Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   GVU/ angebliche Bundespolizei/ Trojaner (https://www.trojaner-board.de/118450-gvu-angebliche-bundespolizei-trojaner.html)

ChrissCross6 03.07.2012 21:39
GVU/ angebliche Bundespolizei/ Trojaner
 
Hi,
also ich habe das gleiche Problem wie heute schon öfters beschrieben.
Heute spät Nachmittag kam nach normalen surfen und recherchieren im Internet (gerade Prüfungszeit :pfui:) eine Seite (die gefürchtete "Bundespolizei" Seite :wtf:). Es wurde die Taskleiste ausgeblendet und mein Pc wurde gesperrt. Habe meinen Router ausgeschaltet und den Pc neugestartet, dabei funktionierte wieder alles. Der Pc funktioniert auch im abgesicherten Modus mit Netzwerktreibern, einschließlich Web einbandfrei. Habe diese Problem auch einem Freund schon beschrieben und diesem ist aufgefallen das in den Logs zu dieser Zeit zwei Einträge sind:

1: C:\ProgramData\nud0repor.pad
2: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
weiß aber nicht ob das in irgendeiner Weise hilft.

Hier nochmal genauer:

[2012.07.03 17:49:46 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.03 17:44:22 | 004,503,728 | ---- | M] () -- C:\ProgramData\nud0repor.pad
[2012.07.03 17:43:12 | 000,001,885 | ---- | M] () -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk

Bei dem ersten Schritt gab es keine Fehlermeldung.
Die beiden Text Dateien sind im Anhang noch als Zip-Datei.

Hier der OTL.txt Report:
Code:
OTL Extras logfile created on: 03.07.2012 21:33:10 - Run 1
OTL by OldTimer - Version 3.2.53.1    Folder = C:\Users\Home\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,68 Gb Total Physical Memory | 3,07 Gb Available Physical Memory | 83,53% Memory free
7,35 Gb Paging File | 6,77 Gb Available in Paging File | 92,01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 226,39 Gb Total Space | 74,35 Gb Free Space | 32,84% Space Free | Partition Type: NTFS
 
Computer Name: HOME-PC | User Name: Home | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05206CF4-1287-4E0E-B912-8C4B85D85386}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{060E46E6-C140-4BA9-918C-FA088113C5C8}" = rport=10243 | protocol=6 | dir=out | app=system |
"{0730C21F-5185-49B3-98A7-E616C9E51F63}" = rport=445 | protocol=6 | dir=out | app=system |
"{0AC171C9-03D1-4E06-A0EF-473724BBB42E}" = rport=138 | protocol=17 | dir=out | app=system |
"{0C07E8D1-5E6C-42AB-91ED-E099E596F70E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{0EDEE754-6A57-44EE-B251-9EF212D9E95F}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{14E5CDEE-9E75-423D-9DDD-AB5A9EFAB1D7}" = lport=2869 | protocol=6 | dir=in | app=system |
"{2D661625-DB2E-4D1A-920A-1D7E22472227}" = lport=138 | protocol=17 | dir=in | app=system |
"{2DBA06A0-FFDE-444B-AE12-BEFC5F306EAD}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{55D93177-0583-44CC-BF2C-0DE988503620}" = lport=139 | protocol=6 | dir=in | app=system |
"{58735BEE-6AB1-4EBF-A06C-8384F296420A}" = lport=137 | protocol=17 | dir=in | app=system |
"{70A3F9A1-B1F8-4BC4-ACBC-A659B11FD071}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{783784E2-3157-4791-9384-610F7D7AA442}" = lport=49165 | protocol=6 | dir=in | name=akamai netsession interface |
"{7DAD6DEF-3BAC-49FA-B4DA-8644C2AE6988}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8666FE49-69A0-419A-AC9B-F7D3B8F0621D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{87FC0F64-6709-4AED-9937-5667B9181165}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{8F9D5032-7578-4FB4-B866-C49664CC6519}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A47A5FC0-7959-4C60-B9A1-056231561526}" = lport=10243 | protocol=6 | dir=in | app=system |
"{A88D7819-C38F-474A-BE6F-7F9E08CCA300}" = rport=139 | protocol=6 | dir=out | app=system |
"{AC93255C-ACD9-490E-9A56-37687C5AA248}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B1200FBF-EDEC-4B53-8DB2-95A215D58328}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B620E32A-F4AB-4389-9E83-F73C13EB9907}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{BBC8231A-3929-4787-82D6-737283535B25}" = rport=137 | protocol=17 | dir=out | app=system |
"{E6F9B683-FAB2-4EFC-AF81-8637F79F9B6B}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{E8799B1E-5640-48E1-8FE6-626A998CCB90}" = lport=445 | protocol=6 | dir=in | app=system |
"{EE39D7F4-6A44-4E11-B6F7-374CCB11D9EF}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F24AB7ED-9738-4105-A5A6-E9B10670D5AD}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FBAE6238-2474-49C8-809D-EC735B83010C}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{009E5979-0568-4E87-AFDF-9E8761BAD9DB}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\arcade movie\touchmovie.exe |
"{052B9B91-F164-4434-B151-4B812007D88D}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\divinity ii - the dragon knight saga demo\bin\divinity2.exe |
"{077D3F50-CCE1-426C-9302-D891B83C7011}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{09B45493-B48F-404C-9C4C-F0E066FBFBE6}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\battlefield bad company 2\bfbc2game.exe |
"{0AD5FC5F-6996-4087-AB1D-FEE19AA05B41}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{0CE19BFF-8AC2-4B6A-B7AE-DB91E9A1F4A4}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\alien swarm\srcds.exe |
"{0DA020A8-BF34-4EF0-806E-C30AE70E52C3}" = protocol=6 | dir=in | app=c:\spiele\rainbowsix_las_vegas_2\binaries\r6vegas2_launcher.exe |
"{0DB5909A-D072-4558-8A55-C9FD829B028E}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{1058BAFF-8DC0-4074-A5D8-1A0C37D4B158}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\sanctum\binaries\win32\shippingpc-sanctumgame.exe |
"{109B4DE7-B0C7-4B02-8F65-9AF96FF83EF8}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{123FA006-066D-455A-9571-86A6EDF9D264}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{129904B8-8514-4241-A51D-748402110263}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{130C31FC-C3C8-49DE-87F6-EEC281C7D40D}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\rift hammerknell trailer\smp.exe |
"{136FFA2D-AD67-40CF-BC9C-2411A532CD02}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{15CC65DC-C3B4-4F49-8E6E-AD66AB780860}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\call of duty black ops\blackops.exe |
"{1685BA2B-E59E-4038-874A-947D5FD8CBC8}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sanctum\binaries\win32\shippingpc-sanctumgame.exe |
"{16AB1D70-A03D-445B-A512-E33F252AEAA1}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\battlefield bad company 2\support\ea help\electronic_arts_technical_support.htm |
"{17008CF6-99FE-4369-B16E-EBDBF49CC677}" = protocol=17 | dir=in | app=c:\spiele\rainbowsix_las_vegas_2\binaries\r6vegas2_launcher.exe |
"{17164F1D-8C34-4285-8790-8C7A5F1B80FF}" = protocol=17 | dir=in | app=c:\users\home\xampp\mysql\bin\mysqld.exe |
"{17D08A10-4B2B-4AC8-BBFE-090A90420D7C}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\skyrim\skyrimlauncher.exe |
"{18165E15-E24B-4046-900A-00E8C2D76ED6}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\far cry 2\bin\fc2benchmarktool.exe |
"{1820811D-46E1-4B52-9F75-CF3AF9457121}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe |
"{1BEDAFA3-32B9-4DD6-8260-E8A300B2AA4E}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\kernel\dms\clmsservice.exe |
"{1CA6A9BB-8F1B-4140-BAAA-7C51F416AEA0}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\sanctum\binaries\win32\shippingpc-sanctumgame.exe |
"{1CF7F71D-8811-41EB-92E8-F32DCEC622A8}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\call of duty black ops\blackops.exe |
"{1E19DB5D-E1CF-40FE-8A17-D0A511C4350A}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{1FCC9AA4-B3E9-4B0E-B608-B08E3941725B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{247EADDE-3D93-42D9-9B44-4C9C82396289}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\far cry 2\bin\fc2serverlauncher.exe |
"{24A9BAAA-EC7B-47D1-98DD-97D26C65EBCD}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\kernel\dmp\clbrowserengine.exe |
"{27752D86-4F7B-4187-8AB4-818C5C04DEF1}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{2A48C2D9-3848-435B-BD06-843AA8B3AC4F}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\forsaken world\patcher.exe |
"{2B28EF79-9568-4B77-8381-1FD0AC689BD4}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{2C7F74D8-3A9C-4BBB-B174-DCDD38C8DB54}" = protocol=17 | dir=in | app=a:\spiele\ro - kopie\server\char-server.exe |
"{2E7CC2CC-2C59-480B-B6FA-9756771DCCD3}" = protocol=17 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{313570C6-91E4-4E00-802C-A4E85BD36A49}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{31416446-98C0-415F-A4B8-81C163EB7DD8}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{316A2526-4CAA-46B4-B275-CE5DC4321674}" = protocol=6 | dir=in | app=c:\users\home\downloads\diablo-iii-8370-dede-installer-downloader.exe |
"{32883C26-86C7-476D-AB86-D499F5512090}" = dir=in | app=c:\program files (x86)\acer\acer vcm\rs_service.exe |
"{32DE97C6-1990-4347-B8E0-930352F27BD5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{33CB9E99-6B60-41DC-8AAC-A006418E0CB7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\space siege\space siege\spacesiege.exe |
"{344AB883-48DE-42F4-8B4C-241208FF1A19}" = protocol=6 | dir=in | app=c:\users\home\xampp\mysql\bin\mysqld.exe |
"{348A7A7B-BE18-4560-90EF-AB50E246B104}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{35E066B5-722C-453C-B86D-301F6358295B}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{3617B0E7-AE4C-4DB1-BD4C-B9FEB5212CAA}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\assassin's creed 2\assassinscreediigame.exe |
"{36E565C7-363D-4DC9-9829-4A47027C2408}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\far cry 2\bin\farcry2.exe |
"{37727388-655D-4344-A47A-F73CB877ECE8}" = protocol=6 | dir=in | app=c:\users\home\xampp\apache\bin\httpd.exe |
"{377FC98F-5C0F-4A19-8CA4-2193B0365D43}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{3968641E-AEC2-4378-93CA-B78924CEDA6F}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\call of duty black ops\blackops.exe |
"{3A7C31D4-95A5-4515-8DB3-DC29D4E0FBD3}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{3B70DCF1-C5BC-4E28-A080-55A159D827D8}" = protocol=17 | dir=in | app=c:\spiele\rainbowsix_las_vegas_2\binaries\r6vegas2_game.exe |
"{3D5C53AB-BBD4-454A-B81B-3C48B92B7B53}" = protocol=6 | dir=in | app=a:\spiele\bohemia interactive\arma 2 operation arrowhead demo\arma2oa_demo.exe |
"{3EE742D9-EC1E-433E-B5C4-878159B217BC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stalker clear sky\bin\xrengine.exe |
"{3F0130B2-44C9-4013-BED6-C14164253549}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\sanctum\binaries\win32\sanctumgame-win32-shipping.exe |
"{3F830EFA-DB2A-4127-8BD1-E605B7923982}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\homemedia\homemedia.exe |
"{414A24A8-C2B5-466A-85F1-FD89E5D97877}" = protocol=6 | dir=out | app=system |
"{41C2ADAA-68E8-47AA-8928-C06EBC5EAE46}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\divinity ii - the dragon knight saga demo\bin\divinity2.exe |
"{435F8CA4-D260-4E7B-9B54-2C04FB16D650}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{46C78A21-2202-4DFF-AF4F-51AAD89C16F0}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{48CA9C93-5043-4AE8-9477-21CED7E9B2E4}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{49D86014-9385-49F1-AD98-4E4D82A1E275}" = protocol=6 | dir=in | app=c:\aeriagames\edeneternal\_launcher.exe |
"{4ADF3797-E782-49D6-9A6A-42EA048F4B36}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx10.exe |
"{4C3C4F59-D253-4333-B54E-6B8B825E0609}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{4CE6DF1B-8801-4881-B344-5B5D494CDCBE}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{4DF4965A-C525-45C3-A23D-87C2539DAC1A}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\sanctum\binaries\win32\sanctumgame-win32-shipping.exe |
"{4E900E51-8011-4913-A587-DF6DD65B2EEB}" = protocol=6 | dir=in | app=a:\spiele\neuer ordner\efusion\blackshot\system\blackshot.exe |
"{4EBF4D42-7C47-42E5-B027-09E6111DCEF5}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{4F666757-2ED4-4223-94D1-57F6705542CC}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\alien swarm\srcds.exe |
"{54C59D7A-1AA1-434B-82EE-023842A01661}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{5612780C-5FF3-4C68-A71A-D247FE74E9B5}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\far cry 2\bin\fc2benchmarktool.exe |
"{56C99C11-BAD1-436D-AEE8-ABD4BB6B208D}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\rift hammerknell trailer\smp.exe |
"{57A9D184-C18D-4610-B4BF-47C6D32124C1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{59A13E35-AA64-4043-88E6-3906E48B5D0B}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5B3B85C2-A46D-4337-95E6-EBB92FAC8155}" = protocol=6 | dir=in | app=a:\spiele\battleforge\battleforge.exe |
"{5B9250E7-1D9D-4EAF-A7C9-AD52B7D9EEB7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5C4F30B7-3DC9-4C8F-A8F6-2794D7E991E0}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{5CFAC9C2-DBD4-4510-B0D2-48477899E5CE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5D31B39A-DA83-42FF-A7CE-34320B61B53B}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{5D5BFEC5-C01B-4B09-8738-E91B4A68651B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{5E45D02A-6980-4363-90CE-26090A5FBB40}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe |
"{608716AA-922B-4F0C-AF32-F323C9D9299B}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\far cry 2\bin\fc2editor.exe |
"{627ED1A5-BB39-429B-B60F-3A3BF99ED79C}" = protocol=17 | dir=in | app=a:\spiele\diablo iii\diablo iii.exe |
"{64139862-46A6-46FD-B93B-CE80DED50186}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{64EC0F0A-5D3B-45CD-B41F-84D4B44E4DD9}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe |
"{6673DDBD-793D-4AED-89DA-BAF18D10412A}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\sanctum\binaries\win32\sanctumgame-win32-shipping.exe |
"{67D46905-DE05-4D1E-AE51-44EE24FCBD27}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{6862518D-C694-405F-9A65-1D228329CD45}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\alien swarm\swarm.exe |
"{697787E5-B4B8-47FB-BA89-3FB0B3887B28}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{6A4BB149-F922-4552-AB7E-AEAB07F17373}" = protocol=17 | dir=in | app=a:\spiele\battleforge\bootstrapper.exe |
"{6B5D8AC0-BEA5-453F-92D9-329BC597444A}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\alien swarm\swarm.exe |
"{6BD0552F-189F-4469-BF80-550E2E1086BE}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{6C561609-4AFA-427B-814D-E6EC24DC0A5B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{6D4E8C24-3658-4A3E-9252-385EA9DE3EFE}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\far cry 2\bin\fc2serverlauncher.exe |
"{6D6DCFFF-B83F-4BA3-8186-C9C3649AECF8}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\battlefield bad company 2\support\ea help\electronic_arts_technical_support.htm |
"{6FC97B82-8134-46E6-9C83-7F1B8F02FB84}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{718943D4-401D-425E-883F-86A90C26F435}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{74134431-8353-4C22-9168-863D1F85FE9C}" = protocol=17 | dir=in | app=a:\spiele\neuer ordner\efusion\blackshot\system\blackshot.exe |
"{74BB0B8C-1583-46B7-B4E6-56226477A8A1}" = protocol=17 | dir=in | app=a:\spiele\bohemia interactive\arma 2 operation arrowhead demo\arma2oa_demo.exe |
"{750CBCEE-51D5-4681-8D20-6FE8B68093E4}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{7646B0DF-F07C-44A4-924C-62B4587D027B}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\mpu83\counter-strike source\hl2.exe |
"{76816B63-C125-48F6-881F-8274E26DB7FA}" = protocol=17 | dir=in | app=c:\program files\efusion\blackshot\system\blackshot.exe |
"{78A4211C-D811-4251-BF42-52C3A8DDE8F6}" = protocol=17 | dir=in | app=a:\spiele\ro - kopie\server\map-server.exe |
"{794DF597-5C49-430D-88AF-532A74E6F226}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\mpu83\half-life\hl.exe |
"{7A72ABBB-F80B-4B48-B3C1-0BEBF63A9C98}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\battlefield bad company 2\bfbc2game.exe |
"{7AB889C9-3987-4407-B4C0-2DBC07ADE7A5}" = dir=in | app=c:\program files (x86)\acer\acer vcm\vc.exe |
"{7E57F103-7D5D-4687-B09C-2ABD40C3E758}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{809797B6-0A89-4C35-A2C8-E1ECEF19CF6D}" = protocol=6 | dir=in | app=c:\spiele\rainbowsix_las_vegas_2\binaries\r6vegas2_game.exe |
"{80AA1035-C88E-4650-B8ED-4C8FDED84962}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{83C3653D-EA45-4A1D-9433-3B5138C6A12D}" = protocol=17 | dir=in | app=a:\spiele\mirros edge\binaries\mirrorsedge.exe |
"{846CBB34-1F2D-4FFE-BDF5-ECFC56B95D01}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe |
"{85968CBA-5E71-4851-A603-5195DB86AB54}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{86F5A4C4-C198-49A8-8726-60D62573C094}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\supreme commander 2 demo\bin\supreme commander 2 demo.exe |
"{87B78763-6C26-4914-90C4-1F4E3C4B8D66}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysisdedicatedserver.exe |
"{88C0A469-6BDC-43D8-9E03-629031CDFDA8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8D418EEA-11FA-4474-BE59-A5923F3BE96F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{8D419147-DB17-4137-A230-F7514EF9BDE0}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{8D571819-A2C7-42AC-B5A6-A28F9E25CE80}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{8FB6C276-D463-4A5D-9A99-4C8267B0472F}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\pcmservice.exe |
"{8FEB1C7F-DC3F-4DC4-8FB0-2574E088ECA1}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{904B8782-CEF4-4BEE-81B7-77578FCFC849}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{91C2E5DA-8667-4732-826B-88DE4C374857}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{9A372C75-376E-44C4-B3D6-4810C367991D}" = protocol=17 | dir=in | app=a:\spiele\blackshot\efusion\blackshot\system\blackshot.exe |
"{9C25B9C0-E4B8-4194-BB8B-5A0404FED7A7}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin32\crysis.exe |
"{A06DF446-AD26-400A-8F81-075D599A4B0F}" = protocol=17 | dir=in | app=c:\users\home\xampp\apache\bin\httpd.exe |
"{A245E439-36E3-4EB3-9552-2D4F09E7DD8F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{A5742985-F70F-47ED-AD96-184EE8F9DD5A}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\call of duty black ops\blackopsmp.exe |
"{A6097138-F09C-416A-8BA7-658C75303267}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\call of duty black ops\blackops.exe |
"{A6213136-BB3A-4100-8EB2-E6BA24857FC9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\stalker clear sky\bin\xrengine.exe |
"{A6500B33-F61D-46C5-972B-EF81318E4F81}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{AA26633D-77BA-46B2-9083-33826900B10B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sanctum\binaries\win32\shippingpc-sanctumgame.exe |
"{AADB550C-7F7F-422D-8526-EE2268820CEF}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{ACF44668-075D-4831-8BB2-274349A5D7B5}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe |
"{AF47ED88-1918-4BC0-BED5-3E643E54D7D8}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\bulletstorm\binaries\win32\shippingpc-stormgame.exe |
"{B30DB27F-F3DD-4A05-8969-54D67DCE920C}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{B65181C0-2078-4AFE-AD1F-D3EEA3BD63CD}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{B81A4914-D5EC-432B-AB2F-17ABB673C9F6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B92C7FCD-F333-431E-AE18-079A9895847C}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\plants vs zombies\plantsvszombies.exe |
"{B939A999-8F15-4478-B263-530D41AD3405}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\space siege\space siege\spacesiege.exe |
"{B951874B-66E2-4B06-B4F8-D57404AE6A0E}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\space siege\space siege\spacesiege.exe |
"{BBA28851-05EC-4A36-8D66-EF9863465A03}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{BBB2A0D0-FDA1-4BD5-AFB4-F9358E3D2247}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{BBC08F02-7FE3-454B-9C5D-81A0E9BF6BA8}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{BEA20BAE-A1C9-4C38-B788-85FF57D7E8E6}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{C0739160-B4CE-4F6C-9CEA-7AC3565600EB}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\far cry 2\bin\fc2editor.exe |
"{C0837AF8-FA54-4AE1-9905-05C6421AE100}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\just cause 2\justcause2.exe |
"{C0B2D66A-163F-40E4-AE65-06BCC10EA3FF}" = protocol=6 | dir=in | app=a:\spiele\bittorrent.exe |
"{C1C9E6E4-06BD-4FC8-BCCA-F6C9BA76925C}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe |
"{C2900B85-FB58-4213-8B34-82942CEA968B}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.524\agent.exe |
"{C3EF3C63-0D5D-43E6-B8A0-E7E844F1ED50}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\forsaken world\patcher.exe |
"{C5AAEFBA-9BC3-4053-B703-0E4A937CD230}" = protocol=6 | dir=in | app=c:\program files (x86)\diablo iii\diablo iii.exe |
"{C5E500C8-7D63-4F2E-A497-076FD438E03F}" = protocol=17 | dir=in | app=c:\aeriagames\edeneternal\_launcher.exe |
"{C5FB96FA-FA9B-4EDD-AB6F-07DC991349A1}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hoard\win32\reuben.exe |
"{C7DE8F20-3B5D-4CBA-9856-6E65F77BF4F2}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\stalker clear sky\bin\xrengine.exe |
"{CA5AF769-21D5-41B4-AE80-8E2DEF0FCE35}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{CA75C0B1-3386-43F0-9697-A4512A56B2A2}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{CDB9B3EA-F085-48D2-BC3E-7EBD69B0D91F}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{CFDC1866-336D-4A50-9381-5C3E97A72650}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx9.exe |
"{D0C26A06-3B9E-48B3-A9A4-D7BDA6E2008B}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{D1232791-FA44-470D-AD34-27507E3DAA7C}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\powercinema.exe |
"{D2410E94-313F-4307-BA9A-1F23452BF2DC}" = protocol=6 | dir=in | app=a:\spiele\blackshot\efusion\blackshot\system\blackshot.exe |
"{D2B51937-C1FF-4F34-9EA0-54BB01F28457}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{D5709E5E-09EB-4785-ADA2-7558E820759E}" = protocol=6 | dir=in | app=a:\spiele\mirros edge\binaries\mirrorsedge.exe |
"{D761C590-B9B4-43CD-8CD8-32C2D256C25A}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\sanctum\binaries\win32\sanctumgame-win32-shipping.exe |
"{D8293E61-A1D4-4A34-98B7-E5093C41B023}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{DAFC8E85-D989-4D77-B242-ACC7DB68CB1E}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\arcade movie\touchmovieservice.exe |
"{DB5385F7-72F2-4040-9E2C-9C99AA8FE9C1}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{DC2B0C7F-C05C-4002-9FB9-9B8CE979769E}" = protocol=17 | dir=in | app=c:\users\home\downloads\diablo-iii-8370-dede-installer-downloader.exe |
"{DD7C520D-2201-435D-AA6E-01DD54434B7D}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe |
"{DDC8391A-CC63-4500-B976-E0F3CCCF108C}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{DEA6A979-28AC-4013-B0F7-BD5FEE6DA91C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E201B773-A8DB-4B5D-B029-F23D2D4D2E84}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\assassin's creed 2\assassinscreediigame.exe |
"{E2976B04-0181-4032-BA58-FF9AD7F1DB34}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E6D67C8E-3C80-4A18-92EC-C6F548FF540A}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{E84005A3-8F75-4DAC-99A2-BC3C28BDC817}" = protocol=6 | dir=in | app=a:\spiele\diablo iii\diablo iii.exe |
"{E88DC2B8-EE65-44F2-ACC9-B7C44891CFD6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E8A686C5-7058-4C75-8BDB-0E2DB5972A68}" = protocol=6 | dir=in | app=c:\program files\efusion\blackshot\system\blackshot.exe |
"{ECAF071E-5D8B-4772-A997-7EE78E39C074}" = protocol=6 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysisdedicatedserver.exe |
"{ED41F481-68D1-42F0-BC8B-396D580CFF08}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_launcher.exe |
"{ED4D17B3-F161-43E0-A578-EE1DB10DF8CD}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\supreme commander 2 demo\bin\supreme commander 2 demo.exe |
"{EE5147F0-B5DA-4C23-8BDB-7A39DC5B86F6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EFA3E613-77C6-4BD1-A29B-62A61C10BB4D}" = protocol=17 | dir=in | app=a:\spiele\bittorrent.exe |
"{F0C0739B-6D8A-4AAA-A983-28157B6D9B3A}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{F1ABAD59-A2CB-4E45-8ED5-453850FBA0D2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\space siege\space siege\spacesiege.exe |
"{F1C43D6C-4ACB-4250-A834-A524C7A9D64F}" = protocol=6 | dir=in | app=a:\spiele\battleforge\bootstrapper.exe |
"{F1D188D6-BDF4-4E9D-9836-A97C5051D5C6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\hoard\win32\reuben.exe |
"{F1ECA110-CAD2-462C-8F4C-84C1F671EE23}" = protocol=17 | dir=in | app=c:\program files (x86)\electronic arts\crytek\crysis\bin64\crysis.exe |
"{F2A752B0-2331-4D61-8255-4D3006DC777F}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\mpu83\half-life\hl.exe |
"{F33927E3-DFFA-4C38-9266-812D983ECCC7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F3DCC135-74A8-4384-9D4C-2F6C21EFDDB1}" = protocol=6 | dir=in | app=a:\spiele\ro - kopie\server\map-server.exe |
"{F46DEFD7-B09C-4817-AC60-9F9171701BD8}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\just cause 2\justcause2.exe |
"{F4F8430B-A3B1-4FB6-AFE5-850D4CB72F9D}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\far cry 2\bin\farcry2.exe |
"{F7DA07F6-ED5E-45B6-A518-3CA00A0B68AF}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\mpu83\counter-strike source\hl2.exe |
"{F8BAF2C3-6FD9-4A35-968C-6AA01A031E91}" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\deus ex - human revolution\dxhr.exe |
"{F923F925-C2C7-43C3-99CF-CD9AF3CBC99F}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\stalker clear sky\bin\xrengine.exe |
"{FA0251EB-C570-400F-8418-410BDE01B8AF}" = protocol=6 | dir=in | app=a:\spiele\ro - kopie\server\char-server.exe |
"{FE4F9CCB-1773-44EF-8999-0E78DC473B2C}" = protocol=17 | dir=in | app=a:\spiele\battleforge\battleforge.exe |
"{FE6C486C-4237-4FBA-BBA3-B4144733F58F}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\bulletstorm\binaries\win32\shippingpc-stormgame.exe |
"{FF8D8AB2-C463-41A4-B75B-E95B9342280B}" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\plants vs zombies\plantsvszombies.exe |
"TCP Query User{07F21F7D-5767-49ED-8E35-730614C6021E}C:\users\home\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\users\home\xampp\apache\bin\httpd.exe |
"TCP Query User{089C1B5D-67F5-4F0D-99AE-5F7FB422E229}C:\users\home\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\users\home\xampp\mysql\bin\mysqld.exe |
"TCP Query User{0BBA11E8-D806-4B42-A844-4FE00D131D78}C:\program files (x86)\steam\steamapps\common\sanctum\binaries\win32\shippingpc-sanctumgame.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sanctum\binaries\win32\shippingpc-sanctumgame.exe |
"TCP Query User{0D15714A-E028-4611-A346-96640D347B36}A:\spiele\steam\steamapps\common\kingdoms of amalur - reckoning demo\reckoningdemo.exe" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\kingdoms of amalur - reckoning demo\reckoningdemo.exe |
"TCP Query User{32C5B9B1-61EE-4B67-BD33-5BAD0827C10D}C:\program files (x86)\winter sports 2011\wintersports_stripped_dx9.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winter sports 2011\wintersports_stripped_dx9.exe |
"TCP Query User{3D9923B3-540E-4A64-AD5E-80C832762E88}A:\spiele\ro - kopie\server\login-server.exe" = protocol=6 | dir=in | app=a:\spiele\ro - kopie\server\login-server.exe |
"TCP Query User{3EB3C8A8-2F97-4528-BA40-C7188F53F0E2}A:\spiele\sparta\awe.exe" = protocol=6 | dir=in | app=a:\spiele\sparta\awe.exe |
"TCP Query User{40B91D52-F90D-47BD-BD14-69BEB54C20B5}C:\program files (x86)\funcom\age of conan\conanpatcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\funcom\age of conan\conanpatcher.exe |
"TCP Query User{4E16CB1F-05FA-4178-B334-2791AF6CD754}C:\program files (x86)\funcom\age of conan\ageofconan.exe" = protocol=6 | dir=in | app=c:\program files (x86)\funcom\age of conan\ageofconan.exe |
"TCP Query User{4F5D729B-31A4-42CD-9970-5A1D53D26774}A:\spiele\die_siedler_2\bin\s2dng.exe" = protocol=6 | dir=in | app=a:\spiele\die_siedler_2\bin\s2dng.exe |
"TCP Query User{6CE2BA20-B624-48D7-AAFC-7271419D1F8D}C:\program files (x86)\funcom\age of conan\conanpatcher.exe" = protocol=6 | dir=in | app=c:\program files (x86)\funcom\age of conan\conanpatcher.exe |
"TCP Query User{7AA16135-132E-4422-959E-8E6C9AE6F9A9}A:\spiele\dead_speace\dead space.exe" = protocol=6 | dir=in | app=a:\spiele\dead_speace\dead space.exe |
"TCP Query User{7DBA9641-04C5-4449-9013-9AB1DEBC5B22}A:\spiele\ro - kopie\server\map-server.exe" = protocol=6 | dir=in | app=a:\spiele\ro - kopie\server\map-server.exe |
"TCP Query User{964DDDCA-3B0B-4BC2-BDE8-98AEE50CFFA3}C:\users\home\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\home\appdata\local\akamai\netsession_win.exe |
"TCP Query User{986188AB-1C9F-49BB-A170-BB21C760CE35}A:\spiele\dead_speace\dead space.exe" = protocol=6 | dir=in | app=a:\spiele\dead_speace\dead space.exe |
"TCP Query User{9ABC99E6-4B23-46EF-B9D1-B78E07303AA3}C:\users\home\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\home\appdata\local\akamai\netsession_win.exe |
"TCP Query User{9BEFB5C7-8F9F-44F5-964C-5337E6A3998D}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{AEA49C50-629B-4995-A646-01DA060864FC}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"TCP Query User{B5939D6B-A65D-45A9-95E4-238EE96C1FB5}A:\spiele\steam\steamapps\dark_side1658\team fortress 2\hl2.exe" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\dark_side1658\team fortress 2\hl2.exe |
"TCP Query User{B76B1862-140F-4CDF-B7D3-8F290878B9C5}A:\spiele\ro - kopie\server\char-server.exe" = protocol=6 | dir=in | app=a:\spiele\ro - kopie\server\char-server.exe |
"TCP Query User{BF17EA64-AEA8-40A2-A8D6-E2CC74C090DA}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"TCP Query User{CF503047-1FE9-404A-8A54-94EFD26E996E}A:\spiele\diablo iii\diablo iii.exe" = protocol=6 | dir=in | app=a:\spiele\diablo iii\diablo iii.exe |
"TCP Query User{CF9FEC86-10C9-4224-827E-3DE0DFAFEAEF}A:\spiele\mass effect 2\binaries\masseffect2.exe" = protocol=6 | dir=in | app=a:\spiele\mass effect 2\binaries\masseffect2.exe |
"TCP Query User{D7BE8D05-F4A2-4F5E-A84D-3676ED3F75E9}A:\spiele\steam\steamapps\feami\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\feami\counter-strike source\hl2.exe |
"TCP Query User{E56A07C2-DC24-4699-9D4B-3C93130580CA}A:\spiele\steam\steamapps\common\sanctum\binaries\win32\shippingpc-sanctumgame.exe" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\common\sanctum\binaries\win32\shippingpc-sanctumgame.exe |
"TCP Query User{EA3D1AB6-AB36-428C-85B4-0D60820AD28A}A:\spiele\steam\steamapps\mpu83\half-life 2 deathmatch\hl2.exe" = protocol=6 | dir=in | app=a:\spiele\steam\steamapps\mpu83\half-life 2 deathmatch\hl2.exe |
"TCP Query User{EAE103AA-FDBE-4021-9070-16358BF8D182}A:\spiele\steam\steam.exe" = protocol=6 | dir=in | app=a:\spiele\steam\steam.exe |
"TCP Query User{F08944EC-B160-422A-A458-C4A3A93CA50A}C:\program files (x86)\funcom\age of conan\ageofconandx10.exe" = protocol=6 | dir=in | app=c:\program files (x86)\funcom\age of conan\ageofconandx10.exe |
"TCP Query User{F9124CF3-7C10-4551-ACFE-617B78186678}C:\users\home\downloads\diablo-iii-8370-dede-installer-downloader.exe" = protocol=6 | dir=in | app=c:\users\home\downloads\diablo-iii-8370-dede-installer-downloader.exe |
"UDP Query User{086C8444-2039-454B-A5B0-1C13FEBB58D5}C:\users\home\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\users\home\xampp\apache\bin\httpd.exe |
"UDP Query User{0F131B70-0E4C-4456-8C19-06127F527098}A:\spiele\dead_speace\dead space.exe" = protocol=17 | dir=in | app=a:\spiele\dead_speace\dead space.exe |
"UDP Query User{14AFC15D-1F0F-46F2-854E-28C0D3810FBE}A:\spiele\mass effect 2\binaries\masseffect2.exe" = protocol=17 | dir=in | app=a:\spiele\mass effect 2\binaries\masseffect2.exe |
"UDP Query User{168BAAEE-BC62-477C-90B2-10EA35116F42}A:\spiele\ro - kopie\server\login-server.exe" = protocol=17 | dir=in | app=a:\spiele\ro - kopie\server\login-server.exe |
"UDP Query User{18C45D33-9491-495C-8297-29E7E955E7C5}A:\spiele\steam\steam.exe" = protocol=17 | dir=in | app=a:\spiele\steam\steam.exe |
"UDP Query User{1B31C15A-5163-438B-BDDF-48CBEEC1733D}A:\spiele\dead_speace\dead space.exe" = protocol=17 | dir=in | app=a:\spiele\dead_speace\dead space.exe |
"UDP Query User{2BC1BCE0-2AF1-41C0-911E-E5F25A271A4D}C:\users\home\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\home\appdata\local\akamai\netsession_win.exe |
"UDP Query User{2EE9C111-4721-4AA5-902D-C0F2E1F3F8D8}A:\spiele\steam\steamapps\feami\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\feami\counter-strike source\hl2.exe |
"UDP Query User{3B81FC8A-9111-431D-9540-50CE39AB3BE9}A:\spiele\steam\steamapps\dark_side1658\team fortress 2\hl2.exe" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\dark_side1658\team fortress 2\hl2.exe |
"UDP Query User{45D08F85-E25C-4E3E-9E5A-6979E8407CC2}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"UDP Query User{51D2D22E-D25C-47DA-9064-15E1B169C747}A:\spiele\ro - kopie\server\map-server.exe" = protocol=17 | dir=in | app=a:\spiele\ro - kopie\server\map-server.exe |
"UDP Query User{53D0DF16-F5D1-496D-B2E5-9E9A9B43B30F}A:\spiele\ro - kopie\server\char-server.exe" = protocol=17 | dir=in | app=a:\spiele\ro - kopie\server\char-server.exe |
"UDP Query User{55790254-B3DE-43ED-9146-43EA8ECFF1F7}A:\spiele\diablo iii\diablo iii.exe" = protocol=17 | dir=in | app=a:\spiele\diablo iii\diablo iii.exe |
"UDP Query User{560CC549-0313-4750-B2C3-AA7195ED27A1}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{66D8F107-3196-407A-ADC2-31441708E1C9}A:\spiele\steam\steamapps\common\kingdoms of amalur - reckoning demo\reckoningdemo.exe" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\kingdoms of amalur - reckoning demo\reckoningdemo.exe |
"UDP Query User{88DC26F8-8315-41AE-85FF-B7BE6E9B625D}C:\users\home\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\home\appdata\local\akamai\netsession_win.exe |
"UDP Query User{98A003E5-41B7-4520-808C-2ACF3D8C44D7}C:\program files (x86)\funcom\age of conan\conanpatcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\funcom\age of conan\conanpatcher.exe |
"UDP Query User{A0391F11-B196-45B5-AF75-A4B4283D177F}A:\spiele\steam\steamapps\mpu83\half-life 2 deathmatch\hl2.exe" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\mpu83\half-life 2 deathmatch\hl2.exe |
"UDP Query User{A76D98CA-0075-4206-8E17-767AE70A0D8A}A:\spiele\steam\steamapps\common\sanctum\binaries\win32\shippingpc-sanctumgame.exe" = protocol=17 | dir=in | app=a:\spiele\steam\steamapps\common\sanctum\binaries\win32\shippingpc-sanctumgame.exe |
"UDP Query User{A89EAB2D-5D75-4FF8-9C69-1F89409A889D}A:\spiele\die_siedler_2\bin\s2dng.exe" = protocol=17 | dir=in | app=a:\spiele\die_siedler_2\bin\s2dng.exe |
"UDP Query User{BA20A379-6CE6-496E-A9E4-72083BB8C9DD}C:\users\home\downloads\diablo-iii-8370-dede-installer-downloader.exe" = protocol=17 | dir=in | app=c:\users\home\downloads\diablo-iii-8370-dede-installer-downloader.exe |
"UDP Query User{C1873CB1-8568-42FD-B027-7D168EB5101A}C:\program files (x86)\funcom\age of conan\ageofconan.exe" = protocol=17 | dir=in | app=c:\program files (x86)\funcom\age of conan\ageofconan.exe |
"UDP Query User{C3878235-1C39-4E12-9931-431D99611D43}C:\program files (x86)\funcom\age of conan\ageofconandx10.exe" = protocol=17 | dir=in | app=c:\program files (x86)\funcom\age of conan\ageofconandx10.exe |
"UDP Query User{C82216A8-B4E4-42C8-A327-48F871D54DE7}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe |
"UDP Query User{DE8E4FF1-BD4F-438A-9FF7-D327233C3AC8}C:\program files (x86)\steam\steamapps\common\sanctum\binaries\win32\shippingpc-sanctumgame.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sanctum\binaries\win32\shippingpc-sanctumgame.exe |
"UDP Query User{E4C3B943-8935-4312-A0DF-7351BB18CE70}C:\program files (x86)\funcom\age of conan\conanpatcher.exe" = protocol=17 | dir=in | app=c:\program files (x86)\funcom\age of conan\conanpatcher.exe |
"UDP Query User{E964A428-4723-4386-BBCF-E4F595F38F3B}C:\users\home\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\users\home\xampp\mysql\bin\mysqld.exe |
"UDP Query User{F20F66BF-F3FC-43D8-B474-C347E8FDC9CF}A:\spiele\sparta\awe.exe" = protocol=17 | dir=in | app=a:\spiele\sparta\awe.exe |
"UDP Query User{F32DD9D7-77DD-46D7-83F8-09FB7D82D143}C:\program files (x86)\winter sports 2011\wintersports_stripped_dx9.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winter sports 2011\wintersports_stripped_dx9.exe |
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{09782D89-1CA6-4B7D-82C5-2DE01AF5601B}" = Microsoft SQL Server 2008 Common Files
"{0ADF605D-2D94-4467-91F7-D75C71CF328D}" = Microsoft SQL Server 2008 Database Engine Shared
"{0D87AE67-14EB-4C10-88A5-DA6C3181EB18}" = Windows Live Family Safety
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0F37D969-1260-419E-B308-EF7D29ABDE20}" = Web Deployment Tool
"{11EB3D68-A5BE-43EA-8D31-43B08ADB0DA4}" = Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) de
"{12FE6AA6-65D2-40EE-B925-62193128A0E6}" = Microsoft SQL Server 2008 Native Client
"{197B3774-B7E6-4D50-AD0D-7F99B1E264D2}" = Microsoft SQL Server System CLR Types (x64)
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1CB6C387-65A7-327F-B4A5-7DDC75A291AF}" = Microsoft Visual Studio 2010 Office Developer Tools (x64)
"{1EB84327-5469-B591-F59C-E91372063F0D}" = ccc-utility64
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{2128559D-BBCD-4744-87F0-7C0CD5CFB464}" = Windows Live Family Safety
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{28D06854-572C-4A65-83E5-F8CAF26B9FDC}" = Microsoft SQL Server VSS Writer
"{2DF4C5DD-7417-301D-935D-939D3B7B5997}" = Microsoft Help Viewer 1.0 Language Pack - DEU
"{2F14965D-567B-4E59-ADEB-0A2CC1E3ADDF}" = Sql Server Customer Experience Improvement Program
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{440668AA-7524-40DB-966A-60BE535E1B3F}" = Microsoft SQL Server 2008 Database Engine Services
"{467D5E81-8349-4892-9E81-C3674ED8E451}" = Cisco Systems VPN Client 5.0.07.0290
"{47BA3A3A-6B4E-307F-A43B-724079FE90C6}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10
"{5340A3B5-3853-4745-BED2-DD9FF5371331}" = Microsoft SQL Server 2008 Common Files
"{53952792-BF16-300E-ADF2-E7E4367E00CF}" = Visual Studio 2010 Prerequisites - English
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support
"{7AC5FFA7-6815-4AED-B16D-8E0D7CC4B221}" = Microsoft Sync Framework Runtime v1.0 SP1 (x64) de
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8583E7E3-2237-4981-B957-E28E5E9AB678}" = Microsoft SQL Server 2008 R2 Management Objects (x64)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{94D70749-4281-39AC-AD90-B56A0E0A402E}" = Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95A2AD24-BD44-3E39-A31F-CE928276577E}" = Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319
"{A1F50E06-E514-393D-AAEB-2F989F0B7C68}" = Microsoft Team Foundation Server 2010 Object Model - DEU
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{ADBD6E65-46CB-4A97-9AFB-64963FEACC40}" = Microsoft SQL Server 2008 RsFx Driver
"{B39F601A-E865-7C74-48C6-821AD1312D33}" = ATI Catalyst Install Manager
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C3600AE6-93A0-3DB7-B7AA-45BD58F133B5}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{C3EAE456-7E7A-451F-80EF-F34C7A13C558}" = Microsoft SQL Server Compact 3.5 SP2 x64 DEU
"{CC8BA866-16A7-4667-BA0C-C494A1E7B2BF}" = Microsoft SQL Server 2008 Database Engine Shared
"{D2D22BEE-B7F1-49D0-9ED6-86D0B2CEDFAD}" = TortoiseSVN 1.7.6.22632 (64 bit)
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D66F0C3C-24F2-4463-9E2F-4381E5C40A26}" = iTunes
"{D8125A39-ADEE-4187-B04D-DB6CF489AF61}" = Unterstützungsdateien für Microsoft SQL Server 2008-Setup
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{E802A021-0F24-3484-97F7-D74D74CB93A0}" = Microsoft Visual Studio 2010 Office Developer Tools (x64) Language Pack - DEU
"{EF9A1373-9238-4E11-8FF8-7B83996F5BE5}" = Microsoft Sync Framework Services v1.0 SP1 (x64) de
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FBD367D1-642F-47CF-B79B-9BE48FB34007}" = Microsoft SQL Server 2008 Database Engine Services
"{FCADA26A-5672-31DD-BF0E-BA76ECF9B02D}" = Microsoft Help Viewer 1.0
"CCleaner" = CCleaner
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft Help Viewer 1.0" = Microsoft Help Viewer 1.0
"Microsoft Help Viewer 1.0 Language Pack - DEU" = Microsoft Help Viewer 1.0 Language Pack - DEU
"Microsoft SQL Server 10" = Microsoft SQL Server 2008 (64-bit)
"Microsoft SQL Server 10 Release" = Microsoft SQL Server 2008 (64-bit)
"Microsoft Team Foundation Server 2010 Object Model - DEU" = Microsoft Team Foundation Server 2010-Objektmodell - DEU
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU" = Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{000E79B7-E725-4F01-870A-C12942B7F8E4}" = Crysis(R)
"{0125D081-30D0-4A97-82A8-C28D444B6256}" = Microsoft SQL Server Compact 3.5 SP2 DEU
"{0175B16B-7C97-2C14-6B14-A069FF16A282}" = CCC Help Swedish
"{02B244A2-7F6A-42E8-A36F-8C385D7A1625}" = Gothic III
"{0388DFC2-5A9F-990D-99F1-EC499C48C873}" = CCC Help German
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{0481A2EA-DA1D-4D10-A7C3-F8237948F6B5}" = Messenger Companion
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{06862EDF-94FD-E990-130F-5F1E0CADCA4A}" = CCC Help Chinese Traditional
"{08DA8E46-ED67-451A-9246-50E0FF6959C9}" = Microsoft Sync Framework SDK v1.0 SP1 de
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{0E33EC53-22CE-426C-A88B-2AAC231BAC85}" = Catalyst Control Center - Branding
"{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13178B22-DA9A-E2E5-A934-E94A573701DF}" = CCC Help Russian
"{142D633B-6D5E-43FC-ADCD-BF71C495F91C}_is1" = EKRO Fullclient v1.0
"{1447DD17-D55A-04EB-D24D-67966305276E}" = CCC Help Dutch
"{146CB617-4FED-E42C-F49E-582E537BF493}" = CCC Help Hungarian
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{1803A630-3C38-4D2B-9B9A-0CB37243539C}" = Microsoft ASP.NET MVC 2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{195C3D8C-1468-42F9-B169-110E79062D62}_is1" = Godlike-RO 1.0
"{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}" = Microsoft XNA Framework Redistributable 3.1
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1E05CF2E-BF5F-4A43-9147-2CCBBE57BC3C}_is1" = Mein Gutscheincode Finder 1.0.0.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{31142441-0A37-16A6-8326-4CA5A295EDAC}" = CCC Help Korean
"{31C3C6EA-E991-405F-A3AA-2C070CCCC47C}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools - DEU
"{31EF4C77-4A10-9422-4F73-DA2F56F72A11}" = CCC Help English
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3CAD25F8-F8AF-66C3-0183-C0D195152268}" = Catalyst Control Center Graphics Previews Common
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{40416836-56CC-4C0E-A6AF-5C34BADCE483}" = Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools
"{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}" = Dotfuscator Software Services - Community Edition
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{4968622A-4D3F-489E-9ACE-5FEC4CC0BDE3}" = MediaShow Espresso
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AF2248C-B3DF-46FB-9596-87F5DB193689}" = Microsoft SQL Server 2008 Browser
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D87DC92-C328-46EC-A7B4-9C88129DC696}" = Dead Space™
"{5242B252-01BB-4F2E-BBF4-5C01BC3B6619}" = Microsoft SQL Server 2008 R2 Data-Tier Application Project
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{592BF1F6-6838-4DA4-0F13-F09CF64F08EA}" = CCC Help Turkish
"{5A08C9D1-37AD-4A8D-90D3-33F92C578AA5}" = Microsoft SQL Server System CLR Types
"{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader
"{5E1375CB-6792-4464-8715-CC3EC83D48FA}" = VirtualDJ Home FREE
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}" = GameSpy Comrade
"{60E3D27A-CD4B-D5FC-1987-0B916CB7F063}" = CCC Help Greek
"{616C6F39-4CE1-3434-A665-2F6A04C09A7F}" = Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{6451FE7C-3DCF-6398-A9B1-3D490FB419D9}" = CCC Help Spanish
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{681F4E9F-34E0-36BD-BF2C-100554E403A5}" = Microsoft Visual F# 2.0 Runtime Language Pack - DEU
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{6A86554B-8928-30E4-A53C-D7337689134D}" = Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319
"{6CDEAD7E-F8D8-37F7-AB6F-1E22716E30F3}" = Microsoft Visual Studio Macro Tools
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{719C70B3-5DBD-4CDD-B0BC-03382F945D71}" = OOo-dev 3.4
"{71CB1BA2-89C6-DD97-0A78-086B10C98CE8}" = CCC Help Norwegian
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{729A3000-BC8A-3B74-BA5D-5068FE12D70C}" = Microsoft Visual F# 2.0 Runtime
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78A96B4C-A643-4D0F-98C2-A8E16A6669F9}" = Windows Live Messenger Companion Core
"{7BEC151D-ADA9-3EA9-9273-99BA82881971}" = Microsoft Visual Studio 2010 SharePoint Developer Tools
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{7FB413C8-3CAD-49F7-A67C-6EFEB4B04050}" = LogMeIn Hamachi
"{7FC7AD70-1DF3-4B84-9AA2-4FB680F45572}_is1" = Hex-Editor MX
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110300453}" = Spin & Win
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111307457}" = Galapago
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}" = Amazonia
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{885EACE2-F2B6-BC1F-E4DC-D80154650B8D}" = Catalyst Control Center Localization All
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{2733AA87-26FC-41B0-9D2F-3092345BC370}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.de-de_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.de-de_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends
"{91F54E1D-804A-46D8-A56C-53EA9C4B3177}" = Microsoft Silverlight 3 SDK - Deutsch
"{92C5C058-E941-47C3-B7E8-38A79C605969}" = Microsoft SQL Server 2008 R2 Transact-SQL Language Service
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{95E1F024-B30F-8527-2CB8-5A0F752BD1A5}" = CCC Help Chinese Standard
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C3B8582-A72A-4835-8903-877A834407BB}" = Microsoft SQL Server 2008 R2-Datenebenenanwendungs-Framework
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{A01A8F72-6E33-FCB2-ADE6-6A4E701AF903}" = CCC Help Finnish
"{A106D33E-6B43-42C0-9BFC-D03303261FA7}" = Microsoft SQL Server 2008 R2 Management Objects
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A47A9101-6EB5-4314-BDA1-297880FBB908}" = Microsoft redistributable runtime DLLs VS2008 SP1(x86)
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAB17558-7189-1415-2370-D689FDD44B33}" = PX Profile Update
"{ABEE079E-648E-488B-8301-0C3DB48C1BCE}_is1" = Acer GameZone Console
"{AC41D924-8C68-4BD5-A7A1-0AE4176C31A6}" = Crystal Reports for Visual Studio
"{AC58BF82-6E7D-8C31-4FB7-8F7522C33FBC}" = CCC Help Japanese
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.2) - Deutsch
"{ACE28263-76A4-4BF5-B6F4-8BD719595969}" = Microsoft SQL Server Database Publishing Wizard 1.4
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AE09C972-EEB2-4DA5-8090-0FCF54576854}" = Optical Drive Power Management
"{AEDBD563-24BB-4EE3-8366-A654DAC2D988}" = Mirror's Edge™
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2390904-74BD-48AA-B2CC-6612F8D46379}" = GameShadow
"{B6534527-F90F-865D-CDEA-063442532E75}" = CCC Help Italian
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6D58F80-C8BE-5E7F-8F1C-1AEB4A5EACE6}" = Catalyst Control Center InstallProxy
"{B8CA7FAD-9AD7-B0BB-9AD1-8C8A25E83CAA}" = CCC Help French
"{B906C11A-D193-4143-9FA7-E2EE8A5A8F21}" = Acer Arcade Movie
"{BDE8A994-32BA-BDD1-27FD-D382F195FCA6}" = CCC Help Danish
"{C194D333-B84A-4BB7-B35E-060732D98DC4}" = GPGNet
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C314EA94-9FAF-969D-544F-816FE102EAFD}" = Catalyst Control Center InstallProxy
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{CAD6AA29-9CA1-384D-8034-566261CFCC9B}" = Microsoft Visual Studio 2010 Professional - DEU
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CE9BAD6E-60FC-46CC-82A2-5B0F2B1A0E36}" = Dotfuscator Software Services - Community Edition - DEU
"{CEC7A786-A9C8-4EF7-BB59-6518E3B3C878}" = vcredist_x86
"{CFCB8616-A5D1-4281-80E8-389F685BFAE2}" = Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 DEU
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D5CAF1CF-21CD-DAE4-72E2-3EDA756175BD}" = Catalyst Control Center
"{D6C3C9E7-D334-4918-BD57-5B1EF14C207D}" = Bing Bar
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D85A387E-6EC0-40E5-9D89-A148B3E93968}_is1" = Mass Effect 2
"{DCA90A22-7DB1-4C24-96F3-B18D261F6A44}" = CCC Help Czech
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag
"{DF891A96-E83E-EF43-4A99-12FB2B618E26}" = CCC Help Polish
"{E0502D9F-F001-A4F1-DD2F-B9A1548A723C}" = CCC Help Thai
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}" = eBay Worldwide
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E4E9CBC9-1CF5-48E3-AF6F-1AB44A856346}" = Microsoft ASP.NET MVC 2 - DEU
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{EC66418E-DAA2-36D5-809E-40BEC94E622A}" = Microsoft Visual Studio Macro Tools - DEU Language Pack
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.9
"{EF7E931D-DC84-471B-8DB6-A83358095474}" = EA Download Manager
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FD416706-875C-4B0B-A23A-9E740DAE029E}" = Tom Clancy's Rainbow Six Vegas 2
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFB89C19-9E67-91DF-F4C2-0231FA6D7EEC}" = CCC Help Portuguese
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Age of Conan_is1" = Age of Conan: Hyborian Adventures
"AhnLab Online Security" = AhnLab Online Security
"Akamai" = Akamai NetSession Interface Service
"Audacity_is1" = Audacity 1.2.6
"Avira AntiVir Desktop" = Avira Free Antivirus
"Azgard Defence" = Azgard Defence
"Azgard Defence_is1" = Azgard Defence 1.0
"BitTorrent" = BitTorrent
"CamStudio" = CamStudio
"conduitEngine" = Conduit Engine
"DAEMON Tools Lite" = DAEMON Tools Lite
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"Darksiders_is1" = Darksiders
"DivX Setup.divx.com" = DivX-Setup
"Duke Nukem Forever_is1" = Duke Nukem Forever
"DVDVideoSoftTB Toolbar" = DVDVideoSoftTB Toolbar
"ENTERPRISE" = Microsoft Office Enterprise 2007
"facemoods" = Facemoods Toolbar
"Fraps" = Fraps
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4.7
"Free YouTube Download 3_is1" = Free YouTube Download 3 version 3.0.6.715
"Free YouTube Download_is1" = Free YouTube Download version 2.10.31
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.15.1228
"FUSSBALL MANAGER 11 DEMO" = FUSSBALL MANAGER 11 DEMO
"Google Chrome" = Google Chrome
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Identity Card" = Identity Card
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"Kino Mogul" = Kino Mogul
"LManager" = Launch Manager
"LogMeIn Hamachi" = LogMeIn Hamachi
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Microsoft Visual Studio 2010 Professional - DEU" = Microsoft Visual Studio 2010 Professional - DEU
"Microsoft Visual Studio Macro Tools" = Microsoft Visual Studio Macro Tools
"Microsoft Visual Studio Macro Tools - DEU Language Pack" = Microsoft Visual Studio Macro Tools - DEU Language Pack
"MinecraftAlpha" = MinecraftAlpha
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"OpenAL" = OpenAL
"PunkBusterSvc" = PunkBuster Services
"Ragnarok Online" = Ragnarok Online
"RealPlayer 15.0" = RealPlayer
"SAPGUI710" = SAP GUI for Windows 7.20
"Sniper Ghost Warrior_is1" = Sniper Ghost Warrior (1.0)
"SoftwareUpdUtility" = Download Updater (AOL LLC)
"Steam App 10530" = Space Siege
"Steam App 130" = Half-Life: Blue Shift
"Steam App 19900" = Far Cry 2
"Steam App 20510" = S.T.A.L.K.E.R.: Clear Sky
"Steam App 24960" = Battlefield: Bad Company 2
"Steam App 28050" = Deus Ex: Human Revolution
"Steam App 33230" = Assassin's Creed II
"Steam App 340" = Half-Life 2: Lost Coast
"Steam App 3590" = Plants vs. Zombies: Game of the Year
"Steam App 42700" = Call of Duty: Black Ops
"Steam App 42710" = Call of Duty: Black Ops - Multiplayer
"Steam App 440" = Team Fortress 2
"Steam App 550" = Left 4 Dead 2
"Steam App 72850" = The Elder Scrolls V: Skyrim
"Steam App 8190" = Just Cause 2
"Steam App 91600" = Sanctum
"Steam App 99810" = Bulletstorm
"TalonRO_is1" = TalonRO Client 1.0.0
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Uninstall_is1" = Uninstall 1.0.0.1
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"Winter Sports 2011_is1" = Winter Sports 2011
"xampp" = XAMPP 1.7.7
"Xfire" = Xfire (remove only)
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Amazon Kindle" = Amazon Kindle
"bet365casino" = Casino at bet365
"Game Organizer" = EasyBits GO
"MyProduct" = MyProduct
"OldschoolRO" = OldschoolRO
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 29.05.2012 06:08:52 | Computer Name = Home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3151
 
