brsvc01a.bsi [2013.05.23 12:48:08 | 000,000,030 | ---- | C] () -- C:\Windows\SysWow64\brss01a.ini [2013.05.23 11:18:07 | 000,000,060 | R--- | C] () -- C:\Program Files (x86)\BRINST.INI [2013.05.22 14:53:54 | 000,000,055 | ---- | C] () -- C:\Windows\SysWow64\BRDPJ140W.DAT [2013.05.22 12:07:26 | 000,143,360 | R--- | C] () -- C:\Windows\SysNative\BrSNMP64.dll [2013.03.29 16:33:23 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini [2012.12.14 02:42:30 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin [2012.12.14 02:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012.12.14 02:42:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin [2012.12.08 15:40:48 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2012.11.16 15:07:30 | 000,015,432 | ---- | C] () -- C:\Windows\Launcher.exe [2012.08.04 10:03:57 | 000,495,616 | ---- | C] () -- C:\Windows\SysWow64\D3DX8ab.dll [2012.02.28 20:28:25 | 000,164,234 | ---- | C] () -- C:\Windows\FlyChart Uninstaller.exe [2012.02.12 21:20:35 | 001,557,912 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.01.20 15:28:12 | 000,027,648 | ---- | C] () -- C:\Users\Tobillix\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.12.01 16:07:58 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\acovcnt.exe [2011.09.16 10:21:16 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll [2011.09.16 10:20:27 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011.09.16 10:20:19 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011.09.16 10:20:13 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin [2011.04.13 04:48:48 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Alternate Data Streams ========== @Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:41099CE9 < End of report > [/code] Die 2te Liste OTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 12.06.2013 09:14:05 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tobillix\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,91 Gb Total Physical Memory | 2,07 Gb Available Physical Memory | 52,99% Memory free
7,81 Gb Paging File | 5,92 Gb Available in Paging File | 75,83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,24 Gb Total Space | 69,29 Gb Free Space | 58,11% Space Free | Partition Type: NTFS
Drive D: | 153,85 Gb Total Space | 48,21 Gb Free Space | 31,34% Space Free | Partition Type: NTFS
Drive E: | 7,13 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive H: | 698,64 Gb Total Space | 198,90 Gb Free Space | 28,47% Space Free | Partition Type: NTFS
Computer Name: TOBILLIX-PC | User Name: Tobillix | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-1136809362-2212667915-2443606012-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozillafirefo9crome\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01030C6F-5837-45D1-AB3A-AF3B197B0371}" = lport=138 | protocol=17 | dir=in | app=system |
"{05398B0F-DF21-49B9-89E4-B94DDDA8C53D}" = lport=445 | protocol=6 | dir=in | app=system |
"{39B40135-DE6F-4B1E-9392-C4560374AEAF}" = rport=138 | protocol=17 | dir=out | app=system |
"{3DAC7D07-F950-4220-A07F-13FC0C5E7B8A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3F84BB46-FA1B-46B3-AB3D-6926B1478FF5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{41265FCC-C8FD-4637-940D-81D93E5445B1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{46F89CE4-032C-4BD7-BEDB-59B3E6118BE6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{506984D9-DE61-4E40-9679-2D3BDE5A3CB8}" = lport=8182 | protocol=6 | dir=in | name=java(tm) platform se binary |
"{58ECAC34-358A-4996-93D8-9D0BABF621B1}" = rport=139 | protocol=6 | dir=out | app=system |
"{5987CD0D-9C68-4205-B53B-786670C44BBA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5CDE0E7C-DC47-4771-A849-8CFDF593D83B}" = rport=445 | protocol=6 | dir=out | app=system |
"{5FB1DCF9-E80F-4A2A-8C19-A83037B4128F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{64D0CF8C-460F-4A0F-AB60-885D07254789}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6B34172A-84C3-432B-983E-F72E92DEBC66}" = rport=137 | protocol=17 | dir=out | app=system |
"{6D86BBA6-660B-4EA4-9C85-ADBCBF533D55}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{81BD1620-B145-459B-8294-89DC76E8572F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8CCF1862-7DD5-4479-8C75-816B63D5AE7E}" = lport=137 | protocol=17 | dir=in | app=system |
"{9B30EEB1-3357-4F0D-9BF8-C740440D33FA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9C2BC9E1-B81A-486E-9D96-F0C8E6502C49}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A119C4FF-3AE3-40BB-B5D7-933C3DF80772}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A72233AF-337A-40D3-BCE9-4CBCFF8C6B0B}" = lport=5353 | protocol=17 | dir=in | name=java(tm) platform se binary |
"{AEB556A1-0EA9-45B1-AB3B-1429C2598C19}" = lport=139 | protocol=6 | dir=in | app=system |
"{B236816B-FE21-4E85-B060-05EA7B258844}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
"{B827E1C7-5A7A-484C-9653-2FE388A8B888}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{CE94DC46-31D2-4A19-B634-FEC5BF51E233}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D93049F5-5267-4C4D-A6BA-5B5AE2B511E7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EB06DDCA-ED3D-4019-BA93-9DF325F55A05}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{ED7C6FB1-EE29-4727-BB8A-EF35088F3FF3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{033045E6-3034-4B01-869B-6FFA6C747C1A}" = dir=in | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{05F6FBB2-DD36-4430-8819-7D0B9000596F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{15B67990-8F2C-4858-B36B-9DAB9B2D53DD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{21791D02-FAEF-44B5-9008-A6E644E256D3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{25BDD843-A815-48A8-A216-66D065687049}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{33CF9B4C-8342-46D1-A9F3-2C0C6F8B2889}" = protocol=58 | dir=in | app=system |
"{35C70914-1B53-4C3C-A6C8-88156D2BEC37}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{380CD1BF-3256-4C1D-B497-5243B0F35003}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{462639D2-B49D-4052-A9AD-AC2CA7C0F9A4}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{49FDBA42-E06F-4D2F-A541-4AE21FD4B217}" = protocol=17 | dir=in | app=c:\users\tobillix\imesh applications\mediabar\datamngr\toolbar\dtuser.exe |
"{4EC18E60-0161-47A0-A4BF-01067E3A153D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{50D76052-134E-46DB-AF8E-63827F883C0F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{573A2FE5-57C0-42F8-8975-5BAB012E4E67}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5CE34F28-6F4F-42EE-BAE2-9BCCF93766E1}" = dir=out | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{603B5352-9F25-450C-931F-5AB21B9D9B30}" = dir=out | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{628AA317-31C9-44E2-8A42-F7F802557474}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{64EF058B-DF0B-47FA-839E-D8F61DF5DFC8}" = protocol=6 | dir=in | app=c:\users\tobillix\imesh applications\imesh\imesh.exe |
"{7034917E-CA98-4BB5-AB89-3416A22A23EE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{712E01E0-C950-42FF-9219-DFC7341EC893}" = protocol=6 | dir=in | app=c:\users\tobillix\imesh applications\mediabar\datamngr\toolbar\dtuser.exe |
"{73D0E9DF-4E46-41D4-B48B-9FE7EF4C98B7}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{74D4C5A4-04C8-44BE-B791-DE225CBB5EBA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{75EA3C65-0DDD-4326-98AC-21F0076CC5B6}" = protocol=6 | dir=out | app=system |
"{781B43D5-A1EC-46D6-8565-3EC613235D80}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7CB2FC95-AB79-4E83-BCC5-6633D5C8E5BD}" = protocol=17 | dir=in | app=c:\users\tobillix\appdata\roaming\dropbox\bin\dropbox.exe |
"{8929D0FC-ADAF-4CD9-B260-45AA1D96C81A}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{8EF01BA1-D1F6-4D73-AADB-AB5E81F83EF1}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{913350F3-00D4-4B9F-9C8D-F30D7A0F8754}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9158D9CA-0426-473E-A2B2-582527DBDD60}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{9D830397-6E89-423D-A1F7-196B8BA4E3C1}" = protocol=17 | dir=in | app=c:\users\tobillix\imesh applications\imesh\imesh.exe |
"{A52B226D-7E37-4AC4-9E9F-7D446241EC18}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{A599F84E-5119-4485-8AA3-7C9408CF907C}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{AE90F868-2056-4724-9677-E62210637C89}" = protocol=6 | dir=in | app=c:\users\tobillix\appdata\roaming\dropbox\bin\dropbox.exe |
"{B78C6051-5848-4568-BD2B-7E008D5BC9E3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BE3E0709-A3B0-40C0-8F87-EA82E1C91D54}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CC5B74B6-49A5-4E7A-B36E-39D95F00FFAD}" = protocol=6 | dir=in | app=c:\users\tobillix\imesh applications\imesh\imesh.exe |
"{D0CA002B-4ECB-4DD7-80CF-22540258D827}" = protocol=17 | dir=in | app=c:\users\tobillix\imesh applications\imesh\imesh.exe |
"{D8BF7B41-9685-43FD-B1C5-3C2F26BCA8CE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{EE82D5BF-4B83-4999-809A-5D98E38A1CCD}" = dir=in | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{F273DB03-3C4C-4D95-9B90-D4E369103FEB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FA5DBE5C-113F-4A75-BB37-A38EA4402287}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{5BD44DEA-8C93-4C43-8D98-4F0E76E6C4D8}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{9C1D6887-417E-439B-9C69-47B9E8A22CAB}C:\program files\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\vlc\vlc.exe |
"TCP Query User{C8E107EB-06FC-4848-8342-2413F6EDB566}C:\users\tobillix\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\tobillix\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{41AEA62B-C521-43F9-9C0B-8DAF6892DC38}C:\users\tobillix\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\tobillix\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{5050D132-3565-4248-860A-13B4321645BC}C:\program files\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\vlc\vlc.exe |
"UDP Query User{EBA5D961-39F4-4620-9730-99E7731A6B84}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0F696557-180C-4813-A754-5D43969B0691}" = Windows Live Family Safety
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{169C77B7-69C9-4648-9DD0-72B152AF269F}" = Windows Live Family Safety
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{289809B1-078A-49F3-83D0-7E51715B3915}" = Windows Live Family Safety
"{33B98264-A889-4913-A0CA-C364A75032B3}" = ASUS Power4Gear Hybrid
"{3946328A-5B3A-434C-A22B-64CF6652FBAD}" = Windows Live Family Safety
"{401C50F6-B443-43EE-8F27-A80DB19B03FD}" = Windows Live Family Safety
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7734509D-A1F7-4A5E-AF9D-77CD17AE41AF}" = Windows Live Family Safety
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{9210D7A2-DC28-43F6-92F9-E6CD4C729F7B}" = Windows Live Family Safety
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B22C8566-D522-4B40-A7AF-525F5A70D832}" = Windows Live Family Safety
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CB7935EF-43EE-4C0F-AC02-B0E4DD5DAC17}" = Windows Live Family Safety
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"{FE4BE0BD-1EDB-4D24-9614-847B3C472887}" = Windows Live Family Safety
"CCleaner" = CCleaner
"GIMP-2_is1" = GIMP 2.8.2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Registry Easy_is1" = Registry Easy v5.6
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = Sonic Focus
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{0ED38503-B69A-44B4-98BE-21BFF284A9B6}" = Brother Driver Deployment Wizard
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2FF959E3-FFE4-46C4-96DA-03F26BCFEFCC}" = Brother MFL-Pro Suite DCP-J140W
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{341697D8-9923-445E-B42A-529E5A99CB7A}" = syncables desktop SE
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{4555BB9E-E715-4260-A178-E8EFD2B653E3}" = Alcor Micro USB Card Reader
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5F6E678A-7E61-448A-86CB-BC2AD1E04138}" = Windows Live Messenger
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}" = Windows Live Messenger
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{709E38A9-7F80-4598-96CC-44B0D553FECE}" = Windows Live Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{749F674B-2674-47E8-879C-5626A06B2A91}" = InstantOn for NB
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763}" = iMesh
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C4BC5A5F-4A97-47CC-99C3-AB8E10572AFE}" = Wireless Console 3
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}" = ASUS FancyStart
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"3GP Media Player_is1" = 3GP Media Player 1.0.1
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AmUStor" = Alcor Micro USB Card Reader
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"ASUS_Screensaver" = ASUS_Screensaver
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVS Screen Capture_is1" = AVS Screen Capture version 2.0.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor_is1" = AVS Video Editor 6
"AVS Video Recorder_is1" = AVS Video Recorder 2.5
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"FlyChart" = FlyChart
"Google Chrome" = Google Chrome
"iMesh" = iMesh
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"IrfanView" = IrfanView (remove only)
"MaxPunkte_is1" = MaxPunkte Ver. 6.3.x
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"Mozilla Thunderbird 17.0.6 (x86 de)" = Mozilla Thunderbird 17.0.6 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"TeamViewer 8" = TeamViewer 8
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"VLC media player" = VLC media player 2.0.6
"Winamp" = Winamp
"Wincore MediaBar" = Wincore MediaBar
"WinLiveSuite" = Windows Live Essentials
"World of Goo" = World of Goo
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1136809362-2212667915-2443606012-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"2418080180.www.pcspeedup.com" = PCSpeedUp
"Dropbox" = Dropbox
"Swiss Casino" = Swiss Casino
"Winamp Detect" = Winamp Erkennungs-Plug-in
"Zip Opener Packages" = Zip Opener Packages
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12.03.2013 02:41:27 | Computer Name = Tobillix-PC | Source = CVHSVC | ID = 100
Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
DownloadLatest Failed:
Error - 12.03.2013 03:54:09 | Computer Name = Tobillix-PC | Source = CVHSVC | ID = 100
Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
DownloadLatest Failed:
Error - 12.03.2013 08:41:22 | Computer Name = Tobillix-PC | Source = CVHSVC | ID = 100
Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
DownloadLatest Failed:
Error - 14.03.2013 04:48:40 | Computer Name = Tobillix-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 12.0.0.4493,
Zeitstempel: 0x4f9207d9 Name des fehlerhaften Moduls: mozglue.dll, Version: 12.0.0.4493,
Zeitstempel: 0x4f91f34c Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000374b ID des fehlerhaften
Prozesses: 0x22a8 Startzeit der fehlerhaften Anwendung: 0x01ce2090af3640a5 Pfad der
fehlerhaften Anwendung: C:\Program Files\Mozillafirefo9crome\firefox.exe Pfad des
fehlerhaften Moduls: C:\Program Files\Mozillafirefo9crome\mozglue.dll Berichtskennung:
f73c00b2-8c83-11e2-95c4-5404a626a7d2
Error - 15.03.2013 06:40:38 | Computer Name = Tobillix-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 12.0.0.4493,
Zeitstempel: 0x4f9207d9 Name des fehlerhaften Moduls: mozglue.dll, Version: 12.0.0.4493,
Zeitstempel: 0x4f91f34c Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000374b ID des fehlerhaften
Prozesses: 0xe8 Startzeit der fehlerhaften Anwendung: 0x01ce2163a48e9cea Pfad der
fehlerhaften Anwendung: C:\Program Files\Mozillafirefo9crome\firefox.exe Pfad des
fehlerhaften Moduls: C:\Program Files\Mozillafirefo9crome\mozglue.dll Berichtskennung:
c5dde83f-8d5c-11e2-991b-5404a626a7d2
Error - 16.03.2013 14:49:52 | Computer Name = Tobillix-PC | Source = CVHSVC | ID = 100
Description = Nur zur Information. (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
DownloadLatest Failed:
Error - 10.04.2013 04:33:59 | Computer Name = Tobillix-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 12.0.0.4493,
Zeitstempel: 0x4f9207d9 Name des fehlerhaften Moduls: xul.dll, Version: 12.0.0.4493,
Zeitstempel: 0x4f92069e Ausnahmecode: 0xc0000005 Fehleroffset: 0x001115b8 ID des fehlerhaften
Prozesses: 0x131c Startzeit der fehlerhaften Anwendung: 0x01ce35b4718751b5 Pfad der
fehlerhaften Anwendung: C:\Program Files\Mozillafirefo9crome\firefox.exe Pfad des
fehlerhaften Moduls: C:\Program Files\Mozillafirefo9crome\xul.dll Berichtskennung:
634b86ed-a1b9-11e2-832a-5404a626a7d2
Error - 15.04.2013 01:56:57 | Computer Name = Tobillix-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 12.0.0.4493,
Zeitstempel: 0x4f9207d9 Name des fehlerhaften Moduls: xul.dll, Version: 12.0.0.4493,
Zeitstempel: 0x4f92069e Ausnahmecode: 0xc0000005 Fehleroffset: 0x001115b8 ID des fehlerhaften
Prozesses: 0x3e38 Startzeit der fehlerhaften Anwendung: 0x01ce399dffd3ecb6 Pfad der
fehlerhaften Anwendung: C:\Program Files\Mozillafirefo9crome\firefox.exe Pfad des
fehlerhaften Moduls: C:\Program Files\Mozillafirefo9crome\xul.dll Berichtskennung:
47592a27-a591-11e2-a5b0-5404a626a7d2
Error - 11.05.2013 08:07:06 | Computer Name = Tobillix-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: vlc.exe, Version: 1.1.11.0, Zeitstempel:
0x4e1edf37 Name des fehlerhaften Moduls: vlc.exe, Version: 1.1.11.0, Zeitstempel:
0x4e1edf37 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000174c ID des fehlerhaften Prozesses:
0x3fb0 Startzeit der fehlerhaften Anwendung: 0x01ce4e3e4e365b96 Pfad der fehlerhaften
Anwendung: C:\Program Files\VLC\vlc.exe Pfad des fehlerhaften Moduls: C:\Program
Files\VLC\vlc.exe Berichtskennung: 4bb706c9-ba33-11e2-90c3-5404a626a7d2
Error - 15.05.2013 15:07:10 | Computer Name = Tobillix-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: TiResumeSrv.exe, Version: 3.0.0.1345,
Zeitstempel: 0x4c931937 Name des fehlerhaften Moduls: TiResumeSrv.exe, Version:
3.0.0.1345, Zeitstempel: 0x4c931937 Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000000360a
ID
des fehlerhaften Prozesses: 0x83c Startzeit der fehlerhaften Anwendung: 0x01ce50cdce95adb0
Pfad
der fehlerhaften Anwendung: C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
Pfad
des fehlerhaften Moduls: C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe Berichtskennung:
a486d9ee-bd92-11e2-9eae-5404a626a7d2
[ System Events ]
Error - 08.06.2013 19:43:41 | Computer Name = Tobillix-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 10.06.2013 06:04:55 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Google Update-Dienst (gupdate) erreicht.