Error - 29.05.2012 06:08:52 | Computer Name = Home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3151
 
Error - 29.05.2012 06:08:53 | Computer Name = Home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 29.05.2012 06:08:53 | Computer Name = Home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4181
 
Error - 29.05.2012 06:08:53 | Computer Name = Home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4181
 
Error - 29.05.2012 06:08:54 | Computer Name = Home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 29.05.2012 06:08:54 | Computer Name = Home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5195
 
Error - 29.05.2012 06:08:54 | Computer Name = Home-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5195
 
Error - 01.06.2012 07:14:20 | Computer Name = Home-PC | Source = MsiInstaller | ID = 11328
Description =
 
Error - 01.06.2012 07:14:25 | Computer Name = Home-PC | Source = MsiInstaller | ID = 1024
Description =
 
[ Media Center Events ]
Error - 23.04.2011 09:21:32 | Computer Name = Home-PC | Source = MCUpdate | ID = 0
Description = 15:21:32 - Fehler beim Herstellen der Internetverbindung.  15:21:32
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 23.04.2011 09:21:44 | Computer Name = Home-PC | Source = MCUpdate | ID = 0
Description = 15:21:37 - Fehler beim Herstellen der Internetverbindung.  15:21:37
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 23.04.2011 10:21:55 | Computer Name = Home-PC | Source = MCUpdate | ID = 0
Description = 16:21:55 - Fehler beim Herstellen der Internetverbindung.  16:21:55
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 23.04.2011 10:22:04 | Computer Name = Home-PC | Source = MCUpdate | ID = 0
Description = 16:22:00 - Fehler beim Herstellen der Internetverbindung.  16:22:00
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 23.04.2011 12:29:00 | Computer Name = Home-PC | Source = MCUpdate | ID = 0
Description = 18:29:00 - Fehler beim Herstellen der Internetverbindung.  18:29:00
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 23.04.2011 12:29:15 | Computer Name = Home-PC | Source = MCUpdate | ID = 0
Description = 18:29:06 - Fehler beim Herstellen der Internetverbindung.  18:29:06
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 23.04.2011 13:29:22 | Computer Name = Home-PC | Source = MCUpdate | ID = 0
Description = 19:29:22 - Fehler beim Herstellen der Internetverbindung.  19:29:22
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 23.04.2011 13:29:30 | Computer Name = Home-PC | Source = MCUpdate | ID = 0
Description = 19:29:27 - Fehler beim Herstellen der Internetverbindung.  19:29:27
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 25.04.2011 08:09:50 | Computer Name = Home-PC | Source = MCUpdate | ID = 0
Description = 14:09:50 - Fehler beim Herstellen der Internetverbindung.  14:09:50
-    Serververbindung konnte nicht hergestellt werden.. 
 
Error - 25.04.2011 08:10:00 | Computer Name = Home-PC | Source = MCUpdate | ID = 0
Description = 14:09:56 - Fehler beim Herstellen der Internetverbindung.  14:09:56
-    Serververbindung konnte nicht hergestellt werden.. 
 
[ System Events ]
Error - 03.07.2012 15:30:55 | Computer Name = Home-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 03.07.2012 15:33:35 | Computer Name = Home-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 03.07.2012 15:33:35 | Computer Name = Home-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 03.07.2012 15:33:35 | Computer Name = Home-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 03.07.2012 15:38:03 | Computer Name = Home-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 03.07.2012 15:38:03 | Computer Name = Home-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 03.07.2012 15:38:03 | Computer Name = Home-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 03.07.2012 15:40:41 | Computer Name = Home-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 03.07.2012 15:40:41 | Computer Name = Home-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
Error - 03.07.2012 15:40:41 | Computer Name = Home-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der
 aufgrund folgenden Fehlers nicht gestartet wurde:  %%1068
 
 
< End of report >
Hier der OLT.txt Report:

Code:
OTL logfile created on: 03.07.2012 21:33:10 - Run 1
OTL by OldTimer - Version 3.2.53.1    Folder = C:\Users\Home\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,68 Gb Total Physical Memory | 3,07 Gb Available Physical Memory | 83,53% Memory free
7,35 Gb Paging File | 6,77 Gb Available in Paging File | 92,01% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 226,39 Gb Total Space | 74,35 Gb Free Space | 32,84% Space Free | Partition Type: NTFS
 
Computer Name: HOME-PC | User Name: Home | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.07.03 21:27:19 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Home\Downloads\OTL.exe
 
 
========== Modules (No Company Name) ==========
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010.04.21 01:34:40 | 000,202,752 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.06.27 12:29:24 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.06.23 17:34:52 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.06.19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Stopped] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.06.15 00:17:46 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.24 20:04:23 | 003,417,376 | ---- | M] () [Auto | Stopped] -- c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll -- (Akamai)
SRV - [2012.05.21 17:46:03 | 000,107,832 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2012.05.21 17:45:47 | 000,066,872 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.05.20 13:54:38 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.05.08 13:35:09 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.08 13:35:08 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.02.10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012.02.10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.09.22 21:07:34 | 058,345,832 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS)
SRV - [2011.09.22 21:07:34 | 000,154,984 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2011.09.22 21:06:04 | 000,431,464 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$SQLEXPRESS) SQL Server-Agent (SQLEXPRESS)
SRV - [2011.03.28 22:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.12.07 22:21:09 | 003,988,144 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.04.23 10:46:04 | 000,820,768 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe -- (ePowerSvc)
SRV - [2010.04.22 19:39:54 | 000,171,040 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Programme\Acer\Optical Drive Power Management\ODDPWRSvc.exe -- (ODDPwrSvc)
SRV - [2010.04.17 07:56:48 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010.03.26 11:46:48 | 000,920,352 | ---- | M] (Broadcom Corporation.) [Auto | Stopped] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2010.03.23 14:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.09 01:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010.03.04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010.03.03 15:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010.01.30 01:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Stopped] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2010.01.08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009.09.30 19:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.09.30 19:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.07.21 02:42:38 | 000,061,976 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Programme\Microsoft SQL Server\100\Shared\sqladhlp.exe -- (MSSQLServerADHelper100)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\eFusion\BlackShot\system\GameGuard\dump_wmimmc.sys -- (dump_wmimmc)
DRV:64bit: - [2012.05.08 13:35:09 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.08 13:35:09 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.03.08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.15 16:00:00 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.09.22 21:01:54 | 000,311,144 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0105.sys -- (RsFx0105)
DRV:64bit: - [2011.08.22 23:14:57 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.06.17 14:04:46 | 000,088,480 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011.06.17 14:04:43 | 000,046,400 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.19 12:39:00 | 000,107,096 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Mkd2Nadr.sys -- (Mkd2Nadr)
DRV:64bit: - [2010.09.13 07:01:00 | 000,182,872 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mkd3kfnt.sys -- (Mkd3kfNt)
DRV:64bit: - [2010.04.21 03:15:04 | 006,406,144 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.04.21 00:39:36 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.04.21 00:08:04 | 010,322,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2010.04.07 22:12:02 | 000,124,944 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.04.07 04:04:22 | 002,216,960 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.04.01 10:18:30 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010.03.23 14:29:46 | 000,304,784 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV:64bit: - [2010.03.11 14:17:42 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.03.08 04:37:00 | 000,097,368 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Mkd2BthF.sys -- (Mkd2Bthf)
DRV:64bit: - [2010.03.05 12:04:08 | 000,335,400 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.03.01 17:37:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.02.14 22:05:12 | 000,102,440 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.02.10 09:02:00 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010.02.08 09:32:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA)
DRV:64bit: - [2010.01.13 17:41:12 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.01.13 17:41:06 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.12.22 03:18:48 | 000,074,280 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009.09.17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.03 04:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009.06.03 04:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009.06.03 04:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009.05.26 15:32:38 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009.05.18 14:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.05.05 10:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.05.05 10:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008.11.16 19:39:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.01.03 17:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5820tg&r=27360111t516l0453z115t6611k53o
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5820tg&r=27360111t516l0453z115t6611k53o
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5820tg&r=27360111t516l0453z115t6611k53o
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5820tg&r=27360111t516l0453z115t6611k53o
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=gppc&s={searchTerms}&f=4
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20111013121442727&tb_oid=13-10-2011&tb_mrud=13-10-2011
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5820tg&r=27360111t516l0453z115t6611k53o
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=111304&tt=290312_29&babsrc=HP_ss&mntrId=542af25f00000000000078e4009be100
IE - HKCU\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=gppc&s={searchTerms}&f=4
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW_deDE414
IE - HKCU\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = hxxp://www.daemon-search.com/search?q={searchTerms}
IE - HKCU\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKCU\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20111013121442727&tb_oid=13-10-2011&tb_mrud=13-10-2011
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AOL Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Productivity 2.2 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.winamp.com/search/search?query={searchTerms}&invocationType=tb50-ff-winamp-chromesbox-en-us&tb_uuid=20111013121442727&tb_oid=13-10-2011&tb_mrud=13-10-2011&query="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..keyword.URL: "hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&invocationType=tb50-ff-winamp-ab-en-us&tb_uuid=20111013121442727&tb_oid=13-10-2011&tb_mrud=13-10-2011&query="
FF - prefs.js..network.proxy.http: "200.105.225.45"
FF - prefs.js..network.proxy.http_port: 8080
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@ahnlab.com/asp/npaosmgr.1: C:\Program Files (x86)\AhnLab\ASP\Components\aosmgr\npaosmgr.dll (AhnLab, Inc.)
FF - HKLM\Software\MozillaPlugins\@ahnlab.com/asp/npmkd25sp: C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll (AhnLab, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@ahnlab.com/asp/npmkd25sp: C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll (AhnLab, Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.02.20 00:33:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.06.14 20:50:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.06.14 20:50:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.19 13:55:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.11 18:02:29 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\finder@meingutscheincode.de: C:\Program Files (x86)\Mein Gutscheincode Finder\Firefox
 
[2012.06.19 13:55:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\Extensions
[2012.06.19 13:56:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\Firefox\Profiles\k2e0147e.default\extensions
[2012.06.19 13:56:12 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Home\AppData\Roaming\mozilla\Firefox\Profiles\k2e0147e.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.06.19 13:56:12 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Home\AppData\Roaming\mozilla\Firefox\Profiles\k2e0147e.default\extensions\DTToolbar@toolbarnet.com
[2011.10.13 14:31:18 | 000,002,354 | ---- | M] () -- C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\k2e0147e.default\searchplugins\aol-web-search.xml
[2011.01.17 15:45:38 | 000,000,935 | ---- | M] () -- C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\k2e0147e.default\searchplugins\conduit.xml
[2011.08.22 23:14:28 | 000,002,055 | ---- | M] () -- C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\k2e0147e.default\searchplugins\daemon-search.xml
[2012.06.19 13:55:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.07.03 17:44:37 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.06.15 00:19:07 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.01.30 14:12:34 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.06.15 00:46:57 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.15 00:46:56 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.15 00:46:57 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.05.05 20:05:19 | 000,002,047 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2012.06.15 00:46:57 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.15 00:46:57 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.15 00:46:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: DAEMON Search (Enabled)
CHR - default_search_provider: search_url = hxxp://www.daemon-search.com/search?q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: DivX HiQ = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: No name found = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Mein Gutscheincode Finder zeigt automatisch Shopping-Gutscheine an mit denen Sie beim Online-Einkauf sparen können.) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Program Files (x86)\Mein Gutscheincode Finder\Internet Explorer\x64\ConversionOneIE.dll File not found
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Mein Gutscheincode Finder zeigt automatisch Shopping-Gutscheine an mit denen Sie beim Online-Einkauf sparen können.) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Program Files (x86)\Mein Gutscheincode Finder\Internet Explorer\x86\ConversionOneIE.dll File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.8\bh\facemoods.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.8\facemoodsTlbr.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [ODDPwr] C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [facemoods] "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.8\facemoodssrv.exe" /md I File not found
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" File not found
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Home\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKCU..\Run: [NVIDIA driver monitor] c:\windows\nvsvc32.exe File not found
O4 - HKCU..\Run: [Steam] A:\Spiele\Steam\steam.exe (Valve Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Home\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Home\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Home\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Home\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {063F7D71-5E0B-48F2-87D5-F63C5917947E} hxxp://ahnlabdownload.nefficient.co.kr/aos/plugin/aosmgr.cab (Aosmgr Control)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files%20(x86)/Plants%20vs.%20Zombies%20-%20Game%20of%20the%20Year%20Edition/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files%20(x86)/Plants%20vs.%20Zombies%20-%20Game%20of%20the%20Year%20Edition/Images/armhelper.ocx (ArmHelper Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CBFF7C8E-01AF-47B5-A4F6-A6D5F88C8B31}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\saphtmlp - No CLSID value found
O18:64bit: - Protocol\Handler\sapr3 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\saphtmlp {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP, Walldorf)
O18 - Protocol\Handler\sapr3 {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP, Walldorf)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{2cc05ff4-cc9c-11e0-9252-c80aa98d5180}\Shell - "" = AutoRun
O33 - MountPoints2\{2cc05ff4-cc9c-11e0-9252-c80aa98d5180}\Shell\AutoRun\command - "" = E:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.03 17:44:37 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.06.28 13:22:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012.06.28 13:22:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2012.06.23 17:01:16 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\dxhr
[2012.06.23 17:00:25 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\28050
[2012.06.19 13:55:18 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Mozilla
[2012.06.19 13:51:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
[2012.06.19 13:51:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MozBackup
[2012.06.18 12:25:35 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\Macromedia
[2011.12.08 14:42:42 | 003,539,040 | ---- | C] (AVAST Software) -- C:\Program Files\Alwil Softw
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.03 21:28:55 | 000,000,000 | ---- | M] () -- C:\Users\Home\defogger_reenable
[2012.07.03 21:23:41 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.03 21:23:32 | 2962,243,584 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.03 21:07:01 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.03 20:34:10 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.03 18:23:29 | 001,828,946 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.07.03 18:23:29 | 000,773,738 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.07.03 18:23:29 | 000,727,316 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.07.03 18:23:29 | 000,178,388 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.07.03 18:23:29 | 000,150,596 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.07.03 18:00:24 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.03 18:00:24 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.03 17:49:46 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.03 17:44:22 | 004,503,728 | ---- | M] () -- C:\ProgramData\nud0repor.pad
[2012.07.03 17:43:12 | 000,001,885 | ---- | M] () -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.06.29 12:47:26 | 000,007,225 | ---- | M] () -- C:\Users\Home\Desktop\100-Punkte-Skala.png
[2012.06.24 21:32:32 | 000,001,024 | RH-- | M] () -- C:\Users\Public\Documents\NTILiveUpdate.dll
[2012.06.19 13:55:11 | 000,001,094 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.06.19 13:51:42 | 002,768,250 | ---- | M] () -- C:\Users\Home\Documents\Firefox 13.0.1 (de) - 2012-06-19.pcv
[2012.06.14 15:33:02 | 000,450,560 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.07.03 21:28:55 | 000,000,000 | ---- | C] () -- C:\Users\Home\defogger_reenable
[2012.07.03 17:43:12 | 004,503,728 | ---- | C] () -- C:\ProgramData\nud0repor.pad
[2012.07.03 17:43:12 | 000,001,885 | ---- | C] () -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.06.29 12:47:26 | 000,007,225 | ---- | C] () -- C:\Users\Home\Desktop\100-Punkte-Skala.png
[2012.06.19 13:55:11 | 000,001,106 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.06.19 13:55:11 | 000,001,094 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.06.19 13:51:34 | 002,768,250 | ---- | C] () -- C:\Users\Home\Documents\Firefox 13.0.1 (de) - 2012-06-19.pcv
[2012.06.19 11:43:23 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.05.28 10:37:43 | 000,007,605 | ---- | C] () -- C:\Users\Home\AppData\Local\Resmon.ResmonCfg
[2012.05.03 04:54:46 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2012.03.30 19:48:50 | 000,000,152 | ---- | C] () -- C:\Windows\wininit.ini
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.07.04 17:24:00 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011.05.24 23:44:26 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.05.20 10:59:09 | 000,000,000 | ---- | C] () -- C:\Users\Home\AppData\Local\{6DB3E144-DF23-4CD2-A2B7-DC468319DB2B}
[2011.05.01 22:28:45 | 000,005,120 | ---- | C] () -- C:\Windows\SysWow64\godlike.dat
[2011.02.26 14:57:24 | 000,187,699 | ---- | C] () -- C:\Windows\Kino Mogul Uninstaller.exe
[2011.02.17 14:02:20 | 000,000,092 | ---- | C] () -- C:\Users\Home\AppData\Local\fusioncache.dat
[2011.02.16 20:48:50 | 000,004,608 | ---- | C] () -- C:\Users\Home\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.16 18:59:51 | 001,806,840 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.02.16 18:58:14 | 000,107,832 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.02.16 18:58:13 | 002,250,024 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.02.16 18:58:13 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.02.06 16:52:19 | 000,065,536 | ---- | C] () -- C:\Windows\IFinst27.exe
[2011.01.18 14:06:39 | 000,051,200 | ---- | C] () -- C:\Windows\SysWow64\h5tool32.dll
[2011.01.18 14:06:38 | 001,064,960 | ---- | C] () -- C:\Windows\SysWow64\h5krnl32.dll
[2011.01.18 14:06:38 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\h5menu32.dll
[2011.01.18 14:06:38 | 000,095,744 | ---- | C] () -- C:\Windows\SysWow64\h5rtf32.dll
[2011.01.18 14:06:37 | 000,188,928 | ---- | C] () -- C:\Windows\SysWow64\h5icon32.dll
[2011.01.15 18:34:20 | 000,000,376 | ---- | C] () -- C:\Users\Home\AppData\Roaming\wklnhst.dat
[2011.01.13 15:44:38 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.01.13 15:35:02 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.05.14 06:57:51 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
 
========== LOP Check ==========
 
[2012.01.31 19:28:03 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\.minecraft
[2011.10.14 14:18:21 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Auslogics
[2011.06.07 16:48:41 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Azgard
[2012.03.30 13:23:37 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Babylon
[2012.01.28 20:51:08 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\BigHugeEngine
[2011.10.18 16:59:13 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\BitTorrent
[2012.02.01 17:38:56 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\DAEMON Tools Lite
[2012.02.16 12:44:07 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\DVDVideoSoft
[2011.02.16 20:38:04 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.05.15 17:06:37 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\FUEL Demo
[2011.06.01 16:54:12 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\GetRightToGo
[2011.06.19 16:02:29 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\go
[2012.01.21 20:57:28 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\LolClient
[2012.05.24 16:02:45 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\LolClient2
[2011.04.18 16:14:11 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\OOo-dev
[2011.04.18 15:22:05 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\OpenOffice.org
[2012.03.30 13:23:40 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\pdfforge
[2011.02.17 16:28:49 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\PlayFirst
[2011.02.02 17:35:00 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\SAP
[2011.06.01 13:40:51 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\SpinTop
[2012.03.29 22:16:03 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Subversion
[2011.10.13 14:21:41 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\TeamViewer
[2011.01.16 16:34:33 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Template
[2012.06.19 11:38:28 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\TS3Client
[2011.07.17 00:36:06 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\ts3overlay
[2012.05.21 18:31:56 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Ubisoft
[2011.03.15 18:18:45 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Windows Live Writer
[2012.01.04 22:58:51 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Winter Sports 2011
[2011.03.18 19:19:54 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\XRay Engine
[2012.05.14 08:58:13 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:93DE1838
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:93EB7685
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:ABE89FFE
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:798A3728
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:2D09AB80

< End of report >
Vielen Dank im Voraus und freundliche Grüße! Christian!

ChrissCross6 04.07.2012 16:30
Liste der Anhänge anzeigen (Anzahl: 1)
Hey,
also hab gerade malwarebyts laufen lassen. Das hat 4 infizierte Objekte gefunden und laut log gelöscht. Darunter auch wie schon gesagt "C:\ProgramData\nud0repor.pad" das hier.
Hier der Malwarbyt Log:
Code:
Malwarebytes Anti-Malware (Test) 1.61.0.1400
www.malwarebytes.org

Datenbank Version: v2012.07.04.04

Windows 7 x64 NTFS (Abgesichertenmodus/Netzwerkfähig)
Internet Explorer 9.0.8112.16421
Home :: HOME-PC [Administrator]

Schutz: Deaktiviert

04.07.2012 15:54:07
mbam-log-2012-07-04 (15-54-07).txt

Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 608341
Laufzeit: 1 Stunde(n), 18 Minute(n), 42 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 4
C:\Users\Home\AppData\Local\Temp\roper0dun.exe (Trojan.Agent) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Home\Downloads\DownloadSetup.exe (Affiliate.Downloader) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Home\Downloads\SetupCasino_a616b8.exe (PUP.Casino) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Home\Downloads\SoftonicDownloader_fuer_dirks-kostenloser-fussballmanager.exe (PUP.OfferBundler.ST) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
Das Problem ist jetzt das beim starten des Pc´s eine Fehlermeldung kommt. (Bild siehe Anhang)
Deswegen denk ich mal das noch nicht alles gelöscht wurde, wäre super wenn jemand helfen könnte. Danke!:applaus:

cosinus 05.07.2012 19:38
Code:
C:\Users\Home\Downloads\SoftonicDownloader_fuer_dirks-kostenloser-fussballmanager.exe (PUP.OfferBundler.ST)
Vermüllte Software von Softonic scheint gerade stark in Mode zu sein! http://cosgan.de/images/midi/boese/a040.gif

Finger weg von Softonic!! :pfui:

Softonic ist eine Toolbar- und Adwareschleuder! Finger weg! Software lädt man sich mit oberster Priorität direkt vom Hersteller und nicht von solchen Toolbarklitschen wie Softonic! Im Notfall würde natürlich chip.de gehen


Malwarebytes erstellt bei jedem Scanvorgang genau ein Log. Hast du in der Vergangenheit schonmal mit Malwarebytes gescannt?
Wenn ja dann stehen auch alle Logs zu jedem Scanvorgang im Reiter Logdateien. Bitte alle posten, die dort sichtbar sind.

ChrissCross6 06.07.2012 13:07
Hey,
erst mal danke für die Antwort.
Also bei Softonic hab ich schon seit über einem Jahr nichts mehr geladen, aber trotzdem danke für den Tipp werde da auch nix mehr laden. ;)
Ich habe leider keine weiteren Malwarebyts Log Dateien, denn das war der erste und einzigste Scan mit Malwarebyts, habe früher avast und in letzter Zeit Antivir benutzt.
Gruß Christian

cosinus 06.07.2012 14:20
Führ bitte auch ESET aus, danach sehen wir weiter.

Hinweis: ESET zeigt durchaus öfter ein paar Fehlalarme. Deswegen soll auch von ESET immer nur erst das Log gepostet und nichts entfernt werden.

ESET Online Scanner
Bitte während der Online-Scans evtl. vorhandene externe Festplatten einschalten! Bitte während der Scans alle Hintergrundwächter (Anti-Virus-Programm, Firewall, Skriptblocking und ähnliches) abstellen und nicht vergessen, alles hinterher wieder einzuschalten.
  • Anmerkung für Vista und Win7 User: Bitte den Browser unbedingt so öffnen: per Rechtsklick => als Administrator ausführen
  • Dein Anti-Virus-Programm während des Scans deaktivieren.

    Button http://img695.imageshack.us/img695/1599/eset1l.jpg (<< klick) drücken.
    • Firefox-User:
      Bitte esetsmartinstaller_enu.exe downloaden.Das Firefox-Addon auf dem Desktop speichern und dann installieren.
    • IE-User:
      müssen das Installieren eines ActiveX Elements erlauben.
  • Setze den einen Haken bei Yes, i accept the Terms of Use.
  • Drücke den http://img707.imageshack.us/img707/687/starteg.jpg Button.
  • Warte bis die Komponenten herunter geladen wurden.
  • Setze einen Haken bei "Scan archives".
  • Gehe sicher das bei Remove Found Threats kein Hacken gesetzt ist.
  • http://img707.imageshack.us/img707/687/starteg.jpg drücken.
  • Die Signaturen werden herunter geladen.Der Scan beginnt automatisch.
Wenn der Scan beendet wurde
  • Klicke Finish.
  • Browser schließen.
Drücke bitte die http://larusso.trojaner-board.de/Images/windows.jpg + R Taste und kopiere folgenden Text in das Ausführen Fenster.
Code:
"%PROGRAMFILES%\Eset\Eset Online Scanner\log.txt"
Hinweis: Falls du ein 64-Bit-Windows einsetzt, lautet der Pfad so:

Code:
"%PROGRAMFILES(X86)%\Eset\Eset Online Scanner\log.txt"
Poste nun den Inhalt der log.txt.

ChrissCross6 06.07.2012 20:24
Hey,
okay habe jetzt die Schritte befolgt, und mit ESTE gescannt. Hier ist der Log:

Code:
ESETSmartInstaller@High as downloader log:
all ok
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=b8a80578df507743935f21f33f78ec06
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-07-06 06:54:40
# local_time=2012-07-06 08:54:40 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7600 NT
# compatibility_mode=768 16777215 100 0 46635361 46635361 0 0
# compatibility_mode=1792 16777215 100 0 15468881 15468881 0 0
# compatibility_mode=5893 16776573 100 94 22617 93217958 0 0
# compatibility_mode=8192 67108863 100 0 258 258 0 0
# scanned=377373
# found=2
# cleaned=0
# scan_time=12773
A:\HOME-PC\Backup Set 2012-06-10 190001\Backup Files 2012-06-10 190001\Backup files 20.zip        multiple threats (unable to clean)        00000000000000000000000000000000        I
A:\HOME-PC\Backup Set 2012-06-10 190001\Backup Files 2012-06-10 190001\Backup files 21.zip        a variant of Win32/SoftonicDownloader.A application (unable to clean)        00000000000000000000000000000000        I
Gruß Christian

cosinus 09.07.2012 08:48
Hätte da mal zwei Fragen bevor es weiter geht

1.) Geht der normale Modus von Windows (wieder) uneingeschränkt?
2.) Vermisst du irgendwas im Startmenü? Sind da leere Ordner unter alle Programme oder ist alles vorhanden?

ChrissCross6 09.07.2012 09:32
Hey,

also zu 1.) Windows funktioniert im normalen Modus wieder einbandfrei und soweit ich es jetzt benutzt hab auch uneingeschränkt, das einzige ist halt die Fehlermeldung bei jedem Start des Pc's.
Zu 2.) Es befinden sich keine leeren Ordner im Startmenü unter "alle Programme", und vermissen tu ich auch keine. :D

Gruß Christian

cosinus 09.07.2012 12:45
Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log
CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

ChrissCross6 09.07.2012 20:00
Hey,
super danke! Also hab die Schritte befolgt.

Hier der OTL Log:
OTL Logfile:
Code:
OTL logfile created on: 09.07.2012 20:04:47 - Run 2
OTL by OldTimer - Version 3.2.53.1    Folder = C:\Users\Home\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,68 Gb Total Physical Memory | 2,18 Gb Available Physical Memory | 59,19% Memory free
7,35 Gb Paging File | 5,29 Gb Available in Paging File | 71,88% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 226,39 Gb Total Space | 72,90 Gb Free Space | 32,20% Space Free | Partition Type: NTFS
Drive G: | 7,66 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: HOME-PC | User Name: Home | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.07.03 21:27:19 | 000,595,968 | ---- | M] (OldTimer Tools) -- C:\Users\Home\Downloads\OTL.exe
PRC - [2012.06.19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.05.26 06:32:24 | 004,327,744 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Home\AppData\Local\Akamai\netsession_win.exe
PRC - [2012.05.21 17:46:03 | 000,107,832 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2012.05.21 17:45:47 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.05.08 13:35:09 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.08 13:35:08 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.08 13:35:08 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.02.10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010.04.23 18:46:32 | 000,124,136 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
PRC - [2010.04.17 07:57:08 | 000,349,552 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
PRC - [2010.03.11 07:11:56 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2010.03.11 07:11:42 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2010.03.09 01:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2010.03.09 01:56:38 | 000,260,608 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2010.03.04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.03.04 05:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.03.03 15:21:16 | 001,300,560 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010.03.03 15:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010.03.03 15:21:16 | 000,297,040 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010.02.09 20:57:46 | 000,704,032 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
PRC - [2010.01.30 01:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
PRC - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2010.01.13 10:47:44 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2010.01.08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2009.09.30 19:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.09.30 19:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.06.14 15:37:32 | 011,824,128 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\84fbf353f91385690a3e4e982aa6930e\System.Web.ni.dll
MOD - [2012.06.14 15:36:52 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll
MOD - [2012.06.14 15:36:42 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll
MOD - [2012.05.11 10:44:17 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\5e8f8f2c9fc237166053716f39f5ea67\IAStorUtil.ni.dll
MOD - [2012.05.10 15:00:59 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0c00b1a8336dd4c1bd1ebce7780f20b4\System.Runtime.Remoting.ni.dll
MOD - [2012.05.10 15:00:02 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b68fdf2c95b93fc5006a092c11eed07c\WindowsBase.ni.dll
MOD - [2012.05.10 14:59:55 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll
MOD - [2012.05.10 14:59:51 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll
MOD - [2012.05.10 14:59:50 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll
MOD - [2012.05.10 14:59:44 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll
MOD - [2010.05.29 07:32:01 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.05.29 07:31:58 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.03.09 02:18:10 | 000,465,576 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
MOD - [2010.01.13 10:47:44 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2009.05.20 08:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010.04.21 01:34:40 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.06.27 12:29:24 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.06.23 17:34:52 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.06.19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.06.15 00:17:46 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.24 20:04:23 | 003,417,376 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_80c2ffa.dll -- (Akamai)
SRV - [2012.05.21 17:46:03 | 000,107,832 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2012.05.21 17:45:47 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.05.20 13:54:38 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.05.08 13:35:09 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.08 13:35:08 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.02.10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012.02.10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.09.22 21:07:34 | 058,345,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS)
SRV - [2011.09.22 21:07:34 | 000,154,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2011.09.22 21:06:04 | 000,431,464 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$SQLEXPRESS) SQL Server-Agent (SQLEXPRESS)
SRV - [2011.03.28 22:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.12.07 22:21:09 | 003,988,144 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.04.23 10:46:04 | 000,820,768 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe -- (ePowerSvc)
SRV - [2010.04.22 19:39:54 | 000,171,040 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Optical Drive Power Management\ODDPWRSvc.exe -- (ODDPwrSvc)
SRV - [2010.04.17 07:56:48 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010.03.26 11:46:48 | 000,920,352 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2010.03.23 14:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.09 01:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010.03.04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010.03.03 15:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010.01.30 01:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2010.01.08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009.09.30 19:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.09.30 19:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.07.21 02:42:38 | 000,061,976 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Programme\Microsoft SQL Server\100\Shared\sqladhlp.exe -- (MSSQLServerADHelper100)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\eFusion\BlackShot\system\GameGuard\dump_wmimmc.sys -- (dump_wmimmc)
DRV:64bit: - [2012.05.08 13:35:09 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.08 13:35:09 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.03.08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.15 16:00:00 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.09.22 21:01:54 | 000,311,144 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0105.sys -- (RsFx0105)
DRV:64bit: - [2011.08.22 23:14:57 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.06.17 14:04:46 | 000,088,480 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011.06.17 14:04:43 | 000,046,400 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.19 12:39:00 | 000,107,096 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Mkd2Nadr.sys -- (Mkd2Nadr)
DRV:64bit: - [2010.09.13 07:01:00 | 000,182,872 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mkd3kfnt.sys -- (Mkd3kfNt)
DRV:64bit: - [2010.04.21 03:15:04 | 006,406,144 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.04.21 00:39:36 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.04.21 00:08:04 | 010,322,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2010.04.07 22:12:02 | 000,124,944 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.04.07 04:04:22 | 002,216,960 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.04.01 10:18:30 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010.03.23 14:29:46 | 000,304,784 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV:64bit: - [2010.03.11 14:17:42 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.03.08 04:37:00 | 000,097,368 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Mkd2BthF.sys -- (Mkd2Bthf)
DRV:64bit: - [2010.03.05 12:04:08 | 000,335,400 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.03.01 17:37:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.02.14 22:05:12 | 000,102,440 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.02.10 09:02:00 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010.02.08 09:32:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA)
DRV:64bit: - [2010.01.13 17:41:12 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.01.13 17:41:06 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.12.22 03:18:48 | 000,074,280 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009.09.17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.03 04:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009.06.03 04:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009.06.03 04:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009.05.26 15:32:38 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009.05.05 10:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.05.05 10:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008.11.16 19:39:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.01.03 17:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5820tg&r=27360111t516l0453z115t6611k53o
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5820tg&r=27360111t516l0453z115t6611k53o
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5820tg&r=27360111t516l0453z115t6611k53o
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5820tg&r=27360111t516l0453z115t6611k53o
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://start.facemoods.com/?a=gppc&s={searchTerms}&f=4
IE - HKLM\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKLM\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20111013121442727&tb_oid=13-10-2011&tb_mrud=13-10-2011
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
 
 
IE - HKU\S-1-5-21-907013825-1055173690-614559143-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5820tg&r=27360111t516l0453z115t6611k53o
IE - HKU\S-1-5-21-907013825-1055173690-614559143-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = [Binary data over 100 bytes]
IE - HKU\S-1-5-21-907013825-1055173690-614559143-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.babylon.com/?affID=111304&tt=290312_29&babsrc=HP_ss&mntrId=542af25f00000000000078e4009be100
IE - HKU\S-1-5-21-907013825-1055173690-614559143-1001\..\URLSearchHook: {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-907013825-1055173690-614559143-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-907013825-1055173690-614559143-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-907013825-1055173690-614559143-1001\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = hxxp://start.facemoods.com/?a=gppc&s={searchTerms}&f=4
IE - HKU\S-1-5-21-907013825-1055173690-614559143-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
IE - HKU\S-1-5-21-907013825-1055173690-614559143-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW_deDE414
IE - HKU\S-1-5-21-907013825-1055173690-614559143-1001\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = hxxp://www.daemon-search.com/search?q={searchTerms}
IE - HKU\S-1-5-21-907013825-1055173690-614559143-1001\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
IE - HKU\S-1-5-21-907013825-1055173690-614559143-1001\..\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}: "URL" = hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&query={searchTerms}&invocationType=tb50-ie-winamp-chromesbox-en-us&tb_uuid=20111013121442727&tb_oid=13-10-2011&tb_mrud=13-10-2011
IE - HKU\S-1-5-21-907013825-1055173690-614559143-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-907013825-1055173690-614559143-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: "AOL Web Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Productivity 2.2 Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.winamp.com/search/search?query={searchTerms}&invocationType=tb50-ff-winamp-chromesbox-en-us&tb_uuid=20111013121442727&tb_oid=13-10-2011&tb_mrud=13-10-2011&query="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..keyword.URL: "hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&invocationType=tb50-ff-winamp-ab-en-us&tb_uuid=20111013121442727&tb_oid=13-10-2011&tb_mrud=13-10-2011&query="
FF - prefs.js..network.proxy.http: "200.105.225.45"
FF - prefs.js..network.proxy.http_port: 8080
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll ()
FF - HKLM\Software\MozillaPlugins\@ahnlab.com/asp/npaosmgr.1: C:\Program Files (x86)\AhnLab\ASP\Components\aosmgr\npaosmgr.dll (AhnLab, Inc.)
FF - HKLM\Software\MozillaPlugins\@ahnlab.com/asp/npmkd25sp: C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll (AhnLab, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@ahnlab.com/asp/npmkd25sp: C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll (AhnLab, Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.02.20 00:33:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.06.14 20:50:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.06.14 20:50:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.19 13:55:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.01.11 18:02:29 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\finder@meingutscheincode.de: C:\Program Files (x86)\Mein Gutscheincode Finder\Firefox
 
[2012.06.19 13:55:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\Extensions
[2012.06.19 13:56:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\Firefox\Profiles\k2e0147e.default\extensions
[2012.06.19 13:56:12 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Home\AppData\Roaming\mozilla\Firefox\Profiles\k2e0147e.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.06.19 13:56:12 | 000,000,000 | ---D | M] ("DAEMON Tools Toolbar") -- C:\Users\Home\AppData\Roaming\mozilla\Firefox\Profiles\k2e0147e.default\extensions\DTToolbar@toolbarnet.com
[2011.10.13 14:31:18 | 000,002,354 | ---- | M] () -- C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\k2e0147e.default\searchplugins\aol-web-search.xml
[2011.01.17 15:45:38 | 000,000,935 | ---- | M] () -- C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\k2e0147e.default\searchplugins\conduit.xml
[2011.08.22 23:14:28 | 000,002,055 | ---- | M] () -- C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\k2e0147e.default\searchplugins\daemon-search.xml
[2012.06.19 13:55:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.07.03 17:44:37 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.06.15 00:19:07 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.01.30 14:12:34 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.06.15 00:46:57 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.15 00:46:56 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.15 00:46:57 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2011.05.05 20:05:19 | 000,002,047 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\fcmdSrch.xml
[2012.06.15 00:46:57 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.15 00:46:57 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.15 00:46:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: DAEMON Search (Enabled)
CHR - default_search_provider: search_url = hxxp://www.daemon-search.com/search?q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: DivX HiQ = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: No name found = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Mein Gutscheincode Finder zeigt automatisch Shopping-Gutscheine an mit denen Sie beim Online-Einkauf sparen können.) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Program Files (x86)\Mein Gutscheincode Finder\Internet Explorer\x64\ConversionOneIE.dll File not found
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Mein Gutscheincode Finder zeigt automatisch Shopping-Gutscheine an mit denen Sie beim Online-Einkauf sparen können.) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Program Files (x86)\Mein Gutscheincode Finder\Internet Explorer\x86\ConversionOneIE.dll File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (CescrtHlpr Object) - {64182481-4F71-486b-A045-B233BD0DA8FC} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.8\bh\facemoods.dll File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar64.dll ()
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Conduit Engine) - {30F9B915-B755-4826-820B-08FBA6BD249D} - C:\Program Files (x86)\ConduitEngine\prxConduitEngine.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files (x86)\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (DVDVideoSoftTB Toolbar) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (facemoods Toolbar) - {DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.8\facemoodsTlbr.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-907013825-1055173690-614559143-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-907013825-1055173690-614559143-1001\..\Toolbar\WebBrowser: (DVDVideoSoftTB Toolbar) - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [ODDPwr] C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-907013825-1055173690-614559143-1001..\Run: [Akamai NetSession Interface] C:\Users\Home\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\S-1-5-21-907013825-1055173690-614559143-1001..\Run: [NVIDIA driver monitor] c:\windows\nvsvc32.exe File not found
O4 - HKU\S-1-5-21-907013825-1055173690-614559143-1001..\Run: [Steam] A:\Spiele\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Home\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Home\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Home\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Home\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {063F7D71-5E0B-48F2-87D5-F63C5917947E} hxxp://ahnlabdownload.nefficient.co.kr/aos/plugin/aosmgr.cab (Aosmgr Control)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files%20(x86)/Plants%20vs.%20Zombies%20-%20Game%20of%20the%20Year%20Edition/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files%20(x86)/Plants%20vs.%20Zombies%20-%20Game%20of%20the%20Year%20Edition/Images/armhelper.ocx (ArmHelper Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CBFF7C8E-01AF-47B5-A4F6-A6D5F88C8B31}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\saphtmlp - No CLSID value found
O18:64bit: - Protocol\Handler\sapr3 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\saphtmlp {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP, Walldorf)
O18 - Protocol\Handler\sapr3 {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP, Walldorf)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.02.03 00:07:14 | 000,000,058 | -H-- | M] () - G:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{2cc05ff4-cc9c-11e0-9252-c80aa98d5180}\Shell - "" = AutoRun
O33 - MountPoints2\{2cc05ff4-cc9c-11e0-9252-c80aa98d5180}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{9ebd195b-6a90-11df-8a8e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{9ebd195b-6a90-11df-8a8e-806e6f6e6963}\Shell\AutoRun\command - "" = G:\Diablo III Setup.exe -- [2012.02.03 00:07:14 | 001,856,592 | ---- | M] (Blizzard Entertainment)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
MsConfig:64bit - StartUpReg: avast5 - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MsConfig:64bit - StartUpReg: facemoods - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
MsConfig:64bit - StartUpReg: TkBellExe - hkey= - key= - c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
MsConfig:64bit - StartUpReg: WinampAgent - hkey= - key= -  File not found
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MCODS - Reg Error: Value error.
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MCODS - Reg Error: Value error.
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: MCODS - Reg Error: Value error.
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: HelpSvc - Service
SafeBootNet: MCODS - Reg Error: Value error.
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.XFR1 - C:\Windows\SysWow64\xfcodec.dll ()
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.07 17:29:54 | 000,000,000 | ---D | C] -- C:\Users\Home\Documents\Red Alert 3
[2012.07.07 17:25:10 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Red Alert 3
[2012.07.06 17:17:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.07.04 15:53:06 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Malwarebytes
[2012.07.04 15:51:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.04 15:51:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.04 15:51:05 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.07.04 15:51:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.06.28 13:22:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012.06.28 13:22:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2012.06.23 17:01:16 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\dxhr
[2012.06.23 17:00:25 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\28050
[2012.06.19 13:55:18 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Mozilla
[2012.06.19 13:51:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
[2012.06.19 13:51:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MozBackup
[2012.06.18 12:25:35 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\Macromedia
[2011.12.08 14:42:42 | 003,539,040 | ---- | C] (AVAST Software) -- C:\Program Files\Alwil Softw
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.09 20:07:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.09 19:34:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.09 18:05:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.09 10:19:50 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.09 10:19:50 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.09 10:10:35 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.09 10:09:40 | 2962,243,584 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.08 16:52:10 | 000,600,452 | ---- | M] () -- C:\Users\Home\Desktop\Treasury_Cash_Management_SS_2012.pdf
[2012.07.08 16:52:01 | 000,580,669 | ---- | M] () -- C:\Users\Home\Desktop\Grundlagen_Zins-_und_Waehrungsmanagement_Maerz_2012.pdf
[2012.07.08 12:20:14 | 000,056,073 | ---- | M] () -- C:\Users\Home\Desktop\Management Tools Aufsatz Robert.pdf
[2012.07.05 23:45:45 | 001,828,946 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.07.05 23:45:45 | 000,773,738 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.07.05 23:45:45 | 000,727,316 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.07.05 23:45:45 | 000,178,388 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.07.05 23:45:45 | 000,150,596 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.07.05 20:09:33 | 000,169,635 | ---- | M] () -- C:\Users\Home\Desktop\lessons_learnt.pdf
[2012.07.05 18:14:37 | 000,525,284 | ---- | M] () -- C:\Users\Home\Desktop\Treasury_SS_2011.pdf
[2012.07.05 18:13:57 | 001,968,225 | ---- | M] () -- C:\Users\Home\Desktop\Controlling_SS_2011.pdf
[2012.07.04 17:29:39 | 000,035,524 | ---- | M] () -- C:\Users\Home\Desktop\error.png
[2012.07.04 17:15:37 | 000,125,975 | ---- | M] () -- C:\Users\Home\Desktop\malware4.png
[2012.07.04 15:51:06 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.03 22:31:32 | 000,041,528 | ---- | M] () -- C:\Users\Home\Desktop\OTL_Extras.rar
[2012.07.03 21:28:55 | 000,000,000 | ---- | M] () -- C:\Users\Home\defogger_reenable
[2012.07.03 17:44:22 | 004,503,728 | ---- | M] () -- C:\ProgramData\nud0repor.pad
[2012.07.03 17:43:12 | 000,001,885 | ---- | M] () -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.06.29 12:47:26 | 000,007,225 | ---- | M] () -- C:\Users\Home\Desktop\100-Punkte-Skala.png
[2012.06.24 21:32:32 | 000,001,024 | RH-- | M] () -- C:\Users\Public\Documents\NTILiveUpdate.dll
[2012.06.19 13:55:11 | 000,001,094 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.06.19 13:51:42 | 002,768,250 | ---- | M] () -- C:\Users\Home\Documents\Firefox 13.0.1 (de) - 2012-06-19.pcv
[2012.06.14 15:33:02 | 000,450,560 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.07.08 16:52:10 | 000,600,452 | ---- | C] () -- C:\Users\Home\Desktop\Treasury_Cash_Management_SS_2012.pdf
[2012.07.08 16:52:01 | 000,580,669 | ---- | C] () -- C:\Users\Home\Desktop\Grundlagen_Zins-_und_Waehrungsmanagement_Maerz_2012.pdf
[2012.07.08 12:20:13 | 000,056,073 | ---- | C] () -- C:\Users\Home\Desktop\Management Tools Aufsatz Robert.pdf
[2012.07.05 20:09:33 | 000,169,635 | ---- | C] () -- C:\Users\Home\Desktop\lessons_learnt.pdf
[2012.07.05 18:14:36 | 000,525,284 | ---- | C] () -- C:\Users\Home\Desktop\Treasury_SS_2011.pdf
[2012.07.05 18:13:57 | 001,968,225 | ---- | C] () -- C:\Users\Home\Desktop\Controlling_SS_2011.pdf
[2012.07.04 17:21:04 | 000,035,524 | ---- | C] () -- C:\Users\Home\Desktop\error.png
[2012.07.04 17:15:37 | 000,125,975 | ---- | C] () -- C:\Users\Home\Desktop\malware4.png
[2012.07.04 15:51:06 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.03 22:31:32 | 000,041,528 | ---- | C] () -- C:\Users\Home\Desktop\OTL_Extras.rar
[2012.07.03 21:28:55 | 000,000,000 | ---- | C] () -- C:\Users\Home\defogger_reenable
[2012.07.03 17:43:12 | 004,503,728 | ---- | C] () -- C:\ProgramData\nud0repor.pad
[2012.07.03 17:43:12 | 000,001,885 | ---- | C] () -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.06.29 12:47:26 | 000,007,225 | ---- | C] () -- C:\Users\Home\Desktop\100-Punkte-Skala.png
[2012.06.19 13:55:11 | 000,001,106 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.06.19 13:55:11 | 000,001,094 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.06.19 13:51:34 | 002,768,250 | ---- | C] () -- C:\Users\Home\Documents\Firefox 13.0.1 (de) - 2012-06-19.pcv
[2012.06.19 11:43:23 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.05.28 10:37:43 | 000,007,605 | ---- | C] () -- C:\Users\Home\AppData\Local\Resmon.ResmonCfg
[2012.05.03 04:54:46 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2012.03.30 19:48:50 | 000,000,152 | ---- | C] () -- C:\Windows\wininit.ini
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.07.04 17:24:00 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011.05.24 23:44:26 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.05.20 10:59:09 | 000,000,000 | ---- | C] () -- C:\Users\Home\AppData\Local\{6DB3E144-DF23-4CD2-A2B7-DC468319DB2B}
[2011.05.01 22:28:45 | 000,005,120 | ---- | C] () -- C:\Windows\SysWow64\godlike.dat
[2011.02.26 14:57:24 | 000,187,699 | ---- | C] () -- C:\Windows\Kino Mogul Uninstaller.exe
[2011.02.17 14:02:20 | 000,000,092 | ---- | C] () -- C:\Users\Home\AppData\Local\fusioncache.dat
[2011.02.16 20:48:50 | 000,004,608 | ---- | C] () -- C:\Users\Home\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.16 18:59:51 | 001,806,840 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.02.16 18:58:14 | 000,107,832 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.02.16 18:58:13 | 002,250,024 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.02.16 18:58:13 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.02.06 16:52:19 | 000,065,536 | ---- | C] () -- C:\Windows\IFinst27.exe
[2011.01.18 14:06:39 | 000,051,200 | ---- | C] () -- C:\Windows\SysWow64\h5tool32.dll
[2011.01.18 14:06:38 | 001,064,960 | ---- | C] () -- C:\Windows\SysWow64\h5krnl32.dll
[2011.01.18 14:06:38 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\h5menu32.dll
[2011.01.18 14:06:38 | 000,095,744 | ---- | C] () -- C:\Windows\SysWow64\h5rtf32.dll
[2011.01.18 14:06:37 | 000,188,928 | ---- | C] () -- C:\Windows\SysWow64\h5icon32.dll
[2011.01.15 18:34:20 | 000,000,376 | ---- | C] () -- C:\Users\Home\AppData\Roaming\wklnhst.dat
[2011.01.13 15:44:38 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.01.13 15:35:02 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.05.14 06:57:51 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
 