Error - 10.06.2013 06:04:55 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
Error - 10.06.2013 16:00:47 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Google Update-Dienst (gupdate) erreicht.
Error - 10.06.2013 16:00:47 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
Error - 11.06.2013 03:46:18 | Computer Name = Tobillix-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 11.06.2013 14:57:21 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem
Fehler beendet: %%-1073473535.
Error - 11.06.2013 14:57:21 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt:
Neustart des Diensts.
Error - 11.06.2013 14:59:20 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Google Update-Dienst (gupdate) erreicht.
Error - 11.06.2013 14:59:20 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
< End of report >
Das sieht nach arbeit aus!!! Thx |
|
12.06.2013, 09:28
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows7 Explorer funktioniert nicht mehr Rootkitscan mit GMER Bitte lade dir  GMER herunter: (Dateiname zufällig)
Tauchen Probleme auf?
Anschließend bitte MBAR ausführen: Malwarebytes Anti-Rootkit (MBAR) Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ --> Windows7 Explorer funktioniert nicht mehr |
|
12.06.2013, 18:30
| #7 |
| | Windows7 Explorer funktioniert nicht mehr Hi also wieder ein Schritt weiter :-) 1ne Maleware gefunden mal sehen ob sich noch was findet, 2ter Scan von Mbar läuft noch. Soll ich dir das Ergebnis von GMER auch posten bzw die txt-Datei?... Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.06.0.1003
www.malwarebytes.org
Database version: v2013.06.12.06
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
Tobillix :: TOBILLIX-PC [administrator]
12.06.2013 19:00:16
mbar-log-2013-06-12 (19-00-16).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: Deep Anti-Rootkit Scan | PUP
Objects scanned: 232361
Time elapsed: 14 minute(s), 39 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
c:\Windows\SysWOW64\D3DX8ab.dll (Trojan.FakeAlert) -> Delete on reboot.
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-06-12 18:47:05
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST932032 rev.0003 298,09GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Tobillix\AppData\Local\Temp\kwlyrkod.sys
---- User code sections - GMER 2.1 ----
.text C:\Windows\AsScrPro.exe[2628] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075c31465 2 bytes [C3, 75]
.text C:\Windows\AsScrPro.exe[2628] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075c314bb 2 bytes [C3, 75]
.text ... * 2
.text C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\Dropbox.exe[2940] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69 0000000075c31465 2 bytes [C3, 75]
.text C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\Dropbox.exe[2940] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155 0000000075c314bb 2 bytes [C3, 75]
.text ... * 2
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3764] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69 0000000075c31465 2 bytes [C3, 75]
.text C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3764] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155 0000000075c314bb 2 bytes [C3, 75]
.text ... * 2
---- Threads - GMER 2.1 ----
Thread [1704:1720] 00000000776c3e45
Thread [1704:1724] 0000000075137587
Thread [1704:1740] 000000007303c59c
Thread [1704:1752] 000000007303c59c
Thread [1704:1820] 000000007303c59c
Thread [1704:1824] 00000000776c2e25
Thread [1704:1860] 000000007303c41c
Thread [1704:3848] 0000000072dbe2db
Thread [1704:3852] 000000007303c59c
Thread [1704:3856] 000000007303c41c
Thread [1704:3860] 000000007303c41c
Thread [1704:3868] 000000007303c41c
Thread [1704:3988] 000000007303c41c
Thread [1704:4012] 000000007303c41c
Thread [1704:4024] 000000007303c41c
Thread [1704:4028] 000000007303c59c
Thread [1704:4032] 000000007303c41c
Thread [1704:4040] 000000007303c41c
Thread [1704:4052] 000000007303c41c
Thread [1704:4056] 000000007303c41c
Thread [1704:4064] 000000007303c41c
Thread [1704:4076] 000000007303c41c
Thread [1704:4080] 000000007303c41c
Thread [1704:4084] 000000007303c41c
Thread [1704:4088] 000000007303c41c
Thread [1704:2564] 000000007303c41c
Thread [1704:2176] 000000007303c41c
Thread [1704:2172] 000000007303c59c
Thread [1704:3156] 000000006ecc8df0
Thread [1704:3152] 000000006ecc8df0
Thread [1704:3200] 000000006ecc8df0
Thread [1704:3196] 000000006ecc4e70
Thread [1704:3944] 000000007303c59c
Thread [1704:5068] 000000007303c59c
Thread C:\Windows\System32\svchost.exe [5348:4604] 000007feed2c9688
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0025d3b2962e
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0025d3b2962e (not active ControlSet)
---- EOF - GMER 2.1 ----
Was hat mein PC noch für Bauchschmerzen? Thx |
|
12.06.2013, 22:08
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows7 Explorer funktioniert nicht mehr Dann bitte jetzt Combofix ausführen: Scan mit Combofix
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.06.2013, 07:13
| #9 |
| | Windows7 Explorer funktioniert nicht mehr Hi, habe Combofix ausgeführt und alles deaktiviert. Windows Update und TeamViewer haben sich während der ausführung gemeldet, hat das Programm aber nicht weiter irritiert bzw. kamen keine Fehlermeldungen. Die Datei war in C:\ComboFix\combofix.txt hoffe ist auch Ok vom Speicherort her? Code:
ATTFilter ComboFix 13-06-12.02 - Tobillix 13.06.2013 7:44:32.1.2 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4000.1787 [GMT 2:00]
ausgeführt von:: C:\Users\Tobillix\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
C:\ProgramData\FullRemove.exe
H:\autorun.inf
((((((((((((((((((((((( Dateien erstellt von 2013-05-13 bis 2013-06-13 ))))))))))))))))))))))))))))))
2013-06-13 05:53:19 . 2013-06-13 05:53:19 -------- d-----w- C:\Users\Default\AppData\Local\temp
2013-06-13 05:44:41 . 2013-06-13 05:44:41 76232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{38A50C08-DAC7-43A6-9376-BD66FD851464}\offreg.dll
2013-06-12 17:00:10 . 2013-06-12 17:51:18 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-06-12 16:59:23 . 2013-06-12 16:59:23 -------- d-----w- C:\ProgramData\Malwarebytes
2013-06-11 20:10:34 . 2013-06-11 20:10:34 -------- d-----w- C:\Program Files (x86)\TeamViewer
2013-06-11 20:02:32 . 2013-01-28 12:19:32 35104 ----a-w- C:\Windows\system32\TURegOpt.exe
2013-06-11 20:02:31 . 2013-01-28 12:19:28 26400 ----a-w- C:\Windows\system32\authuitu.dll
2013-06-11 20:02:31 . 2013-01-28 12:19:28 21792 ----a-w- C:\Windows\SysWow64\authuitu.dll
2013-06-11 20:02:12 . 2013-06-11 20:02:12 -------- d-----w- C:\Users\Tobillix\AppData\Roaming\TuneUp Software
2013-06-11 20:02:04 . 2013-06-11 20:02:30 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 2013
2013-06-11 20:01:28 . 2013-06-11 20:02:12 -------- d-----w- C:\ProgramData\TuneUp Software
2013-06-11 20:00:45 . 2013-06-11 20:07:38 -------- d-sh--w- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-06-11 20:00:45 . 2013-06-11 20:00:45 -------- d--h--w- C:\ProgramData\Common Files
2013-06-11 07:10:13 . 2013-05-13 06:37:50 9460464 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{38A50C08-DAC7-43A6-9376-BD66FD851464}\mpengine.dll
2013-06-10 11:52:44 . 2013-06-10 11:52:44 -------- d-----w- C:\LocalDumps
2013-05-29 23:55:44 . 2013-05-29 23:55:19 83160 ----a-w- C:\Windows\system32\drivers\avnetflt.sys
2013-05-29 17:55:09 . 2013-05-29 17:55:09 -------- d-----w- C:\Users\Tobillix\AppData\Roaming\Avira
2013-05-29 17:49:34 . 2013-05-29 17:47:57 28600 ----a-w- C:\Windows\system32\drivers\avkmgr.sys
2013-05-29 17:49:34 . 2013-05-29 17:47:57 130016 ----a-w- C:\Windows\system32\drivers\avipbb.sys
2013-05-29 17:49:34 . 2013-05-29 17:47:57 100712 ----a-w- C:\Windows\system32\drivers\avgntflt.sys
2013-05-29 17:49:32 . 2013-05-29 17:49:32 -------- d-----w- C:\ProgramData\Avira
2013-05-29 17:49:32 . 2013-05-29 17:49:32 -------- d-----w- C:\Program Files (x86)\Avira
2013-05-29 17:35:35 . 2013-05-29 17:35:36 -------- d-----w- C:\Program Files\CCleaner
2013-05-29 17:06:21 . 2013-05-29 17:06:21 -------- d-----w- C:\ProgramData\Babylon
2013-05-29 17:06:20 . 2013-05-29 17:06:20 -------- d-----w- C:\Users\Tobillix\AppData\Roaming\Babylon
2013-05-29 17:06:18 . 2013-05-29 17:07:21 -------- d-----w- C:\Users\Tobillix\AppData\Roaming\GoforFiles
2013-05-29 16:58:04 . 2013-05-29 16:58:04 -------- d-----w- C:\Users\Tobillix\AppData\Roaming\SpeedMaxPc
2013-05-29 16:58:04 . 2013-05-29 16:58:04 -------- d-----w- C:\Users\Tobillix\AppData\Roaming\DriverCure
2013-05-29 16:57:56 . 2013-05-29 17:31:19 -------- d-----w- C:\ProgramData\SpeedMaxPc
2013-05-29 16:34:47 . 2013-06-11 20:07:38 -------- d-----w- C:\Users\Tobillix\AppData\Local\Downloaded Installations
2013-05-29 16:34:15 . 2013-05-29 18:04:28 -------- d-----w- C:\Users\Tobillix\AppData\Roaming\Zip Opener Packages
2013-05-29 16:34:11 . 2013-05-29 16:34:11 -------- d-----w- C:\Users\Tobillix\AppData\Roaming\DSite
2013-05-29 16:34:10 . 2013-05-29 16:34:10 -------- d-----w- C:\Users\Tobillix\AppData\Roaming\DealPly
2013-05-29 16:34:08 . 2013-05-29 17:22:08 -------- d-----w- C:\ProgramData\Tarma Installer
2013-05-29 13:38:24 . 2013-05-29 13:44:59 -------- d-----w- C:\Program Files\Registry Easy
2013-05-29 13:38:04 . 2013-05-29 13:38:04 -------- d-----w- C:\Users\Tobillix\AppData\Local\Programs
2013-05-23 17:44:34 . 2013-05-24 19:12:03 -------- d-----w- C:\Program Files\Microsoft Silverlight
2013-05-23 17:44:34 . 2013-05-24 19:11:58 -------- d-----w- C:\Program Files (x86)\Microsoft Silverlight
2013-05-23 17:40:30 . 2012-08-24 18:05:03 340992 ----a-w- C:\Windows\system32\schannel.dll
2013-05-23 17:40:29 . 2012-08-24 18:13:17 154480 ----a-w- C:\Windows\system32\drivers\ksecpkg.sys
2013-05-23 17:40:29 . 2012-08-24 18:09:34 458712 ----a-w- C:\Windows\system32\drivers\cng.sys
2013-05-23 17:40:29 . 2012-08-24 18:03:09 1448448 ----a-w- C:\Windows\system32\lsasrv.dll
2013-05-23 17:40:29 . 2012-08-24 16:57:40 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2013-05-23 17:40:29 . 2012-08-24 16:57:40 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2013-05-23 17:40:29 . 2012-08-24 16:53:35 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2013-05-23 17:40:27 . 2012-05-04 11:00:43 366592 ----a-w- C:\Windows\system32\qdvd.dll
2013-05-23 17:40:27 . 2012-05-04 09:59:54 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll
2013-05-23 17:31:01 . 2013-06-13 05:39:54 -------- d-----w- C:\Users\Tobillix\AppData\Roaming\vlc
2013-05-23 11:26:51 . 2013-05-23 11:54:10 -------- d-----w- C:\Users\Tobillix\AppData\Roaming\Systweak
2013-05-23 11:26:50 . 2012-06-05 11:34:28 18832 ----a-w- C:\Windows\system32\roboot64.exe
2013-05-23 11:26:44 . 2013-05-23 11:26:44 -------- d-----w- C:\Users\Tobillix\AppData\Roaming\Canneverbe Limited
2013-05-23 11:26:44 . 2013-05-23 11:26:44 -------- d-----w- C:\ProgramData\Canneverbe Limited
2013-05-23 11:26:32 . 2013-05-23 11:26:34 -------- d-----w- C:\Program Files (x86)\CDBurnerXP
2013-05-23 11:13:22 . 2013-05-23 11:13:22 -------- d-----w- C:\Users\Tobillix\AppData\Roaming\Thunderbird
2013-05-23 11:13:22 . 2013-05-23 11:13:22 -------- d-----w- C:\Users\Tobillix\AppData\Local\Thunderbird
2013-05-23 11:13:10 . 2013-05-23 11:13:12 -------- d-----w- C:\Program Files (x86)\Mozilla Thunderbird
2013-05-23 10:48:05 . 2002-04-11 22:00:00 57344 ----a-w- C:\Windows\SysWow64\BRSVC01A.EXE
2013-05-23 10:48:05 . 2001-12-12 22:01:00 45056 ----a-w- C:\Windows\SysWow64\BRSS01A.EXE
2013-05-23 09:19:36 . 2004-04-18 21:40:42 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\ctor.dll
2013-05-23 09:19:36 . 2004-04-18 21:39:58 266240 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iscript.dll
2013-05-23 09:19:36 . 2004-04-18 21:39:28 172032 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iuser.dll
2013-05-22 12:32:54 . 2010-03-15 17:45:10 73728 ------w- C:\Windows\SysWow64\BrDctF2.dll
2013-05-22 12:32:49 . 2010-09-29 15:07:36 180224 ------w- C:\Windows\SysWow64\BroSNMP.dll
2013-05-22 12:29:20 . 2013-05-22 12:29:20 -------- d-----w- C:\Users\Tobillix\AppData\Roaming\InstallShield
2013-05-22 10:07:26 . 2013-05-22 12:33:40 -------- d-----w- C:\Program Files (x86)\ControlCenter4
2013-05-22 10:07:26 . 2012-07-20 05:56:22 54272 ------r- C:\Windows\system32\Brnsplg.dll
2013-05-22 10:07:26 . 2012-05-15 05:58:05 84480 ----a-w- C:\Windows\system32\BrNetSti.dll
2013-05-22 10:07:26 . 2012-05-15 04:01:39 58880 ----a-w- C:\Windows\system32\BrWiaNCp.dll
2013-05-22 10:07:26 . 2012-03-19 04:09:53 316928 ----a-w- C:\Windows\system32\NSSRH64.dll
2013-05-22 10:07:26 . 2005-04-22 04:36:42 143360 ------r- C:\Windows\system32\BrSNMP64.dll
2013-05-22 10:01:19 . 2013-05-22 10:02:45 -------- d-----w- C:\ProgramData\Brother
2013-05-15 05:52:23 . 2013-04-10 06:01:54 265064 ----a-w- C:\Windows\system32\drivers\dxgmms1.sys
2013-05-15 05:52:23 . 2013-04-10 06:01:53 983400 ----a-w- C:\Windows\system32\drivers\dxgkrnl.sys
2013-05-15 05:52:23 . 2011-02-03 11:25:18 144384 ----a-w- C:\Windows\system32\cdd.dll
2013-05-15 05:52:10 . 2013-02-27 05:52:56 14172672 ----a-w- C:\Windows\system32\shell32.dll
2013-05-15 05:52:09 . 2013-02-27 05:48:00 1930752 ----a-w- C:\Windows\system32\authui.dll
2013-05-15 05:52:08 . 2013-02-27 05:52:55 197120 ----a-w- C:\Windows\system32\shdocvw.dll
2013-05-15 05:52:07 . 2013-02-27 06:02:44 111448 ----a-w- C:\Windows\system32\consent.exe
2013-05-15 05:52:07 . 2013-02-27 05:47:10 70144 ----a-w- C:\Windows\system32\appinfo.dll
2013-05-15 05:52:07 . 2013-02-27 04:49:24 1796096 ----a-w- C:\Windows\SysWow64\authui.dll
2013-05-15 05:51:56 . 2013-03-19 05:53:58 48640 ----a-w- C:\Windows\system32\wwanprotdim.dll
2013-05-15 05:51:56 . 2013-03-19 05:53:58 230400 ----a-w- C:\Windows\system32\wwansvc.dll
2013-05-15 05:51:55 . 2013-04-10 03:30:50 3153920 ----a-w- C:\Windows\system32\win32k.sys
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
2013-06-13 05:34:16 . 2011-12-21 21:04:18 75825640 ----a-w- C:\Windows\system32\MRT.exe
2013-06-12 17:17:49 . 2011-12-01 14:07:58 45056 ----a-w- C:\Windows\SysWow64\acovcnt.exe
2013-05-14 07:46:29 . 2010-06-24 18:33:56 22240 ----a-w- C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-02 00:06:08 . 2011-12-22 15:53:13 278800 ------w- C:\Windows\system32\MpSigStub.exe
2013-04-13 05:49:23 . 2013-05-15 05:52:21 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 . 2013-05-15 05:52:21 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 . 2013-05-15 05:52:21 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 . 2013-05-15 05:52:21 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 . 2013-05-15 05:52:21 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 . 2013-05-15 05:52:21 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 . 2013-04-25 08:09:56 1656680 ----a-w- C:\Windows\system32\drivers\ntfs.sys
2013-04-05 01:03:17 . 2013-04-05 01:03:17 97280 ----a-w- C:\Windows\system32\mshtmled.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17 92160 ----a-w- C:\Windows\system32\SetIEInstalledDate.exe
2013-04-05 01:03:17 . 2013-04-05 01:03:17 905728 ----a-w- C:\Windows\system32\mshtmlmedia.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17 81408 ----a-w- C:\Windows\system32\icardie.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17 762368 ----a-w- C:\Windows\system32\ieapfltr.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17 73728 ----a-w- C:\Windows\SysWow64\SetIEInstalledDate.exe
2013-04-05 01:03:17 . 2013-04-05 01:03:17 719360 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17 62976 ----a-w- C:\Windows\system32\pngfilt.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17 61952 ----a-w- C:\Windows\SysWow64\tdc.ocx
2013-04-05 01:03:17 . 2013-04-05 01:03:17 599552 ----a-w- C:\Windows\system32\vbscript.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17 523264 ----a-w- C:\Windows\SysWow64\vbscript.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17 52224 ----a-w- C:\Windows\system32\msfeedsbs.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17 51200 ----a-w- C:\Windows\system32\imgutil.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17 48640 ----a-w- C:\Windows\SysWow64\mshtmler.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17 48640 ----a-w- C:\Windows\system32\mshtmler.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17 452096 ----a-w- C:\Windows\system32\dxtmsft.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17 441856 ----a-w- C:\Windows\system32\html.iec
2013-04-05 01:03:17 . 2013-04-05 01:03:17 38400 ----a-w- C:\Windows\SysWow64\imgutil.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17 361984 ----a-w- C:\Windows\SysWow64\html.iec
2013-04-05 01:03:17 . 2013-04-05 01:03:17 281600 ----a-w- C:\Windows\system32\dxtrans.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17 27648 ----a-w- C:\Windows\system32\licmgr10.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17 270848 ----a-w- C:\Windows\system32\iedkcs32.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17 247296 ----a-w- C:\Windows\system32\webcheck.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17 235008 ----a-w- C:\Windows\system32\url.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17 23040 ----a-w- C:\Windows\SysWow64\licmgr10.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17 226304 ----a-w- C:\Windows\system32\elshyph.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17 216064 ----a-w- C:\Windows\system32\msls31.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17 197120 ----a-w- C:\Windows\system32\msrating.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17 185344 ----a-w- C:\Windows\SysWow64\elshyph.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17 173568 ----a-w- C:\Windows\system32\ieUnatt.exe