========== LOP Check ==========
 
[2012.01.31 19:28:03 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\.minecraft
[2011.10.14 14:18:21 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Auslogics
[2011.06.07 16:48:41 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Azgard
[2012.03.30 13:23:37 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Babylon
[2012.01.28 20:51:08 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\BigHugeEngine
[2011.10.18 16:59:13 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\BitTorrent
[2012.02.01 17:38:56 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\DAEMON Tools Lite
[2012.02.16 12:44:07 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\DVDVideoSoft
[2011.02.16 20:38:04 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.05.15 17:06:37 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\FUEL Demo
[2011.06.01 16:54:12 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\GetRightToGo
[2011.06.19 16:02:29 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\go
[2012.01.21 20:57:28 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\LolClient
[2012.05.24 16:02:45 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\LolClient2
[2011.04.18 16:14:11 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\OOo-dev
[2011.04.18 15:22:05 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\OpenOffice.org
[2012.03.30 13:23:40 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\pdfforge
[2011.02.17 16:28:49 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\PlayFirst
[2012.07.07 17:28:42 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Red Alert 3
[2011.02.02 17:35:00 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\SAP
[2011.06.01 13:40:51 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\SpinTop
[2012.03.29 22:16:03 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Subversion
[2011.10.13 14:21:41 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\TeamViewer
[2011.01.16 16:34:33 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Template
[2012.06.19 11:38:28 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\TS3Client
[2011.07.17 00:36:06 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\ts3overlay
[2012.05.21 18:31:56 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Ubisoft
[2011.03.15 18:18:45 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Windows Live Writer
[2012.01.04 22:58:51 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Winter Sports 2011
[2011.03.18 19:19:54 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\XRay Engine
[2011.08.22 17:20:31 | 000,000,000 | ---D | M] -- C:\Users\Internet\AppData\Roaming\eType
[2012.05.14 08:58:13 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.01.31 19:28:03 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\.minecraft
[2011.04.16 15:12:37 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Adobe
[2012.01.18 23:08:31 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Apple Computer
[2011.01.13 15:29:07 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\ATI
[2011.10.14 14:18:21 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Auslogics
[2012.01.09 17:50:21 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Avira
[2011.06.07 16:48:41 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Azgard
[2012.03.30 13:23:37 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Babylon
[2012.01.28 20:51:08 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\BigHugeEngine
[2011.10.18 16:59:13 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\BitTorrent
[2012.02.01 17:38:56 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\DAEMON Tools Lite
[2012.02.02 19:48:34 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\DivX
[2011.06.27 18:45:06 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\dvdcss
[2012.02.16 12:44:07 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\DVDVideoSoft
[2011.02.16 20:38:04 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.05.15 17:06:37 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\FUEL Demo
[2011.06.01 16:54:12 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\GetRightToGo
[2011.06.19 16:02:29 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\go
[2011.01.13 15:30:46 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Google
[2011.01.13 15:27:22 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Identities
[2012.01.05 12:19:09 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\InstallShield
[2011.01.13 15:28:04 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Intel Corporation
[2012.01.21 20:57:28 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\LolClient
[2012.05.24 16:02:45 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\LolClient2
[2011.01.13 15:27:54 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Macromedia
[2012.07.04 15:53:06 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Malwarebytes
[2009.07.14 09:44:38 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Media Center Programs
[2012.05.08 18:35:41 | 000,000,000 | --SD | M] -- C:\Users\Home\AppData\Roaming\Microsoft
[2012.06.19 13:55:29 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Mozilla
[2011.04.18 16:14:11 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\OOo-dev
[2011.04.18 15:22:05 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\OpenOffice.org
[2012.03.30 13:23:40 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\pdfforge
[2011.02.17 16:28:49 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\PlayFirst
[2011.12.10 13:43:52 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Real
[2012.07.07 17:28:42 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Red Alert 3
[2011.02.02 17:35:00 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\SAP
[2011.02.16 19:04:34 | 000,000,000 | RH-D | M] -- C:\Users\Home\AppData\Roaming\SecuROM
[2012.07.09 20:04:43 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Skype
[2011.05.28 16:02:11 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\skypePM
[2011.06.01 13:40:51 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\SpinTop
[2012.03.29 22:16:03 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Subversion
[2011.10.13 14:21:41 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\TeamViewer
[2011.01.16 16:34:33 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Template
[2012.03.29 22:18:03 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\TortoiseSVN
[2012.06.19 11:38:28 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\TS3Client
[2011.07.17 00:36:06 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\ts3overlay
[2012.05.21 18:31:56 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Ubisoft
[2011.06.27 18:41:59 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\vlc
[2011.03.15 18:18:45 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Windows Live Writer
[2011.10.15 14:25:16 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\WinRAR
[2012.01.04 22:58:51 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Winter Sports 2011
[2012.06.06 20:22:34 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Xfire
[2011.03.18 19:19:54 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\XRay Engine
 
< %APPDATA%\*.exe /s >
[2011.11.28 11:51:16 | 001,102,574 | ---- | M] () -- C:\Users\Home\AppData\Roaming\.minecraft\texturepacks\MCpatcher-2.2.2.exe
[2011.02.26 16:52:46 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Home\AppData\Roaming\Microsoft\Installer\{B2390904-74BD-48AA-B2CC-6612F8D46379}\ARPPRODUCTICON.exe
[2011.02.26 16:52:46 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Home\AppData\Roaming\Microsoft\Installer\{B2390904-74BD-48AA-B2CC-6612F8D46379}\GameShadow.exe1_0A3DE514292C4EBA987823B82B0B2BA2.exe
[2011.02.26 16:52:46 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Home\AppData\Roaming\Microsoft\Installer\{B2390904-74BD-48AA-B2CC-6612F8D46379}\GameShadow.exe_0A3DE514292C4EBA987823B82B0B2BA2.exe
[2011.02.26 16:52:46 | 000,008,854 | R--- | M] () -- C:\Users\Home\AppData\Roaming\Microsoft\Installer\{B2390904-74BD-48AA-B2CC-6612F8D46379}\Uninstall_GameShadow_B239090474BD48AAB2CC6612F8D46379.exe
[2011.02.06 17:21:14 | 263,326,453 | ---- | M] () -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ragnarok Online\pRO Installer v3.exe
[2012.07.01 16:29:05 | 000,315,544 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Home\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\rnupgagent.exe
 
< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2009.12.20 00:00:00 | 000,037,520 | ---- | M] (perl.org) MD5=2852D57385C4709EAAE2F9DB01AD3672 -- C:\Users\Home\xampp\perl\site\lib\auto\Win32\EventLog\EventLog.dll
 
< MD5 for: IASTOR.SYS  >
[2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\drivers\iaStor.sys
[2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_78ebae21a80aa2b4\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0033117673c16921\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\SysNative\user32.dll
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:93DE1838
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:93EB7685
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:ABE89FFE
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:798A3728
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:2D09AB80

< End of report >
--- --- ---


Gruß Christian

cosinus 10.07.2012 11:03
adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Search.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

ChrissCross6 10.07.2012 16:07
Hey,

also hab das mit AdwCleaner gescannt.

Code:
# AdwCleaner v1.701 - Logfile created 07/10/2012 at 17:01:37
# Updated 02/07/2012 by Xplode
# Operating system : Windows 7 Home Premium  (64 bits)
# User : Home - HOME-PC
# Running from : C:\Users\Home\Desktop\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

Folder Found : C:\Users\Home\AppData\Local\Babylon
Folder Found : C:\Users\Home\AppData\Local\Conduit
Folder Found : C:\Users\Internet\AppData\Local\Temp\boost_interprocess
Folder Found : C:\Users\Home\AppData\LocalLow\boost_interprocess
Folder Found : C:\Users\Home\AppData\LocalLow\Conduit
Folder Found : C:\Users\Home\AppData\LocalLow\ConduitEngine
Folder Found : C:\Users\Home\AppData\LocalLow\DVDVideoSoftTB
Folder Found : C:\Users\Home\AppData\LocalLow\facemoods.com
Folder Found : C:\Users\Home\AppData\LocalLow\PriceGong
Folder Found : C:\Users\Internet\AppData\LocalLow\boost_interprocess
Folder Found : C:\Users\Internet\AppData\LocalLow\facemoods.com
Folder Found : C:\Users\Home\AppData\Roaming\Babylon
Folder Found : C:\Users\Home\AppData\Roaming\pdfforge
Folder Found : C:\Users\Internet\AppData\Roaming\eType
Folder Found : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\k2e0147e.default\Conduit
Folder Found : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\k2e0147e.default\ConduitEngine
Folder Found : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\k2e0147e.default\extensions\DTToolbar@toolbarnet.com
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\ConduitEngine
Folder Found : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Found : C:\Program Files (x86)\DVDVideoSoftTB
Folder Found : C:\Program Files (x86)\Common Files\Software Update Utility
File Found : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\k2e0147e.default\searchplugins\aol-web-search.xml
File Found : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\k2e0147e.default\searchplugins\Conduit.xml
File Found : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
File Found : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt
File Found : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
File Found : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrch.xml

***** [Registry] *****
[*] Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\conduitEngine
Key Found : HKCU\Software\AppDataLow\Software\PriceGong
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\facemoods.com
Key Found : HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Found : HKLM\SOFTWARE\Classes\dnUpdate
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Found : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Found : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Found : HKLM\SOFTWARE\Classes\esrv.escrtSrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.escrtSrvc.1
Key Found : HKLM\SOFTWARE\Classes\facemoods.dskBnd
Key Found : HKLM\SOFTWARE\Classes\facemoods.dskBnd.1
Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Key Found : HKLM\SOFTWARE\Classes\facemoods.xtrnl
Key Found : HKLM\SOFTWARE\Classes\facemoods.xtrnl.1
Key Found : HKLM\SOFTWARE\Classes\facemoodsApp.appCore
Key Found : HKLM\SOFTWARE\Classes\facemoodsApp.appCore.1
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\conduitEngine
Key Found : HKLM\SOFTWARE\DVDVideoSoftTB
Key Found : HKLM\SOFTWARE\facemoods.com
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Key Found : HKLM\SOFTWARE\Google\chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DAEMON Tools Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\facemoods
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
[x64] Key Found : HKCU\Software\AppDataLow\Software\Conduit
[x64] Key Found : HKCU\Software\AppDataLow\Software\conduitEngine
[x64] Key Found : HKCU\Software\AppDataLow\Software\PriceGong
[x64] Key Found : HKCU\Software\AppDataLow\Toolbar
[x64] Key Found : HKCU\Software\facemoods.com
[x64] Key Found : HKCU\Software\Softonic
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
[x64] Key Found : HKLM\SOFTWARE\Classes\Conduit.Engine
[x64] Key Found : HKLM\SOFTWARE\Classes\dnUpdate
[x64] Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
[x64] Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
[x64] Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
[x64] Key Found : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
[x64] Key Found : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
[x64] Key Found : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
[x64] Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
[x64] Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
[x64] Key Found : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
[x64] Key Found : HKLM\SOFTWARE\Classes\esrv.escrtSrvc
[x64] Key Found : HKLM\SOFTWARE\Classes\esrv.escrtSrvc.1
[x64] Key Found : HKLM\SOFTWARE\Classes\facemoods.dskBnd
[x64] Key Found : HKLM\SOFTWARE\Classes\facemoods.dskBnd.1
[x64] Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
[x64] Key Found : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
[x64] Key Found : HKLM\SOFTWARE\Classes\facemoods.xtrnl
[x64] Key Found : HKLM\SOFTWARE\Classes\facemoods.xtrnl.1
[x64] Key Found : HKLM\SOFTWARE\Classes\facemoodsApp.appCore
[x64] Key Found : HKLM\SOFTWARE\Classes\facemoodsApp.appCore.1

***** [Registre - GUID] *****

Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Found : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Found : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A5B99E41-E157-4209-8AAC-DB003A816079}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AD20D01C-C939-4DD2-8C55-56935A48987E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E95EAD3F-18C6-4304-9DC6-BD6FD8E11D37}
Key Found : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Found : HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Found : HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Key Found : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Key Found : HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Found : HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Key Found : HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Found : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Key Found : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{12A5F606-B1EC-474C-83ED-95E99FD8058E}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFDF9EF3-3C3A-4F05-9A6E-5D3B778EC567}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
[x64] Key Found : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
[x64] Key Found : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
[x64] Key Found : HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{12A5F606-B1EC-474C-83ED-95E99FD8058E}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
[x64] Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
[x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
[x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
[x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
[x64] Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
[x64] Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
[x64] Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
[x64] Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
[x64] Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?affID=111304&tt=290312_29&babsrc=HP_ss&mntrId=542af25f00000000000078e4009be100
[HKCU\Software\Microsoft\Internet Explorer\Main - Secondary Start Pages] = hxxp://search.conduit.com?searchsource=10&ctid=ct2269050
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=gppc&s={searchTerms}&f=4

-\\ Mozilla Firefox v13.0.1 (de)

Profile name : default
File : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\k2e0147e.default\prefs.js

Found : user_pref("CT2269050..clientLogIsEnabled", false);
Found : user_pref("CT2269050..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2269050..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2269050.CTID", "CT2269050");
Found : user_pref("CT2269050.CurrentServerDate", "2-2-2011");
Found : user_pref("CT2269050.DialogsAlignMode", "LTR");
Found : user_pref("CT2269050.DialogsGetterLastCheckTime", "Mon Jan 17 2011 17:41:52 GMT+0100");
Found : user_pref("CT2269050.DownloadReferralCookieData", "");
Found : user_pref("CT2269050.EMailNotifierPollDate", "Wed Feb 02 2011 16:39:51 GMT+0100");
Found : user_pref("CT2269050.FirstServerDate", "14-1-2011");
Found : user_pref("CT2269050.FirstTime", true);
Found : user_pref("CT2269050.FirstTimeFF3", true);
Found : user_pref("CT2269050.FirstTimeSettingsDone", true);
Found : user_pref("CT2269050.FixPageNotFoundErrors", true);
Found : user_pref("CT2269050.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2269050.Initialize", true);
Found : user_pref("CT2269050.InitializeCommonPrefs", true);
Found : user_pref("CT2269050.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2269050.InstallationType", "UnknownIntegration");
Found : user_pref("CT2269050.InstalledDate", "Fri Jan 14 2011 01:51:53 GMT+0100");
Found : user_pref("CT2269050.InvalidateCache", false);
Found : user_pref("CT2269050.IsGrouping", false);
Found : user_pref("CT2269050.IsMulticommunity", false);
Found : user_pref("CT2269050.IsOpenThankYouPage", false);
Found : user_pref("CT2269050.IsOpenUninstallPage", false);
Found : user_pref("CT2269050.LanguagePackLastCheckTime", "Wed Feb 02 2011 15:53:44 GMT+0100");
Found : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2269050.LastLogin_2.7.2.0", "Mon Jan 17 2011 17:35:35 GMT+0100");
Found : user_pref("CT2269050.LastLogin_3.3.0.19", "Wed Feb 02 2011 13:53:26 GMT+0100");
Found : user_pref("CT2269050.LatestVersion", "3.2.5.2");
Found : user_pref("CT2269050.Locale", "en");
Found : user_pref("CT2269050.LoginCache", 4);
Found : user_pref("CT2269050.MCDetectTooltipHeight", "83");
Found : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2269050.MCDetectTooltipWidth", "295");
Found : user_pref("CT2269050.RadioIsPodcast", false);
Found : user_pref("CT2269050.RadioLastCheckTime", "Wed Feb 02 2011 15:53:45 GMT+0100");
Found : user_pref("CT2269050.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
Found : user_pref("CT2269050.RadioMediaID", "12473383");
Found : user_pref("CT2269050.RadioMediaType", "Media Player");
Found : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
Found : user_pref("CT2269050.RadioStationName", "Hotmix%20108");
Found : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
Found : user_pref("CT2269050.SavedHomepage", "resource:/browserconfig.properties");
Found : user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Found : user_pref("CT2269050.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...]
Found : user_pref("CT2269050.SearchInNewTabEnabled", true);
Found : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Wed Feb 02 2011 16:23:55 GMT+0100");
Found : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT2269050.ServiceMapLastCheckTime", "Mon Jan 17 2011 17:41:50 GMT+0100");
Found : user_pref("CT2269050.SettingsCheckIntervalMin", 120);
Found : user_pref("CT2269050.SettingsLastCheckTime", "Wed Feb 02 2011 15:53:44 GMT+0100");
Found : user_pref("CT2269050.SettingsLastUpdate", "1295944639");
Found : user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Fri Jan 14 2011 01:51:53 GMT+0100");
Found : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1246790578");
Found : user_pref("CT2269050.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Found : user_pref("CT2269050.UserID", "UN95046575257571699");
Found : user_pref("CT2269050.ValidationData_Toolbar", 2);
Found : user_pref("CT2269050.WeatherNetwork", "");
Found : user_pref("CT2269050.WeatherPollDate", "Wed Feb 02 2011 16:23:56 GMT+0100");
Found : user_pref("CT2269050.WeatherUnit", "C");
Found : user_pref("CT2269050.alertChannelId", "666138");
Found : user_pref("CT2269050.backendstorage.youtubelang", "4445");
Found : user_pref("CT2269050.clientLogIsEnabled", false);
Found : user_pref("CT2269050.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Found : user_pref("CT2269050.globalFirstTimeInfoLastCheckTime", "Mon Jan 31 2011 17:41:53 GMT+0100");
Found : user_pref("CT2269050.isAppTrackingManagerOn", true);
Found : user_pref("CT2269050.myStuffEnabled", true);
Found : user_pref("CT2269050.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2269050.toolbarAppMetaDataLastCheckTime", "Wed Feb 02 2011 16:23:55 GMT+0100");
Found : user_pref("CT2269050.toolbarContextMenuLastCheckTime", "Mon Jan 17 2011 17:41:52 GMT+0100");
Found : user_pref("CT2269050.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Found : user_pref("CT2903601..clientLogIsEnabled", true);
Found : user_pref("CT2903601..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Found : user_pref("CT2903601..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Found : user_pref("CT2903601.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Found : user_pref("CT2903601.AppTrackingLastCheckTime", "Wed Feb 02 2011 13:53:36 GMT+0100");
Found : user_pref("CT2903601.CT2903601", "CT2903601");
Found : user_pref("CT2903601.CurrentServerDate", "2-2-2011");
Found : user_pref("CT2903601.DialogsAlignMode", "LTR");
Found : user_pref("CT2903601.DialogsGetterLastCheckTime", "Mon Jan 17 2011 17:41:52 GMT+0100");
Found : user_pref("CT2903601.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Bann[...]
Found : user_pref("CT2903601.ExternalComponentPollDate129390375723768938", "Wed Feb 02 2011 16:40:32 GMT+010[...]
Found : user_pref("CT2903601.FirstServerDate", "17-1-2011");
Found : user_pref("CT2903601.FirstTime", true);
Found : user_pref("CT2903601.FirstTimeFF3", true);
Found : user_pref("CT2903601.FixPageNotFoundErrors", false);
Found : user_pref("CT2903601.GroupingServerCheckInterval", 1440);
Found : user_pref("CT2903601.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Found : user_pref("CT2903601.HasUserGlobalKeys", true);
Found : user_pref("CT2903601.Initialize", true);
Found : user_pref("CT2903601.InitializeCommonPrefs", true);
Found : user_pref("CT2903601.InstallationAndCookieDataSentCount", 3);
Found : user_pref("CT2903601.InstalledDate", "Mon Jan 17 2011 17:41:54 GMT+0100");
Found : user_pref("CT2903601.InvalidateCache", false);
Found : user_pref("CT2903601.IsGrouping", false);
Found : user_pref("CT2903601.IsMulticommunity", false);
Found : user_pref("CT2903601.IsOpenThankYouPage", true);
Found : user_pref("CT2903601.IsOpenUninstallPage", true);
Found : user_pref("CT2903601.LanguagePackLastCheckTime", "Wed Feb 02 2011 15:53:45 GMT+0100");
Found : user_pref("CT2903601.LanguagePackReloadIntervalMM", 1440);
Found : user_pref("CT2903601.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Found : user_pref("CT2903601.LastLogin_3.3.0.19", "Wed Feb 02 2011 13:53:26 GMT+0100");
Found : user_pref("CT2903601.LatestVersion", "3.2.5.2");
Found : user_pref("CT2903601.Locale", "en");
Found : user_pref("CT2903601.MCDetectTooltipHeight", "83");
Found : user_pref("CT2903601.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Found : user_pref("CT2903601.MCDetectTooltipWidth", "295");
Found : user_pref("CT2903601.RadioIsPodcast", false);
Found : user_pref("CT2903601.RadioLastCheckTime", "Tue Feb 01 2011 17:09:47 GMT+0100");
Found : user_pref("CT2903601.RadioLastUpdateIPServer", "3");
Found : user_pref("CT2903601.RadioLastUpdateServer", "129400399067100000");
Found : user_pref("CT2903601.RadioMediaID", "21753332");
Found : user_pref("CT2903601.RadioMediaType", "Media Player");
Found : user_pref("CT2903601.RadioMenuSelectedID", "EBRadioMenu_CT2903601_RECENT21753332");
Found : user_pref("CT2903601.RadioStationName", "California%20Rock%20-%20Rock");
Found : user_pref("CT2903601.RadioStationURL", "hxxp://www.feedlive.net/california.asx");
Found : user_pref("CT2903601.SHRINK_TOOLBAR", 1);
Found : user_pref("CT2903601.SavedHomepage", "hxxp://www.google.de");
Found : user_pref("CT2903601.SearchFromAddressBarIsInit", true);
Found : user_pref("CT2903601.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT290[...]
Found : user_pref("CT2903601.SearchInNewTabEnabled", true);
Found : user_pref("CT2903601.SearchInNewTabIntervalMM", 1440);
Found : user_pref("CT2903601.SearchInNewTabLastCheckTime", "Wed Feb 02 2011 16:23:55 GMT+0100");
Found : user_pref("CT2903601.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Found : user_pref("CT2903601.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Found : user_pref("CT2903601.ServiceMapLastCheckTime", "Wed Feb 02 2011 16:23:55 GMT+0100");
Found : user_pref("CT2903601.SettingsLastCheckTime", "Wed Feb 02 2011 15:53:44 GMT+0100");
Found : user_pref("CT2903601.SettingsLastUpdate", "1296660280");
Found : user_pref("CT2903601.ThirdPartyComponentsInterval", 504);
Found : user_pref("CT2903601.ThirdPartyComponentsLastCheck", "Mon Jan 17 2011 17:41:50 GMT+0100");
Found : user_pref("CT2903601.ThirdPartyComponentsLastUpdate", "1246790578");
Found : user_pref("CT2903601.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Found : user_pref("CT2903601.UserID", "UN61791233533363634");
Found : user_pref("CT2903601.ValidationData_Toolbar", 2);
Found : user_pref("CT2903601.WeatherNetwork", "");
Found : user_pref("CT2903601.WeatherPollDate", "Wed Feb 02 2011 16:23:56 GMT+0100");
Found : user_pref("CT2903601.WeatherUnit", "C");
Found : user_pref("CT2903601.alertChannelId", "1295532");
Found : user_pref("CT2903601.approveUntrustedApps", true);
Found : user_pref("CT2903601.backendstorage._fb_dailyactivity", "31323936353837353433373636");
Found : user_pref("CT2903601.backendstorage._fb_lifetimesent", "54525545");
Found : user_pref("CT2903601.backendstorage.dob_dailyactivity", "31323936363538353639393839");
Found : user_pref("CT2903601.backendstorage.dob_lifetimesent", "54525545");
Found : user_pref("CT2903601.backendstorage.dob_login_status", "4C4F474745445F4F4646");
Found : user_pref("CT2903601.globalFirstTimeInfoLastCheckTime", "Mon Jan 31 2011 17:41:54 GMT+0100");
Found : user_pref("CT2903601.isAppTrackingManagerOn", true);
Found : user_pref("CT2903601.myStuffEnabled", true);
Found : user_pref("CT2903601.myStuffPublihserMinWidth", 400);
Found : user_pref("CT2903601.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Found : user_pref("CT2903601.myStuffServiceIntervalMM", 1440);
Found : user_pref("CT2903601.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Found : user_pref("CT2903601.oldAppsList", "129390375722206387,129390375723768937,129390375723768938,1000082[...]
Found : user_pref("CT2903601.testingCtid", "");
Found : user_pref("CT2903601.toolbarAppMetaDataLastCheckTime", "Wed Feb 02 2011 16:23:55 GMT+0100");
Found : user_pref("CT2903601.toolbarContextMenuLastCheckTime", "Mon Jan 17 2011 17:41:54 GMT+0100");
Found : user_pref("CT2903601.usagesFlag", 2);
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1295532/1291203/DE", "\"0\"[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"")[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2269050", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2903601", [...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.0[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=2.7.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2903601",[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63428984078257[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/20[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2269050/CT2269050[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2903601/CT2903601[...]
Found : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Found : user_pref("CommunityToolbar.EngineOwner", "CT2903601");
Found : user_pref("CommunityToolbar.EngineOwnerGuid", "{e84cc2c1-b722-48fc-a39c-edb8b525c777}");
Found : user_pref("CommunityToolbar.EngineOwnerToolbarId", "productivity_2.2");
Found : user_pref("CommunityToolbar.IsEngineShown", true);
Found : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Found : user_pref("CommunityToolbar.MiniIPageGadgetPosition. hxxp://storage.conduit.com/gadgets/LiveTV.html?[...]
Found : user_pref("CommunityToolbar.MiniIPageGadgetPosition. hxxp://storage.conduit.com/gadgets/LiveTV.html?[...]
Found : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://www.come2play.com/shared/appGame/main2/ga[...]
Found : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://youtube.conduitapps.com/v29/gadget.html?a[...]
Found : user_pref("CommunityToolbar.MiniIPageGadgetSize. hxxp://storage.conduit.com/gadgets/LiveTV.html?sour[...]
Found : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2903601");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{e84cc2c1-b722-48fc-a39c-edb8b525c777}");
Found : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "productivity_2.2");
Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Found : user_pref("CommunityToolbar.ToolbarsList", "CT2269050,ConduitEngine,CT2903601");
Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2269050,CT2903601");
Found : user_pref("CommunityToolbar.alert.alertEnabled", true);
Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Feb 02 2011 16:24:03 GMT+0100");
Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Found : user_pref("CommunityToolbar.alert.locale", "en");
Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Feb 02 2011 16:23:55 GMT+0100");
Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291052234");
Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Found : user_pref("CommunityToolbar.alert.userId", "5f6f4df7-d516-4264-8633-0162a57b04c0");
Found : user_pref("CommunityToolbar.globalUserId", "3a47f72e-c9f6-4607-8f05-9d92901073cd");
Found : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Found : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2903601");
Found : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Wed Feb 02 2011 13:53:36 GMT+0100");
Found : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Tue Feb 01 2011 21:17:44 GMT+0100");
Found : user_pref("ConduitEngine.FirstServerDate", "01/17/2011 19");
Found : user_pref("ConduitEngine.FirstTime", true);
Found : user_pref("ConduitEngine.FirstTimeFF3", true);
Found : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Found : user_pref("ConduitEngine.HideEngineAfterRestart", true);
Found : user_pref("ConduitEngine.Initialize", true);
Found : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Found : user_pref("ConduitEngine.InstalledDate", "Mon Jan 17 2011 17:41:51 GMT+0100");
Found : user_pref("ConduitEngine.IsMulticommunity", false);
Found : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Found : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Found : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Wed Feb 02 2011 16:23:56 GMT+0100");
Found : user_pref("ConduitEngine.LastLogin_3.3.0.19", "Wed Feb 02 2011 15:53:47 GMT+0100");
Found : user_pref("ConduitEngine.PublisherContainerWidth", 0);
Found : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Found : user_pref("ConduitEngine.SettingsLastCheckTime", "Wed Feb 02 2011 15:53:46 GMT+0100");
Found : user_pref("ConduitEngine.UserID", "UN49933431150484639");
Found : user_pref("ConduitEngine.approveUntrustedApps", false);
Found : user_pref("ConduitEngine.engineLocale", "de");
Found : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Wed Feb 02 2011 16:23:56 GMT+0100");
Found : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Mon Jan 31 2011 17:41:51 GMT+0100");
Found : user_pref("ConduitEngine.initDone", true);
Found : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Found : user_pref("aol_toolbar.surf.date", "11");
Found : user_pref("aol_toolbar.surf.lastDate", "13");
Found : user_pref("aol_toolbar.surf.lastMonth", "9");
Found : user_pref("aol_toolbar.surf.lastYear", "2011");
Found : user_pref("aol_toolbar.surf.month", "11");
Found : user_pref("aol_toolbar.surf.prevMonth", "0");
Found : user_pref("aol_toolbar.surf.total", "11");
Found : user_pref("aol_toolbar.surf.week", "11");
Found : user_pref("aol_toolbar.surf.year", "11");
Found : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Found : user_pref("browser.search.defaultenginename", "AOL Web Search");
Found : user_pref("browser.search.defaultthis.engineName", "Productivity 2.2 Customized Web Search");
Found : user_pref("browser.search.defaulturl", "hxxp://search.winamp.com/search/search?query={searchTerms}&i[...]
Found : user_pref("extensions.engine@conduit.com.install-event-fired", true);
Found : user_pref("extensions.facemoods.aflt", "_#gppc");
Found : user_pref("extensions.facemoods.firstRun", false);
Found : user_pref("extensions.facemoods.lastActv", "5");
Found : user_pref("keyword.URL", "hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&invocati[...]

Profile name : default
File : C:\Users\Internet\AppData\Roaming\Mozilla\Firefox\Profiles\lhchf2ii.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v20.0.1132.47

File : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found :      "homepage": "hxxp://search.babylon.com/?affID=111304&tt=290312_29&babsrc=HP_ss&mntrId=542af25f[...]
Found :          "urls_to_restore_on_startup": [ "hxxp://search.babylon.com/?affID=111304&tt=290312_29&babsr[...]
Found :      "icon_url": "hxxp://www.daemon-search.com/favicon.ico",
Found :      "keyword": "my.daemon-search.com",
Found :      "search_url": "hxxp://www.daemon-search.com/search?q={searchTerms}",
Found :    "homepage": "hxxp://search.babylon.com/?affID=111304&tt=290312_29&babsrc=HP_ss&mntrId=542af25f000[...]
Found :      "urls_to_restore_on_startup": [ "hxxp://search.babylon.com/?affID=111304&tt=290312_29&babsrc=H[...]

*************************

AdwCleaner[R1].txt - [40809 octets] - [10/07/2012 17:01:37]

########## EOF - C:\AdwCleaner[R1].txt - [40938 octets] ##########
Gruß Christian

cosinus 10.07.2012 21:19
adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Delete.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.

ChrissCross6 11.07.2012 18:26
Hey,
okay habe das jetzt gemacht, hier ist der Log:

Code:
# AdwCleaner v1.701 - Logfile created 07/11/2012 at 19:19:03
# Updated 02/07/2012 by Xplode
# Operating system : Windows 7 Home Premium  (64 bits)
# User : Home - HOME-PC
# Running from : C:\Users\Home\Desktop\Programme\adwcleaner.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****

Folder Deleted : C:\Users\Home\AppData\Local\Babylon
Folder Deleted : C:\Users\Home\AppData\Local\Conduit
Folder Deleted : C:\Users\Internet\AppData\Local\Temp\boost_interprocess
Folder Deleted : C:\Users\Home\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Home\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Home\AppData\LocalLow\ConduitEngine
Folder Deleted : C:\Users\Home\AppData\LocalLow\DVDVideoSoftTB
Folder Deleted : C:\Users\Home\AppData\LocalLow\facemoods.com
Folder Deleted : C:\Users\Home\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Internet\AppData\LocalLow\boost_interprocess
Folder Deleted : C:\Users\Internet\AppData\LocalLow\facemoods.com
Folder Deleted : C:\Users\Home\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Home\AppData\Roaming\pdfforge
Folder Deleted : C:\Users\Internet\AppData\Roaming\eType
Folder Deleted : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\k2e0147e.default\Conduit
Folder Deleted : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\k2e0147e.default\ConduitEngine
Folder Deleted : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\k2e0147e.default\extensions\DTToolbar@toolbarnet.com
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\Program Files (x86)\Conduit
Folder Deleted : C:\Program Files (x86)\ConduitEngine
Folder Deleted : C:\Program Files (x86)\DAEMON Tools Toolbar
Folder Deleted : C:\Program Files (x86)\DVDVideoSoftTB
Folder Deleted : C:\Program Files (x86)\Common Files\Software Update Utility
File Deleted : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\k2e0147e.default\searchplugins\aol-web-search.xml
File Deleted : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\k2e0147e.default\searchplugins\Conduit.xml
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.xpt
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.xpt
File Deleted : C:\Program Files (x86)\Mozilla Firefox\searchplugins\fcmdSrch.xml

***** [Registry] *****
[*] Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\conduitEngine
Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\facemoods.com
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj
Key Deleted : HKLM\SOFTWARE\Classes\DTToolbar.ToolBandObj.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.escrtSrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.escrtSrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.dskBnd
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.dskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.facemoodsHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.xtrnl
Key Deleted : HKLM\SOFTWARE\Classes\facemoods.xtrnl.1
Key Deleted : HKLM\SOFTWARE\Classes\facemoodsApp.appCore
Key Deleted : HKLM\SOFTWARE\Classes\facemoodsApp.appCore.1
Key Deleted : HKLM\SOFTWARE\Conduit
Key Deleted : HKLM\SOFTWARE\conduitEngine
Key Deleted : HKLM\SOFTWARE\DVDVideoSoftTB
Key Deleted : HKLM\SOFTWARE\facemoods.com
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Key Deleted : HKLM\SOFTWARE\Google\chrome\Extensions\ihflimipbcaljfnojhhknppphnnciiif
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DAEMON Tools Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\facemoods
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility

***** [Registre - GUID] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5B99E41-E157-4209-8AAC-DB003A816079}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AD20D01C-C939-4DD2-8C55-56935A48987E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DDE2C74F-58CC-4D71-8CE1-09DEBB8CFB78}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E1164984-B567-47BD-A7FF-240C2594404A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E95EAD3F-18C6-4304-9DC6-BD6FD8E11D37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{12A5F606-B1EC-474C-83ED-95E99FD8058E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{AD25754E-D76C-42B3-A335-2F81478B722F}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFDF9EF3-3C3A-4F05-9A6E-5D3B778EC567}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0D7562AE-8EF6-416D-A838-AB665251703A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4DC8-84D1-F5D7BAF2DB0C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{32099AAC-C132-4136-9E9A-4E364A424E17}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{64182481-4F71-486B-A045-B233BD0DA8FC}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{30F9B915-B755-4826-820B-08FBA6BD249D}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
[x64] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{32099AAC-C132-4136-9E9A-4E364A424E17}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{542FA950-C57A-4E17-B3E1-D935DFE15DEE}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5B035F86-41B5-40F1-AAAD-3D219F30244E}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6365AC7B-9920-4D8B-AF5D-3BDFEAC340A8}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6A934270-717F-4BC3-BA59-BC9BED47A8D2}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{74C012C4-00FB-4F04-9AFB-4AD5449D2018}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{78888F8B-D5E4-43CE-89F5-C8C18223AF64}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79B13431-CCAC-4097-8889-D0289E5E924F}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8B8558F6-DC26-4F39-8417-34B8934AA459}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C8D5C57-3CAD-4CF9-BCAD-F873678DA883}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{981334CB-7B8B-431F-B86D-67B7426B125B}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E393F82-2644-4AB6-B994-1AD39D6C59EE}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A3A2A5C0-1306-4D1A-A093-9CECA4230002}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A9379648-F6EB-4F65-A624-1C10411A15D0}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1C2FC43-F042-4F17-AEDB-C5ABF3B42E4B}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C8D424EF-CB21-49A0-8659-476FBAB0F8E8}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2}
[x64] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F7EC6286-297C-4981-9DCC-FD7F57BC24C9}
[x64] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{32099AAC-C132-4136-9E9A-4E364A424E17}]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.babylon.com/?affID=111304&tt=290312_29&babsrc=HP_ss&mntrId=542af25f00000000000078e4009be100 --> hxxp://www.google.com
Replaced : [HKCU\Software\Microsoft\Internet Explorer\Main - Secondary Start Pages] = hxxp://search.conduit.com?searchsource=10&ctid=ct2269050 --> hxxp://www.google.com
Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://start.facemoods.com/?a=gppc&s={searchTerms}&f=4 --> hxxp://www.google.com

-\\ Mozilla Firefox v13.0.1 (de)

Profile name : default
File : C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\k2e0147e.default\prefs.js

C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\k2e0147e.default\user.js ... Deleted !

Deleted : user_pref("CT2269050..clientLogIsEnabled", false);
Deleted : user_pref("CT2269050..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2269050..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2269050.CTID", "CT2269050");
Deleted : user_pref("CT2269050.CurrentServerDate", "2-2-2011");
Deleted : user_pref("CT2269050.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2269050.DialogsGetterLastCheckTime", "Mon Jan 17 2011 17:41:52 GMT+0100");
Deleted : user_pref("CT2269050.DownloadReferralCookieData", "");
Deleted : user_pref("CT2269050.EMailNotifierPollDate", "Wed Feb 02 2011 16:39:51 GMT+0100");
Deleted : user_pref("CT2269050.FirstServerDate", "14-1-2011");
Deleted : user_pref("CT2269050.FirstTime", true);
Deleted : user_pref("CT2269050.FirstTimeFF3", true);
Deleted : user_pref("CT2269050.FirstTimeSettingsDone", true);
Deleted : user_pref("CT2269050.FixPageNotFoundErrors", true);
Deleted : user_pref("CT2269050.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2269050.Initialize", true);
Deleted : user_pref("CT2269050.InitializeCommonPrefs", true);
Deleted : user_pref("CT2269050.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2269050.InstallationType", "UnknownIntegration");
Deleted : user_pref("CT2269050.InstalledDate", "Fri Jan 14 2011 01:51:53 GMT+0100");
Deleted : user_pref("CT2269050.InvalidateCache", false);
Deleted : user_pref("CT2269050.IsGrouping", false);
Deleted : user_pref("CT2269050.IsMulticommunity", false);
Deleted : user_pref("CT2269050.IsOpenThankYouPage", false);
Deleted : user_pref("CT2269050.IsOpenUninstallPage", false);
Deleted : user_pref("CT2269050.LanguagePackLastCheckTime", "Wed Feb 02 2011 15:53:44 GMT+0100");
Deleted : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2269050.LastLogin_2.7.2.0", "Mon Jan 17 2011 17:35:35 GMT+0100");
Deleted : user_pref("CT2269050.LastLogin_3.3.0.19", "Wed Feb 02 2011 13:53:26 GMT+0100");
Deleted : user_pref("CT2269050.LatestVersion", "3.2.5.2");
Deleted : user_pref("CT2269050.Locale", "en");
Deleted : user_pref("CT2269050.LoginCache", 4);
Deleted : user_pref("CT2269050.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2269050.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2269050.RadioIsPodcast", false);
Deleted : user_pref("CT2269050.RadioLastCheckTime", "Wed Feb 02 2011 15:53:45 GMT+0100");
Deleted : user_pref("CT2269050.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2269050.RadioLastUpdateServer", "129132338014870000");
Deleted : user_pref("CT2269050.RadioMediaID", "12473383");
Deleted : user_pref("CT2269050.RadioMediaType", "Media Player");
Deleted : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383");
Deleted : user_pref("CT2269050.RadioStationName", "Hotmix%20108");
Deleted : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082");
Deleted : user_pref("CT2269050.SavedHomepage", "resource:/browserconfig.properties");
Deleted : user_pref("CT2269050.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Deleted : user_pref("CT2269050.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...]
Deleted : user_pref("CT2269050.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Wed Feb 02 2011 16:23:55 GMT+0100");
Deleted : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2269050.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2269050.ServiceMapLastCheckTime", "Mon Jan 17 2011 17:41:50 GMT+0100");
Deleted : user_pref("CT2269050.SettingsCheckIntervalMin", 120);
Deleted : user_pref("CT2269050.SettingsLastCheckTime", "Wed Feb 02 2011 15:53:44 GMT+0100");
Deleted : user_pref("CT2269050.SettingsLastUpdate", "1295944639");
Deleted : user_pref("CT2269050.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Fri Jan 14 2011 01:51:53 GMT+0100");
Deleted : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1246790578");
Deleted : user_pref("CT2269050.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Deleted : user_pref("CT2269050.UserID", "UN95046575257571699");
Deleted : user_pref("CT2269050.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2269050.WeatherNetwork", "");
Deleted : user_pref("CT2269050.WeatherPollDate", "Wed Feb 02 2011 16:23:56 GMT+0100");
Deleted : user_pref("CT2269050.WeatherUnit", "C");
Deleted : user_pref("CT2269050.alertChannelId", "666138");
Deleted : user_pref("CT2269050.backendstorage.youtubelang", "4445");
Deleted : user_pref("CT2269050.clientLogIsEnabled", false);
Deleted : user_pref("CT2269050.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Deleted : user_pref("CT2269050.globalFirstTimeInfoLastCheckTime", "Mon Jan 31 2011 17:41:53 GMT+0100");
Deleted : user_pref("CT2269050.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2269050.myStuffEnabled", true);
Deleted : user_pref("CT2269050.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2269050.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2269050.toolbarAppMetaDataLastCheckTime", "Wed Feb 02 2011 16:23:55 GMT+0100");
Deleted : user_pref("CT2269050.toolbarContextMenuLastCheckTime", "Mon Jan 17 2011 17:41:52 GMT+0100");
Deleted : user_pref("CT2269050.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Deleted : user_pref("CT2903601..clientLogIsEnabled", true);
Deleted : user_pref("CT2903601..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Deleted : user_pref("CT2903601..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Deleted : user_pref("CT2903601.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Deleted : user_pref("CT2903601.AppTrackingLastCheckTime", "Wed Feb 02 2011 13:53:36 GMT+0100");
Deleted : user_pref("CT2903601.CT2903601", "CT2903601");
Deleted : user_pref("CT2903601.CurrentServerDate", "2-2-2011");
Deleted : user_pref("CT2903601.DialogsAlignMode", "LTR");
Deleted : user_pref("CT2903601.DialogsGetterLastCheckTime", "Mon Jan 17 2011 17:41:52 GMT+0100");
Deleted : user_pref("CT2903601.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Bann[...]
Deleted : user_pref("CT2903601.ExternalComponentPollDate129390375723768938", "Wed Feb 02 2011 16:40:32 GMT+010[...]
Deleted : user_pref("CT2903601.FirstServerDate", "17-1-2011");
Deleted : user_pref("CT2903601.FirstTime", true);
Deleted : user_pref("CT2903601.FirstTimeFF3", true);
Deleted : user_pref("CT2903601.FixPageNotFoundErrors", false);
Deleted : user_pref("CT2903601.GroupingServerCheckInterval", 1440);
Deleted : user_pref("CT2903601.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Deleted : user_pref("CT2903601.HasUserGlobalKeys", true);
Deleted : user_pref("CT2903601.Initialize", true);
Deleted : user_pref("CT2903601.InitializeCommonPrefs", true);
Deleted : user_pref("CT2903601.InstallationAndCookieDataSentCount", 3);
Deleted : user_pref("CT2903601.InstalledDate", "Mon Jan 17 2011 17:41:54 GMT+0100");
Deleted : user_pref("CT2903601.InvalidateCache", false);
Deleted : user_pref("CT2903601.IsGrouping", false);
Deleted : user_pref("CT2903601.IsMulticommunity", false);
Deleted : user_pref("CT2903601.IsOpenThankYouPage", true);
Deleted : user_pref("CT2903601.IsOpenUninstallPage", true);
Deleted : user_pref("CT2903601.LanguagePackLastCheckTime", "Wed Feb 02 2011 15:53:45 GMT+0100");
Deleted : user_pref("CT2903601.LanguagePackReloadIntervalMM", 1440);
Deleted : user_pref("CT2903601.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Deleted : user_pref("CT2903601.LastLogin_3.3.0.19", "Wed Feb 02 2011 13:53:26 GMT+0100");
Deleted : user_pref("CT2903601.LatestVersion", "3.2.5.2");
Deleted : user_pref("CT2903601.Locale", "en");
Deleted : user_pref("CT2903601.MCDetectTooltipHeight", "83");
Deleted : user_pref("CT2903601.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Deleted : user_pref("CT2903601.MCDetectTooltipWidth", "295");
Deleted : user_pref("CT2903601.RadioIsPodcast", false);
Deleted : user_pref("CT2903601.RadioLastCheckTime", "Tue Feb 01 2011 17:09:47 GMT+0100");
Deleted : user_pref("CT2903601.RadioLastUpdateIPServer", "3");
Deleted : user_pref("CT2903601.RadioLastUpdateServer", "129400399067100000");
Deleted : user_pref("CT2903601.RadioMediaID", "21753332");
Deleted : user_pref("CT2903601.RadioMediaType", "Media Player");
Deleted : user_pref("CT2903601.RadioMenuSelectedID", "EBRadioMenu_CT2903601_RECENT21753332");
Deleted : user_pref("CT2903601.RadioStationName", "California%20Rock%20-%20Rock");
Deleted : user_pref("CT2903601.RadioStationURL", "hxxp://www.feedlive.net/california.asx");
Deleted : user_pref("CT2903601.SHRINK_TOOLBAR", 1);
Deleted : user_pref("CT2903601.SavedHomepage", "hxxp://www.google.de");
Deleted : user_pref("CT2903601.SearchFromAddressBarIsInit", true);
Deleted : user_pref("CT2903601.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT290[...]
Deleted : user_pref("CT2903601.SearchInNewTabEnabled", true);
Deleted : user_pref("CT2903601.SearchInNewTabIntervalMM", 1440);
Deleted : user_pref("CT2903601.SearchInNewTabLastCheckTime", "Wed Feb 02 2011 16:23:55 GMT+0100");
Deleted : user_pref("CT2903601.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Deleted : user_pref("CT2903601.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Deleted : user_pref("CT2903601.ServiceMapLastCheckTime", "Wed Feb 02 2011 16:23:55 GMT+0100");
Deleted : user_pref("CT2903601.SettingsLastCheckTime", "Wed Feb 02 2011 15:53:44 GMT+0100");
Deleted : user_pref("CT2903601.SettingsLastUpdate", "1296660280");
Deleted : user_pref("CT2903601.ThirdPartyComponentsInterval", 504);
Deleted : user_pref("CT2903601.ThirdPartyComponentsLastCheck", "Mon Jan 17 2011 17:41:50 GMT+0100");
Deleted : user_pref("CT2903601.ThirdPartyComponentsLastUpdate", "1246790578");
Deleted : user_pref("CT2903601.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Deleted : user_pref("CT2903601.UserID", "UN61791233533363634");
Deleted : user_pref("CT2903601.ValidationData_Toolbar", 2);
Deleted : user_pref("CT2903601.WeatherNetwork", "");
Deleted : user_pref("CT2903601.WeatherPollDate", "Wed Feb 02 2011 16:23:56 GMT+0100");
Deleted : user_pref("CT2903601.WeatherUnit", "C");
Deleted : user_pref("CT2903601.alertChannelId", "1295532");
Deleted : user_pref("CT2903601.approveUntrustedApps", true);
Deleted : user_pref("CT2903601.backendstorage._fb_dailyactivity", "31323936353837353433373636");
Deleted : user_pref("CT2903601.backendstorage._fb_lifetimesent", "54525545");
Deleted : user_pref("CT2903601.backendstorage.dob_dailyactivity", "31323936363538353639393839");
Deleted : user_pref("CT2903601.backendstorage.dob_lifetimesent", "54525545");
Deleted : user_pref("CT2903601.backendstorage.dob_login_status", "4C4F474745445F4F4646");
Deleted : user_pref("CT2903601.globalFirstTimeInfoLastCheckTime", "Mon Jan 31 2011 17:41:54 GMT+0100");
Deleted : user_pref("CT2903601.isAppTrackingManagerOn", true);
Deleted : user_pref("CT2903601.myStuffEnabled", true);
Deleted : user_pref("CT2903601.myStuffPublihserMinWidth", 400);
Deleted : user_pref("CT2903601.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Deleted : user_pref("CT2903601.myStuffServiceIntervalMM", 1440);
Deleted : user_pref("CT2903601.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Deleted : user_pref("CT2903601.oldAppsList", "129390375722206387,129390375723768937,129390375723768938,1000082[...]
Deleted : user_pref("CT2903601.testingCtid", "");
Deleted : user_pref("CT2903601.toolbarAppMetaDataLastCheckTime", "Wed Feb 02 2011 16:23:55 GMT+0100");
Deleted : user_pref("CT2903601.toolbarContextMenuLastCheckTime", "Mon Jan 17 2011 17:41:54 GMT+0100");
Deleted : user_pref("CT2903601.usagesFlag", 2);
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1295532/1291203/DE", "\"0\"[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"")[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2269050", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2903601", [...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.engine.conduit-services.com/DLG.pkg?ver=3.3.0[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=2.7.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.3.[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2903601",[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63428984078257[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/20[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2269050/CT2269050[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2903601/CT2903601[...]
Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"634[...]
Deleted : user_pref("CommunityToolbar.EngineOwner", "CT2903601");
Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{e84cc2c1-b722-48fc-a39c-edb8b525c777}");
Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "productivity_2.2");
Deleted : user_pref("CommunityToolbar.IsEngineShown", true);
Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetPosition. hxxp://storage.conduit.com/gadgets/LiveTV.html?[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetPosition. hxxp://storage.conduit.com/gadgets/LiveTV.html?[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://www.come2play.com/shared/appGame/main2/ga[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetPosition.hxxp://youtube.conduitapps.com/v29/gadget.html?a[...]
Deleted : user_pref("CommunityToolbar.MiniIPageGadgetSize. hxxp://storage.conduit.com/gadgets/LiveTV.html?sour[...]
Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2903601");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{e84cc2c1-b722-48fc-a39c-edb8b525c777}");
Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "productivity_2.2");
Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...]
Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2269050,ConduitEngine,CT2903601");
Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2269050,CT2903601");
Deleted : user_pref("CommunityToolbar.alert.alertEnabled", true);
Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440);
Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Wed Feb 02 2011 16:24:03 GMT+0100");
Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Feb 02 2011 16:23:55 GMT+0100");
Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291052234");
Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Deleted : user_pref("CommunityToolbar.alert.userId", "5f6f4df7-d516-4264-8633-0162a57b04c0");
Deleted : user_pref("CommunityToolbar.globalUserId", "3a47f72e-c9f6-4607-8f05-9d92901073cd");
Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2903601");
Deleted : user_pref("ConduitEngine.AppTrackingLastCheckTime", "Wed Feb 02 2011 13:53:36 GMT+0100");
Deleted : user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Tue Feb 01 2011 21:17:44 GMT+0100");
Deleted : user_pref("ConduitEngine.FirstServerDate", "01/17/2011 19");
Deleted : user_pref("ConduitEngine.FirstTime", true);
Deleted : user_pref("ConduitEngine.FirstTimeFF3", true);
Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Deleted : user_pref("ConduitEngine.HideEngineAfterRestart", true);
Deleted : user_pref("ConduitEngine.Initialize", true);
Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Deleted : user_pref("ConduitEngine.InstalledDate", "Mon Jan 17 2011 17:41:51 GMT+0100");
Deleted : user_pref("ConduitEngine.IsMulticommunity", false);
Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Wed Feb 02 2011 16:23:56 GMT+0100");
Deleted : user_pref("ConduitEngine.LastLogin_3.3.0.19", "Wed Feb 02 2011 15:53:47 GMT+0100");
Deleted : user_pref("ConduitEngine.PublisherContainerWidth", 0);
Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Wed Feb 02 2011 15:53:46 GMT+0100");
Deleted : user_pref("ConduitEngine.UserID", "UN49933431150484639");
Deleted : user_pref("ConduitEngine.approveUntrustedApps", false);
Deleted : user_pref("ConduitEngine.engineLocale", "de");
Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Wed Feb 02 2011 16:23:56 GMT+0100");
Deleted : user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Mon Jan 31 2011 17:41:51 GMT+0100");
Deleted : user_pref("ConduitEngine.initDone", true);
Deleted : user_pref("ConduitEngine.isAppTrackingManagerOn", true);
Deleted : user_pref("aol_toolbar.surf.date", "11");
Deleted : user_pref("aol_toolbar.surf.lastDate", "13");
Deleted : user_pref("aol_toolbar.surf.lastMonth", "9");
Deleted : user_pref("aol_toolbar.surf.lastYear", "2011");
Deleted : user_pref("aol_toolbar.surf.month", "11");
Deleted : user_pref("aol_toolbar.surf.prevMonth", "0");
Deleted : user_pref("aol_toolbar.surf.total", "11");
Deleted : user_pref("aol_toolbar.surf.week", "11");
Deleted : user_pref("aol_toolbar.surf.year", "11");
Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Deleted : user_pref("browser.search.defaultenginename", "AOL Web Search");
Deleted : user_pref("browser.search.defaultthis.engineName", "Productivity 2.2 Customized Web Search");
Deleted : user_pref("browser.search.defaulturl", "hxxp://search.winamp.com/search/search?query={searchTerms}&i[...]
Deleted : user_pref("extensions.engine@conduit.com.install-event-fired", true);
Deleted : user_pref("extensions.facemoods.aflt", "_#gppc");
Deleted : user_pref("extensions.facemoods.firstRun", false);
Deleted : user_pref("extensions.facemoods.lastActv", "5");
Deleted : user_pref("keyword.URL", "hxxp://slirsredirect.search.aol.com/redirector/sredir?sredir=2685&invocati[...]

Profile name : default
File : C:\Users\Internet\AppData\Roaming\Mozilla\Firefox\Profiles\lhchf2ii.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v20.0.1132.47

File : C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Preferences

Deleted :      "homepage": "hxxp://search.babylon.com/?affID=111304&tt=290312_29&babsrc=HP_ss&mntrId=542af25f[...]
Deleted :          "urls_to_restore_on_startup": [ "hxxp://search.babylon.com/?affID=111304&tt=290312_29&babsr[...]
Deleted :      "icon_url": "hxxp://www.daemon-search.com/favicon.ico",
Deleted :      "keyword": "my.daemon-search.com",
Deleted :      "search_url": "hxxp://www.daemon-search.com/search?q={searchTerms}",
Deleted :    "homepage": "hxxp://search.babylon.com/?affID=111304&tt=290312_29&babsrc=HP_ss&mntrId=542af25f000[...]
Deleted :      "urls_to_restore_on_startup": [ "hxxp://search.babylon.com/?affID=111304&tt=290312_29&babsrc=H[...]

*************************

AdwCleaner[R1].txt - [40784 octets] - [10/07/2012 17:01:37]
AdwCleaner[S1].txt - [37299 octets] - [11/07/2012 19:19:03]

########## EOF - C:\AdwCleaner[S1].txt - [37428 octets] ##########
Gruß Christian

cosinus 12.07.2012 09:42
Mach bitte ein neues OTL-Log. Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Wird so gemacht:

[code] hier steht das Log [/code]

Und das ganze sieht dann so aus:

Code:
hier steht das Log
CustomScan mit OTL

Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
Code:
netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMDRIVE%\*.exe
/md5start
wininit.exe
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
CREATERESTOREPOINT

ChrissCross6 12.07.2012 12:28
Hey,
hab den OTL Scan gemacht hier der Log:

Code:
OTL logfile created on: 12.07.2012 12:58:13 - Run 3
OTL by OldTimer - Version 3.2.54.0    Folder = C:\Users\Home\Downloads
64bit- Home Premium Edition  (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,68 Gb Total Physical Memory | 2,18 Gb Available Physical Memory | 59,23% Memory free
7,35 Gb Paging File | 5,24 Gb Available in Paging File | 71,29% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 226,39 Gb Total Space | 74,11 Gb Free Space | 32,74% Space Free | Partition Type: NTFS
Drive G: | 7,66 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
 
Computer Name: HOME-PC | User Name: Home | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.07.12 12:39:54 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Home\Downloads\OTL(1).exe
PRC - [2012.06.19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.05.26 06:32:24 | 004,327,744 | ---- | M] (Akamai Technologies, Inc) -- C:\Users\Home\AppData\Local\Akamai\netsession_win.exe
PRC - [2012.05.21 17:46:03 | 000,107,832 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2012.05.21 17:45:47 | 000,066,872 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.05.08 13:35:09 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.05.08 13:35:08 | 000,348,624 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2012.05.08 13:35:08 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
PRC - [2012.04.04 15:56:38 | 000,462,408 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
PRC - [2012.02.10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE
PRC - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2010.04.23 18:46:32 | 000,124,136 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe
PRC - [2010.04.17 07:57:08 | 000,349,552 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
PRC - [2010.03.23 14:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2010.03.11 07:11:56 | 000,407,920 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
PRC - [2010.03.11 07:11:42 | 000,201,584 | ---- | M] (Egis Technology Inc.) -- C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
PRC - [2010.03.09 01:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2010.03.09 01:56:38 | 000,260,608 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
PRC - [2010.03.04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2010.03.04 05:16:04 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
PRC - [2010.03.03 15:21:16 | 001,300,560 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010.03.03 15:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010.03.03 15:21:16 | 000,297,040 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010.02.09 20:57:46 | 000,704,032 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
PRC - [2010.01.30 01:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
PRC - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2010.01.13 10:47:44 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
PRC - [2010.01.08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2009.09.30 19:34:22 | 002,314,240 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2009.09.30 19:33:08 | 000,262,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.06.14 15:36:52 | 012,433,920 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\009c50fb69919b90fb233cb4c35d0ad7\System.Windows.Forms.ni.dll
MOD - [2012.06.14 15:36:42 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\ebefde27b0ef7f39bb49c493b34a602c\System.Drawing.ni.dll
MOD - [2012.05.11 10:44:17 | 000,452,608 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\5e8f8f2c9fc237166053716f39f5ea67\IAStorUtil.ni.dll
MOD - [2012.05.10 15:00:59 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\0c00b1a8336dd4c1bd1ebce7780f20b4\System.Runtime.Remoting.ni.dll
MOD - [2012.05.10 15:00:02 | 003,325,952 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\b68fdf2c95b93fc5006a092c11eed07c\WindowsBase.ni.dll
MOD - [2012.05.10 14:59:55 | 005,453,312 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\5c85c9c42e1b8a8760de82ecb4c7d582\System.Xml.ni.dll
MOD - [2012.05.10 14:59:51 | 000,971,264 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cb079eab134fd1a752ad91db13274110\System.Configuration.ni.dll
MOD - [2012.05.10 14:59:50 | 007,952,384 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\2ebb3c259eab50af565e3a8dba6ad20e\System.ni.dll
MOD - [2012.05.10 14:59:44 | 011,490,816 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\5858678a79aae31262b0214424245d06\mscorlib.ni.dll
MOD - [2010.05.29 07:32:01 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.05.29 07:31:58 | 000,032,768 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll
MOD - [2010.03.09 02:18:10 | 000,465,576 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
MOD - [2010.01.13 10:47:44 | 000,206,208 | ---- | M] () -- C:\Windows\PLFSetI.exe
MOD - [2009.05.20 08:02:04 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll
 
 
========== Win32 Services (SafeList) ==========
 
SRV:64bit: - [2010.04.21 01:34:40 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.07.11 22:34:24 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.07.10 22:58:47 | 004,419,392 | ---- | M] () [Auto | Running] -- c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll -- (Akamai)
SRV - [2012.06.27 12:29:24 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.06.19 17:32:30 | 003,048,136 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.06.15 00:17:46 | 000,113,120 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.06.05 15:17:44 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.21 17:46:03 | 000,107,832 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2012.05.21 17:45:47 | 000,066,872 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.05.20 13:54:38 | 000,529,232 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.05.08 13:35:09 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.05.08 13:35:08 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.04.04 15:56:40 | 000,654,408 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.02.10 11:28:06 | 000,240,408 | ---- | M] (Microsoft Corporation.) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.EXE -- (BBUpdate)
SRV - [2012.02.10 11:28:06 | 000,193,816 | ---- | M] (Microsoft Corporation.) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.EXE -- (BBSvc)
SRV - [2012.01.03 15:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.09.22 21:07:34 | 058,345,832 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe -- (MSSQL$SQLEXPRESS) SQL Server (SQLEXPRESS)
SRV - [2011.09.22 21:07:34 | 000,154,984 | ---- | M] (Microsoft Corporation) [Auto | Running] -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe -- (SQLWriter)
SRV - [2011.09.22 21:06:04 | 000,431,464 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Programme\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE -- (SQLAgent$SQLEXPRESS) SQL Server-Agent (SQLEXPRESS)
SRV - [2011.03.28 22:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.12.07 22:21:09 | 003,988,144 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2010.09.22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV - [2010.04.23 10:46:04 | 000,820,768 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe -- (ePowerSvc)
SRV - [2010.04.22 19:39:54 | 000,171,040 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Optical Drive Power Management\ODDPWRSvc.exe -- (ODDPwrSvc)
SRV - [2010.04.17 07:56:48 | 000,305,520 | ---- | M] (Egis Technology Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010.03.26 11:46:48 | 000,920,352 | ---- | M] (Broadcom Corporation.) [Auto | Running] -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV - [2010.03.23 14:19:32 | 001,528,616 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.09 01:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010.03.04 05:16:06 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) Intel(R)
SRV - [2010.03.03 15:21:16 | 000,325,200 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010.01.30 01:52:58 | 000,260,640 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe -- (RS_Service)
SRV - [2010.01.29 01:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2010.01.08 15:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009.09.30 19:34:22 | 002,314,240 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) Intel(R)
SRV - [2009.09.30 19:33:08 | 000,262,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) Intel(R)
SRV - [2009.07.21 02:42:38 | 000,061,976 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- c:\Programme\Microsoft SQL Server\100\Shared\sqladhlp.exe -- (MSSQLServerADHelper100)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - File not found [Kernel | On_Demand | Stopped] -- C:\Program Files\eFusion\BlackShot\system\GameGuard\dump_wmimmc.sys -- (dump_wmimmc)
DRV:64bit: - [2012.05.08 13:35:09 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.05.08 13:35:09 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.04.04 15:56:40 | 000,024,904 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.03.08 18:40:52 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2012.03.01 08:54:38 | 000,022,896 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.12.15 16:00:00 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2011.09.22 21:01:54 | 000,311,144 | ---- | M] (Microsoft Corporation) [File_System | Disabled | Stopped] -- C:\Windows\SysNative\drivers\RsFx0105.sys -- (RsFx0105)
DRV:64bit: - [2011.08.22 23:14:57 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.06.17 14:04:46 | 000,088,480 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)
DRV:64bit: - [2011.06.17 14:04:43 | 000,046,400 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)
DRV:64bit: - [2011.03.11 08:22:41 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:22:40 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.19 12:39:00 | 000,107,096 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Mkd2Nadr.sys -- (Mkd2Nadr)
DRV:64bit: - [2010.09.13 07:01:00 | 000,182,872 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mkd3kfnt.sys -- (Mkd3kfNt)
DRV:64bit: - [2010.04.21 03:15:04 | 006,406,144 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.04.21 00:39:36 | 000,188,928 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2010.04.21 00:08:04 | 010,322,848 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdpmd64.sys -- (intelkmd)
DRV:64bit: - [2010.04.07 22:12:02 | 000,124,944 | ---- | M] (ATI Technologies, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService)
DRV:64bit: - [2010.04.07 04:04:22 | 002,216,960 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010.04.01 10:18:30 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010.03.23 14:29:46 | 000,304,784 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV:64bit: - [2010.03.11 14:17:42 | 000,316,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2010.03.08 04:37:00 | 000,097,368 | ---- | M] (AhnLab, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Mkd2BthF.sys -- (Mkd2Bthf)
DRV:64bit: - [2010.03.05 12:04:08 | 000,335,400 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (btwampfl)
DRV:64bit: - [2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010.03.01 17:37:40 | 000,039,464 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2010.02.14 22:05:12 | 000,102,440 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2010.02.10 09:02:00 | 000,158,720 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Impcd.sys -- (Impcd)
DRV:64bit: - [2010.02.08 09:32:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA)
DRV:64bit: - [2010.01.13 17:41:12 | 000,135,720 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2010.01.13 17:41:06 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2009.12.22 03:18:48 | 000,074,280 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2009.09.17 12:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64) Intel(R)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:47:48 | 000,077,888 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.03 04:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009.06.03 04:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009.06.03 04:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009.05.26 15:32:38 | 000,040,448 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009.05.05 10:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.05.05 10:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2009.03.18 18:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2008.11.16 19:39:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005.01.03 17:43:08 | 000,004,682 | ---- | M] (INCA Internet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\npptNT2.sys -- (NPPTNT2)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5820tg&r=27360111t516l0453z115t6611k53o
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5820tg&r=27360111t516l0453z115t6611k53o
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5820tg&r=27360111t516l0453z115t6611k53o
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5820tg&r=27360111t516l0453z115t6611k53o
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-907013825-1055173690-614559143-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5820tg&r=27360111t516l0453z115t6611k53o
IE - HKU\S-1-5-21-907013825-1055173690-614559143-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.com
IE - HKU\S-1-5-21-907013825-1055173690-614559143-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-907013825-1055173690-614559143-1001\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKU\S-1-5-21-907013825-1055173690-614559143-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-907013825-1055173690-614559143-1001\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de
IE - HKU\S-1-5-21-907013825-1055173690-614559143-1001\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW_deDE414
IE - HKU\S-1-5-21-907013825-1055173690-614559143-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-907013825-1055173690-614559143-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..network.proxy.http: "200.105.225.45"
FF - prefs.js..network.proxy.http_port: 8080
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@ahnlab.com/asp/npaosmgr.1: C:\Program Files (x86)\AhnLab\ASP\Components\aosmgr\npaosmgr.dll (AhnLab, Inc.)
FF - HKLM\Software\MozillaPlugins\@ahnlab.com/asp/npmkd25sp: C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll (AhnLab, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.0.198: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.0.198: c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@ahnlab.com/asp/npmkd25sp: C:\Program Files (x86)\AhnLab\ASP\MyKeyDefense 2.5\npmkd25sp.dll (AhnLab, Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.02.20 00:33:55 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011.06.14 20:50:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{6904342A-8307-11DF-A508-4AE2DFD72085}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011.06.14 20:50:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.19 13:55:10 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.07.11 19:19:23 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\finder@meingutscheincode.de: C:\Program Files (x86)\Mein Gutscheincode Finder\Firefox
 