2013-04-05 01:03:17 . 2013-04-05 01:03:17 167424 ----a-w- C:\Windows\system32\iexpress.exe
2013-04-05 01:03:17 . 2013-04-05 01:03:17 158720 ----a-w- C:\Windows\SysWow64\msls31.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17 1509376 ----a-w- C:\Windows\system32\inetcpl.cpl
2013-04-05 01:03:17 . 2013-04-05 01:03:17 150528 ----a-w- C:\Windows\SysWow64\iexpress.exe
2013-04-05 01:03:17 . 2013-04-05 01:03:17 149504 ----a-w- C:\Windows\system32\occache.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17 144896 ----a-w- C:\Windows\system32\wextract.exe
2013-04-05 01:03:17 . 2013-04-05 01:03:17 1441280 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2013-04-05 01:03:17 . 2013-04-05 01:03:17 1400416 ----a-w- C:\Windows\system32\ieapfltr.dat
2013-04-05 01:03:17 . 2013-04-05 01:03:17 138752 ----a-w- C:\Windows\SysWow64\wextract.exe
2013-04-05 01:03:17 . 2013-04-05 01:03:17 13824 ----a-w- C:\Windows\system32\mshta.exe
2013-04-05 01:03:17 . 2013-04-05 01:03:17 137216 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2013-04-05 01:03:17 . 2013-04-05 01:03:17 136192 ----a-w- C:\Windows\system32\iepeers.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17 135680 ----a-w- C:\Windows\system32\IEAdvpack.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17 12800 ----a-w- C:\Windows\SysWow64\mshta.exe
2013-04-05 01:03:17 . 2013-04-05 01:03:17 12800 ----a-w- C:\Windows\system32\msfeedssync.exe
2013-04-05 01:03:17 . 2013-04-05 01:03:17 110592 ----a-w- C:\Windows\SysWow64\IEAdvpack.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17 1054720 ----a-w- C:\Windows\system32\MsSpellCheckingFacility.exe
2013-04-05 01:03:17 . 2013-04-05 01:03:17 102912 ----a-w- C:\Windows\system32\inseng.dll
2013-04-05 01:03:16 . 2013-04-05 01:03:16 77312 ----a-w- C:\Windows\system32\tdc.ocx
2013-03-19 06:04:06 . 2013-04-10 03:05:40 5550424 ----a-w- C:\Windows\system32\ntoskrnl.exe
2013-03-19 05:46:56 . 2013-04-10 03:05:36 43520 ----a-w- C:\Windows\system32\csrsrv.dll
2013-03-19 05:04:13 . 2013-04-10 03:05:37 3968856 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10 . 2013-04-10 03:05:37 3913560 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50 . 2013-04-10 03:05:36 6656 ----a-w- C:\Windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33 . 2013-04-10 03:05:36 112640 ----a-w- C:\Windows\system32\smss.exe
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
2011-10-30 08:46:38 89008 ----a-w- C:\Users\Tobillix\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{e327b07a-0e11-4fd4-bef2-b2c5605b59c6}]
2012-10-30 07:20:04 1030728 ----a-w- C:\Users\Tobillix\AppData\Roaming\DownTangoFTToolbar\DownTangoFTToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{28387537-e3f9-4ed7-860c-11e69af4a8a0}"= "C:\Users\Tobillix\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll" [2011-10-30 08:46:38 89008]
"{e327b07a-0e11-4fd4-bef2-b2c5605b59c6}"= "C:\Users\Tobillix\AppData\Roaming\DownTangoFTToolbar\DownTangoFTToolbar.dll" [2012-10-30 07:20:04 1030728]
[HKEY_CLASSES_ROOT\clsid\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
[HKEY_CLASSES_ROOT\clsid\{e327b07a-0e11-4fd4-bef2-b2c5605b59c6}]
[HKEY_CLASSES_ROOT\wtb.Band.1]
[HKEY_CLASSES_ROOT\TypeLib\{a85e31f1-a6ce-4ace-a560-ec01271b7f55}]
[HKEY_CLASSES_ROOT\wtb.Band]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45:20 130736 ----a-w- C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45:20 130736 ----a-w- C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45:20 130736 ----a-w- C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE" [2011-04-13 02:47:41 2018032]
"ASUSWebStorage"="C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-02-23 09:49:46 731472]
"SonicMasterTray"="C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-10 05:45:00 984400]
"ATKOSD2"="C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2011-07-21 22:49:10 5716608]
"ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 21:05:14 170624]
"HControlUser"="C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 17:29:42 105016]
"Wireless Console 3"="C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-09-09 05:10:06 2317312]
"UpdateLBPShortCut"="C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 05:16:16 222504]
"UpdateP2GoShortCut"="C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 05:16:16 222504]
"ControlCenter4"="C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe" [2012-09-06 19:06:40 143360]
"BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe" [2012-06-06 13:31:56 3076096]
"avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-05-29 17:47:00 345312]
C:\Users\Tobillix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Nuance PDF Reader-reminder"="C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS;C:\Windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe;C:\Program Files (x86)\Browny02\BrYNSvc.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys;C:\Windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys;C:\Windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys;C:\Windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys;C:\Windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;C:\Windows\system32\Wat\WatAdminSvc.exe;C:\Windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;C:\Windows\system32\DRIVERS\WSDScan.sys;C:\Windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 avkmgr;avkmgr;C:\Windows\system32\DRIVERS\avkmgr.sys;C:\Windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AFBAgent;AFBAgent;C:\Windows\system32\FBAgent.exe;C:\Windows\SYSNATIVE\FBAgent.exe [x]
S2 AntiVirSchedulerService;Avira Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 ASUS InstantOn;ASUS InstantOn Service;C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe;C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe [x]
S2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\DRIVERS\asmthub3.sys;C:\Windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\DRIVERS\asmtxhci.sys;C:\Windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys;C:\Windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys;C:\Windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys;C:\Windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys;C:\Windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys;C:\Windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys;C:\Windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [x]
--- Andere Dienste/Treiber im Speicher ---
*NewlyCreated* - TUNEUPUTILITIESDRV
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-12 02:09:36 1642448 ----a-w- C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe
Inhalt des "geplante Tasks" Ordners
2013-06-07 C:\Windows\Tasks\ASUS SmartLogon Console Sensor.job
- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15 17:42:12 . 2010-11-15 17:42:12]
2013-06-13 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-28 20:44:08 . 2012-02-28 20:44:03]
2013-06-13 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-28 20:44:08 . 2012-02-28 20:44:03]
--------- X64 Entries -----------
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41:02 220160 ----a-w- C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41:02 220160 ----a-w- C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45:20 164016 ----a-w- C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45:20 164016 ----a-w- C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45:20 164016 ----a-w- C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45:20 164016 ----a-w- C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 08:07:02 361984]
"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" [2011-08-16 07:02:12 2277480]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2012-12-14 00:42:14 172144]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2012-12-14 00:42:10 399984]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2012-12-14 00:42:14 441968]
------- Zusätzlicher Suchlauf -------
uLocal Page = C:\Windows\system32\blank.htm
uStart Page = hxxp://www.delta-search.com/?affID=119293&tt=gc_&babsrc=HP_ss&mntrId=248486D53D120BDE
mLocal Page = C:\Windows\SysWOW64\blank.htm
IE: {{2d8ee268-8d7a-4996-b80b-8999ce8c7fe2} - {e327b07a-0e11-4fd4-bef2-b2c5605b59c6} - C:\Users\Tobillix\AppData\Roaming\DownTangoFTToolbar\DownTangoFTToolbar.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - C:\Users\Tobillix\AppData\Roaming\Mozilla\Firefox\Profiles\tu3kxf86.default\
FF - user.js: extensions.shownSelectionUI - true
- - - - Entfernte verwaiste Registrierungseinträge - - - -
Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynAsusAcpi - C:\Program Files (x86)\Synaptics\SynTP\SynAsusAcpi.exe
AddRemove-ASUS_Screensaver - C:\Windows\system32\ASUS_Screensaver.scr
AddRemove-iMesh - C:\ProgramData\{2721288C-D579-41A6-AB11-232EA93F33BE}\iMesh_V11_de_Setup.exe
AddRemove-{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763} - C:\ProgramData\{2721288C-D579-41A6-AB11-232EA93F33BE}\iMesh_V11_de_Setup.exe
AddRemove-2418080180.www.pcspeedup.com - C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\Silverlight.Configuration.exe
AddRemove-Zip Opener Packages - C:\Users\Tobillix\AppData\Roaming\Zip Opener Packages\uninstaller.exe
What´s the next step? :-) Ok Auflösungen sind wieder I.O nach neustart und erneutem Anstecken der Schnittstelle. Aber der Explorer crasht immer noch :-((((( kommt mir vor als ist das eine Zeitfrage jede Minute oder so vielleicht hilft das? |
|
13.06.2013, 09:53
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows7 Explorer funktioniert nicht mehr aswMBR Downloade dir bitte  aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none). TDSS-Killer Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.06.2013, 14:13
| #11 |
| | Windows7 Explorer funktioniert nicht mehr Kann den Txt von TdSSKiller nicht finden :-( Der Txt von mbar. Code:
ATTFilter aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-06-13 14:42:07
-----------------------------
14:42:07.670 OS Version: Windows x64 6.1.7601 Service Pack 1
14:42:07.670 Number of processors: 2 586 0x2A07
14:42:07.670 ComputerName: TOBILLIX-PC UserName: Tobillix
14:42:08.372 Initialize success
14:46:51.197 AVAST engine defs: 13061300
14:47:04.738 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:47:04.753 Disk 0 Vendor: ST932032 0003 Size: 305245MB BusType: 3
14:47:04.909 Disk 0 MBR read successfully
14:47:04.909 Disk 0 MBR scan
14:47:04.925 Disk 0 Windows 7 default MBR code
14:47:04.940 Disk 0 Partition 1 00 1C Hidd FAT32 LBA MSDOS5.0 25600 MB offset 2048
14:47:04.956 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 122098 MB offset 52430848
14:47:04.972 Disk 0 Partition - 00 0F Extended LBA 157545 MB offset 302487552
14:47:05.003 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 157544 MB offset 302489600
14:47:05.159 Disk 0 scanning C:\Windows\system32\drivers
14:47:26.063 Service scanning
14:48:02.458 Modules scanning
14:48:02.473 Disk 0 trace - called modules:
14:48:02.551 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
14:48:02.567 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c3a270]
14:48:02.567 3 CLASSPNP.SYS[fffff8800120143f] -> nt!IofCallDriver -> [0xfffffa8003ce6040]
14:48:02.582 5 ACPI.sys[fffff88000e1b7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004741050]
14:48:03.534 AVAST engine scan C:\Windows
14:48:09.618 AVAST engine scan C:\Windows\system32
14:54:42.225 AVAST engine scan C:\Windows\system32\drivers
14:55:04.393 AVAST engine scan C:\Users\Tobillix
14:57:06.775 Disk 0 MBR has been saved successfully to "C:\Users\Tobillix\Desktop\MBR.dat"
14:57:06.790 The log file has been saved successfully to "C:\Users\Tobillix\Desktop\aswMBR.txt"
14:58:50.488 AVAST engine scan C:\ProgramData
15:00:10.266 Scan finished successfully
15:01:24.835 Disk 0 MBR has been saved successfully to "C:\Users\Tobillix\Desktop\MBR.dat"
15:01:24.850 The log file has been saved successfully to "C:\Users\Tobillix\Desktop\aswMBR.txt"
Code:
ATTFilter 15:03:13.0124 3792 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:03:13.0280 3792 ============================================================
15:03:13.0280 3792 Current date / time: 2013/06/13 15:03:13.0280
15:03:13.0280 3792 SystemInfo:
15:03:13.0280 3792
15:03:13.0280 3792 OS Version: 6.1.7601 ServicePack: 1.0
15:03:13.0280 3792 Product type: Workstation
15:03:13.0280 3792 ComputerName: TOBILLIX-PC
15:03:13.0280 3792 UserName: Tobillix
15:03:13.0280 3792 Windows directory: C:\Windows
15:03:13.0280 3792 System windows directory: C:\Windows
15:03:13.0280 3792 Running under WOW64
15:03:13.0280 3792 Processor architecture: Intel x64
15:03:13.0280 3792 Number of processors: 2
15:03:13.0280 3792 Page size: 0x1000
15:03:13.0280 3792 Boot type: Normal boot
15:03:13.0280 3792 ============================================================
15:03:14.0310 3792 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:03:14.0325 3792 Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:03:23.0529 3792 ============================================================
15:03:23.0529 3792 \Device\Harddisk0\DR0:
15:03:23.0592 3792 MBR partitions:
15:03:23.0592 3792 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0xEE79000
15:03:23.0623 3792 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1207A000, BlocksNum 0x133B4000
15:03:23.0623 3792 \Device\Harddisk1\DR1:
15:03:23.0638 3792 MBR partitions:
15:03:23.0638 3792 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x575452C2
15:03:23.0638 3792 ============================================================
15:03:23.0670 3792 C: <-> \Device\Harddisk0\DR0\Partition1
15:03:23.0716 3792 D: <-> \Device\Harddisk0\DR0\Partition2
15:03:23.0732 3792 H: <-> \Device\Harddisk1\DR1\Partition1
15:03:23.0732 3792 ============================================================
15:03:23.0732 3792 Initialize success
15:03:23.0732 3792 ============================================================
15:05:14.0898 1132 ============================================================
15:05:14.0898 1132 Scan started
15:05:14.0898 1132 Mode: Manual; SigCheck; TDLFS;
15:05:14.0898 1132 ============================================================
15:05:15.0413 1132 ================ Scan system memory ========================
15:05:15.0413 1132 System memory - ok
15:05:15.0413 1132 ================ Scan services =============================
15:05:15.0600 1132 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
15:05:15.0756 1132 1394ohci - ok
15:05:15.0787 1132 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
15:05:15.0834 1132 ACPI - ok
15:05:15.0865 1132 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
15:05:15.0927 1132 AcpiPmi - ok
15:05:16.0005 1132 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
15:05:16.0052 1132 adp94xx - ok
15:05:16.0083 1132 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
15:05:16.0130 1132 adpahci - ok
15:05:16.0146 1132 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
15:05:16.0177 1132 adpu320 - ok
15:05:16.0224 1132 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:05:16.0349 1132 AeLookupSvc - ok
15:05:16.0411 1132 [ 6E79A119B0CE418FE44E0C824BF3F039 ] AFBAgent C:\Windows\system32\FBAgent.exe
15:05:16.0489 1132 AFBAgent - ok
15:05:16.0536 1132 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
15:05:16.0614 1132 AFD - ok
15:05:16.0645 1132 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
15:05:16.0676 1132 agp440 - ok
15:05:16.0707 1132 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:05:16.0770 1132 ALG - ok
15:05:16.0801 1132 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
15:05:16.0832 1132 aliide - ok
15:05:16.0863 1132 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
15:05:16.0879 1132 amdide - ok
15:05:16.0895 1132 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
15:05:16.0957 1132 AmdK8 - ok
15:05:16.0957 1132 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
15:05:17.0004 1132 AmdPPM - ok
15:05:17.0051 1132 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:05:17.0082 1132 amdsata - ok
15:05:17.0113 1132 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
15:05:17.0144 1132 amdsbs - ok
15:05:17.0175 1132 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:05:17.0207 1132 amdxata - ok
15:05:17.0253 1132 [ 92A848F962DA91C631147D566414BB7E ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
15:05:17.0285 1132 AmUStor - ok
15:05:17.0363 1132 [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:05:17.0394 1132 AntiVirSchedulerService - ok
15:05:17.0425 1132 [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:05:17.0441 1132 AntiVirService - ok
15:05:17.0519 1132 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
15:05:17.0628 1132 AppID - ok
15:05:17.0675 1132 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:05:17.0784 1132 AppIDSvc - ok
15:05:17.0831 1132 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
15:05:17.0893 1132 Appinfo - ok
15:05:17.0940 1132 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
15:05:17.0971 1132 arc - ok
15:05:18.0002 1132 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
15:05:18.0033 1132 arcsas - ok
15:05:18.0111 1132 [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
15:05:18.0127 1132 ASLDRService - ok
15:05:18.0174 1132 [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64 C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
15:05:18.0189 1132 ASMMAP64 - ok
15:05:18.0252 1132 [ 0AA7A996792FB0287B33A57A8093AE44 ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
15:05:18.0314 1132 asmthub3 - ok
15:05:18.0345 1132 [ 125DC3ABF5BFCCFE82AD17D078E0B9EC ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
15:05:18.0423 1132 asmtxhci - ok