[2012.06.19 13:55:29 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\Extensions
[2012.07.11 19:19:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Home\AppData\Roaming\mozilla\Firefox\Profiles\k2e0147e.default\extensions
[2012.06.19 13:56:12 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Home\AppData\Roaming\mozilla\Firefox\Profiles\k2e0147e.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011.08.22 23:14:28 | 000,002,055 | ---- | M] () -- C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\k2e0147e.default\searchplugins\daemon-search.xml
[2012.06.19 13:55:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012.07.03 17:44:37 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.06.15 00:19:07 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.01.30 14:12:34 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.06.15 00:46:57 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.15 00:46:56 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.06.15 00:46:57 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.06.15 00:46:57 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.06.15 00:46:57 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.06.15 00:46:56 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: DAEMON Search (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Google Gears 0.5.33.0 (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gears.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
CHR - plugin: Windows Live Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: DivX HiQ = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae\2.1.1.94_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: No name found = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.1.94_0\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Mein Gutscheincode Finder zeigt automatisch Shopping-Gutscheine an mit denen Sie beim Online-Einkauf sparen können.) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Program Files (x86)\Mein Gutscheincode Finder\Internet Explorer\x64\ConversionOneIE.dll File not found
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2 - BHO: (Mein Gutscheincode Finder zeigt automatisch Shopping-Gutscheine an mit denen Sie beim Online-Einkauf sparen können.) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Program Files (x86)\Mein Gutscheincode Finder\Internet Explorer\x86\ConversionOneIE.dll File not found
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (DivX HiQ) - {593DDEC6-7468-4cdd-90E1-42DADAA222E9} - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-907013825-1055173690-614559143-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [ODDPwr] C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ArcadeMovieService] C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe (CyberLink Corp.)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [Malwarebytes' Anti-Malware] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [MDS_Menu] C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-907013825-1055173690-614559143-1001..\Run: [Akamai NetSession Interface] C:\Users\Home\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)
O4 - HKU\S-1-5-21-907013825-1055173690-614559143-1001..\Run: [NVIDIA driver monitor] c:\windows\nvsvc32.exe File not found
O4 - HKU\S-1-5-21-907013825-1055173690-614559143-1001..\Run: [Steam] A:\Spiele\Steam\steam.exe (Valve Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Home\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Home\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Home\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Home\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {063F7D71-5E0B-48F2-87D5-F63C5917947E} hxxp://ahnlabdownload.nefficient.co.kr/aos/plugin/aosmgr.cab (Aosmgr Control)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files%20(x86)/Plants%20vs.%20Zombies%20-%20Game%20of%20the%20Year%20Edition/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files%20(x86)/Plants%20vs.%20Zombies%20-%20Game%20of%20the%20Year%20Edition/Images/armhelper.ocx (ArmHelper Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CBFF7C8E-01AF-47B5-A4F6-A6D5F88C8B31}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\saphtmlp - No CLSID value found
O18:64bit: - Protocol\Handler\sapr3 - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\saphtmlp {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP, Walldorf)
O18 - Protocol\Handler\sapr3 {D1F8BD1E-7967-11D2-B43A-006094B9EADB} - c:\Program Files (x86)\SAP\FrontEnd\SAPgui\SAPHTMLP.DLL (SAP, Walldorf)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.02.03 00:07:14 | 000,000,058 | -H-- | M] () - G:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{2cc05ff4-cc9c-11e0-9252-c80aa98d5180}\Shell - "" = AutoRun
O33 - MountPoints2\{2cc05ff4-cc9c-11e0-9252-c80aa98d5180}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{9ebd195b-6a90-11df-8a8e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{9ebd195b-6a90-11df-8a8e-806e6f6e6963}\Shell\AutoRun\command - "" = G:\Diablo III Setup.exe -- [2012.02.03 00:07:14 | 001,856,592 | ---- | M] (Blizzard Entertainment)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
 
MsConfig:64bit - StartUpReg: avast5 - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: DivXUpdate - hkey= - key= - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MsConfig:64bit - StartUpReg: facemoods - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
MsConfig:64bit - StartUpReg: TkBellExe - hkey= - key= - c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
MsConfig:64bit - StartUpReg: WinampAgent - hkey= - key= -  File not found
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: MCODS - Reg Error: Value error.
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MCODS - Reg Error: Value error.
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: MCODS - Reg Error: Value error.
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: HelpSvc - Service
SafeBootNet: MCODS - Reg Error: Value error.
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: VIDC.XFR1 - C:\Windows\SysWow64\xfcodec.dll ()
Drivers32: vidc.yv12 - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.07.07 17:29:54 | 000,000,000 | ---D | C] -- C:\Users\Home\Documents\Red Alert 3
[2012.07.07 17:25:10 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Red Alert 3
[2012.07.06 17:17:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ESET
[2012.07.04 15:53:06 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Malwarebytes
[2012.07.04 15:51:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.07.04 15:51:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.07.04 15:51:05 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.07.04 15:51:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.06.28 13:22:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2012.06.28 13:22:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2012.06.23 17:01:16 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\dxhr
[2012.06.23 17:00:25 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\28050
[2012.06.19 13:55:18 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Roaming\Mozilla
[2012.06.19 13:51:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup
[2012.06.19 13:51:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MozBackup
[2012.06.18 12:25:35 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\Macromedia
[2011.12.08 14:42:42 | 003,539,040 | ---- | C] (AVAST Software) -- C:\Program Files\Alwil Softw
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.07.12 13:07:05 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.12 12:34:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.07.12 12:20:39 | 000,024,024 | ---- | M] () -- C:\Users\Home\Desktop\Notenspiegel.pdf
[2012.07.12 12:08:13 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.12 12:08:13 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.12 12:01:22 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.12 12:00:11 | 000,450,560 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.07.12 12:00:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.12 11:58:56 | 2962,243,584 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.12 00:29:55 | 000,000,040 | ---- | M] () -- C:\ProgramData\ra3.ini
[2012.07.11 10:03:14 | 001,828,946 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.07.11 10:03:14 | 000,773,738 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.07.11 10:03:14 | 000,727,316 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.07.11 10:03:14 | 000,178,388 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.07.11 10:03:14 | 000,150,596 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.07.08 12:20:14 | 000,056,073 | ---- | M] () -- C:\Users\Home\Desktop\Management Tools Aufsatz Robert.pdf
[2012.07.05 20:09:33 | 000,169,635 | ---- | M] () -- C:\Users\Home\Desktop\lessons_learnt.pdf
[2012.07.04 17:29:39 | 000,035,524 | ---- | M] () -- C:\Users\Home\Desktop\error.png
[2012.07.04 17:15:37 | 000,125,975 | ---- | M] () -- C:\Users\Home\Desktop\malware4.png
[2012.07.04 15:51:06 | 000,001,073 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.03 22:31:32 | 000,041,528 | ---- | M] () -- C:\Users\Home\Desktop\OTL_Extras.rar
[2012.07.03 21:28:55 | 000,000,000 | ---- | M] () -- C:\Users\Home\defogger_reenable
[2012.07.03 17:44:22 | 004,503,728 | ---- | M] () -- C:\ProgramData\nud0repor.pad
[2012.07.03 17:43:12 | 000,001,885 | ---- | M] () -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.06.29 12:47:26 | 000,007,225 | ---- | M] () -- C:\Users\Home\Desktop\100-Punkte-Skala.png
[2012.06.24 21:32:32 | 000,001,024 | RH-- | M] () -- C:\Users\Public\Documents\NTILiveUpdate.dll
[2012.06.19 13:55:11 | 000,001,094 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.06.19 13:51:42 | 002,768,250 | ---- | M] () -- C:\Users\Home\Documents\Firefox 13.0.1 (de) - 2012-06-19.pcv
[3 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.07.12 12:20:39 | 000,024,024 | ---- | C] () -- C:\Users\Home\Desktop\Notenspiegel.pdf
[2012.07.12 00:29:55 | 000,000,040 | ---- | C] () -- C:\ProgramData\ra3.ini
[2012.07.08 12:20:13 | 000,056,073 | ---- | C] () -- C:\Users\Home\Desktop\Management Tools Aufsatz Robert.pdf
[2012.07.05 20:09:33 | 000,169,635 | ---- | C] () -- C:\Users\Home\Desktop\lessons_learnt.pdf
[2012.07.04 17:21:04 | 000,035,524 | ---- | C] () -- C:\Users\Home\Desktop\error.png
[2012.07.04 17:15:37 | 000,125,975 | ---- | C] () -- C:\Users\Home\Desktop\malware4.png
[2012.07.04 15:51:06 | 000,001,073 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.07.03 22:31:32 | 000,041,528 | ---- | C] () -- C:\Users\Home\Desktop\OTL_Extras.rar
[2012.07.03 21:28:55 | 000,000,000 | ---- | C] () -- C:\Users\Home\defogger_reenable
[2012.07.03 17:43:12 | 004,503,728 | ---- | C] () -- C:\ProgramData\nud0repor.pad
[2012.07.03 17:43:12 | 000,001,885 | ---- | C] () -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
[2012.06.29 12:47:26 | 000,007,225 | ---- | C] () -- C:\Users\Home\Desktop\100-Punkte-Skala.png
[2012.06.19 13:55:11 | 000,001,106 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2012.06.19 13:55:11 | 000,001,094 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2012.06.19 13:51:34 | 002,768,250 | ---- | C] () -- C:\Users\Home\Documents\Firefox 13.0.1 (de) - 2012-06-19.pcv
[2012.06.19 11:43:23 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.05.28 10:37:43 | 000,007,605 | ---- | C] () -- C:\Users\Home\AppData\Local\Resmon.ResmonCfg
[2012.05.03 04:54:46 | 000,042,392 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2012.03.30 19:48:50 | 000,000,152 | ---- | C] () -- C:\Windows\wininit.ini
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.07.04 17:24:00 | 002,434,856 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_bc2.exe
[2011.05.24 23:44:26 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
[2011.05.20 10:59:09 | 000,000,000 | ---- | C] () -- C:\Users\Home\AppData\Local\{6DB3E144-DF23-4CD2-A2B7-DC468319DB2B}
[2011.05.01 22:28:45 | 000,005,120 | ---- | C] () -- C:\Windows\SysWow64\godlike.dat
[2011.02.26 14:57:24 | 000,187,699 | ---- | C] () -- C:\Windows\Kino Mogul Uninstaller.exe
[2011.02.17 14:02:20 | 000,000,092 | ---- | C] () -- C:\Users\Home\AppData\Local\fusioncache.dat
[2011.02.16 20:48:50 | 000,004,608 | ---- | C] () -- C:\Users\Home\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.02.16 18:59:51 | 001,806,840 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.02.16 18:58:14 | 000,107,832 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.02.16 18:58:13 | 002,250,024 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.02.16 18:58:13 | 000,066,872 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.02.06 16:52:19 | 000,065,536 | ---- | C] () -- C:\Windows\IFinst27.exe
[2011.01.18 14:06:39 | 000,051,200 | ---- | C] () -- C:\Windows\SysWow64\h5tool32.dll
[2011.01.18 14:06:38 | 001,064,960 | ---- | C] () -- C:\Windows\SysWow64\h5krnl32.dll
[2011.01.18 14:06:38 | 000,175,616 | ---- | C] () -- C:\Windows\SysWow64\h5menu32.dll
[2011.01.18 14:06:38 | 000,095,744 | ---- | C] () -- C:\Windows\SysWow64\h5rtf32.dll
[2011.01.18 14:06:37 | 000,188,928 | ---- | C] () -- C:\Windows\SysWow64\h5icon32.dll
[2011.01.15 18:34:20 | 000,000,376 | ---- | C] () -- C:\Users\Home\AppData\Roaming\wklnhst.dat
[2011.01.13 15:44:38 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.01.13 15:35:02 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.05.14 06:57:51 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
 
========== LOP Check ==========
 
[2012.01.31 19:28:03 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\.minecraft
[2011.10.14 14:18:21 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Auslogics
[2011.06.07 16:48:41 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Azgard
[2012.01.28 20:51:08 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\BigHugeEngine
[2011.10.18 16:59:13 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\BitTorrent
[2012.02.01 17:38:56 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\DAEMON Tools Lite
[2012.02.16 12:44:07 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\DVDVideoSoft
[2011.02.16 20:38:04 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.05.15 17:06:37 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\FUEL Demo
[2011.06.01 16:54:12 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\GetRightToGo
[2011.06.19 16:02:29 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\go
[2012.01.21 20:57:28 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\LolClient
[2012.05.24 16:02:45 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\LolClient2
[2011.04.18 16:14:11 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\OOo-dev
[2011.04.18 15:22:05 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\OpenOffice.org
[2011.02.17 16:28:49 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\PlayFirst
[2012.07.07 17:28:42 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Red Alert 3
[2011.02.02 17:35:00 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\SAP
[2011.06.01 13:40:51 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\SpinTop
[2012.03.29 22:16:03 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Subversion
[2011.10.13 14:21:41 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\TeamViewer
[2011.01.16 16:34:33 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Template
[2012.06.19 11:38:28 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\TS3Client
[2011.07.17 00:36:06 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\ts3overlay
[2012.05.21 18:31:56 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Ubisoft
[2011.03.15 18:18:45 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Windows Live Writer
[2012.01.04 22:58:51 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Winter Sports 2011
[2011.03.18 19:19:54 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\XRay Engine
[2012.05.14 08:58:13 | 000,032,640 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.01.31 19:28:03 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\.minecraft
[2011.04.16 15:12:37 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Adobe
[2012.01.18 23:08:31 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Apple Computer
[2011.01.13 15:29:07 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\ATI
[2011.10.14 14:18:21 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Auslogics
[2012.01.09 17:50:21 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Avira
[2011.06.07 16:48:41 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Azgard
[2012.01.28 20:51:08 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\BigHugeEngine
[2011.10.18 16:59:13 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\BitTorrent
[2012.02.01 17:38:56 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\DAEMON Tools Lite
[2012.02.02 19:48:34 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\DivX
[2011.06.27 18:45:06 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\dvdcss
[2012.02.16 12:44:07 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\DVDVideoSoft
[2011.02.16 20:38:04 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\DVDVideoSoftIEHelpers
[2011.05.15 17:06:37 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\FUEL Demo
[2011.06.01 16:54:12 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\GetRightToGo
[2011.06.19 16:02:29 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\go
[2011.01.13 15:30:46 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Google
[2011.01.13 15:27:22 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Identities
[2012.01.05 12:19:09 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\InstallShield
[2011.01.13 15:28:04 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Intel Corporation
[2012.01.21 20:57:28 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\LolClient
[2012.05.24 16:02:45 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\LolClient2
[2011.01.13 15:27:54 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Macromedia
[2012.07.04 15:53:06 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Malwarebytes
[2009.07.14 09:44:38 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Media Center Programs
[2012.05.08 18:35:41 | 000,000,000 | --SD | M] -- C:\Users\Home\AppData\Roaming\Microsoft
[2012.06.19 13:55:29 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Mozilla
[2011.04.18 16:14:11 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\OOo-dev
[2011.04.18 15:22:05 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\OpenOffice.org
[2011.02.17 16:28:49 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\PlayFirst
[2011.12.10 13:43:52 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Real
[2012.07.07 17:28:42 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Red Alert 3
[2011.02.02 17:35:00 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\SAP
[2011.02.16 19:04:34 | 000,000,000 | RH-D | M] -- C:\Users\Home\AppData\Roaming\SecuROM
[2012.07.12 12:38:38 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Skype
[2011.05.28 16:02:11 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\skypePM
[2011.06.01 13:40:51 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\SpinTop
[2012.03.29 22:16:03 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Subversion
[2011.10.13 14:21:41 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\TeamViewer
[2011.01.16 16:34:33 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Template
[2012.03.29 22:18:03 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\TortoiseSVN
[2012.06.19 11:38:28 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\TS3Client
[2011.07.17 00:36:06 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\ts3overlay
[2012.05.21 18:31:56 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Ubisoft
[2011.06.27 18:41:59 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\vlc
[2011.03.15 18:18:45 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Windows Live Writer
[2011.10.15 14:25:16 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\WinRAR
[2012.01.04 22:58:51 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Winter Sports 2011
[2012.06.06 20:22:34 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\Xfire
[2011.03.18 19:19:54 | 000,000,000 | ---D | M] -- C:\Users\Home\AppData\Roaming\XRay Engine
 
< %APPDATA%\*.exe /s >
[2011.11.28 11:51:16 | 001,102,574 | ---- | M] () -- C:\Users\Home\AppData\Roaming\.minecraft\texturepacks\MCpatcher-2.2.2.exe
[2011.02.26 16:52:46 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Home\AppData\Roaming\Microsoft\Installer\{B2390904-74BD-48AA-B2CC-6612F8D46379}\ARPPRODUCTICON.exe
[2011.02.26 16:52:46 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Home\AppData\Roaming\Microsoft\Installer\{B2390904-74BD-48AA-B2CC-6612F8D46379}\GameShadow.exe1_0A3DE514292C4EBA987823B82B0B2BA2.exe
[2011.02.26 16:52:46 | 000,045,056 | R--- | M] (InstallShield Software Corp.) -- C:\Users\Home\AppData\Roaming\Microsoft\Installer\{B2390904-74BD-48AA-B2CC-6612F8D46379}\GameShadow.exe_0A3DE514292C4EBA987823B82B0B2BA2.exe
[2011.02.26 16:52:46 | 000,008,854 | R--- | M] () -- C:\Users\Home\AppData\Roaming\Microsoft\Installer\{B2390904-74BD-48AA-B2CC-6612F8D46379}\Uninstall_GameShadow_B239090474BD48AAB2CC6612F8D46379.exe
[2011.02.06 17:21:14 | 263,326,453 | ---- | M] () -- C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ragnarok Online\pRO Installer v3.exe
[2012.07.01 16:29:05 | 000,315,544 | ---- | M] (RealNetworks, Inc.) -- C:\Users\Home\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\9.11\rnupgagent.exe
 
< %SYSTEMDRIVE%\*.exe >
[2007.11.07 08:03:18 | 000,562,688 | ---- | M] (Microsoft Corporation) -- C:\install.exe
 
< MD5 for: AGP440.SYS  >
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_9e6bb86c3b39a3e9\AGP440.sys
[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_1607dee2d861e021\AGP440.sys
 
< MD5 for: ATAPI.SYS  >
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_a69a58a4286f0b22\atapi.sys
[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_392d19c13b3ad543\atapi.sys
 
< MD5 for: CNGAUDIT.DLL  >
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll
[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll
[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll
 
< MD5 for: EVENTLOG.DLL  >
[2009.12.20 00:00:00 | 000,037,520 | ---- | M] (perl.org) MD5=2852D57385C4709EAAE2F9DB01AD3672 -- C:\Users\Home\xampp\perl\site\lib\auto\Win32\EventLog\EventLog.dll
 
< MD5 for: IASTOR.SYS  >
[2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\drivers\iaStor.sys
[2010.03.04 04:51:40 | 000,540,696 | ---- | M] (Intel Corporation) MD5=ABBF174CB394F5C437410A788B7E404A -- C:\Windows\SysNative\DriverStore\FileRepository\iaahci.inf_amd64_neutral_78ebae21a80aa2b4\iaStor.sys
 
< MD5 for: IASTORV.SYS  >
[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys
[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\drivers\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0033117673c16921\iaStorV.sys
[2011.03.11 08:23:00 | 000,410,496 | ---- | M] (Intel Corporation) MD5=B75E45C564E944A2657167D197AB29DA -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16778_none_0b141c81a16e25e6\iaStorV.sys
[2011.03.11 08:25:49 | 000,410,496 | ---- | M] (Intel Corporation) MD5=BFDC9D75698800CFE4D1698BF2750EA2 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.20921_none_0bccc8c8ba6985c1\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_18cccb83b34e1453\iaStorV.sys
[2009.07.14 03:48:04 | 000,410,688 | ---- | M] (Intel Corporation) MD5=D83EFB6FD45DF9D55E9A1AFC63640D50 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7600.16385_none_0b06441fa1790136\iaStorV.sys
 
< MD5 for: NETLOGON.DLL  >
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\SysNative\netlogon.dll
[2009.07.14 03:41:52 | 000,692,736 | ---- | M] (Microsoft Corporation) MD5=956D030D375F207B22FB111E06EF9C35 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_59aca8ea51aaeefe\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\SysWOW64\netlogon.dll
[2009.07.14 03:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_6401533c860bb0f9\netlogon.dll
 
< MD5 for: NVSTOR.SYS  >
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_5bde3fe2945bce9e\nvstor.sys
[2009.07.14 03:45:45 | 000,167,488 | ---- | M] (NVIDIA Corporation) MD5=477DC4D6DEB99BE37084C9AC6D013DA1 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_95cfb4ced8afab0e\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\drivers\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_38e464dbe521cc7f\nvstor.sys
[2011.03.11 08:23:06 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=6C1D5F70E7A6A3FD1C90D840EDC048B9 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_95dd8d30d8a4cfbe\nvstor.sys
[2011.03.11 08:25:53 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=AE274836BA56518E279087363A781214 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_96963977f1a02f99\nvstor.sys
[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys
[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys
 
< MD5 for: SCECLI.DLL  >
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\SysWOW64\scecli.dll
[2009.07.14 03:16:13 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=26073302DAEA83CC5B944C546D6B47D2 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9e577e55272d37b4\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\SysNative\scecli.dll
[2009.07.14 03:41:53 | 000,232,448 | ---- | M] (Microsoft Corporation) MD5=398712DDDAEFB85EDF61DF6A07B65C79 -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7600.16385_none_9402d402f2cc75b9\scecli.dll
 
< MD5 for: USER32.DLL  >
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\SysNative\user32.dll
[2009.07.14 03:41:56 | 001,008,640 | ---- | M] (Microsoft Corporation) MD5=72D7B3EA16946E8F0CF7458150031CC6 -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_292d5de8870d85d9\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\SysWOW64\user32.dll
[2009.07.14 03:11:24 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=E8B0FFC209E504CB7E79FC24E6C085F0 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7600.16385_none_3382083abb6e47d4\user32.dll
 
< MD5 for: USERINIT.EXE  >
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\SysWOW64\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\SysNative\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
 
< MD5 for: WININIT.EXE  >
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
 
< MD5 for: WINLOGON.EXE  >
[2012.04.04 15:56:38 | 000,199,240 | ---- | M] () MD5=097D0E812D7A9A3101CE46CB2BE0474D -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\Chameleon\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\SysNative\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
 
< MD5 for: WS2IFSL.SYS  >
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys
[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys
 
< %systemroot%\system32\drivers\*.sys /lockedfiles >
 
< %systemroot%\System32\config\*.sav >
 
< %systemroot%\*. /mp /s >
 
< %systemroot%\system32\*.dll /lockedfiles >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:93DE1838
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:93EB7685
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:ABE89FFE
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:798A3728
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:2D09AB80

< End of report >
Gruß Christian

cosinus 12.07.2012 14:49
Mach einen OTL-Fix, beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)


Code:
:OTL
IE - HKU\S-1-5-21-907013825-1055173690-614559143-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..network.proxy.http: "200.105.225.45"
FF - prefs.js..network.proxy.http_port: 8080
FF - user.js - File not found
O2:64bit: - BHO: (Mein Gutscheincode Finder zeigt automatisch Shopping-Gutscheine an mit denen Sie beim Online-Einkauf sparen können.) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Program Files (x86)\Mein Gutscheincode Finder\Internet Explorer\x64\ConversionOneIE.dll File not found
O2 - BHO: (Mein Gutscheincode Finder zeigt automatisch Shopping-Gutscheine an mit denen Sie beim Online-Einkauf sparen können.) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Program Files (x86)\Mein Gutscheincode Finder\Internet Explorer\x86\ConversionOneIE.dll File not found
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.02.03 00:07:14 | 000,000,058 | -H-- | M] () - G:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{2cc05ff4-cc9c-11e0-9252-c80aa98d5180}\Shell - "" = AutoRun
O33 - MountPoints2\{2cc05ff4-cc9c-11e0-9252-c80aa98d5180}\Shell\AutoRun\command - "" = E:\setup.exe
O33 - MountPoints2\{9ebd195b-6a90-11df-8a8e-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{9ebd195b-6a90-11df-8a8e-806e6f6e6963}\Shell\AutoRun\command - "" = G:\Diablo III Setup.exe -- [2012.02.03 00:07:14 | 001,856,592 | ---- | M] (Blizzard Entertainment)
[2012.06.23 17:01:16 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\dxhr
[2012.06.23 17:00:25 | 000,000,000 | ---D | C] -- C:\Users\Home\AppData\Local\28050
[2012.07.03 17:43:12 | 004,503,728 | ---- | C] () -- C:\ProgramData\nud0repor.pad
[2010.05.14 06:57:51 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 136 bytes -> C:\ProgramData\Temp:93DE1838
@Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:93EB7685
@Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:E1F04E8D
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:ABE89FFE
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:5D7E5A8F
@Alternate Data Stream - 130 bytes -> C:\ProgramData\Temp:798A3728
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 125 bytes -> C:\ProgramData\Temp:4D066AD2
@Alternate Data Stream - 118 bytes -> C:\ProgramData\Temp:2D09AB80
:Commands
[purity]
[emptytemp]
[emptyflash]
[resethosts]
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!

ChrissCross6 13.07.2012 10:35
Hey,

danke für die Erstellung des Scripts :). Hier ist der Log:

Code:
All processes killed
========== OTL ==========
HKU\S-1-5-21-907013825-1055173690-614559143-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride| /E : value set successfully!
Prefs.js: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906 removed from extensions.enabledItems
Prefs.js: "200.105.225.45" removed from network.proxy.http
Prefs.js: 8080 removed from network.proxy.http_port
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}\ deleted successfully.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}\ deleted successfully.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.
Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\mctadmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktop deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\\NoActiveDesktopChanges deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorAdmin deleted successfully.
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\ConsentPromptBehaviorUser deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Cdrom\\AutoRun|DWORD:1 /E : value set successfully!
File move failed. G:\autorun.inf scheduled to be moved on reboot.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2cc05ff4-cc9c-11e0-9252-c80aa98d5180}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2cc05ff4-cc9c-11e0-9252-c80aa98d5180}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2cc05ff4-cc9c-11e0-9252-c80aa98d5180}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{2cc05ff4-cc9c-11e0-9252-c80aa98d5180}\ not found.
File E:\setup.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9ebd195b-6a90-11df-8a8e-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9ebd195b-6a90-11df-8a8e-806e6f6e6963}\ not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9ebd195b-6a90-11df-8a8e-806e6f6e6963}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{9ebd195b-6a90-11df-8a8e-806e6f6e6963}\ not found.
File move failed. G:\Diablo III Setup.exe scheduled to be moved on reboot.
C:\Users\Home\AppData\Local\dxhr\cache\data\players folder moved successfully.
C:\Users\Home\AppData\Local\dxhr\cache\data folder moved successfully.
C:\Users\Home\AppData\Local\dxhr\cache folder moved successfully.
C:\Users\Home\AppData\Local\dxhr folder moved successfully.
C:\Users\Home\AppData\Local\28050\eidos\2a128d0\cache\temp folder moved successfully.
C:\Users\Home\AppData\Local\28050\eidos\2a128d0\cache\persistent folder moved successfully.
C:\Users\Home\AppData\Local\28050\eidos\2a128d0\cache folder moved successfully.
C:\Users\Home\AppData\Local\28050\eidos\2a128d0 folder moved successfully.
C:\Users\Home\AppData\Local\28050\eidos folder moved successfully.
C:\Users\Home\AppData\Local\28050 folder moved successfully.
C:\ProgramData\nud0repor.pad moved successfully.
C:\ProgramData\FullRemove.exe moved successfully.
ADS C:\ProgramData\Temp:AB689DEA deleted successfully.
ADS C:\ProgramData\Temp:93DE1838 deleted successfully.
ADS C:\ProgramData\Temp:93EB7685 deleted successfully.
ADS C:\ProgramData\Temp:E1F04E8D deleted successfully.
ADS C:\ProgramData\Temp:ABE89FFE deleted successfully.
ADS C:\ProgramData\Temp:5D7E5A8F deleted successfully.
ADS C:\ProgramData\Temp:798A3728 deleted successfully.
ADS C:\ProgramData\Temp:0B9176C0 deleted successfully.
ADS C:\ProgramData\Temp:4D066AD2 deleted successfully.
ADS C:\ProgramData\Temp:2D09AB80 deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: AppData
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Home
->Temp folder emptied: 9188370 bytes
->Temporary Internet Files folder emptied: 38137293 bytes
->Java cache emptied: 1 bytes
->FireFox cache emptied: 1079317936 bytes
->Google Chrome cache emptied: 0 bytes
->Flash cache emptied: 6265 bytes
 
User: Internet
->Temp folder emptied: 192677 bytes
->Temporary Internet Files folder emptied: 262066 bytes
->FireFox cache emptied: 63406313 bytes
->Flash cache emptied: 920 bytes
 
User: Public
 
User: University
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 356352 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 102082 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 85163 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 1.136,00 mb
 
 
[EMPTYFLASH]
 
User: All Users
 
User: AppData
 
User: Default
 
User: Default User
 
User: Home
->Flash cache emptied: 0 bytes
 
User: Internet
->Flash cache emptied: 0 bytes
 
User: Public
 
User: University
 
Total Flash Files Cleaned = 0,00 mb
 
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.53.1 log created on 07132012_112431

Files\Folders moved on Reboot...
File move failed. G:\autorun.inf scheduled to be moved on reboot.
File move failed. G:\Diablo III Setup.exe scheduled to be moved on reboot.
C:\Users\Home\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.
C:\Users\Home\AppData\Local\Mozilla\Firefox\Profiles\k2e0147e.default\Cache\_CACHE_001_ moved successfully.
C:\Users\Home\AppData\Local\Mozilla\Firefox\Profiles\k2e0147e.default\Cache\_CACHE_002_ moved successfully.
C:\Users\Home\AppData\Local\Mozilla\Firefox\Profiles\k2e0147e.default\Cache\_CACHE_003_ moved successfully.
C:\Users\Home\AppData\Local\Mozilla\Firefox\Profiles\k2e0147e.default\Cache\_CACHE_MAP_ moved successfully.
C:\Users\Home\AppData\Local\Mozilla\Firefox\Profiles\k2e0147e.default\urlclassifier3.sqlite moved successfully.
File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.