15:05:18.0501 1132 [ 9836DDA9A33DACC7F40A672C47AD70D0 ] ASUS InstantOn C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
15:05:18.0533 1132 ASUS InstantOn - ok
15:05:18.0564 1132 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:05:18.0673 1132 AsyncMac - ok
15:05:18.0735 1132 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
15:05:18.0751 1132 atapi - ok
15:05:18.0876 1132 [ A5E770426D18F8EF332A593F3289DA91 ] athr C:\Windows\system32\DRIVERS\athrx.sys
15:05:19.0032 1132 athr - ok
15:05:19.0079 1132 [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
15:05:19.0110 1132 ATKGFNEXSrv - ok
15:05:19.0157 1132 [ 41CEAFFCF3550785E59E3EC9BEE8D97A ] ATKWMIACPIIO C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
15:05:19.0172 1132 ATKWMIACPIIO - ok
15:05:19.0235 1132 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:05:19.0344 1132 AudioEndpointBuilder - ok
15:05:19.0391 1132 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:05:19.0484 1132 AudioSrv - ok
15:05:19.0531 1132 [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
15:05:19.0547 1132 avgntflt - ok
15:05:19.0578 1132 [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
15:05:19.0593 1132 avipbb - ok
15:05:19.0609 1132 [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
15:05:19.0625 1132 avkmgr - ok
15:05:19.0671 1132 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:05:19.0734 1132 AxInstSV - ok
15:05:19.0796 1132 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
15:05:19.0843 1132 b06bdrv - ok
15:05:19.0890 1132 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:05:19.0937 1132 b57nd60a - ok
15:05:20.0015 1132 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:05:20.0046 1132 BDESVC - ok
15:05:20.0077 1132 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:05:20.0186 1132 Beep - ok
15:05:20.0264 1132 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
15:05:20.0373 1132 BFE - ok
15:05:20.0436 1132 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
15:05:20.0576 1132 BITS - ok
15:05:20.0623 1132 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:05:20.0670 1132 blbdrive - ok
15:05:20.0732 1132 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:05:20.0779 1132 bowser - ok
15:05:20.0795 1132 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
15:05:20.0857 1132 BrFiltLo - ok
15:05:20.0888 1132 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
15:05:20.0951 1132 BrFiltUp - ok
15:05:20.0997 1132 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
15:05:21.0091 1132 BridgeMP - ok
15:05:21.0107 1132 Brother XP spl Service - ok
15:05:21.0153 1132 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
15:05:21.0200 1132 Browser - ok
15:05:21.0231 1132 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:05:21.0294 1132 Brserid - ok
15:05:21.0294 1132 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:05:21.0341 1132 BrSerWdm - ok
15:05:21.0356 1132 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:05:21.0403 1132 BrUsbMdm - ok
15:05:21.0403 1132 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:05:21.0465 1132 BrUsbSer - ok
15:05:21.0528 1132 [ DB109DA005B6FE2A350C5DD7CA768DFD ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
15:05:21.0590 1132 BrYNSvc ( UnsignedFile.Multi.Generic ) - warning
15:05:21.0590 1132 BrYNSvc - detected UnsignedFile.Multi.Generic (1)
15:05:21.0653 1132 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
15:05:21.0731 1132 BthEnum - ok
15:05:21.0777 1132 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
15:05:21.0824 1132 BTHMODEM - ok
15:05:21.0855 1132 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:05:21.0918 1132 BthPan - ok
15:05:21.0965 1132 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
15:05:22.0043 1132 BTHPORT - ok
15:05:22.0105 1132 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:05:22.0214 1132 bthserv - ok
15:05:22.0245 1132 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
15:05:22.0292 1132 BTHUSB - ok
15:05:22.0511 1132 catchme - ok
15:05:22.0542 1132 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:05:22.0651 1132 cdfs - ok
15:05:22.0698 1132 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:05:22.0745 1132 cdrom - ok
15:05:22.0791 1132 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
15:05:22.0916 1132 CertPropSvc - ok
15:05:22.0963 1132 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
15:05:23.0010 1132 circlass - ok
15:05:23.0057 1132 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:05:23.0103 1132 CLFS - ok
15:05:23.0181 1132 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:05:23.0228 1132 clr_optimization_v2.0.50727_32 - ok
15:05:23.0291 1132 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:05:23.0322 1132 clr_optimization_v2.0.50727_64 - ok
15:05:23.0415 1132 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:05:23.0493 1132 clr_optimization_v4.0.30319_32 - ok
15:05:23.0540 1132 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:05:23.0571 1132 clr_optimization_v4.0.30319_64 - ok
15:05:23.0603 1132 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:05:23.0665 1132 CmBatt - ok
15:05:23.0696 1132 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
15:05:23.0727 1132 cmdide - ok
15:05:23.0774 1132 [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG C:\Windows\system32\Drivers\cng.sys
15:05:23.0852 1132 CNG - ok
15:05:23.0899 1132 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
15:05:23.0915 1132 Compbatt - ok
15:05:23.0946 1132 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:05:24.0008 1132 CompositeBus - ok
15:05:24.0039 1132 COMSysApp - ok
15:05:24.0164 1132 [ 815F3180B5117E42E422188E9CCC89C6 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
15:05:24.0227 1132 cphs - ok
15:05:24.0258 1132 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
15:05:24.0289 1132 crcdisk - ok
15:05:24.0351 1132 [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:05:24.0398 1132 CryptSvc - ok
15:05:24.0507 1132 [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:05:24.0570 1132 cvhsvc - ok
15:05:24.0632 1132 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:05:24.0773 1132 DcomLaunch - ok
15:05:24.0819 1132 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:05:24.0944 1132 defragsvc - ok
15:05:24.0991 1132 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:05:25.0100 1132 DfsC - ok
15:05:25.0147 1132 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
15:05:25.0209 1132 Dhcp - ok
15:05:25.0241 1132 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:05:25.0350 1132 discache - ok
15:05:25.0397 1132 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
15:05:25.0428 1132 Disk - ok
15:05:25.0459 1132 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:05:25.0521 1132 Dnscache - ok
15:05:25.0568 1132 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
15:05:25.0693 1132 dot3svc - ok
15:05:25.0709 1132 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
15:05:25.0833 1132 DPS - ok
15:05:25.0865 1132 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:05:25.0927 1132 drmkaud - ok
15:05:26.0005 1132 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:05:26.0083 1132 DXGKrnl - ok
15:05:26.0145 1132 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:05:26.0255 1132 EapHost - ok
15:05:26.0395 1132 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
15:05:26.0567 1132 ebdrv - ok
15:05:26.0598 1132 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
15:05:26.0645 1132 EFS - ok
15:05:26.0738 1132 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:05:26.0863 1132 ehRecvr - ok
15:05:26.0894 1132 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:05:26.0972 1132 ehSched - ok
15:05:27.0019 1132 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
15:05:27.0081 1132 elxstor - ok
15:05:27.0081 1132 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
15:05:27.0128 1132 ErrDev - ok
15:05:27.0191 1132 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:05:27.0315 1132 EventSystem - ok
15:05:27.0347 1132 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:05:27.0471 1132 exfat - ok
15:05:27.0518 1132 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:05:27.0643 1132 fastfat - ok
15:05:27.0690 1132 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
15:05:27.0783 1132 Fax - ok
15:05:27.0815 1132 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
15:05:27.0861 1132 fdc - ok
15:05:27.0908 1132 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:05:28.0033 1132 fdPHost - ok
15:05:28.0064 1132 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:05:28.0173 1132 FDResPub - ok
15:05:28.0205 1132 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:05:28.0236 1132 FileInfo - ok
15:05:28.0251 1132 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:05:28.0361 1132 Filetrace - ok
15:05:28.0376 1132 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
15:05:28.0423 1132 flpydisk - ok
15:05:28.0454 1132 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:05:28.0501 1132 FltMgr - ok
15:05:28.0563 1132 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
15:05:28.0688 1132 FontCache - ok
15:05:28.0751 1132 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:05:28.0766 1132 FontCache3.0.0.0 - ok
15:05:28.0797 1132 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:05:28.0813 1132 FsDepends - ok
15:05:28.0860 1132 [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr C:\Windows\system32\DRIVERS\fssfltr.sys
15:05:28.0875 1132 fssfltr - ok
15:05:28.0985 1132 [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:05:29.0156 1132 fsssvc - ok
15:05:29.0187 1132 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:05:29.0219 1132 Fs_Rec - ok
15:05:29.0250 1132 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:05:29.0297 1132 fvevol - ok
15:05:29.0328 1132 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
15:05:29.0359 1132 gagp30kx - ok
15:05:29.0406 1132 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
15:05:29.0562 1132 gpsvc - ok
15:05:29.0655 1132 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:05:29.0687 1132 gupdate - ok
15:05:29.0718 1132 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:05:29.0733 1132 gupdatem - ok
15:05:29.0765 1132 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:05:29.0811 1132 hcw85cir - ok
15:05:29.0889 1132 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:05:29.0952 1132 HdAudAddService - ok
15:05:29.0999 1132 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:05:30.0045 1132 HDAudBus - ok
15:05:30.0061 1132 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
15:05:30.0092 1132 HidBatt - ok
15:05:30.0123 1132 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
15:05:30.0186 1132 HidBth - ok
15:05:30.0201 1132 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
15:05:30.0248 1132 HidIr - ok
15:05:30.0279 1132 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
15:05:30.0389 1132 hidserv - ok
15:05:30.0435 1132 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:05:30.0467 1132 HidUsb - ok
15:05:30.0482 1132 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:05:30.0607 1132 hkmsvc - ok
15:05:30.0654 1132 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:05:30.0701 1132 HomeGroupListener - ok
15:05:30.0747 1132 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:05:30.0810 1132 HomeGroupProvider - ok
15:05:30.0841 1132 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
15:05:30.0857 1132 HpSAMD - ok
15:05:30.0903 1132 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:05:31.0044 1132 HTTP - ok
15:05:31.0075 1132 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:05:31.0106 1132 hwpolicy - ok
15:05:31.0137 1132 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:05:31.0169 1132 i8042prt - ok
15:05:31.0247 1132 [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
15:05:31.0278 1132 iaStor - ok
15:05:31.0340 1132 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:05:31.0387 1132 iaStorV - ok
15:05:31.0465 1132 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:05:31.0605 1132 idsvc - ok
15:05:31.0808 1132 [ 348214F96642FD4FEF630DE021BA3540 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
15:05:32.0105 1132 igfx - ok
15:05:32.0136 1132 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
15:05:32.0167 1132 iirsp - ok
15:05:32.0214 1132 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
15:05:32.0339 1132 IKEEXT - ok
15:05:32.0510 1132 [ CB7DADEF3D83FE2C12655A0BDCBA99F2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:05:32.0713 1132 IntcAzAudAddService - ok
15:05:32.0775 1132 [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
15:05:32.0838 1132 IntcDAud - ok
15:05:32.0869 1132 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
15:05:32.0885 1132 intelide - ok
15:05:32.0916 1132 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:05:32.0963 1132 intelppm - ok
15:05:33.0009 1132 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:05:33.0134 1132 IPBusEnum - ok
15:05:33.0181 1132 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:05:33.0290 1132 IpFilterDriver - ok
15:05:33.0337 1132 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:05:33.0415 1132 iphlpsvc - ok
15:05:33.0415 1132 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
15:05:33.0477 1132 IPMIDRV - ok
15:05:33.0477 1132 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:05:33.0587 1132 IPNAT - ok
15:05:33.0633 1132 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:05:33.0680 1132 IRENUM - ok
15:05:33.0711 1132 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
15:05:33.0743 1132 isapnp - ok
15:05:33.0758 1132 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
15:05:33.0789 1132 iScsiPrt - ok
15:05:33.0836 1132 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:05:33.0867 1132 kbdclass - ok
15:05:33.0867 1132 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
15:05:33.0945 1132 kbdhid - ok
15:05:33.0992 1132 [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr C:\Windows\system32\DRIVERS\kbfiltr.sys
15:05:34.0023 1132 kbfiltr - ok
15:05:34.0055 1132 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
15:05:34.0086 1132 KeyIso - ok
15:05:34.0117 1132 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:05:34.0148 1132 KSecDD - ok
15:05:34.0179 1132 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:05:34.0211 1132 KSecPkg - ok
15:05:34.0242 1132 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:05:34.0351 1132 ksthunk - ok
15:05:34.0382 1132 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:05:34.0523 1132 KtmRm - ok
15:05:34.0569 1132 [ A4A9CA24E54E81C6C3E469EAEB4B3F42 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
15:05:34.0601 1132 L1C - ok
15:05:34.0647 1132 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
15:05:34.0757 1132 LanmanServer - ok
15:05:34.0803 1132 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:05:34.0913 1132 LanmanWorkstation - ok
15:05:34.0959 1132 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:05:35.0069 1132 lltdio - ok
15:05:35.0115 1132 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:05:35.0240 1132 lltdsvc - ok
15:05:35.0271 1132 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:05:35.0365 1132 lmhosts - ok
15:05:35.0459 1132 [ 7F32D4C47A50E7223491E8FB9359907D ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:05:35.0505 1132 LMS - ok
15:05:35.0552 1132 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
15:05:35.0583 1132 LSI_FC - ok
15:05:35.0599 1132 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
15:05:35.0630 1132 LSI_SAS - ok
15:05:35.0646 1132 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
15:05:35.0677 1132 LSI_SAS2 - ok
15:05:35.0677 1132 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
15:05:35.0708 1132 LSI_SCSI - ok
15:05:35.0739 1132 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:05:35.0849 1132 luafv - ok
15:05:35.0911 1132 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:05:35.0958 1132 Mcx2Svc - ok
15:05:35.0973 1132 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
15:05:36.0005 1132 megasas - ok
15:05:36.0036 1132 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
15:05:36.0083 1132 MegaSR - ok
15:05:36.0114 1132 [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:05:36.0145 1132 MEIx64 - ok
15:05:36.0176 1132 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:05:36.0285 1132 MMCSS - ok
15:05:36.0317 1132 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:05:36.0426 1132 Modem - ok
15:05:36.0473 1132 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:05:36.0519 1132 monitor - ok
15:05:36.0551 1132 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:05:36.0582 1132 mouclass - ok
15:05:36.0644 1132 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:05:36.0691 1132 mouhid - ok
15:05:36.0722 1132 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:05:36.0753 1132 mountmgr - ok
15:05:36.0800 1132 [ BA7BC321BFEF85B525A9417693B1FF09 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:05:36.0831 1132 MozillaMaintenance - ok
15:05:36.0863 1132 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
15:05:36.0894 1132 mpio - ok
15:05:36.0909 1132 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:05:37.0019 1132 mpsdrv - ok
15:05:37.0081 1132 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:05:37.0221 1132 MpsSvc - ok
15:05:37.0268 1132 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:05:37.0346 1132 MRxDAV - ok
15:05:37.0377 1132 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:05:37.0440 1132 mrxsmb - ok
15:05:37.0471 1132 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:05:37.0502 1132 mrxsmb10 - ok
15:05:37.0533 1132 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:05:37.0580 1132 mrxsmb20 - ok
15:05:37.0611 1132 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
15:05:37.0627 1132 msahci - ok
15:05:37.0658 1132 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
15:05:37.0689 1132 msdsm - ok
15:05:37.0721 1132 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:05:37.0783 1132 MSDTC - ok
15:05:37.0799 1132 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:05:37.0892 1132 Msfs - ok
15:05:37.0923 1132 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:05:38.0033 1132 mshidkmdf - ok
15:05:38.0048 1132 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
15:05:38.0079 1132 msisadrv - ok
15:05:38.0111 1132 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:05:38.0235 1132 MSiSCSI - ok
15:05:38.0251 1132 msiserver - ok
15:05:38.0282 1132 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:05:38.0391 1132 MSKSSRV - ok
15:05:38.0423 1132 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:05:38.0532 1132 MSPCLOCK - ok
15:05:38.0532 1132 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:05:38.0641 1132 MSPQM - ok
15:05:38.0672 1132 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:05:38.0703 1132 MsRPC - ok
15:05:38.0735 1132 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:05:38.0750 1132 mssmbios - ok
15:05:38.0766 1132 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:05:38.0875 1132 MSTEE - ok
15:05:38.0875 1132 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
15:05:38.0922 1132 MTConfig - ok
15:05:38.0953 1132 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:05:38.0984 1132 Mup - ok
15:05:39.0015 1132 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
15:05:39.0140 1132 napagent - ok
15:05:39.0203 1132 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:05:39.0249 1132 NativeWifiP - ok
15:05:39.0327 1132 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:05:39.0390 1132 NDIS - ok
15:05:39.0421 1132 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:05:39.0515 1132 NdisCap - ok
15:05:39.0561 1132 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:05:39.0624 1132 NdisTapi - ok
15:05:39.0639 1132 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:05:39.0733 1132 Ndisuio - ok
15:05:39.0749 1132 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:05:39.0858 1132 NdisWan - ok
15:05:39.0889 1132 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:05:39.0983 1132 NDProxy - ok
15:05:40.0014 1132 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:05:40.0154 1132 NetBIOS - ok
15:05:40.0185 1132 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:05:40.0279 1132 NetBT - ok
15:05:40.0310 1132 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
15:05:40.0341 1132 Netlogon - ok
15:05:40.0373 1132 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:05:40.0513 1132 Netman - ok
15:05:40.0544 1132 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:05:40.0685 1132 netprofm - ok
15:05:40.0716 1132 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:05:40.0763 1132 NetTcpPortSharing - ok
15:05:40.0794 1132 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
15:05:40.0825 1132 nfrd960 - ok
15:05:40.0856 1132 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:05:40.0919 1132 NlaSvc - ok
15:05:40.0934 1132 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:05:41.0028 1132 Npfs - ok
15:05:41.0059 1132 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:05:41.0168 1132 nsi - ok
15:05:41.0199 1132 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:05:41.0309 1132 nsiproxy - ok
15:05:41.0387 1132 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:05:41.0527 1132 Ntfs - ok
15:05:41.0543 1132 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:05:41.0667 1132 Null - ok
15:05:41.0699 1132 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:05:41.0730 1132 nvraid - ok
15:05:41.0745 1132 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:05:41.0777 1132 nvstor - ok
15:05:41.0792 1132 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
15:05:41.0839 1132 nv_agp - ok
15:05:41.0839 1132 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
15:05:41.0886 1132 ohci1394 - ok
15:05:41.0933 1132 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:05:41.0979 1132 ose - ok
15:05:42.0198 1132 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:05:42.0479 1132 osppsvc - ok
15:05:42.0525 1132 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:05:42.0588 1132 p2pimsvc - ok
15:05:42.0619 1132 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:05:42.0681 1132 p2psvc - ok
15:05:42.0728 1132 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
15:05:42.0775 1132 Parport - ok
15:05:42.0806 1132 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:05:42.0837 1132 partmgr - ok
15:05:42.0869 1132 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:05:42.0931 1132 PcaSvc - ok
15:05:42.0978 1132 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
15:05:43.0009 1132 pci - ok
15:05:43.0025 1132 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
15:05:43.0056 1132 pciide - ok
15:05:43.0071 1132 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
15:05:43.0103 1132 pcmcia - ok
15:05:43.0118 1132 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:05:43.0149 1132 pcw - ok
15:05:43.0196 1132 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:05:43.0337 1132 PEAUTH - ok
15:05:43.0383 1132 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:05:43.0461 1132 PerfHost - ok
15:05:43.0555 1132 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
15:05:43.0727 1132 pla - ok
15:05:43.0820 1132 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:05:43.0883 1132 PlugPlay - ok
15:05:43.0914 1132 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:05:43.0976 1132 PNRPAutoReg - ok
15:05:44.0007 1132 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:05:44.0039 1132 PNRPsvc - ok
15:05:44.0085 1132 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:05:44.0210 1132 PolicyAgent - ok
15:05:44.0257 1132 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:05:44.0382 1132 Power - ok
15:05:44.0429 1132 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:05:44.0538 1132 PptpMiniport - ok
15:05:44.0569 1132 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
15:05:44.0616 1132 Processor - ok
15:05:44.0647 1132 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
15:05:44.0709 1132 ProfSvc - ok
15:05:44.0741 1132 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:05:44.0772 1132 ProtectedStorage - ok
15:05:44.0803 1132 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:05:44.0912 1132 Psched - ok
15:05:44.0990 1132 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
15:05:45.0099 1132 ql2300 - ok
15:05:45.0115 1132 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
15:05:45.0146 1132 ql40xx - ok
15:05:45.0177 1132 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:05:45.0224 1132 QWAVE - ok
15:05:45.0255 1132 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:05:45.0318 1132 QWAVEdrv - ok
15:05:45.0318 1132 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:05:45.0411 1132 RasAcd - ok
15:05:45.0474 1132 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:05:45.0583 1132 RasAgileVpn - ok
15:05:45.0630 1132 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:05:45.0739 1132 RasAuto - ok
15:05:45.0786 1132 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:05:45.0895 1132 Rasl2tp - ok
15:05:45.0957 1132 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
15:05:46.0082 1132 RasMan - ok
15:05:46.0113 1132 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:05:46.0223 1132 RasPppoe - ok
15:05:46.0238 1132 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:05:46.0363 1132 RasSstp - ok
15:05:46.0410 1132 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:05:46.0519 1132 rdbss - ok
15:05:46.0550 1132 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
15:05:46.0597 1132 rdpbus - ok
15:05:46.0628 1132 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:05:46.0737 1132 RDPCDD - ok
15:05:46.0784 1132 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:05:46.0893 1132 RDPENCDD - ok
15:05:46.0925 1132 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:05:47.0034 1132 RDPREFMP - ok
15:05:47.0112 1132 [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:05:47.0143 1132 RdpVideoMiniport - ok
15:05:47.0190 1132 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:05:47.0268 1132 RDPWD - ok
15:05:47.0315 1132 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:05:47.0346 1132 rdyboost - ok
15:05:47.0377 1132 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:05:47.0486 1132 RemoteAccess - ok
15:05:47.0517 1132 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:05:47.0642 1132 RemoteRegistry - ok
15:05:47.0689 1132 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:05:47.0736 1132 RFCOMM - ok
15:05:47.0783 1132 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:05:47.0907 1132 RpcEptMapper - ok
15:05:47.0939 1132 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:05:47.0985 1132 RpcLocator - ok
15:05:48.0032 1132 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
15:05:48.0141 1132 RpcSs - ok
15:05:48.0173 1132 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:05:48.0266 1132 rspndr - ok
15:05:48.0266 1132 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
15:05:48.0297 1132 SamSs - ok
15:05:48.0329 1132 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
15:05:48.0344 1132 sbp2port - ok
15:05:48.0375 1132 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:05:48.0485 1132 SCardSvr - ok
15:05:48.0500 1132 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:05:48.0594 1132 scfilter - ok
15:05:48.0641 1132 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
15:05:48.0812 1132 Schedule - ok
15:05:48.0859 1132 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:05:48.0937 1132 SCPolicySvc - ok
15:05:48.0968 1132 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:05:49.0015 1132 SDRSVC - ok
15:05:49.0062 1132 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:05:49.0171 1132 secdrv - ok
15:05:49.0218 1132 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
15:05:49.0327 1132 seclogon - ok
15:05:49.0358 1132 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
15:05:49.0483 1132 SENS - ok
15:05:49.0483 1132 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:05:49.0530 1132 SensrSvc - ok
15:05:49.0577 1132 [ 2437720D4480523562360B2B6B5864A7 ] Ser2pl C:\Windows\system32\DRIVERS\ser2pl64.sys
15:05:49.0623 1132 Ser2pl - ok
15:05:49.0655 1132 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:05:49.0717 1132 Serenum - ok
15:05:49.0748 1132 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
15:05:49.0795 1132 Serial - ok
15:05:49.0826 1132 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
15:05:49.0889 1132 sermouse - ok
15:05:49.0935 1132 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
15:05:50.0045 1132 SessionEnv - ok
15:05:50.0060 1132 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
15:05:50.0107 1132 sffdisk - ok
15:05:50.0123 1132 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
15:05:50.0169 1132 sffp_mmc - ok
15:05:50.0169 1132 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
15:05:50.0232 1132 sffp_sd - ok
15:05:50.0232 1132 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
15:05:50.0279 1132 sfloppy - ok
15:05:50.0372 1132 [ C6CC9297BD53E5229653303E556AA539 ] Sftfs C:\Windows\system32\DRIVERS\Sftfslh.sys
15:05:50.0435 1132 Sftfs - ok
15:05:50.0513 1132 [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:05:50.0559 1132 sftlist - ok
15:05:50.0591 1132 [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:05:50.0622 1132 Sftplay - ok
15:05:50.0653 1132 [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:05:50.0684 1132 Sftredir - ok
15:05:50.0700 1132 [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol C:\Windows\system32\DRIVERS\Sftvollh.sys
15:05:50.0715 1132 Sftvol - ok
15:05:50.0762 1132 [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:05:50.0793 1132 sftvsa - ok
15:05:50.0840 1132 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:05:50.0981 1132 SharedAccess - ok
15:05:51.0027 1132 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:05:51.0137 1132 ShellHWDetection - ok
15:05:51.0183 1132 [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH C:\Windows\system32\DRIVERS\SiSG664.sys
15:05:51.0230 1132 SiSGbeLH - ok
15:05:51.0246 1132 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
15:05:51.0277 1132 SiSRaid2 - ok
15:05:51.0293 1132 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
15:05:51.0324 1132 SiSRaid4 - ok
15:05:51.0324 1132 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:05:51.0433 1132 Smb - ok
15:05:51.0480 1132 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:05:51.0542 1132 SNMPTRAP - ok
15:05:51.0558 1132 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:05:51.0589 1132 spldr - ok
15:05:51.0651 1132 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
15:05:51.0729 1132 Spooler - ok
15:05:51.0870 1132 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
15:05:52.0119 1132 sppsvc - ok
15:05:52.0135 1132 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:05:52.0260 1132 sppuinotify - ok
15:05:52.0291 1132 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
15:05:52.0353 1132 srv - ok
15:05:52.0400 1132 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:05:52.0447 1132 srv2 - ok
15:05:52.0478 1132 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:05:52.0541 1132 srvnet - ok
15:05:52.0587 1132 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:05:52.0697 1132 SSDPSRV - ok
15:05:52.0728 1132 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:05:52.0837 1132 SstpSvc - ok
15:05:52.0884 1132 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
15:05:52.0915 1132 stexstor - ok
15:05:52.0946 1132 [ DECACB6921DED1A38642642685D77DAC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
15:05:52.0993 1132 StillCam - ok
15:05:53.0040 1132 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
15:05:53.0165 1132 stisvc - ok
15:05:53.0196 1132 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:05:53.0227 1132 swenum - ok
15:05:53.0258 1132 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:05:53.0383 1132 swprv - ok
15:05:53.0492 1132 [ 7E8902F9929A5D9FFD0F545332CE0F10 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
15:05:53.0601 1132 SynTP - ok
15:05:53.0679 1132 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
15:05:53.0804 1132 SysMain - ok
15:05:53.0835 1132 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:05:53.0898 1132 TabletInputService - ok
15:05:53.0945 1132 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:05:54.0054 1132 TapiSrv - ok
15:05:54.0085 1132 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:05:54.0194 1132 TBS - ok
15:05:54.0303 1132 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:05:54.0444 1132 Tcpip - ok
15:05:54.0506 1132 [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:05:54.0615 1132 TCPIP6 - ok
15:05:54.0647 1132 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:05:54.0693 1132 tcpipreg - ok
15:05:54.0740 1132 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:05:54.0787 1132 TDPIPE - ok
15:05:54.0818 1132 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:05:54.0865 1132 TDTCP - ok
15:05:54.0912 1132 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:05:55.0021 1132 tdx - ok
15:05:55.0037 1132 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:05:55.0068 1132 TermDD - ok
15:05:55.0115 1132 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
15:05:55.0239 1132 TermService - ok
15:05:55.0255 1132 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:05:55.0317 1132 Themes - ok
15:05:55.0349 1132 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:05:55.0442 1132 THREADORDER - ok
15:05:55.0458 1132 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:05:55.0583 1132 TrkWks - ok
15:05:55.0661 1132 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:05:55.0770 1132 TrustedInstaller - ok
15:05:55.0817 1132 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:05:55.0910 1132 tssecsrv - ok
15:05:55.0941 1132 [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
15:05:55.0988 1132 TsUsbFlt - ok
15:05:56.0035 1132 [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
15:05:56.0066 1132 TsUsbGD - ok
15:05:56.0113 1132 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:05:56.0222 1132 tunnel - ok
15:05:56.0253 1132 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
15:05:56.0285 1132 uagp35 - ok
15:05:56.0316 1132 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:05:56.0441 1132 udfs - ok
15:05:56.0503 1132 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:05:56.0550 1132 UI0Detect - ok
15:05:56.0597 1132 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
15:05:56.0612 1132 uliagpkx - ok
15:05:56.0675 1132 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:05:56.0721 1132 umbus - ok
15:05:56.0721 1132 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
15:05:56.0799 1132 UmPass - ok
15:05:56.0924 1132 [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:05:57.0096 1132 UNS - ok
15:05:57.0127 1132 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:05:57.0252 1132 upnphost - ok
15:05:57.0299 1132 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:05:57.0330 1132 usbccgp - ok