PendingFileRenameOperations files...
[2012.02.03 00:07:14 | 000,000,058 | -H-- | M] () G:\autorun.inf : MD5=F3508C41EE019FD19BDC7E5B72A20D47
[2012.02.03 00:07:14 | 001,856,592 | ---- | M] (Blizzard Entertainment) G:\Diablo III Setup.exe : MD5=DDB8CB14B7DD6B00236320CB2FAB06BA
File C:\Users\Home\AppData\Local\Temp\FXSAPIDebugLogFile.txt not found!
File C:\Users\Home\AppData\Local\Mozilla\Firefox\Profiles\k2e0147e.default\Cache\_CACHE_001_ not found!
File C:\Users\Home\AppData\Local\Mozilla\Firefox\Profiles\k2e0147e.default\Cache\_CACHE_002_ not found!
File C:\Users\Home\AppData\Local\Mozilla\Firefox\Profiles\k2e0147e.default\Cache\_CACHE_003_ not found!
File C:\Users\Home\AppData\Local\Mozilla\Firefox\Profiles\k2e0147e.default\Cache\_CACHE_MAP_ not found!
File C:\Users\Home\AppData\Local\Mozilla\Firefox\Profiles\k2e0147e.default\urlclassifier3.sqlite not found!
[2012.07.13 11:28:35 | 000,000,000 | ---- | M] () C:\Windows\temp\dsiwmis.log : Unable to obtain MD5

Registry entries deleted on Reboot...
Gruß Christian

cosinus 13.07.2012 20:25
Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.
Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition (meistens Laufwerk C:) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