15:05:57.0377 1132 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
15:05:57.0439 1132 usbcir - ok
15:05:57.0455 1132 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:05:57.0517 1132 usbehci - ok
15:05:57.0564 1132 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:05:57.0626 1132 usbhub - ok
15:05:57.0657 1132 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:05:57.0689 1132 usbohci - ok
15:05:57.0720 1132 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:05:57.0782 1132 usbprint - ok
15:05:57.0829 1132 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:05:57.0876 1132 usbscan - ok
15:05:57.0923 1132 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:05:57.0969 1132 USBSTOR - ok
15:05:58.0016 1132 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:05:58.0063 1132 usbuhci - ok
15:05:58.0110 1132 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
15:05:58.0172 1132 usbvideo - ok
15:05:58.0203 1132 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:05:58.0297 1132 UxSms - ok
15:05:58.0313 1132 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
15:05:58.0344 1132 VaultSvc - ok
15:05:58.0359 1132 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
15:05:58.0391 1132 vdrvroot - ok
15:05:58.0422 1132 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
15:05:58.0562 1132 vds - ok
15:05:58.0593 1132 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:05:58.0625 1132 vga - ok
15:05:58.0656 1132 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:05:58.0734 1132 VgaSave - ok
15:05:58.0749 1132 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
15:05:58.0781 1132 vhdmp - ok
15:05:58.0796 1132 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
15:05:58.0827 1132 viaide - ok
15:05:58.0843 1132 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
15:05:58.0874 1132 volmgr - ok
15:05:58.0905 1132 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:05:58.0937 1132 volmgrx - ok
15:05:58.0968 1132 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:05:58.0999 1132 volsnap - ok
15:05:59.0046 1132 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
15:05:59.0077 1132 vsmraid - ok
15:05:59.0155 1132 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
15:05:59.0327 1132 VSS - ok
15:05:59.0342 1132 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:05:59.0389 1132 vwifibus - ok
15:05:59.0420 1132 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:05:59.0467 1132 vwififlt - ok
15:05:59.0498 1132 [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
15:05:59.0561 1132 vwifimp - ok
15:05:59.0592 1132 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:05:59.0701 1132 W32Time - ok
15:05:59.0732 1132 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
15:05:59.0763 1132 WacomPen - ok
15:05:59.0795 1132 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:05:59.0888 1132 WANARP - ok
15:05:59.0888 1132 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:05:59.0966 1132 Wanarpv6 - ok
15:06:00.0029 1132 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
15:06:00.0200 1132 WatAdminSvc - ok
15:06:00.0263 1132 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
15:06:00.0341 1132 wbengine - ok
15:06:00.0372 1132 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:06:00.0419 1132 WbioSrvc - ok
15:06:00.0450 1132 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:06:00.0528 1132 wcncsvc - ok
15:06:00.0559 1132 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:06:00.0590 1132 WcsPlugInService - ok
15:06:00.0637 1132 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
15:06:00.0653 1132 Wd - ok
15:06:00.0699 1132 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:06:00.0762 1132 Wdf01000 - ok
15:06:00.0793 1132 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:06:00.0855 1132 WdiServiceHost - ok
15:06:00.0871 1132 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:06:00.0918 1132 WdiSystemHost - ok
15:06:00.0949 1132 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
15:06:01.0011 1132 WebClient - ok
15:06:01.0058 1132 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:06:01.0167 1132 Wecsvc - ok
15:06:01.0199 1132 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:06:01.0308 1132 wercplsupport - ok
15:06:01.0339 1132 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:06:01.0464 1132 WerSvc - ok
15:06:01.0495 1132 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:06:01.0589 1132 WfpLwf - ok
15:06:01.0651 1132 [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
15:06:01.0682 1132 WimFltr - ok
15:06:01.0713 1132 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:06:01.0745 1132 WIMMount - ok
15:06:01.0776 1132 WinDefend - ok
15:06:01.0776 1132 WinHttpAutoProxySvc - ok
15:06:01.0838 1132 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:06:01.0963 1132 Winmgmt - ok
15:06:02.0041 1132 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
15:06:02.0244 1132 WinRM - ok
15:06:02.0306 1132 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:06:02.0353 1132 WinUsb - ok
15:06:02.0400 1132 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:06:02.0493 1132 Wlansvc - ok
15:06:02.0571 1132 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:06:02.0603 1132 wlcrasvc - ok
15:06:02.0727 1132 [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:06:02.0868 1132 wlidsvc - ok
15:06:02.0899 1132 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:06:02.0946 1132 WmiAcpi - ok
15:06:02.0993 1132 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:06:03.0055 1132 wmiApSrv - ok
15:06:03.0086 1132 WMPNetworkSvc - ok
15:06:03.0102 1132 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:06:03.0133 1132 WPCSvc - ok
15:06:03.0164 1132 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:06:03.0195 1132 WPDBusEnum - ok
15:06:03.0227 1132 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:06:03.0336 1132 ws2ifsl - ok
15:06:03.0367 1132 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
15:06:03.0414 1132 wscsvc - ok
15:06:03.0445 1132 [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
15:06:03.0492 1132 WSDPrintDevice - ok
15:06:03.0523 1132 [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys
15:06:03.0570 1132 WSDScan - ok
15:06:03.0585 1132 WSearch - ok
15:06:03.0695 1132 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:06:03.0851 1132 wuauserv - ok
15:06:03.0897 1132 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:06:03.0944 1132 WudfPf - ok
15:06:03.0991 1132 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:06:04.0038 1132 WUDFRd - ok
15:06:04.0053 1132 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:06:04.0116 1132 wudfsvc - ok
15:06:04.0147 1132 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
15:06:04.0209 1132 WwanSvc - ok
15:06:04.0256 1132 ================ Scan global ===============================
15:06:04.0287 1132 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:06:04.0319 1132 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:06:04.0350 1132 [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:06:04.0365 1132 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:06:04.0412 1132 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:06:04.0428 1132 [Global] - ok
15:06:04.0428 1132 ================ Scan MBR ==================================
15:06:04.0443 1132 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:06:04.0849 1132 \Device\Harddisk0\DR0 - ok
15:06:04.0865 1132 [ A4A15D6782E6FE1DCE41A606CB3AFFE3 ] \Device\Harddisk1\DR1
15:06:05.0489 1132 \Device\Harddisk1\DR1 - ok
15:06:05.0489 1132 ================ Scan VBR ==================================
15:06:05.0489 1132 [ 1EE091679E024C7095DA22C0A953DD74 ] \Device\Harddisk0\DR0\Partition1
15:06:05.0489 1132 \Device\Harddisk0\DR0\Partition1 - ok
15:06:05.0535 1132 [ 44FC5F23AB4AE7EC9EAD0211E251179F ] \Device\Harddisk0\DR0\Partition2
15:06:05.0535 1132 \Device\Harddisk0\DR0\Partition2 - ok
15:06:05.0551 1132 [ B554E546BE1C76148D0C740FC744C170 ] \Device\Harddisk1\DR1\Partition1
15:06:05.0551 1132 \Device\Harddisk1\DR1\Partition1 - ok
15:06:05.0551 1132 ============================================================
15:06:05.0551 1132 Scan finished
15:06:05.0551 1132 ============================================================
15:06:05.0567 3080 Detected object count: 1
15:06:05.0567 3080 Actual detected object count: 1
15:07:55.0110 3080 BrYNSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:07:55.0110 3080 BrYNSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:08:03.0270 4420 Deinitialize success
Thx |
|
13.06.2013, 14:47
| #12 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows7 Explorer funktioniert nicht mehrZitat:
Hinweis: Registry CleanerIch sehe, dass du sogenannte Registry Cleaner installiert hast. In deinem Fall ccleaner. Wir raten von der Verwendung jeglicher Art von Registry Cleaner ab. Der Grund ist ganz einfach: Die Registry ist das Hirn des Systems. Funktioniert das Hirn nicht, funktioniert der Rest nicht mehr wirklich. Man sollte nicht unnötigerweise an der Registry rumbasteln. Schon ein kleiner Fehler kann gravierende Folgen haben und auch Programme machen manchmal Fehler. Zerstörst du die Registry, zerstörst du Windows. Zudem ist der Nutzen zur Performancesteigerung umstritten und meist kaum im wahrnehmbaren Bereich. Ich würde dir empfehlen, Registry Cleaner nicht weiterhin zu verwenden und über Start --> Systemsteuerung --> Software (bei Windows XP)zu deinstallieren.
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.06.2013, 15:00
| #13 |
| | Windows7 Explorer funktioniert nicht mehr Hab ich raus geworfen den CCleaner, bin allg. ein Freund von wenig Daten/Programmen... ich hatte am 22.5. mein Multifunktionsdrucker versucht zu installieren und hatte da große Probleme den als Drucker mit einzurichten Drucken geht nun aber Scanen nicht und da hab ich einige Dateien gelöscht wegen Installieren Deinstallieren als empfehlung wenn es beim 1ten mal nicht klappt haben die geschrieben. Hab da meherer Dateien rausgeworfen. Die mir unbekannt oder auch unnötig waren ähnlich aktuell mit Avira wieso lassen sich manche Programme löschen und Avira bsp. jetzt nicht mehr? Evtl auch nötige Programme  Kann man solche auch wieder herstellen? Bzw da Fehler aufspühren? Kam mir jetzt die Idee wegen löschen von CCleaner ..... Da hab ich das Datum gesehen nach dem länger nichts passierte.....  |
|
13.06.2013, 15:47
| #14 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Windows7 Explorer funktioniert nicht mehr JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Im Anschluss: adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Danach eine Kontrolle mit OTL bitte:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.06.2013, 09:46
| #15 |
| | Windows7 Explorer funktioniert nicht mehr JRT: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Tobillix on 14.06.2013 at 10:35:20,58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1136809362-2212667915-2443606012-1001\Software\Microsoft\Internet Explorer\Main\\Start Page
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylontoolbar
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngr
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilivid
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\discoveryhelper.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\gifanimator.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\imtrprogress.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\imweb.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\wmhelper.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\discoveryhelper.imesh6discovery
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\discoveryhelper.imesh6discovery.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\imweb.imwebcontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.notificationsource
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.notificationsource.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.sourcesinkimpl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.sourcesinkimpl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.toolbarinfo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.toolbarinfo.1
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\datamngr
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E327B07A-0E11-4FD4-BEF2-B2C5605B59C6}
~~~ Files
Successfully deleted: [File] "C:\Users\Tobillix\AppData\Roaming\microsoft\windows\start menu\programs\ilivid.lnk"
Successfully deleted: [File] "C:\end"
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\installmate"
Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\ProgramData\speedmaxpc"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\Tobillix\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Tobillix\AppData\Roaming\dealply"
Successfully deleted: [Folder] "C:\Users\Tobillix\AppData\Roaming\downtangofttoolbar"
Successfully deleted: [Folder] "C:\Users\Tobillix\AppData\Roaming\drivercure"
Successfully deleted: [Folder] "C:\Users\Tobillix\AppData\Roaming\goforfiles"
Successfully deleted: [Folder] "C:\Users\Tobillix\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Tobillix\AppData\Roaming\speedmaxpc"
Successfully deleted: [Folder] "C:\Users\Tobillix\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\Tobillix\appdata\local\downtango"
Successfully deleted: [Folder] "C:\Users\Tobillix\appdata\local\ilivid"
Successfully deleted: [Folder] "C:\Users\Tobillix\appdata\locallow\downtangofttoolbar"
Failed to delete: [Folder] "C:\Users\Tobillix\appdata\locallow\mediabarim"
Successfully deleted: [Folder] "C:\Users\Tobillix\appdata\locallow\simplytech"
Successfully deleted: [Folder] "C:\Program Files (x86)\protected search"
Successfully deleted: [Empty Folder] C:\Users\Tobillix\appdata\local\{40C725C9-5225-418B-A664-4744B88CB99C}
Successfully deleted: [Empty Folder] C:\Users\Tobillix\appdata\local\{66CAEBAB-B7D9-49A8-801D-FFC2403165F9}
Successfully deleted: [Empty Folder] C:\Users\Tobillix\appdata\local\{8BAA3374-866D-4A63-ADEF-2A7E784ED8DA}
Successfully deleted: [Empty Folder] C:\Users\Tobillix\appdata\local\{DF1876F2-DF70-419B-8546-0ADCD8512255}
Successfully deleted: [Empty Folder] C:\Users\Tobillix\appdata\local\{F29A1BC3-52D1-4462-A596-61C4E40D4CAB}
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.06.2013 at 10:44:07,52
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
wurde nur 1mal neu gestartet. Code:
ATTFilter # AdwCleaner v2.303 - Datei am 14/06/2013 um 10:49:57 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Tobillix - TOBILLIX-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tobillix\Downloads\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Users\Tobillix\AppData\Roaming\Mozilla\Firefox\Profiles\tu3kxf86.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Tobillix\AppData\Roaming\Mozilla\Firefox\Profiles\tu3kxf86.default\searchplugins\delta.xml
Datei Gelöscht : C:\Users\Tobillix\Desktop\iLivid.lnk
Ordner Gelöscht : C:\Program Files (x86)\Red Sky
Ordner Gelöscht : C:\Users\Tobillix\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Tobillix\AppData\LocalLow\mediabarim
Ordner Gelöscht : C:\Users\Tobillix\AppData\Roaming\DSite
Ordner Gelöscht : C:\Users\Tobillix\AppData\Roaming\Mozilla\Firefox\Profiles\tu3kxf86.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
Ordner Gelöscht : C:\Users\Tobillix\AppData\Roaming\Mozilla\Firefox\Profiles\tu3kxf86.default\mediabarim
Ordner Gelöscht : C:\Users\Tobillix\iMesh Applications
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\delta LTD
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Schlüssel Gelöscht : HKCU\Software\ProtectedSearch
Schlüssel Gelöscht : HKCU\Software\SpeedMaxPC
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\iMesh.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{ec96f516-51b2-4b46-8451-8665f5a6ba2b}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{f07fbd3e-2048-44a4-9065-71bf551e2672}
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Schlüssel Gelöscht : HKLM\Software\SpeedMaxPC
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2656B92B-0207-4AFB-BEBF-F5FD231ECD39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{59570C1F-B692-48C9-91B4-7809E6945287}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{63A0F7FA-2C95-4D7E-AF25-EFCC303D20A1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6559E502-6EE1-46B8-A83C-F3A45BDA23EE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{69d3f709-9de2-479f-980f-532d46895703}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C63CA8A4-AB4E-49E5-A6C0-33FC86D80205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C6A7847E-8931-4A9A-B4EF-72A91E3CCF4D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DD0F1D24-E250-4E93-966C-65615720AEFB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EC1277BB-1C71-4C0D-BA6D-BFEA16E773A6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{69d3f709-9de2-479f-980f-532d46895703}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{cfd485f0-96bd-47cd-bb6d-cd7dda95f102}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Imesh
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Wincore MediaBar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{69d3f709-9de2-479f-980f-532d46895703}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{28387537-E3F9-4ED7-860C-11E69AF4A8A0}]
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16611
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 --> hxxp://www.google.com
-\\ Mozilla Firefox v12.0 (de)
Datei : C:\Users\Tobillix\AppData\Roaming\Mozilla\Firefox\Profiles\tu3kxf86.default\prefs.js
C:\Users\Tobillix\AppData\Roaming\Mozilla\Firefox\Profiles\tu3kxf86.default\user.js ... Gelöscht !
Gelöscht : user_pref("extensions.delta.bbDpng", "29");
Gelöscht : user_pref("extensions.delta.cntry", "DE");
Gelöscht : user_pref("extensions.delta.hdrMd5", "");
Gelöscht : user_pref("extensions.delta.lastVrsnTs", "");
Gelöscht : user_pref("extensions.delta.sg", "er");
Gelöscht : user_pref("extensions.delta.smplGrp", "er");
Gelöscht : user_pref("extensions.ffxtlbr@delta.com.install-event-fired", true);
-\\ Google Chrome v [Version kann nicht ermittelt werden]
Datei : C:\Users\Tobillix\AppData\Local\Google\Chrome\User Data\Default\Preferences
Gelöscht [l.22] : icon_url = "hxxp://www.delta-search.com/favicon.ico",
Gelöscht [l.25] : keyword = "delta-search.com",
Gelöscht [l.29] : search_url = "hxxp://www.delta-search.com/?q={searchTerms}&affID=119293&tt=gc_&babsrc=SP_ss[...]
Gelöscht [l.361] : homepage = "hxxp://www.delta-search.com/?affID=119293&tt=gc_&babsrc=HP_ss&mntrId=248486D53D120B[...]
Gelöscht [l.534] : urls_to_restore_on_startup = [ "hxxp://www.delta-search.com/?affID=119293&tt=gc_&babsrc=HP_[...]
*************************
AdwCleaner[S1].txt - [10784 octets] - [14/06/2013 10:49:57]
########## EOF - C:\AdwCleaner[S1].txt - [10845 octets] ##########
Code:
ATTFilter OTL logfile created on: 14.06.2013 11:01:39 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tobillix\Downloads 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16614) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,91 Gb Total Physical Memory | 2,40 Gb Available Physical Memory | 61,55% Memory free 7,81 Gb Paging File | 6,12 Gb Available in Paging File | 78,32% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 119,24 Gb Total Space | 66,98 Gb Free Space | 56,18% Space Free | Partition Type: NTFS Drive D: | 153,85 Gb Total Space | 48,21 Gb Free Space | 31,33% Space Free | Partition Type: NTFS Drive E: | 3,78 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS Drive H: | 698,64 Gb Total Space | 198,90 Gb Free Space | 28,47% Space Free | Partition Type: NTFS Computer Name: TOBILLIX-PC | User Name: Tobillix | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Tobillix\Downloads\OTL.exe (OldTimer Tools) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe (Adobe Systems, Inc.) PRC - C:\Program Files\Mozillafirefo9crome\plugin-container.exe (Mozilla Corporation) PRC - C:\Program Files\Mozillafirefo9crome\firefox.exe (Mozilla Corporation) PRC - C:\Windows\AsScrPro.exe (ASUS) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (ASUSTeK Computer Inc.) PRC - C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe (ASUS) PRC - C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS) PRC - C:\Windows\SysWOW64\ACEngSvr.exe (ASUSTeK) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS) PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS) PRC - C:\Windows\SysWOW64\BRSVC01A.EXE (brother Industries Ltd) PRC - C:\Windows\SysWOW64\BRSS01A.EXE (brother Industries Ltd) ========== Modules (No Company Name) ========== MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\af525b4bec3b9941b7be8ffbf813da80\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f878765b06a1d56b04f4bd23a9c60985\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7eac0dbe9aa20b55e37235f8ee030e6b\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll () MOD - C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\libcef.dll () MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll () MOD - C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll () MOD - C:\Program Files\Mozillafirefo9crome\mozjs.dll () MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll () MOD - C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll () MOD - C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll () MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll () MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll () ========== Services (SafeList) ========== SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.) SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) SRV - (BrYNSvc) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe (Brother Industries, Ltd.) SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (ASUS InstantOn) -- C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe (ASUS) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS) SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (Brother XP spl Service) -- C:\Windows\SysWOW64\BRSVC01A.EXE (brother Industries Ltd) ========== Driver Services (SafeList) ========== DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV:64bit: - (Ser2pl) -- C:\Windows\SysNative\drivers\ser2pl64.sys (Prolific Technology Inc.) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation) DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation) DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation) DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation) DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.) DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc) DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc) DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation) DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.) DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( ) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation) DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation) DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation) DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation) DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = hxxp://www.google.com IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = hxxp://www.google.com IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1136809362-2212667915-2443606012-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKU\S-1-5-21-1136809362-2212667915-2443606012-1001\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1136809362-2212667915-2443606012-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.search.useDBForOrder: "false" FF - prefs.js..extensions.enabledAddons: testpilot@labs.mozilla.com:1.2.2 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll () FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozillafirefo9crome\components [2012.06.04 12:43:30 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozillafirefo9crome\plugins [2011.12.08 18:08:00 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.23 13:13:12 | 000,000,000 | ---D | M] [2011.12.08 17:55:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobillix\AppData\Roaming\mozilla\Extensions [2013.06.14 10:50:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobillix\AppData\Roaming\mozilla\Firefox\Profiles\tu3kxf86.default\extensions [2012.11.16 15:07:36 | 000,000,000 | ---D | M] (DownTango Launcher) -- C:\Users\Tobillix\AppData\Roaming\mozilla\Firefox\Profiles\tu3kxf86.default\extensions\{411beae9-8c58-477c-8903-201536f61512} [2012.09.15 10:19:06 | 000,621,521 | ---- | M] () (No name found) -- C:\Users\Tobillix\AppData\Roaming\mozilla\firefox\profiles\tu3kxf86.default\extensions\testpilot@labs.mozilla.com.xpi ========== Chrome ========== CHR - default_search_provider: Delta Search (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms} CHR - homepage: hxxp://www.google.com/ CHR - plugin: Default Plug-in (Enabled) = default_plugin CHR - Extension: YouTube = C:\Users\Tobillix\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\ CHR - Extension: Google-Suche = C:\Users\Tobillix\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\ CHR - Extension: Google Mail = C:\Users\Tobillix\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\ O1 HOSTS File: ([2013.06.13 07:53:21 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (DownTango Launcher) - {e327b07a-0e11-4fd4-bef2-b2c5605b59c6} - C:\Users\Tobillix\AppData\Roaming\DownTangoFTToolbar\DownTangoFTToolbar.dll File not found O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.) O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) O4:64bit: - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated) O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.) O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe (ecareme) O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS) O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS) O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.) O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS) O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus) O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.) O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS) O4 - Startup: C:\Users\Tobillix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1136809362-2212667915-2443606012-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-1136809362-2212667915-2443606012-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0 O7 - HKU\S-1-5-21-1136809362-2212667915-2443606012-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O13 - gopher Prefix: missing O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D9FB8A97-64B7-46D0-BCAF-B10735B25125}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1B2404B-6A93-4894-867E-985A2BA1157C}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.06.14 10:35:18 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.06.14 10:34:33 | 000,000,000 | ---D | C] -- C:\JRT [2013.06.13 10:35:10 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.06.13 10:35:10 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.06.13 10:35:08 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.06.13 10:35:08 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.06.13 10:35:08 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.06.13 10:35:08 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.06.13 10:35:08 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.06.13 10:35:08 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.06.13 10:35:08 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.06.13 10:35:08 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.06.13 10:35:08 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.06.13 10:35:06 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.06.13 10:35:05 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.06.13 10:35:05 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.06.13 10:35:04 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.06.13 09:08:44 | 000,000,000 | -HSD | C] -- C:\Config.Msi [2013.06.13 07:57:26 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013.06.13 07:53:19 | 000,000,000 | ---D | C] -- C:\Windows\temp [2013.06.13 07:42:16 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013.06.13 07:42:16 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013.06.13 07:42:16 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013.06.13 07:42:09 | 000,000,000 | ---D | C] -- C:\ComboFix [2013.06.13 07:42:03 | 000,000,000 | ---D | C] -- C:\Qoobox [2013.06.13 07:41:39 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013.06.13 07:38:40 | 005,079,773 | R--- | C] (Swearware) -- C:\Users\Tobillix\Desktop\ComboFix.exe [2013.06.12 22:41:22 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2013.06.12 22:41:22 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2013.06.12 22:41:18 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll [2013.06.12 22:41:17 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll [2013.06.12 22:41:10 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013.06.12 22:41:05 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe [2013.06.12 22:41:05 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe [2013.06.12 22:41:04 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2013.06.12 22:41:04 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2013.06.12 22:41:04 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll [2013.06.12 22:41:03 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll [2013.06.12 22:40:56 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013.06.12 22:40:56 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll [2013.06.12 18:59:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.06.12 18:58:15 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\Desktop\mbar [2013.06.11 22:02:12 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\TuneUp Software [2013.06.11 22:01:28 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software [2013.06.11 22:00:45 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} [2013.06.11 22:00:45 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files [2013.06.10 13:52:44 | 000,000,000 | ---D | C] -- C:\LocalDumps [2013.05.30 01:55:44 | 000,083,160 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys [2013.05.29 19:55:09 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\Avira [2013.05.29 19:49:34 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2013.05.29 19:49:34 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2013.05.29 19:49:34 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2013.05.29 19:49:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira [2013.05.29 19:49:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira [2013.05.29 18:34:47 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Local\Downloaded Installations [2013.05.29 18:34:15 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\Zip Opener Packages [2013.05.29 15:38:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Easy [2013.05.29 15:38:24 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Easy [2013.05.29 15:38:04 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Local\Programs [2013.05.23 19:46:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight [2013.05.23 19:44:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight [2013.05.23 19:44:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight [2013.05.23 19:43:39 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll [2013.05.23 19:43:39 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll [2013.05.23 19:43:39 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe [2013.05.23 19:43:38 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys [2013.05.23 19:43:38 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll [2013.05.23 19:43:38 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll [2013.05.23 19:43:38 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys [2013.05.23 19:43:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys [2013.05.23 19:43:38 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll [2013.05.23 19:43:37 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe [2013.05.23 19:43:37 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe [2013.05.23 19:43:37 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe [2013.05.23 19:43:37 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll [2013.05.23 19:43:37 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll [2013.05.23 19:43:37 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll [2013.05.23 19:43:37 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll [2013.05.23 19:43:37 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll [2013.05.23 19:43:37 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe [2013.05.23 19:43:37 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll [2013.05.23 19:43:37 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll [2013.05.23 19:43:37 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll [2013.05.23 19:43:37 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll [2013.05.23 19:43:36 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll [2013.05.23 19:43:36 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll [2013.05.23 19:43:35 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll [2013.05.23 19:40:29 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll [2013.05.23 19:40:27 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll [2013.05.23 19:40:27 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll [2013.05.23 19:31:01 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\vlc [2013.05.23 13:26:50 | 000,018,832 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe [2013.05.23 13:26:44 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\Canneverbe Limited [2013.05.23 13:26:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited [2013.05.23 13:26:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDBurnerXP [2013.05.23 13:13:22 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\Thunderbird [2013.05.23 13:13:22 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Local\Thunderbird [2013.05.23 13:13:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird [2013.05.23 12:48:05 | 000,057,344 | ---- | C] (brother Industries Ltd) -- C:\Windows\SysWow64\BRSVC01A.EXE [2013.05.23 12:48:05 | 000,045,056 | ---- | C] (brother Industries Ltd) -- C:\Windows\SysWow64\BRSS01A.EXE [2013.05.23 11:19:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother Personal Utilities [2013.05.23 10:54:09 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark [2013.05.22 14:37:21 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\ControlCenter4 [2013.05.22 14:33:42 | 000,000,000 | ---D | C] -- C:\Brother [2013.05.22 14:33:40 | 000,000,000 | ---D | C] -- C:\ProgramData\ControlCenter4 [2013.05.22 14:33:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Browny02 [2013.05.22 14:32:55 | 000,245,760 | ---- | C] (brother) -- C:\Windows\SysWow64\NSSearch.dll [2013.05.22 14:32:55 | 000,005,632 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2L.dll [2013.05.22 14:32:55 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2S.dll [2013.05.22 14:32:54 | 000,073,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2.dll [2013.05.22 14:32:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Brother [2013.05.22 14:32:49 | 000,180,224 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysWow64\BroSNMP.dll [2013.05.22 14:29:20 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\InstallShield [2013.05.22 12:07:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother [2013.05.22 12:07:26 | 000,316,928 | ---- | C] (brother) -- C:\Windows\SysNative\NSSRH64.dll [2013.05.22 12:07:26 | 000,084,480 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\BrNetSti.dll [2013.05.22 12:07:26 | 000,058,880 | ---- | C] (Brother Industries,Ltd.) -- C:\Windows\SysNative\BrWiaNCp.dll [2013.05.22 12:07:26 | 000,054,272 | R--- | C] (Brother Industries,Ltd) -- C:\Windows\SysNative\Brnsplg.dll [2013.05.22 12:07:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ControlCenter4 [2013.05.22 12:01:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother ========== Files - Modified Within 30 Days ========== [2013.06.14 11:00:07 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.06.14 11:00:07 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.06.14 10:57:13 | 001,531,014 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.06.14 10:57:13 | 000,666,256 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.06.14 10:57:13 | 000,628,098 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.06.14 10:57:13 | 000,134,178 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.06.14 10:57:13 | 000,110,560 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.06.14 10:52:32 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.06.14 10:52:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.06.14 10:52:09 | 3145,826,304 | -HS- | M] () -- C:\hiberfil.sys [2013.06.14 10:39:00 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.06.14 10:26:55 | 000,045,056 | ---- | M] () -- C:\Windows\SysWow64\acovcnt.exe [2013.06.13 15:01:24 | 000,000,512 | ---- | M] () -- C:\Users\Tobillix\Desktop\MBR.dat [2013.06.13 10:58:30 | 000,005,668 | ---- | M] () -- C:\Users\Tobillix\AppData\Local\recently-used.xbel [2013.06.13 09:27:40 | 000,277,352 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013.06.13 07:53:21 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts [2013.06.13 07:39:39 | 005,079,773 | R--- | M] (Swearware) -- C:\Users\Tobillix\Desktop\ComboFix.exe [2013.06.12 22:05:57 | 000,088,087 | ---- | M] () -- C:\Users\Tobillix\Desktop\Tätigkeitsbeschreibung.pdf [2013.06.12 22:03:46 | 000,027,100 | ---- | M] () -- C:\Users\Tobillix\Desktop\Selbsteinschätzungsprofil.pdf [2013.06.12 18:53:39 | 013,169,742 | ---- | M] () -- C:\Users\Tobillix\Desktop\mbar-1.06.0.1003.zip [2013.06.12 18:13:09 | 000,001,272 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini [2013.06.08 00:43:00 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\ASUS SmartLogon Console Sensor.job [2013.05.30 14:18:51 | 000,002,046 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini [2013.05.30 01:55:19 | 000,083,160 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys [2013.05.29 19:47:57 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys [2013.05.29 19:47:57 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys [2013.05.29 19:47:57 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys [2013.05.29 14:10:24 | 000,001,059 | ---- | M] () -- C:\Users\Tobillix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013.05.29 14:10:11 | 000,001,033 | ---- | M] () -- C:\Users\Tobillix\Desktop\Dropbox.lnk [2013.05.23 19:30:50 | 000,000,742 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2013.05.23 19:25:43 | 000,001,142 | ---- | M] () -- C:\Users\Tobillix\Desktop\ASUS Produktregistrierung.lnk [2013.05.23 13:26:34 | 000,001,955 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk [2013.05.23 13:13:15 | 000,002,092 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2013.05.23 12:48:08 | 000,000,184 | ---- | M] () -- C:\Windows\SysWow64\brsvc01a.bsi [2013.05.23 12:48:08 | 000,000,030 | ---- | M] () -- C:\Windows\SysWow64\brss01a.ini [2013.05.23 12:48:01 | 000,000,055 | ---- | M] () -- C:\Windows\SysWow64\BRDPJ140W.DAT [2013.05.19 18:35:42 | 000,247,887 | ---- | M] () -- C:\Users\Tobillix\Desktop\Strangfeld.jpg [2013.05.17 03:25:27 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.05.17 03:25:26 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.05.17 03:25:26 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.05.17 03:25:26 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.05.17 03:25:26 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.05.17 02:59:12 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.05.17 02:58:20 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.05.17 02:58:10 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.05.17 02:58:10 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.05.17 02:58:08 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.05.17 02:58:08 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.05.17 02:58:08 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.05.17 02:58:08 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll ========== Files Created - No Company Name ========== [2013.06.13 14:57:06 | 000,000,512 | ---- | C] () -- C:\Users\Tobillix\Desktop\MBR.dat [2013.06.13 10:58:30 | 000,005,668 | ---- | C] () -- C:\Users\Tobillix\AppData\Local\recently-used.xbel [2013.06.13 07:42:16 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013.06.13 07:42:16 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013.06.13 07:42:16 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013.06.13 07:42:16 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013.06.13 07:42:16 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013.06.12 22:05:54 | 000,088,087 | ---- | C] () -- C:\Users\Tobillix\Desktop\Tätigkeitsbeschreibung.pdf [2013.06.12 22:03:45 | 000,027,100 | ---- | C] () -- C:\Users\Tobillix\Desktop\Selbsteinschätzungsprofil.pdf [2013.06.12 18:52:51 | 013,169,742 | ---- | C] () -- C:\Users\Tobillix\Desktop\mbar-1.06.0.1003.zip [2013.06.08 00:43:00 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\ASUS SmartLogon Console Sensor.job [2013.05.24 09:58:24 | 000,247,887 | ---- | C] () -- C:\Users\Tobillix\Desktop\Strangfeld.jpg [2013.05.23 19:30:50 | 000,000,742 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2013.05.23 19:25:43 | 000,001,142 | ---- | C] () -- C:\Users\Tobillix\Desktop\ASUS Produktregistrierung.lnk [2013.05.23 13:26:34 | 000,001,955 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk [2013.05.23 13:26:34 | 000,001,905 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk [2013.05.23 13:13:14 | 000,002,092 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk [2013.05.23 12:48:08 | 000,000,184 | ---- | C] () -- C:\Windows\SysWow64\brsvc01a.bsi [2013.05.23 12:48:08 | 000,000,030 | ---- | C] () -- C:\Windows\SysWow64\brss01a.ini [2013.05.23 11:18:07 | 000,000,060 | R--- | C] () -- C:\Program Files (x86)\BRINST.INI [2013.05.22 14:53:54 | 000,000,055 | ---- | C] () -- C:\Windows\SysWow64\BRDPJ140W.DAT [2013.05.22 12:07:26 | 000,143,360 | R--- | C] () -- C:\Windows\SysNative\BrSNMP64.dll [2013.03.29 16:33:23 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini [2012.12.14 02:42:30 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin [2012.12.14 02:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll [2012.12.14 02:42:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin [2012.12.08 15:40:48 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI [2012.11.16 15:07:30 | 000,015,432 | ---- | C] () -- C:\Windows\Launcher.exe [2012.02.28 20:28:25 | 000,164,234 | ---- | C] () -- C:\Windows\FlyChart Uninstaller.exe [2012.02.12 21:20:35 | 001,557,912 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI [2012.01.20 15:28:12 | 000,027,648 | ---- | C] () -- C:\Users\Tobillix\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2011.12.01 16:07:58 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\acovcnt.exe [2011.09.16 10:21:16 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll [2011.09.16 10:20:27 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin [2011.09.16 10:20:19 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin [2011.09.16 10:20:13 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Alternate Data Streams ========== @Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:41099CE9 < End of report > Code:
ATTFilter OTL Extras logfile created on: 14.06.2013 11:01:39 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Tobillix\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,91 Gb Total Physical Memory | 2,40 Gb Available Physical Memory | 61,55% Memory free
7,81 Gb Paging File | 6,12 Gb Available in Paging File | 78,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,24 Gb Total Space | 66,98 Gb Free Space | 56,18% Space Free | Partition Type: NTFS
Drive D: | 153,85 Gb Total Space | 48,21 Gb Free Space | 31,33% Space Free | Partition Type: NTFS
Drive E: | 3,78 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 698,64 Gb Total Space | 198,90 Gb Free Space | 28,47% Space Free | Partition Type: NTFS
Computer Name: TOBILLIX-PC | User Name: Tobillix | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
[HKEY_USERS\S-1-5-21-1136809362-2212667915-2443606012-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozillafirefo9crome\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01030C6F-5837-45D1-AB3A-AF3B197B0371}" = lport=138 | protocol=17 | dir=in | app=system |
"{05398B0F-DF21-49B9-89E4-B94DDDA8C53D}" = lport=445 | protocol=6 | dir=in | app=system |
"{39B40135-DE6F-4B1E-9392-C4560374AEAF}" = rport=138 | protocol=17 | dir=out | app=system |
"{3DAC7D07-F950-4220-A07F-13FC0C5E7B8A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3F84BB46-FA1B-46B3-AB3D-6926B1478FF5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{41265FCC-C8FD-4637-940D-81D93E5445B1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{46F89CE4-032C-4BD7-BEDB-59B3E6118BE6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{506984D9-DE61-4E40-9679-2D3BDE5A3CB8}" = lport=8182 | protocol=6 | dir=in | name=java(tm) platform se binary |
"{58ECAC34-358A-4996-93D8-9D0BABF621B1}" = rport=139 | protocol=6 | dir=out | app=system |
"{5987CD0D-9C68-4205-B53B-786670C44BBA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5CDE0E7C-DC47-4771-A849-8CFDF593D83B}" = rport=445 | protocol=6 | dir=out | app=system |
"{5FB1DCF9-E80F-4A2A-8C19-A83037B4128F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{64D0CF8C-460F-4A0F-AB60-885D07254789}" = lport=10243 | protocol=6 | dir=in | app=system |
"{6B34172A-84C3-432B-983E-F72E92DEBC66}" = rport=137 | protocol=17 | dir=out | app=system |
"{6D86BBA6-660B-4EA4-9C85-ADBCBF533D55}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{81BD1620-B145-459B-8294-89DC76E8572F}" = rport=10243 | protocol=6 | dir=out | app=system |
"{8CCF1862-7DD5-4479-8C75-816B63D5AE7E}" = lport=137 | protocol=17 | dir=in | app=system |
"{9B30EEB1-3357-4F0D-9BF8-C740440D33FA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{9C2BC9E1-B81A-486E-9D96-F0C8E6502C49}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{A119C4FF-3AE3-40BB-B5D7-933C3DF80772}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A72233AF-337A-40D3-BCE9-4CBCFF8C6B0B}" = lport=5353 | protocol=17 | dir=in | name=java(tm) platform se binary |
"{AEB556A1-0EA9-45B1-AB3B-1429C2598C19}" = lport=139 | protocol=6 | dir=in | app=system |
"{B236816B-FE21-4E85-B060-05EA7B258844}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner |
"{B827E1C7-5A7A-484C-9653-2FE388A8B888}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{CE94DC46-31D2-4A19-B634-FEC5BF51E233}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{D93049F5-5267-4C4D-A6BA-5B5AE2B511E7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EB06DDCA-ED3D-4019-BA93-9DF325F55A05}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{ED7C6FB1-EE29-4727-BB8A-EF35088F3FF3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{033045E6-3034-4B01-869B-6FFA6C747C1A}" = dir=in | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{05F6FBB2-DD36-4430-8819-7D0B9000596F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{15B67990-8F2C-4858-B36B-9DAB9B2D53DD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{21791D02-FAEF-44B5-9008-A6E644E256D3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{22A603FD-8628-4190-BFF9-EC1E3A4198B0}" = protocol=58 | dir=in | app=system |
"{25BDD843-A815-48A8-A216-66D065687049}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{380CD1BF-3256-4C1D-B497-5243B0F35003}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{462639D2-B49D-4052-A9AD-AC2CA7C0F9A4}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{4987BBB2-9C47-4607-A315-8BDEFFD817D0}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 |
"{49FDBA42-E06F-4D2F-A541-4AE21FD4B217}" = protocol=17 | dir=in | app=c:\users\tobillix\imesh applications\mediabar\datamngr\toolbar\dtuser.exe |
"{4EC18E60-0161-47A0-A4BF-01067E3A153D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{50D76052-134E-46DB-AF8E-63827F883C0F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{573A2FE5-57C0-42F8-8975-5BAB012E4E67}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5CE34F28-6F4F-42EE-BAE2-9BCCF93766E1}" = dir=out | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{603B5352-9F25-450C-931F-5AB21B9D9B30}" = dir=out | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{628AA317-31C9-44E2-8A42-F7F802557474}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{64EF058B-DF0B-47FA-839E-D8F61DF5DFC8}" = protocol=6 | dir=in | app=c:\users\tobillix\imesh applications\imesh\imesh.exe |
"{7034917E-CA98-4BB5-AB89-3416A22A23EE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{712E01E0-C950-42FF-9219-DFC7341EC893}" = protocol=6 | dir=in | app=c:\users\tobillix\imesh applications\mediabar\datamngr\toolbar\dtuser.exe |
"{74D4C5A4-04C8-44BE-B791-DE225CBB5EBA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{75EA3C65-0DDD-4326-98AC-21F0076CC5B6}" = protocol=6 | dir=out | app=system |
"{781B43D5-A1EC-46D6-8565-3EC613235D80}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7CB2FC95-AB79-4E83-BCC5-6633D5C8E5BD}" = protocol=17 | dir=in | app=c:\users\tobillix\appdata\roaming\dropbox\bin\dropbox.exe |
"{8EF01BA1-D1F6-4D73-AADB-AB5E81F83EF1}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{913350F3-00D4-4B9F-9C8D-F30D7A0F8754}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{9D830397-6E89-423D-A1F7-196B8BA4E3C1}" = protocol=17 | dir=in | app=c:\users\tobillix\imesh applications\imesh\imesh.exe |
"{A52B226D-7E37-4AC4-9E9F-7D446241EC18}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{AE90F868-2056-4724-9677-E62210637C89}" = protocol=6 | dir=in | app=c:\users\tobillix\appdata\roaming\dropbox\bin\dropbox.exe |
"{B78C6051-5848-4568-BD2B-7E008D5BC9E3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{BE3E0709-A3B0-40C0-8F87-EA82E1C91D54}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CC5B74B6-49A5-4E7A-B36E-39D95F00FFAD}" = protocol=6 | dir=in | app=c:\users\tobillix\imesh applications\imesh\imesh.exe |
"{D0CA002B-4ECB-4DD7-80CF-22540258D827}" = protocol=17 | dir=in | app=c:\users\tobillix\imesh applications\imesh\imesh.exe |
"{D8BF7B41-9685-43FD-B1C5-3C2F26BCA8CE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{EE82D5BF-4B83-4999-809A-5D98E38A1CCD}" = dir=in | app=c:\program files (x86)\protected search\protectedsearch.exe |
"{F273DB03-3C4C-4D95-9B90-D4E369103FEB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FA5DBE5C-113F-4A75-BB37-A38EA4402287}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{5BD44DEA-8C93-4C43-8D98-4F0E76E6C4D8}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{9C1D6887-417E-439B-9C69-47B9E8A22CAB}C:\program files\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\vlc\vlc.exe |
"TCP Query User{C8E107EB-06FC-4848-8342-2413F6EDB566}C:\users\tobillix\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\tobillix\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{41AEA62B-C521-43F9-9C0B-8DAF6892DC38}C:\users\tobillix\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\tobillix\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{5050D132-3565-4248-860A-13B4321645BC}C:\program files\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\vlc\vlc.exe |
"UDP Query User{EBA5D961-39F4-4620-9730-99E7731A6B84}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0F696557-180C-4813-A754-5D43969B0691}" = Windows Live Family Safety
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{169C77B7-69C9-4648-9DD0-72B152AF269F}" = Windows Live Family Safety
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{289809B1-078A-49F3-83D0-7E51715B3915}" = Windows Live Family Safety
"{33B98264-A889-4913-A0CA-C364A75032B3}" = ASUS Power4Gear Hybrid
"{3946328A-5B3A-434C-A22B-64CF6652FBAD}" = Windows Live Family Safety
"{401C50F6-B443-43EE-8F27-A80DB19B03FD}" = Windows Live Family Safety
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7734509D-A1F7-4A5E-AF9D-77CD17AE41AF}" = Windows Live Family Safety
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{9210D7A2-DC28-43F6-92F9-E6CD4C729F7B}" = Windows Live Family Safety
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B22C8566-D522-4B40-A7AF-525F5A70D832}" = Windows Live Family Safety
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CB7935EF-43EE-4C0F-AC02-B0E4DD5DAC17}" = Windows Live Family Safety
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"{FE4BE0BD-1EDB-4D24-9614-847B3C472887}" = Windows Live Family Safety
"GIMP-2_is1" = GIMP 2.8.2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Registry Easy_is1" = Registry Easy v5.6
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = Sonic Focus
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{0ED38503-B69A-44B4-98BE-21BFF284A9B6}" = Brother Driver Deployment Wizard
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2FF959E3-FFE4-46C4-96DA-03F26BCFEFCC}" = Brother MFL-Pro Suite DCP-J140W
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{341697D8-9923-445E-B42A-529E5A99CB7A}" = syncables desktop SE
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{4555BB9E-E715-4260-A178-E8EFD2B653E3}" = Alcor Micro USB Card Reader
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5F6E678A-7E61-448A-86CB-BC2AD1E04138}" = Windows Live Messenger
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}" = Windows Live Messenger
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{709E38A9-7F80-4598-96CC-44B0D553FECE}" = Windows Live Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{749F674B-2674-47E8-879C-5626A06B2A91}" = InstantOn for NB
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C4BC5A5F-4A97-47CC-99C3-AB8E10572AFE}" = Wireless Console 3
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}" = ASUS FancyStart
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"3GP Media Player_is1" = 3GP Media Player 1.0.1
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AmUStor" = Alcor Micro USB Card Reader
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"ASUS_Screensaver" = ASUS_Screensaver
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVS Screen Capture_is1" = AVS Screen Capture version 2.0.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor_is1" = AVS Video Editor 6
"AVS Video Recorder_is1" = AVS Video Recorder 2.5
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"FlyChart" = FlyChart
"Google Chrome" = Google Chrome
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"IrfanView" = IrfanView (remove only)
"MaxPunkte_is1" = MaxPunkte Ver. 6.3.x
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"Mozilla Thunderbird 17.0.6 (x86 de)" = Mozilla Thunderbird 17.0.6 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"VLC media player" = VLC media player 2.0.6
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"World of Goo" = World of Goo
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1136809362-2212667915-2443606012-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"2418080180.www.pcspeedup.com" = PCSpeedUp
"Dropbox" = Dropbox
"Swiss Casino" = Swiss Casino
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
[ System Events ]
Error - 14.06.2013 04:50:07 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Client Virtualization Handler" wurde unerwartet beendet. Dies
ist bereits 1 Mal passiert.
Error - 14.06.2013 04:50:07 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0"
wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen
werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
Error - 14.06.2013 04:50:08 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Intel(R) Management and Security Application Local Management
Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende
Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error - 14.06.2013 04:50:08 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt:
Neustart des Diensts.
Error - 14.06.2013 04:50:08 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet
beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden
in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error - 14.06.2013 04:50:08 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Intel(R) Management and Security Application User Notification
Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error - 14.06.2013 04:50:12 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Application Virtualization Client" wurde unerwartet beendet.
Dies ist bereits 1 Mal passiert.
Error - 14.06.2013 04:50:38 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7032
Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden
des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen,
ist fehlgeschlagen. Fehler: %%1056
Error - 14.06.2013 04:55:01 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Google Update-Dienst (gupdate) erreicht.
Error - 14.06.2013 04:55:01 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
< End of report >
Vielen Dank für die Flotten Antworten! Thx |
|
| Themen zu Windows7 Explorer funktioniert nicht mehr |
| arbeiten, ausführen, befehl, beschädigte, bilder, c:\windows, cbs.log, cmd, datein, explorer, explorer funktioniert nicht, fehlerhafte, funktioniert, funktioniert nicht, funktioniert nicht mehr, home, konnte, nicht mehr, richtig, scan, schutz, stehe, stürtzt, system, systemdateien, windows, windows 7, übertragen |
Linear-Darstellung