http://saved.im/mtkwmtcxexhp/setting...8_16-25-18.jpg

ChrissCross6 13.07.2012 21:43
Hey,

ok habe das gemacht, hier der Log:
Code:
22:36:58.0114 6732        TDSS rootkit removing tool 2.7.45.0 Jul  9 2012 12:46:35
22:36:58.0254 6732        ============================================================
22:36:58.0254 6732        Current date / time: 2012/07/13 22:36:58.0254
22:36:58.0254 6732        SystemInfo:
22:36:58.0254 6732       
22:36:58.0254 6732        OS Version: 6.1.7600 ServicePack: 0.0
22:36:58.0254 6732        Product type: Workstation
22:36:58.0254 6732        ComputerName: HOME-PC
22:36:58.0254 6732        UserName: Home
22:36:58.0254 6732        Windows directory: C:\Windows
22:36:58.0254 6732        System windows directory: C:\Windows
22:36:58.0254 6732        Running under WOW64
22:36:58.0254 6732        Processor architecture: Intel x64
22:36:58.0254 6732        Number of processors: 4
22:36:58.0254 6732        Page size: 0x1000
22:36:58.0254 6732        Boot type: Normal boot
22:36:58.0254 6732        ============================================================
22:36:59.0405 6732        Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:36:59.0411 6732        ============================================================
22:36:59.0411 6732        \Device\Harddisk0\DR0:
22:36:59.0411 6732        MBR partitions:
22:36:59.0411 6732        \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
22:36:59.0411 6732        \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x1C4CA000
22:36:59.0431 6732        \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1DEFD000, BlocksNum 0x1C488800
22:36:59.0431 6732        ============================================================
22:36:59.0460 6732        C: <-> \Device\Harddisk0\DR0\Partition1
22:36:59.0513 6732        A: <-> \Device\Harddisk0\DR0\Partition2
22:36:59.0543 6732        ============================================================
22:36:59.0544 6732        Initialize success
22:36:59.0544 6732        ============================================================
22:39:20.0428 5976        ============================================================
22:39:20.0428 5976        Scan started
22:39:20.0428 5976        Mode: Manual; SigCheck; TDLFS;
22:39:20.0428 5976        ============================================================
22:39:23.0002 5976        1394ohci        (1b00662092f9f9568b995902f0cc40d5) C:\Windows\system32\DRIVERS\1394ohci.sys
22:39:23.0205 5976        1394ohci - ok
22:39:23.0252 5976        ACPI            (6f11e88748cdefd2f76aa215f97ddfe5) C:\Windows\system32\DRIVERS\ACPI.sys
22:39:23.0298 5976        ACPI - ok
22:39:23.0361 5976        AcpiPmi        (63b05a0420ce4bf0e4af6dcc7cada254) C:\Windows\system32\DRIVERS\acpipmi.sys
22:39:23.0439 5976        AcpiPmi - ok
22:39:23.0579 5976        AdobeARMservice (62b7936f9036dd6ed36e6a7efa805dc0) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:39:23.0610 5976        AdobeARMservice - ok
22:39:24.0032 5976        AdobeFlashPlayerUpdateSvc (5e1a953c6472e7bb644892a4d0df5e72) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:39:24.0047 5976        AdobeFlashPlayerUpdateSvc - ok
22:39:24.0188 5976        adp94xx        (2f6b34b83843f0c5118b63ac634f5bf4) C:\Windows\system32\DRIVERS\adp94xx.sys
22:39:24.0219 5976        adp94xx - ok
22:39:24.0266 5976        adpahci        (597f78224ee9224ea1a13d6350ced962) C:\Windows\system32\DRIVERS\adpahci.sys
22:39:24.0312 5976        adpahci - ok
22:39:24.0328 5976        adpu320        (e109549c90f62fb570b9540c4b148e54) C:\Windows\system32\DRIVERS\adpu320.sys
22:39:24.0344 5976        adpu320 - ok
22:39:24.0375 5976        AeLookupSvc    (4b78b431f225fd8624c5655cb1de7b61) C:\Windows\System32\aelupsvc.dll
22:39:24.0609 5976        AeLookupSvc - ok
22:39:24.0702 5976        AFD            (db9d6c6b2cd95a9ca414d045b627422e) C:\Windows\system32\drivers\afd.sys
22:39:24.0827 5976        AFD - ok
22:39:24.0874 5976        agp440          (608c14dba7299d8cb6ed035a68a15799) C:\Windows\system32\DRIVERS\agp440.sys
22:39:24.0890 5976        agp440 - ok
22:39:25.0358 5976        Akamai          (29584f02a43e427c4227e3b1d9ff1b22) c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll
22:39:25.0358 5976        Suspicious file (Hidden): c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll. md5: 29584f02a43e427c4227e3b1d9ff1b22
22:39:25.0358 5976        Akamai ( HiddenFile.Multi.Generic ) - warning
22:39:25.0358 5976        Akamai - detected HiddenFile.Multi.Generic (1)
22:39:25.0498 5976        ALG            (3290d6946b5e30e70414990574883ddb) C:\Windows\System32\alg.exe
22:39:25.0560 5976        ALG - ok
22:39:25.0638 5976        aliide          (5812713a477a3ad7363c7438ca2ee038) C:\Windows\system32\DRIVERS\aliide.sys
22:39:25.0670 5976        aliide - ok
22:39:25.0716 5976        AMD External Events Utility (671d9dca48da807780d8409c18ed0ae0) C:\Windows\system32\atiesrxx.exe
22:39:25.0872 5976        AMD External Events Utility - ok
22:39:25.0904 5976        amdide          (1ff8b4431c353ce385c875f194924c0c) C:\Windows\system32\DRIVERS\amdide.sys
22:39:25.0919 5976        amdide - ok
22:39:25.0950 5976        AmdK8          (7024f087cff1833a806193ef9d22cda9) C:\Windows\system32\DRIVERS\amdk8.sys
22:39:25.0982 5976        AmdK8 - ok
22:39:26.0637 5976        amdkmdag        (d3e6b2e1394d93fe9db0ba24814b0d8f) C:\Windows\system32\DRIVERS\atipmdag.sys
22:39:26.0886 5976        amdkmdag - ok
22:39:27.0042 5976        amdkmdap        (cc4d915d786d3da973b2ea9b95d59a29) C:\Windows\system32\DRIVERS\atikmpag.sys
22:39:27.0089 5976        amdkmdap - ok
22:39:27.0120 5976        AmdPPM          (1e56388b3fe0d031c44144eb8c4d6217) C:\Windows\system32\DRIVERS\amdppm.sys
22:39:27.0167 5976        AmdPPM - ok
22:39:27.0230 5976        amdsata        (ec7ebab00a4d8448bab68d1e49b4beb9) C:\Windows\system32\drivers\amdsata.sys
22:39:27.0245 5976        amdsata - ok
22:39:27.0308 5976        amdsbs          (f67f933e79241ed32ff46a4f29b5120b) C:\Windows\system32\DRIVERS\amdsbs.sys
22:39:27.0339 5976        amdsbs - ok
22:39:27.0370 5976        amdxata        (db27766102c7bf7e95140a2aa81d042e) C:\Windows\system32\drivers\amdxata.sys
22:39:27.0401 5976        amdxata - ok
22:39:27.0432 5976        AmUStor        (391887990cdaa83de5c56c3fde966da1) C:\Windows\system32\drivers\AmUStor.SYS
22:39:27.0495 5976        AmUStor - ok
22:39:27.0620 5976        AntiVirSchedulerService (466a0d95960dad3222c896d2cea99993) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:39:27.0635 5976        AntiVirSchedulerService - ok
22:39:27.0713 5976        AntiVirService  (a489be6bb0aa1ff406b488b60542314b) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:39:27.0729 5976        AntiVirService - ok
22:39:27.0776 5976        AppID          (42fd751b27fa0e9c69bb39f39e409594) C:\Windows\system32\drivers\appid.sys
22:39:27.0900 5976        AppID - ok
22:39:27.0932 5976        AppIDSvc        (0bc381a15355a3982216f7172f545de1) C:\Windows\System32\appidsvc.dll
22:39:28.0072 5976        AppIDSvc - ok
22:39:28.0119 5976        Appinfo        (d065be66822847b7f127d1f90158376e) C:\Windows\System32\appinfo.dll
22:39:28.0181 5976        Appinfo - ok
22:39:28.0275 5976        Apple Mobile Device (3debbecf665dcdde3a95d9b902010817) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:39:28.0290 5976        Apple Mobile Device - ok
22:39:28.0337 5976        arc            (c484f8ceb1717c540242531db7845c4e) C:\Windows\system32\DRIVERS\arc.sys
22:39:28.0353 5976        arc - ok
22:39:28.0384 5976        arcsas          (019af6924aefe7839f61c830227fe79c) C:\Windows\system32\DRIVERS\arcsas.sys
22:39:28.0400 5976        arcsas - ok
22:39:28.0524 5976        aspnet_state    (9217d874131ae6ff8f642f124f00a555) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:39:28.0618 5976        aspnet_state - ok
22:39:28.0665 5976        AsyncMac        (769765ce2cc62867468cea93969b2242) C:\Windows\system32\DRIVERS\asyncmac.sys
22:39:28.0727 5976        AsyncMac - ok
22:39:28.0758 5976        atapi          (02062c0b390b7729edc9e69c680a6f3c) C:\Windows\system32\DRIVERS\atapi.sys
22:39:28.0774 5976        atapi - ok
22:39:28.0977 5976        athr            (70260c7c98cc0101316f5b2650c3bb44) C:\Windows\system32\DRIVERS\athrx.sys
22:39:29.0117 5976        athr - ok
22:39:29.0273 5976        AtiHdmiService  (637e0753bd6deb8ea5314a5c357ec1a0) C:\Windows\system32\drivers\AtiHdmi.sys
22:39:29.0304 5976        AtiHdmiService - ok
22:39:29.0367 5976        atksgt          (b4bde3f758a34658a37dfed3d9783cd8) C:\Windows\system32\DRIVERS\atksgt.sys
22:39:29.0398 5976        atksgt - ok
22:39:29.0476 5976        AudioEndpointBuilder (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
22:39:29.0570 5976        AudioEndpointBuilder - ok
22:39:29.0570 5976        AudioSrv        (07721a77180edd4d39ccb865bf63c7fd) C:\Windows\System32\Audiosrv.dll
22:39:29.0632 5976        AudioSrv - ok
22:39:29.0694 5976        avgntflt        (26e38b5a58c6c55fafbc563eeddb0867) C:\Windows\system32\DRIVERS\avgntflt.sys
22:39:29.0726 5976        avgntflt - ok
22:39:29.0788 5976        avipbb          (9d1f00beff84cbbf46d7f052bc7e0565) C:\Windows\system32\DRIVERS\avipbb.sys
22:39:29.0819 5976        avipbb - ok
22:39:29.0819 5976        avkmgr          (248db59fc86de44d2779f4c7fb1a567d) C:\Windows\system32\DRIVERS\avkmgr.sys
22:39:29.0835 5976        avkmgr - ok
22:39:29.0913 5976        AxInstSV        (b20b5fa5ca050e9926e4d1db81501b32) C:\Windows\System32\AxInstSV.dll
22:39:29.0991 5976        AxInstSV - ok
22:39:30.0069 5976        b06bdrv        (3e5b191307609f7514148c6832bb0842) C:\Windows\system32\DRIVERS\bxvbda.sys
22:39:30.0131 5976        b06bdrv - ok
22:39:30.0225 5976        b57nd60a        (b5ace6968304a3900eeb1ebfd9622df2) C:\Windows\system32\DRIVERS\b57nd60a.sys
22:39:30.0256 5976        b57nd60a - ok
22:39:30.0459 5976        BBSvc          (a2494901e7226b356b8c1005c45f1c5f) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
22:39:30.0474 5976        BBSvc - ok
22:39:30.0599 5976        BBUpdate        (63b1cbbae4790b5bac98f01bf9449722) C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
22:39:30.0615 5976        BBUpdate - ok
22:39:30.0911 5976        BCM43XX        (fde8c8dc07e75347e4c6b455a0964217) C:\Windows\system32\DRIVERS\bcmwl664.sys
22:39:31.0036 5976        BCM43XX - ok
22:39:31.0176 5976        BDESVC          (fde360167101b4e45a96f939f388aeb0) C:\Windows\System32\bdesvc.dll
22:39:31.0254 5976        BDESVC - ok
22:39:31.0301 5976        Beep            (16a47ce2decc9b099349a5f840654746) C:\Windows\system32\drivers\Beep.sys
22:39:31.0379 5976        Beep - ok
22:39:31.0488 5976        BFE            (4992c609a6315671463e30f6512bc022) C:\Windows\System32\bfe.dll
22:39:31.0582 5976        BFE - ok
22:39:31.0676 5976        BITS            (7f0c323fe3da28aa4aa1bda3f575707f) C:\Windows\System32\qmgr.dll
22:39:31.0816 5976        BITS - ok
22:39:31.0878 5976        blbdrive        (61583ee3c3a17003c4acd0475646b4d3) C:\Windows\system32\DRIVERS\blbdrive.sys
22:39:31.0925 5976        blbdrive - ok
22:39:32.0034 5976        Bonjour Service (ebbcd5dfbb1de70e8f4af8fa59e401fd) C:\Program Files\Bonjour\mDNSResponder.exe
22:39:32.0081 5976        Bonjour Service - ok
22:39:32.0112 5976        bowser          (19d20159708e152267e53b66677a4995) C:\Windows\system32\DRIVERS\bowser.sys
22:39:32.0206 5976        bowser - ok
22:39:32.0222 5976        BrFiltLo        (f09eee9edc320b5e1501f749fde686c8) C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:39:32.0268 5976        BrFiltLo - ok
22:39:32.0284 5976        BrFiltUp        (b114d3098e9bdb8bea8b053685831be6) C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:39:32.0331 5976        BrFiltUp - ok
22:39:32.0393 5976        Browser        (94fbc06f294d58d02361918418f996e3) C:\Windows\System32\browser.dll
22:39:32.0471 5976        Browser - ok
22:39:32.0534 5976        Brserid        (43bea8d483bf1870f018e2d02e06a5bd) C:\Windows\System32\Drivers\Brserid.sys
22:39:32.0612 5976        Brserid - ok
22:39:32.0627 5976        BrSerWdm        (a6eca2151b08a09caceca35c07f05b42) C:\Windows\System32\Drivers\BrSerWdm.sys
22:39:32.0658 5976        BrSerWdm - ok
22:39:32.0690 5976        BrUsbMdm        (b79968002c277e869cf38bd22cd61524) C:\Windows\System32\Drivers\BrUsbMdm.sys
22:39:32.0752 5976        BrUsbMdm - ok
22:39:32.0752 5976        BrUsbSer        (a87528880231c54e75ea7a44943b38bf) C:\Windows\System32\Drivers\BrUsbSer.sys
22:39:32.0783 5976        BrUsbSer - ok
22:39:32.0846 5976        BthEnum        (cf98190a94f62e405c8cb255018b2315) C:\Windows\system32\drivers\BthEnum.sys
22:39:32.0892 5976        BthEnum - ok
22:39:32.0955 5976        BTHMODEM        (9da669f11d1f894ab4eb69bf546a42e8) C:\Windows\system32\DRIVERS\bthmodem.sys
22:39:33.0002 5976        BTHMODEM - ok
22:39:33.0048 5976        BthPan          (02dd601b708dd0667e1331fa8518e9ff) C:\Windows\system32\DRIVERS\bthpan.sys
22:39:33.0080 5976        BthPan - ok
22:39:33.0173 5976        BTHPORT        (21084ceb85280468c9aca3c805c0f8cf) C:\Windows\System32\Drivers\BTHport.sys
22:39:33.0251 5976        BTHPORT - ok
22:39:33.0314 5976        bthserv        (95f9c2976059462cbbf227f7aab10de9) C:\Windows\system32\bthserv.dll
22:39:33.0376 5976        bthserv - ok
22:39:33.0423 5976        BTHUSB          (8504842634dd144c075b6b0c982ccec4) C:\Windows\System32\Drivers\BTHUSB.sys
22:39:33.0470 5976        BTHUSB - ok
22:39:33.0532 5976        btwampfl        (380b798d30c56ede4af58619d0e86ccb) C:\Windows\system32\drivers\btwampfl.sys
22:39:33.0563 5976        btwampfl - ok
22:39:33.0610 5976        btwaudio        (ba5622f5544c6c445dff1a05acc8b19d) C:\Windows\system32\drivers\btwaudio.sys
22:39:33.0626 5976        btwaudio - ok
22:39:33.0657 5976        btwavdt        (a11905d0f4bd34771f195217b6aa5ae0) C:\Windows\system32\DRIVERS\btwavdt.sys
22:39:33.0657 5976        btwavdt - ok
22:39:33.0813 5976        btwdins        (3930e53ee0bed9dff9afa09f505d0cae) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
22:39:33.0875 5976        btwdins - ok
22:39:33.0922 5976        btwl2cap        (07096d2bc22ccb6cea5a532df0be8a75) C:\Windows\system32\DRIVERS\btwl2cap.sys
22:39:33.0922 5976        btwl2cap - ok
22:39:33.0953 5976        btwrchid        (bd776f32d64ec615be4563dc2747224e) C:\Windows\system32\DRIVERS\btwrchid.sys
22:39:33.0969 5976        btwrchid - ok
22:39:34.0016 5976        cdfs            (b8bd2bb284668c84865658c77574381a) C:\Windows\system32\DRIVERS\cdfs.sys
22:39:34.0094 5976        cdfs - ok
22:39:34.0140 5976        cdrom          (83d2d75e1efb81b3450c18131443f7db) C:\Windows\system32\DRIVERS\cdrom.sys
22:39:34.0203 5976        cdrom - ok
22:39:34.0250 5976        CertPropSvc    (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
22:39:34.0328 5976        CertPropSvc - ok
22:39:34.0374 5976        circlass        (d7cd5c4e1b71fa62050515314cfb52cf) C:\Windows\system32\DRIVERS\circlass.sys
22:39:34.0406 5976        circlass - ok
22:39:34.0530 5976        CLFS            (fe1ec06f2253f691fe36217c592a0206) C:\Windows\system32\CLFS.sys
22:39:34.0562 5976        CLFS - ok
22:39:34.0655 5976        clr_optimization_v2.0.50727_32 (d88040f816fda31c3b466f0fa0918f29) C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:39:34.0671 5976        clr_optimization_v2.0.50727_32 - ok
22:39:34.0749 5976        clr_optimization_v2.0.50727_64 (d1ceea2b47cb998321c579651ce3e4f8) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:39:34.0764 5976        clr_optimization_v2.0.50727_64 - ok
22:39:34.0889 5976        clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:39:35.0045 5976        clr_optimization_v4.0.30319_32 - ok
22:39:35.0123 5976        clr_optimization_v4.0.30319_64 (c6f9af94dcd58122a4d7e89db6bed29d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:39:35.0201 5976        clr_optimization_v4.0.30319_64 - ok
22:39:35.0248 5976        CmBatt          (0840155d0bddf1190f84a663c284bd33) C:\Windows\system32\DRIVERS\CmBatt.sys
22:39:35.0295 5976        CmBatt - ok
22:39:35.0310 5976        cmdide          (e19d3f095812725d88f9001985b94edd) C:\Windows\system32\DRIVERS\cmdide.sys
22:39:35.0326 5976        cmdide - ok
22:39:35.0420 5976        CNG            (ca7720b73446fddec5c69519c1174c98) C:\Windows\system32\Drivers\cng.sys
22:39:35.0498 5976        CNG - ok
22:39:35.0544 5976        Compbatt        (102de219c3f61415f964c88e9085ad14) C:\Windows\system32\DRIVERS\compbatt.sys
22:39:35.0560 5976        Compbatt - ok
22:39:35.0591 5976        CompositeBus    (f26b3a86f6fa87ca360b879581ab4123) C:\Windows\system32\DRIVERS\CompositeBus.sys
22:39:35.0638 5976        CompositeBus - ok
22:39:35.0669 5976        COMSysApp - ok
22:39:35.0685 5976        crcdisk        (1c827878a998c18847245fe1f34ee597) C:\Windows\system32\DRIVERS\crcdisk.sys
22:39:35.0700 5976        crcdisk - ok
22:39:35.0778 5976        CryptSvc        (f02786b66375292e58c8777082d4396d) C:\Windows\system32\cryptsvc.dll
22:39:35.0872 5976        CryptSvc - ok
22:39:35.0919 5976        CVirtA          (44bddeb03c84a1c993c992ffb5700357) C:\Windows\system32\DRIVERS\CVirtA64.sys
22:39:35.0934 5976        CVirtA - ok
22:39:36.0153 5976        CVPND          (66257cb4e4fb69887cddc71663741435) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
22:39:36.0231 5976        CVPND - ok
22:39:36.0402 5976        CVPNDRVA        (cc8e52daa9826064ba464dbe531f2bb5) C:\Windows\system32\Drivers\CVPNDRVA.sys
22:39:36.0434 5976        CVPNDRVA - ok
22:39:36.0574 5976        DcomLaunch      (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
22:39:36.0668 5976        DcomLaunch - ok
22:39:36.0746 5976        defragsvc      (3cec7631a84943677aa8fa8ee5b6b43d) C:\Windows\System32\defragsvc.dll
22:39:36.0855 5976        defragsvc - ok
22:39:36.0902 5976        DfsC            (9c253ce7311ca60fc11c774692a13208) C:\Windows\system32\Drivers\dfsc.sys
22:39:36.0995 5976        DfsC - ok
22:39:37.0042 5976        Dhcp            (ce3b9562d997f69b330d181a8875960f) C:\Windows\system32\dhcpcore.dll
22:39:37.0167 5976        Dhcp - ok
22:39:37.0198 5976        discache        (13096b05847ec78f0977f2c0f79e9ab3) C:\Windows\system32\drivers\discache.sys
22:39:37.0276 5976        discache - ok
22:39:37.0323 5976        Disk            (9819eee8b5ea3784ec4af3b137a5244c) C:\Windows\system32\DRIVERS\disk.sys
22:39:37.0338 5976        Disk - ok
22:39:37.0401 5976        DNE            (05cb5910b3ca6019fc3cca815ee06ffb) C:\Windows\system32\DRIVERS\dne64x.sys
22:39:37.0416 5976        DNE - ok
22:39:37.0479 5976        Dnscache        (85cf424c74a1d5ec33533e1dbff9920a) C:\Windows\System32\dnsrslvr.dll
22:39:37.0572 5976        Dnscache - ok
22:39:37.0619 5976        dot3svc        (14452acdb09b70964c8c21bf80a13acb) C:\Windows\System32\dot3svc.dll
22:39:37.0697 5976        dot3svc - ok
22:39:37.0744 5976        DPS            (8c2ba6bea949ee6e68385f5692bafb94) C:\Windows\system32\dps.dll
22:39:37.0822 5976        DPS - ok
22:39:37.0853 5976        drmkaud        (9b19f34400d24df84c858a421c205754) C:\Windows\system32\drivers\drmkaud.sys
22:39:37.0869 5976        drmkaud - ok
22:39:37.0994 5976        DsiWMIService  (61e894fe1e9cc720c909e6e343351794) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
22:39:38.0025 5976        DsiWMIService - ok
22:39:38.0103 5976        dtsoftbus01    (fb9bef3401ee5ecc2603311b9c64f44a) C:\Windows\system32\DRIVERS\dtsoftbus01.sys
22:39:38.0134 5976        dtsoftbus01 - ok
22:39:38.0243 5976        dump_wmimmc - ok
22:39:38.0368 5976        DXGKrnl        (1633b9abf52784a1331476397a48cbef) C:\Windows\System32\drivers\dxgkrnl.sys
22:39:38.0415 5976        DXGKrnl - ok
22:39:38.0462 5976        EagleX64 - ok
22:39:38.0493 5976        EapHost        (e2dda8726da9cb5b2c4000c9018a9633) C:\Windows\System32\eapsvc.dll
22:39:38.0586 5976        EapHost - ok
22:39:39.0242 5976        ebdrv          (dc5d737f51be844d8c82c695eb17372f) C:\Windows\system32\DRIVERS\evbda.sys
22:39:39.0382 5976        ebdrv - ok
22:39:39.0507 5976        EFS            (156f6159457d0aa7e59b62681b56eb90) C:\Windows\System32\lsass.exe
22:39:39.0600 5976        EFS - ok
22:39:39.0725 5976        ehRecvr        (47c071994c3f649f23d9cd075ac9304a) C:\Windows\ehome\ehRecvr.exe
22:39:39.0819 5976        ehRecvr - ok
22:39:39.0850 5976        ehSched        (4705e8ef9934482c5bb488ce28afc681) C:\Windows\ehome\ehsched.exe
22:39:39.0944 5976        ehSched - ok
22:39:40.0068 5976        elxstor        (0e5da5369a0fcaea12456dd852545184) C:\Windows\system32\DRIVERS\elxstor.sys
22:39:40.0162 5976        elxstor - ok
22:39:40.0302 5976        ePowerSvc      (064f001bf07333f980ffb565dcf6dd3d) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
22:39:40.0349 5976        ePowerSvc - ok
22:39:40.0474 5976        ErrDev          (34a3c54752046e79a126e15c51db409b) C:\Windows\system32\DRIVERS\errdev.sys
22:39:40.0521 5976        ErrDev - ok
22:39:40.0614 5976        EventSystem    (4166f82be4d24938977dd1746be9b8a0) C:\Windows\system32\es.dll
22:39:40.0739 5976        EventSystem - ok
22:39:40.0833 5976        exfat          (a510c654ec00c1e9bdd91eeb3a59823b) C:\Windows\system32\drivers\exfat.sys
22:39:40.0911 5976        exfat - ok
22:39:40.0942 5976        fastfat        (0adc83218b66a6db380c330836f3e36d) C:\Windows\system32\drivers\fastfat.sys
22:39:41.0036 5976        fastfat - ok
22:39:41.0176 5976        Fax            (d607b2f1bee3992aa6c2c92c0a2f0855) C:\Windows\system32\fxssvc.exe
22:39:41.0316 5976        Fax - ok
22:39:41.0332 5976        fdc            (d765d19cd8ef61f650c384f62fac00ab) C:\Windows\system32\DRIVERS\fdc.sys
22:39:41.0363 5976        fdc - ok
22:39:41.0410 5976        fdPHost        (0438cab2e03f4fb61455a7956026fe86) C:\Windows\system32\fdPHost.dll
22:39:41.0488 5976        fdPHost - ok
22:39:41.0504 5976        FDResPub        (802496cb59a30349f9a6dd22d6947644) C:\Windows\system32\fdrespub.dll
22:39:41.0550 5976        FDResPub - ok
22:39:41.0582 5976        FileInfo        (655661be46b5f5f3fd454e2c3095b930) C:\Windows\system32\drivers\fileinfo.sys
22:39:41.0582 5976        FileInfo - ok
22:39:41.0597 5976        Filetrace      (5f671ab5bc87eea04ec38a6cd5962a47) C:\Windows\system32\drivers\filetrace.sys
22:39:41.0660 5976        Filetrace - ok
22:39:41.0675 5976        flpydisk        (c172a0f53008eaeb8ea33fe10e177af5) C:\Windows\system32\DRIVERS\flpydisk.sys
22:39:41.0691 5976        flpydisk - ok
22:39:41.0722 5976        FltMgr          (f7866af72abbaf84b1fa5aa195378c59) C:\Windows\system32\drivers\fltmgr.sys
22:39:41.0753 5976        FltMgr - ok
22:39:41.0878 5976        FontCache      (cb5e4b9c319e3c6bb363eb7e58a4a051) C:\Windows\system32\FntCache.dll
22:39:42.0003 5976        FontCache - ok
22:39:42.0081 5976        FontCache3.0.0.0 (8d89e3131c27fdd6932189cb785e1b7a) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:39:42.0096 5976        FontCache3.0.0.0 - ok
22:39:42.0143 5976        FsDepends      (d43703496149971890703b4b1b723eac) C:\Windows\system32\drivers\FsDepends.sys
22:39:42.0174 5976        FsDepends - ok
22:39:42.0206 5976        fssfltr        (07da62c960ddccc2d35836aeab4fc578) C:\Windows\system32\DRIVERS\fssfltr.sys
22:39:42.0221 5976        fssfltr - ok
22:39:42.0440 5976        fsssvc          (28ddeeec44e988657b732cf404d504cb) C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
22:39:42.0518 5976        fsssvc - ok
22:39:42.0642 5976        Fs_Rec          (d3e3f93d67821a2db2b3d9fac2dc2064) C:\Windows\system32\drivers\Fs_Rec.sys
22:39:42.0658 5976        Fs_Rec - ok
22:39:42.0720 5976        fvevol          (ae87ba80d0ec3b57126ed2cdc15b24ed) C:\Windows\system32\DRIVERS\fvevol.sys
22:39:42.0752 5976        fvevol - ok
22:39:42.0798 5976        gagp30kx        (8c778d335c9d272cfd3298ab02abe3b6) C:\Windows\system32\DRIVERS\gagp30kx.sys
22:39:42.0814 5976        gagp30kx - ok
22:39:42.0908 5976        gpsvc          (fe5ab4525bc2ec68b9119a6e5d40128b) C:\Windows\System32\gpsvc.dll
22:39:42.0986 5976        gpsvc - ok
22:39:43.0095 5976        GREGService    (0191dee9b9eb7902af2cf4f67301095d) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
22:39:43.0110 5976        GREGService - ok
22:39:43.0188 5976        gupdate        (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:39:43.0204 5976        gupdate - ok
22:39:43.0204 5976        gupdatem        (8f0de4fef8201e306f9938b0905ac96a) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:39:43.0235 5976        gupdatem - ok
22:39:43.0266 5976        gusvc          (cc839e8d766cc31a7710c9f38cf3e375) C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
22:39:43.0282 5976        gusvc - ok
22:39:43.0329 5976        hamachi        (1e6438d4ea6e1174a3b3b1edc4de660b) C:\Windows\system32\DRIVERS\hamachi.sys
22:39:43.0344 5976        hamachi - ok
22:39:43.0610 5976        Hamachi2Svc    (21d24138b736983f6e23823e092e9428) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
22:39:43.0719 5976        Hamachi2Svc - ok
22:39:43.0859 5976        hcw85cir        (f2523ef6460fc42405b12248338ab2f0) C:\Windows\system32\drivers\hcw85cir.sys
22:39:43.0953 5976        hcw85cir - ok
22:39:44.0000 5976        HdAudAddService (6410f6f415b2a5a9037224c41da8bf12) C:\Windows\system32\drivers\HdAudio.sys
22:39:44.0046 5976        HdAudAddService - ok
22:39:44.0093 5976        HDAudBus        (0a49913402747a0b67de940fb42cbdbb) C:\Windows\system32\DRIVERS\HDAudBus.sys
22:39:44.0156 5976        HDAudBus - ok
22:39:44.0187 5976        HECIx64        (b6ac71aaa2b10848f57fc49d55a651af) C:\Windows\system32\DRIVERS\HECIx64.sys
22:39:44.0218 5976        HECIx64 - ok
22:39:44.0234 5976        HidBatt        (78e86380454a7b10a5eb255dc44a355f) C:\Windows\system32\DRIVERS\HidBatt.sys
22:39:44.0265 5976        HidBatt - ok
22:39:44.0312 5976        HidBth          (7fd2a313f7afe5c4dab14798c48dd104) C:\Windows\system32\DRIVERS\hidbth.sys
22:39:44.0374 5976        HidBth - ok
22:39:44.0405 5976        HidIr          (0a77d29f311b88cfae3b13f9c1a73825) C:\Windows\system32\DRIVERS\hidir.sys
22:39:44.0436 5976        HidIr - ok
22:39:44.0468 5976        hidserv        (bd9eb3958f213f96b97b1d897dee006d) C:\Windows\system32\hidserv.dll
22:39:44.0546 5976        hidserv - ok
22:39:44.0577 5976        HidUsb          (b3bf6b5b50006def50b66306d99fcf6f) C:\Windows\system32\DRIVERS\hidusb.sys
22:39:44.0592 5976        HidUsb - ok
22:39:44.0624 5976        hkmsvc          (efa58ede58dd74388ffd04cb32681518) C:\Windows\system32\kmsvc.dll
22:39:44.0686 5976        hkmsvc - ok
22:39:44.0748 5976        HomeGroupListener (046b2673767ca626e2cfb7fdf735e9e8) C:\Windows\system32\ListSvc.dll
22:39:44.0826 5976        HomeGroupListener - ok
22:39:44.0873 5976        HomeGroupProvider (06a7422224d9865a5613710a089987df) C:\Windows\system32\provsvc.dll
22:39:44.0920 5976        HomeGroupProvider - ok
22:39:44.0967 5976        HpSAMD          (0886d440058f203eba0e1825e4355914) C:\Windows\system32\DRIVERS\HpSAMD.sys
22:39:44.0982 5976        HpSAMD - ok
22:39:45.0060 5976        HTTP            (cee049cac4efa7f4e1e4ad014414a5d4) C:\Windows\system32\drivers\HTTP.sys
22:39:45.0154 5976        HTTP - ok
22:39:45.0170 5976        hwpolicy        (f17766a19145f111856378df337a5d79) C:\Windows\system32\drivers\hwpolicy.sys
22:39:45.0201 5976        hwpolicy - ok
22:39:45.0248 5976        i8042prt        (fa55c73d4affa7ee23ac4be53b4592d3) C:\Windows\system32\DRIVERS\i8042prt.sys
22:39:45.0279 5976        i8042prt - ok
22:39:45.0341 5976        iaStor          (abbf174cb394f5c437410a788b7e404a) C:\Windows\system32\DRIVERS\iaStor.sys
22:39:45.0372 5976        iaStor - ok
22:39:45.0450 5976        IAStorDataMgrSvc (31a0e93cdf29007d6c6fffb632f375ed) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:39:45.0482 5976        IAStorDataMgrSvc - ok
22:39:45.0606 5976        iaStorV        (b75e45c564e944a2657167d197ab29da) C:\Windows\system32\drivers\iaStorV.sys
22:39:45.0622 5976        iaStorV - ok
22:39:45.0700 5976        IDriverT        (1cf03c69b49acb70c722df92755c0c8c) C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
22:39:45.0716 5976        IDriverT ( UnsignedFile.Multi.Generic ) - warning
22:39:45.0716 5976        IDriverT - detected UnsignedFile.Multi.Generic (1)
22:39:45.0825 5976        idsvc          (2f2be70d3e02b6fa877921ab9516d43c) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:39:45.0872 5976        idsvc - ok
22:39:45.0981 5976        iirsp          (5c18831c61933628f5bb0ea2675b9d21) C:\Windows\system32\DRIVERS\iirsp.sys
22:39:45.0996 5976        iirsp - ok
22:39:46.0106 5976        IKEEXT          (c5b4683680df085b57bc53e5ef34861f) C:\Windows\System32\ikeext.dll
22:39:46.0230 5976        IKEEXT - ok
22:39:46.0293 5976        Impcd          (4b6363cd4610bb848531bb260b15dfcc) C:\Windows\system32\DRIVERS\Impcd.sys
22:39:46.0324 5976        Impcd - ok
22:39:46.0355 5976        IntcAzAudAddService - ok
22:39:46.0371 5976        intelide        (f00f20e70c6ec3aa366910083a0518aa) C:\Windows\system32\DRIVERS\intelide.sys
22:39:46.0386 5976        intelide - ok
22:39:47.0120 5976        intelkmd        (09ce164afa8483e41808784d7fca154e) C:\Windows\system32\DRIVERS\igdpmd64.sys
22:39:47.0447 5976        intelkmd - ok
22:39:47.0666 5976        intelppm        (ada036632c664caa754079041cf1f8c1) C:\Windows\system32\DRIVERS\intelppm.sys
22:39:47.0681 5976        intelppm - ok
22:39:47.0728 5976        IPBusEnum      (098a91c54546a3b878dad6a7e90a455b) C:\Windows\system32\ipbusenum.dll
22:39:47.0790 5976        IPBusEnum - ok
22:39:47.0822 5976        IpFilterDriver  (722dd294df62483cecaae6e094b4d695) C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:39:47.0868 5976        IpFilterDriver - ok
22:39:47.0931 5976        iphlpsvc        (f8e058d17363ec580e4b7232778b6cb5) C:\Windows\System32\iphlpsvc.dll
22:39:48.0009 5976        iphlpsvc - ok
22:39:48.0056 5976        IPMIDRV        (e2b4a4494db7cb9b89b55ca268c337c5) C:\Windows\system32\DRIVERS\IPMIDrv.sys
22:39:48.0087 5976        IPMIDRV - ok
22:39:48.0087 5976        IPNAT          (af9b39a7e7b6caa203b3862582e9f2d0) C:\Windows\system32\drivers\ipnat.sys
22:39:48.0149 5976        IPNAT - ok
22:39:48.0180 5976        IRENUM          (3abf5e7213eb28966d55d58b515d5ce9) C:\Windows\system32\drivers\irenum.sys
22:39:48.0196 5976        IRENUM - ok
22:39:48.0196 5976        isapnp          (2f7b28dc3e1183e5eb418df55c204f38) C:\Windows\system32\DRIVERS\isapnp.sys
22:39:48.0212 5976        isapnp - ok
22:39:48.0243 5976        iScsiPrt        (fa4d2557de56d45b0a346f93564be6e1) C:\Windows\system32\DRIVERS\msiscsi.sys
22:39:48.0274 5976        iScsiPrt - ok
22:39:48.0305 5976        kbdclass        (bc02336f1cba7dcc7d1213bb588a68a5) C:\Windows\system32\DRIVERS\kbdclass.sys
22:39:48.0321 5976        kbdclass - ok
22:39:48.0336 5976        kbdhid          (6def98f8541e1b5dceb2c822a11f7323) C:\Windows\system32\DRIVERS\kbdhid.sys
22:39:48.0368 5976        kbdhid - ok
22:39:48.0414 5976        KeyIso          (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:39:48.0430 5976        KeyIso - ok
22:39:48.0477 5976        KSecDD          (4f4b5fde429416877de7143044582eb5) C:\Windows\system32\Drivers\ksecdd.sys
22:39:48.0508 5976        KSecDD - ok
22:39:48.0524 5976        KSecPkg        (6f40465a44ecdc1731befafec5bdd03c) C:\Windows\system32\Drivers\ksecpkg.sys
22:39:48.0539 5976        KSecPkg - ok
22:39:48.0570 5976        ksthunk        (6869281e78cb31a43e969f06b57347c4) C:\Windows\system32\drivers\ksthunk.sys
22:39:48.0633 5976        ksthunk - ok
22:39:48.0695 5976        KtmRm          (6ab66e16aa859232f64deb66887a8c9c) C:\Windows\system32\msdtckrm.dll
22:39:48.0758 5976        KtmRm - ok
22:39:48.0804 5976        L1C            (39918db0efcf045a1ce6fabbf339f975) C:\Windows\system32\DRIVERS\L1C62x64.sys
22:39:48.0820 5976        L1C - ok
22:39:48.0898 5976        LanmanServer    (81f1d04d4d0e433099365127375fd501) C:\Windows\system32\srvsvc.dll
22:39:48.0992 5976        LanmanServer - ok
22:39:49.0023 5976        LanmanWorkstation (27026eac8818e8a6c00a1cad2f11d29a) C:\Windows\System32\wkssvc.dll
22:39:49.0101 5976        LanmanWorkstation - ok
22:39:49.0163 5976        lirsgt          (955982bf4421b77722196552b62e8dc2) C:\Windows\system32\DRIVERS\lirsgt.sys
22:39:49.0179 5976        lirsgt - ok
22:39:49.0210 5976        lltdio          (1538831cf8ad2979a04c423779465827) C:\Windows\system32\DRIVERS\lltdio.sys
22:39:49.0272 5976        lltdio - ok
22:39:49.0304 5976        lltdsvc        (c1185803384ab3feed115f79f109427f) C:\Windows\System32\lltdsvc.dll
22:39:49.0397 5976        lltdsvc - ok
22:39:49.0428 5976        lmhosts        (f993a32249b66c9d622ea5592a8b76b8) C:\Windows\System32\lmhsvc.dll
22:39:49.0475 5976        lmhosts - ok
22:39:49.0616 5976        LMS            (a1c148801b4af64847aeb9f3ad9594ef) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:39:49.0647 5976        LMS ( UnsignedFile.Multi.Generic ) - warning
22:39:49.0647 5976        LMS - detected UnsignedFile.Multi.Generic (1)
22:39:49.0709 5976        LSI_FC          (1a93e54eb0ece102495a51266dcdb6a6) C:\Windows\system32\DRIVERS\lsi_fc.sys
22:39:49.0740 5976        LSI_FC - ok
22:39:49.0772 5976        LSI_SAS        (1047184a9fdc8bdbff857175875ee810) C:\Windows\system32\DRIVERS\lsi_sas.sys
22:39:49.0787 5976        LSI_SAS - ok
22:39:49.0834 5976        LSI_SAS2        (30f5c0de1ee8b5bc9306c1f0e4a75f93) C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:39:49.0850 5976        LSI_SAS2 - ok
22:39:49.0865 5976        LSI_SCSI        (0504eacaff0d3c8aed161c4b0d369d4a) C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:39:49.0881 5976        LSI_SCSI - ok
22:39:49.0928 5976        luafv          (43d0f98e1d56ccddb0d5254cff7b356e) C:\Windows\system32\drivers\luafv.sys
22:39:50.0006 5976        luafv - ok
22:39:50.0115 5976        MBAMProtector  (dbc08862a71459e74f7538b432c114cc) C:\Windows\system32\drivers\mbam.sys
22:39:50.0130 5976        MBAMProtector - ok
22:39:50.0224 5976        MBAMService    (ba400ed640bca1eae5c727ae17c10207) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
22:39:50.0271 5976        MBAMService - ok
22:39:50.0318 5976        Mcx2Svc        (f84c8f1000bc11e3b7b23cbd3baff111) C:\Windows\system32\Mcx2Svc.dll
22:39:50.0349 5976        Mcx2Svc - ok
22:39:50.0364 5976        megasas        (a55805f747c6edb6a9080d7c633bd0f4) C:\Windows\system32\DRIVERS\megasas.sys
22:39:50.0380 5976        megasas - ok
22:39:50.0411 5976        MegaSR          (baf74ce0072480c3b6b7c13b2a94d6b3) C:\Windows\system32\DRIVERS\MegaSR.sys
22:39:50.0442 5976        MegaSR - ok
22:39:50.0520 5976        Microsoft Office Groove Audit Service (123271bd5237ab991dc5c21fdf8835eb) C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
22:39:50.0536 5976        Microsoft Office Groove Audit Service - ok
22:39:50.0614 5976        Mkd2Bthf        (20574909fdd7843618bf03f95b61303d) C:\Windows\system32\drivers\Mkd2Bthf.sys
22:39:50.0630 5976        Mkd2Bthf - ok
22:39:50.0676 5976        Mkd2Nadr        (131d429af08e90cd16b36c68edf56226) C:\Windows\system32\drivers\Mkd2Nadr.sys
22:39:50.0692 5976        Mkd2Nadr - ok
22:39:50.0754 5976        Mkd3kfNt        (8719aa5b8faabacc5f12239f3d9572a2) C:\Windows\system32\drivers\Mkd3kfNt.sys
22:39:50.0786 5976        Mkd3kfNt - ok
22:39:50.0817 5976        MMCSS          (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:39:50.0895 5976        MMCSS - ok
22:39:50.0910 5976        Modem          (800ba92f7010378b09f9ed9270f07137) C:\Windows\system32\drivers\modem.sys
22:39:50.0988 5976        Modem - ok
22:39:51.0020 5976        monitor        (b03d591dc7da45ece20b3b467e6aadaa) C:\Windows\system32\DRIVERS\monitor.sys
22:39:51.0082 5976        monitor - ok
22:39:51.0129 5976        mouclass        (7d27ea49f3c1f687d357e77a470aea99) C:\Windows\system32\DRIVERS\mouclass.sys
22:39:51.0144 5976        mouclass - ok
22:39:51.0191 5976        mouhid          (d3bf052c40b0c4166d9fd86a4288c1e6) C:\Windows\system32\DRIVERS\mouhid.sys
22:39:51.0207 5976        mouhid - ok
22:39:51.0238 5976        mountmgr        (791af66c4d0e7c90a3646066386fb571) C:\Windows\system32\drivers\mountmgr.sys
22:39:51.0254 5976        mountmgr - ok
22:39:51.0363 5976        MozillaMaintenance (15d5398eed42c2504bb3d4fc875c15d1) C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:39:51.0394 5976        MozillaMaintenance - ok
22:39:51.0425 5976        mpio            (609d1d87649ecc19796f4d76d4c15cea) C:\Windows\system32\DRIVERS\mpio.sys
22:39:51.0456 5976        mpio - ok
22:39:51.0488 5976        mpsdrv          (6c38c9e45ae0ea2fa5e551f2ed5e978f) C:\Windows\system32\drivers\mpsdrv.sys
22:39:51.0566 5976        mpsdrv - ok
22:39:51.0706 5976        MpsSvc          (aecab449567d1846dad63ece49e893e3) C:\Windows\system32\mpssvc.dll
22:39:51.0831 5976        MpsSvc - ok
22:39:51.0909 5976        MRxDAV          (30524261bb51d96d6fcbac20c810183c) C:\Windows\system32\drivers\mrxdav.sys
22:39:51.0940 5976        MRxDAV - ok
22:39:51.0987 5976        mrxsmb          (040d62a9d8ad28922632137acdd984f2) C:\Windows\system32\DRIVERS\mrxsmb.sys
22:39:52.0049 5976        mrxsmb - ok
22:39:52.0112 5976        mrxsmb10        (f0067552f8f9b33d7c59403ab808a3cb) C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:39:52.0158 5976        mrxsmb10 - ok
22:39:52.0205 5976        mrxsmb20        (3c142d31de9f2f193218a53fe2632051) C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:39:52.0236 5976        mrxsmb20 - ok
22:39:52.0283 5976        msahci          (5c37497276e3b3a5488b23a326a754b7) C:\Windows\system32\DRIVERS\msahci.sys
22:39:52.0299 5976        msahci - ok
22:39:52.0314 5976        msdsm          (8d27b597229aed79430fb9db3bcbfbd0) C:\Windows\system32\DRIVERS\msdsm.sys
22:39:52.0330 5976        msdsm - ok
22:39:52.0361 5976        MSDTC          (de0ece52236cfa3ed2dbfc03f28253a8) C:\Windows\System32\msdtc.exe
22:39:52.0424 5976        MSDTC - ok
22:39:52.0455 5976        Msfs            (aa3fb40e17ce1388fa1bedab50ea8f96) C:\Windows\system32\drivers\Msfs.sys
22:39:52.0502 5976        Msfs - ok
22:39:52.0533 5976        mshidkmdf      (f9d215a46a8b9753f61767fa72a20326) C:\Windows\System32\drivers\mshidkmdf.sys
22:39:52.0580 5976        mshidkmdf - ok
22:39:52.0580 5976        msisadrv        (d916874bbd4f8b07bfb7fa9b3ccae29d) C:\Windows\system32\DRIVERS\msisadrv.sys
22:39:52.0595 5976        msisadrv - ok
22:39:52.0626 5976        MSiSCSI        (808e98ff49b155c522e6400953177b08) C:\Windows\system32\iscsiexe.dll
22:39:52.0720 5976        MSiSCSI - ok
22:39:52.0720 5976        msiserver - ok
22:39:52.0767 5976        MSKSSRV        (49ccf2c4fea34ffad8b1b59d49439366) C:\Windows\system32\drivers\MSKSSRV.sys
22:39:52.0829 5976        MSKSSRV - ok
22:39:52.0845 5976        MSPCLOCK        (bdd71ace35a232104ddd349ee70e1ab3) C:\Windows\system32\drivers\MSPCLOCK.sys
22:39:52.0907 5976        MSPCLOCK - ok
22:39:52.0907 5976        MSPQM          (4ed981241db27c3383d72092b618a1d0) C:\Windows\system32\drivers\MSPQM.sys
22:39:52.0970 5976        MSPQM - ok
22:39:53.0016 5976        MsRPC          (89cb141aa8616d8c6a4610fa26c60964) C:\Windows\system32\drivers\MsRPC.sys
22:39:53.0048 5976        MsRPC - ok
22:39:53.0063 5976        mssmbios        (0eed230e37515a0eaee3c2e1bc97b288) C:\Windows\system32\DRIVERS\mssmbios.sys
22:39:53.0079 5976        mssmbios - ok
22:39:53.0204 5976        MSSQL$SQLEXPRESS - ok
22:39:53.0282 5976        MSSQLServerADHelper100 (7a2a8c975356858eb38466a6b1592e8d) c:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
22:39:53.0313 5976        MSSQLServerADHelper100 - ok
22:39:53.0344 5976        MSTEE          (2e66f9ecb30b4221a318c92ac2250779) C:\Windows\system32\drivers\MSTEE.sys
22:39:53.0406 5976        MSTEE - ok
22:39:53.0406 5976        MTConfig        (7ea404308934e675bffde8edf0757bcd) C:\Windows\system32\DRIVERS\MTConfig.sys
22:39:53.0438 5976        MTConfig - ok
22:39:53.0484 5976        Mup            (f9a18612fd3526fe473c1bda678d61c8) C:\Windows\system32\Drivers\mup.sys
22:39:53.0516 5976        Mup - ok
22:39:53.0547 5976        mwlPSDFilter    (6ffecc25b39dc7652a0cec0ada9db589) C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
22:39:53.0562 5976        mwlPSDFilter - ok
22:39:53.0578 5976        mwlPSDNServ    (0befe32ca56d6ee89d58175725596a85) C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
22:39:53.0594 5976        mwlPSDNServ - ok
22:39:53.0625 5976        mwlPSDVDisk    (d43bc633b8660463e446e28e14a51262) C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
22:39:53.0640 5976        mwlPSDVDisk - ok
22:39:53.0812 5976        MWLService      (0036634e5c92be109056f7e2380103a9) C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
22:39:53.0828 5976        MWLService - ok
22:39:53.0999 5976        napagent        (4987e079a4530fa737a128be54b63b12) C:\Windows\system32\qagentRT.dll
22:39:54.0046 5976        napagent - ok
22:39:54.0124 5976        NativeWifiP    (1ea3749c4114db3e3161156ffffa6b33) C:\Windows\system32\DRIVERS\nwifi.sys
22:39:54.0155 5976        NativeWifiP - ok
22:39:54.0249 5976        NDIS            (cad515dbd07d082bb317d9928ce8962c) C:\Windows\system32\drivers\ndis.sys
22:39:54.0296 5976        NDIS - ok
22:39:54.0311 5976        NdisCap        (9f9a1f53aad7da4d6fef5bb73ab811ac) C:\Windows\system32\DRIVERS\ndiscap.sys
22:39:54.0358 5976        NdisCap - ok
22:39:54.0389 5976        NdisTapi        (30639c932d9fef22b31268fe25a1b6e5) C:\Windows\system32\DRIVERS\ndistapi.sys
22:39:54.0452 5976        NdisTapi - ok
22:39:54.0483 5976        Ndisuio        (f105ba1e22bf1f2ee8f005d4305e4bec) C:\Windows\system32\DRIVERS\ndisuio.sys
22:39:54.0576 5976        Ndisuio - ok
22:39:54.0608 5976        NdisWan        (557dfab9ca1fcb036ac77564c010dad3) C:\Windows\system32\DRIVERS\ndiswan.sys
22:39:54.0654 5976        NdisWan - ok
22:39:54.0670 5976        NDProxy        (659b74fb74b86228d6338d643cd3e3cf) C:\Windows\system32\drivers\NDProxy.sys
22:39:54.0717 5976        NDProxy - ok
22:39:54.0764 5976        NetBIOS        (86743d9f5d2b1048062b14b1d84501c4) C:\Windows\system32\DRIVERS\netbios.sys
22:39:54.0857 5976        NetBIOS - ok
22:39:54.0888 5976        NetBT          (9162b273a44ab9dce5b44362731d062a) C:\Windows\system32\DRIVERS\netbt.sys
22:39:54.0951 5976        NetBT - ok
22:39:54.0998 5976        Netlogon        (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:39:55.0013 5976        Netlogon - ok
22:39:55.0091 5976        Netman          (847d3ae376c0817161a14a82c8922a9e) C:\Windows\System32\netman.dll
22:39:55.0169 5976        Netman - ok
22:39:55.0310 5976        NetMsmqActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:39:55.0356 5976        NetMsmqActivator - ok
22:39:55.0388 5976        NetPipeActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:39:55.0403 5976        NetPipeActivator - ok
22:39:55.0466 5976        netprofm        (5f28111c648f1e24f7dbc87cdeb091b8) C:\Windows\System32\netprofm.dll
22:39:55.0559 5976        netprofm - ok
22:39:55.0575 5976        NetTcpActivator (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:39:55.0590 5976        NetTcpActivator - ok
22:39:55.0590 5976        NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:39:55.0622 5976        NetTcpPortSharing - ok
22:39:55.0700 5976        nfrd960        (77889813be4d166cdab78ddba990da92) C:\Windows\system32\DRIVERS\nfrd960.sys
22:39:55.0715 5976        nfrd960 - ok
22:39:55.0809 5976        NlaSvc          (d9a0ce66046d6efa0c61baa885cba0a8) C:\Windows\System32\nlasvc.dll
22:39:55.0887 5976        NlaSvc - ok
22:39:55.0918 5976        Npfs            (1e4c4ab5c9b8dd13179bbdc75a2a01f7) C:\Windows\system32\drivers\Npfs.sys
22:39:55.0996 5976        Npfs - ok
22:39:56.0027 5976        npggsvc - ok
22:39:56.0027 5976        NPPTNT2 - ok
22:39:56.0074 5976        nsi            (d54bfdf3e0c953f823b3d0bfe4732528) C:\Windows\system32\nsisvc.dll
22:39:56.0152 5976        nsi - ok
22:39:56.0168 5976        nsiproxy        (e7f5ae18af4168178a642a9247c63001) C:\Windows\system32\drivers\nsiproxy.sys
22:39:56.0214 5976        nsiproxy - ok
22:39:56.0402 5976        Ntfs            (378e0e0dfea67d98ae6ea53adbbd76bc) C:\Windows\system32\drivers\Ntfs.sys
22:39:56.0480 5976        Ntfs - ok
22:39:56.0589 5976        NTI IScheduleSvc (5b3ce960c62dbe864be9a0bd043a3e30) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
22:39:56.0636 5976        NTI IScheduleSvc ( UnsignedFile.Multi.Generic ) - warning
22:39:56.0636 5976        NTI IScheduleSvc - detected UnsignedFile.Multi.Generic (1)
22:39:56.0667 5976        NTIBackupSvc    (15221dd637d9d0ffc60848ebbf1df538) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
22:39:56.0682 5976        NTIBackupSvc - ok
22:39:56.0807 5976        NTIDrvr        (64ddd0dee976302f4bd93e5efcc2f013) C:\Windows\system32\drivers\NTIDrvr.sys
22:39:56.0823 5976        NTIDrvr - ok
22:39:56.0885 5976        NTISchedulerSvc (b5071e15d4c3f5ef5018aff7e85a85e5) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
22:39:56.0963 5976        NTISchedulerSvc - ok
22:39:56.0994 5976        Null            (9899284589f75fa8724ff3d16aed75c1) C:\Windows\system32\drivers\Null.sys
22:39:57.0072 5976        Null - ok
22:39:57.0104 5976        nvraid          (a4d9c9a608a97f59307c2f2600edc6a4) C:\Windows\system32\drivers\nvraid.sys
22:39:57.0135 5976        nvraid - ok
22:39:57.0182 5976        nvstor          (6c1d5f70e7a6a3fd1c90d840edc048b9) C:\Windows\system32\drivers\nvstor.sys
22:39:57.0213 5976        nvstor - ok
22:39:57.0244 5976        nv_agp          (270d7cd42d6e3979f6dd0146650f0e05) C:\Windows\system32\DRIVERS\nv_agp.sys
22:39:57.0275 5976        nv_agp - ok
22:39:57.0353 5976        ODDPwrSvc      (ba7dac1b8a86d9402c3e04e1fcaa600d) C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
22:39:57.0369 5976        ODDPwrSvc - ok
22:39:57.0478 5976        odserv          (785f487a64950f3cb8e9f16253ba3b7b) C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:39:57.0525 5976        odserv - ok
22:39:57.0556 5976        ohci1394        (3589478e4b22ce21b41fa1bfc0b8b8a0) C:\Windows\system32\DRIVERS\ohci1394.sys
22:39:57.0572 5976        ohci1394 - ok
22:39:57.0603 5976        ose            (5a432a042dae460abe7199b758e8606c) C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:39:57.0634 5976        ose - ok
22:39:57.0681 5976        p2pimsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:39:57.0759 5976        p2pimsvc - ok
22:39:57.0837 5976        p2psvc          (927463ecb02179f88e4b9a17568c63c3) C:\Windows\system32\p2psvc.dll
22:39:57.0868 5976        p2psvc - ok
22:39:57.0899 5976        Parport        (0086431c29c35be1dbc43f52cc273887) C:\Windows\system32\DRIVERS\parport.sys
22:39:57.0915 5976        Parport - ok
22:39:57.0962 5976        partmgr        (90061b1acfe8ccaa5345750ffe08d8b8) C:\Windows\system32\drivers\partmgr.sys
22:39:57.0977 5976        partmgr - ok
22:39:58.0008 5976        PcaSvc          (3aeaa8b561e63452c655dc0584922257) C:\Windows\System32\pcasvc.dll
22:39:58.0055 5976        PcaSvc - ok
22:39:58.0102 5976        pci            (f36f6504009f2fb0dfd1b17a116ad74b) C:\Windows\system32\DRIVERS\pci.sys
22:39:58.0118 5976        pci - ok
22:39:58.0149 5976        pciide          (b5b8b5ef2e5cb34df8dcf8831e3534fa) C:\Windows\system32\DRIVERS\pciide.sys
22:39:58.0164 5976        pciide - ok
22:39:58.0196 5976        pcmcia          (b2e81d4e87ce48589f98cb8c05b01f2f) C:\Windows\system32\DRIVERS\pcmcia.sys
22:39:58.0211 5976        pcmcia - ok
22:39:58.0242 5976        pcw            (d6b9c2e1a11a3a4b26a182ffef18f603) C:\Windows\system32\drivers\pcw.sys
22:39:58.0258 5976        pcw - ok
22:39:58.0336 5976        PEAUTH          (68769c3356b3be5d1c732c97b9a80d6e) C:\Windows\system32\drivers\peauth.sys
22:39:58.0398 5976        PEAUTH - ok
22:39:58.0508 5976        PerfHost        (e495e408c93141e8fc72dc0c6046ddfa) C:\Windows\SysWow64\perfhost.exe
22:39:58.0554 5976        PerfHost - ok
22:39:58.0788 5976        pla            (557e9a86f65f0de18c9b6751dfe9d3f1) C:\Windows\system32\pla.dll
22:39:58.0913 5976        pla - ok
22:39:59.0007 5976        PlugPlay        (98b1721b8718164293b9701b98c52d77) C:\Windows\system32\umpnpmgr.dll
22:39:59.0116 5976        PlugPlay - ok
22:39:59.0147 5976        PnkBstrA - ok
22:39:59.0194 5976        PnkBstrB - ok
22:39:59.0225 5976        PNRPAutoReg    (7195581cec9bb7d12abe54036acc2e38) C:\Windows\system32\pnrpauto.dll
22:39:59.0256 5976        PNRPAutoReg - ok
22:39:59.0303 5976        PNRPsvc        (3eac4455472cc2c97107b5291e0dcafe) C:\Windows\system32\pnrpsvc.dll
22:39:59.0334 5976        PNRPsvc - ok
22:39:59.0381 5976        PolicyAgent    (166eb40d1f5b47e615de3d0fffe5f243) C:\Windows\System32\ipsecsvc.dll
22:39:59.0459 5976        PolicyAgent - ok
22:39:59.0506 5976        Power          (6ba9d927dded70bd1a9caded45f8b184) C:\Windows\system32\umpo.dll
22:39:59.0568 5976        Power - ok
22:39:59.0646 5976        PptpMiniport    (27cc19e81ba5e3403c48302127bda717) C:\Windows\system32\DRIVERS\raspptp.sys
22:39:59.0709 5976        PptpMiniport - ok
22:39:59.0756 5976        Processor      (0d922e23c041efb1c3fac2a6f943c9bf) C:\Windows\system32\DRIVERS\processr.sys
22:39:59.0802 5976        Processor - ok
22:39:59.0865 5976        ProfSvc        (97293447431311c06703368ad0f6c4be) C:\Windows\system32\profsvc.dll
22:39:59.0943 5976        ProfSvc - ok
22:39:59.0990 5976        ProtectedStorage (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:39:59.0990 5976        ProtectedStorage - ok
22:40:00.0083 5976        Psched          (ee992183bd8eaefd9973f352e587a299) C:\Windows\system32\DRIVERS\pacer.sys
22:40:00.0130 5976        Psched - ok
22:40:00.0286 5976        ql2300          (a53a15a11ebfd21077463ee2c7afeef0) C:\Windows\system32\DRIVERS\ql2300.sys
22:40:00.0364 5976        ql2300 - ok
22:40:00.0520 5976        ql40xx          (4f6d12b51de1aaeff7dc58c4d75423c8) C:\Windows\system32\DRIVERS\ql40xx.sys
22:40:00.0551 5976        ql40xx - ok
22:40:00.0598 5976        QWAVE          (906191634e99aea92c4816150bda3732) C:\Windows\system32\qwave.dll
22:40:00.0645 5976        QWAVE - ok
22:40:00.0676 5976        QWAVEdrv        (76707bb36430888d9ce9d705398adb6c) C:\Windows\system32\drivers\qwavedrv.sys
22:40:00.0707 5976        QWAVEdrv - ok
22:40:00.0707 5976        RasAcd          (5a0da8ad5762fa2d91678a8a01311704) C:\Windows\system32\DRIVERS\rasacd.sys
22:40:00.0754 5976        RasAcd - ok
22:40:00.0801 5976        RasAgileVpn    (7ecff9b22276b73f43a99a15a6094e90) C:\Windows\system32\DRIVERS\AgileVpn.sys
22:40:00.0848 5976        RasAgileVpn - ok
22:40:00.0879 5976        RasAuto        (8f26510c5383b8dbe976de1cd00fc8c7) C:\Windows\System32\rasauto.dll
22:40:00.0941 5976        RasAuto - ok
22:40:00.0972 5976        Rasl2tp        (87a6e852a22991580d6d39adc4790463) C:\Windows\system32\DRIVERS\rasl2tp.sys
22:40:01.0035 5976        Rasl2tp - ok
22:40:01.0066 5976        RasMan          (47394ed3d16d053f5906efe5ab51cc83) C:\Windows\System32\rasmans.dll
22:40:01.0144 5976        RasMan - ok
22:40:01.0175 5976        RasPppoe        (855c9b1cd4756c5e9a2aa58a15f58c25) C:\Windows\system32\DRIVERS\raspppoe.sys
22:40:01.0253 5976        RasPppoe - ok
22:40:01.0285 5976        RasSstp        (e8b1e447b008d07ff47d016c2b0eeecb) C:\Windows\system32\DRIVERS\rassstp.sys
22:40:01.0347 5976        RasSstp - ok
22:40:01.0394 5976        rdbss          (3bac8142102c15d59a87757c1d41dce5) C:\Windows\system32\DRIVERS\rdbss.sys
22:40:01.0472 5976        rdbss - ok
22:40:01.0487 5976        rdpbus          (302da2a0539f2cf54d7c6cc30c1f2d8d) C:\Windows\system32\DRIVERS\rdpbus.sys
22:40:01.0503 5976        rdpbus - ok
22:40:01.0519 5976        RDPCDD          (cea6cc257fc9b7715f1c2b4849286d24) C:\Windows\system32\DRIVERS\RDPCDD.sys
22:40:01.0565 5976        RDPCDD - ok
22:40:01.0597 5976        RDPENCDD        (bb5971a4f00659529a5c44831af22365) C:\Windows\system32\drivers\rdpencdd.sys
22:40:01.0659 5976        RDPENCDD - ok
22:40:01.0675 5976        RDPREFMP        (216f3fa57533d98e1f74ded70113177a) C:\Windows\system32\drivers\rdprefmp.sys
22:40:01.0721 5976        RDPREFMP - ok
22:40:01.0768 5976        RDPWD          (447de7e3dea39d422c1504f245b668b1) C:\Windows\system32\drivers\RDPWD.sys
22:40:01.0846 5976        RDPWD - ok
22:40:01.0893 5976        rdyboost        (634b9a2181d98f15941236886164ec8b) C:\Windows\system32\drivers\rdyboost.sys
22:40:01.0940 5976        rdyboost - ok
22:40:01.0987 5976        RemoteAccess    (254fb7a22d74e5511c73a3f6d802f192) C:\Windows\System32\mprdim.dll
22:40:02.0065 5976        RemoteAccess - ok
22:40:02.0127 5976        RemoteRegistry  (e4d94f24081440b5fc5aa556c7c62702) C:\Windows\system32\regsvc.dll
22:40:02.0205 5976        RemoteRegistry - ok
22:40:02.0267 5976        RFCOMM          (3dd798846e2c28102b922c56e71b7932) C:\Windows\system32\DRIVERS\rfcomm.sys
22:40:02.0299 5976        RFCOMM - ok
22:40:02.0408 5976        RichVideo      (f12a68ed55053940cadd59ca5e3468dd) C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
22:40:02.0470 5976        RichVideo ( UnsignedFile.Multi.Generic ) - warning
22:40:02.0470 5976        RichVideo - detected UnsignedFile.Multi.Generic (1)
22:40:02.0517 5976        RpcEptMapper    (e4dc58cf7b3ea515ae917ff0d402a7bb) C:\Windows\System32\RpcEpMap.dll
22:40:02.0579 5976        RpcEptMapper - ok
22:40:02.0611 5976        RpcLocator      (d5ba242d4cf8e384db90e6a8ed850b8c) C:\Windows\system32\locator.exe
22:40:02.0626 5976        RpcLocator - ok
22:40:02.0673 5976        RpcSs          (7266972e86890e2b30c0c322e906b027) C:\Windows\system32\rpcss.dll
22:40:02.0735 5976        RpcSs - ok
22:40:02.0813 5976        RsFx0105        (c9fe05a63c500abe3afa5786504c4d36) C:\Windows\system32\DRIVERS\RsFx0105.sys
22:40:02.0876 5976        RsFx0105 - ok
22:40:02.0907 5976        rspndr          (ddc86e4f8e7456261e637e3552e804ff) C:\Windows\system32\DRIVERS\rspndr.sys
22:40:02.0985 5976        rspndr - ok
22:40:03.0079 5976        RS_Service      (7cb9f0fdd730f4a4ecf6cde15ea12e8a) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
22:40:03.0125 5976        RS_Service - ok
22:40:03.0157 5976        SamSs          (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:40:03.0172 5976        SamSs - ok
22:40:03.0203 5976        sbp2port        (e3bbb89983daf5622c1d50cf49f28227) C:\Windows\system32\DRIVERS\sbp2port.sys
22:40:03.0219 5976        sbp2port - ok
22:40:03.0266 5976        SCardSvr        (9b7395789e3791a3b6d000fe6f8b131e) C:\Windows\System32\SCardSvr.dll
22:40:03.0344 5976        SCardSvr - ok
22:40:03.0359 5976        scfilter        (c94da20c7e3ba1dca269bc8460d98387) C:\Windows\system32\DRIVERS\scfilter.sys
22:40:03.0422 5976        scfilter - ok
22:40:03.0547 5976        Schedule        (624d0f5ff99428bb90a5b8a4123e918e) C:\Windows\system32\schedsvc.dll
22:40:03.0640 5976        Schedule - ok
22:40:03.0671 5976        SCPolicySvc    (312e2f82af11e79906898ac3e3d58a1f) C:\Windows\System32\certprop.dll
22:40:03.0718 5976        SCPolicySvc - ok
22:40:03.0749 5976        SDRSVC          (765a27c3279ce11d14cb9e4f5869fca5) C:\Windows\System32\SDRSVC.dll
22:40:03.0843 5976        SDRSVC - ok
22:40:03.0921 5976        secdrv          (3ea8a16169c26afbeb544e0e48421186) C:\Windows\system32\drivers\secdrv.sys
22:40:03.0999 5976        secdrv - ok
22:40:04.0046 5976        seclogon        (463b386ebc70f98da5dff85f7e654346) C:\Windows\system32\seclogon.dll
22:40:04.0124 5976        seclogon - ok
22:40:04.0155 5976        SENS            (c32ab8fa018ef34c0f113bd501436d21) C:\Windows\System32\sens.dll
22:40:04.0202 5976        SENS - ok
22:40:04.0217 5976        SensrSvc        (0336cffafaab87a11541f1cf1594b2b2) C:\Windows\system32\sensrsvc.dll
22:40:04.0264 5976        SensrSvc - ok
22:40:04.0280 5976        Serenum        (cb624c0035412af0debec78c41f5ca1b) C:\Windows\system32\DRIVERS\serenum.sys
22:40:04.0295 5976        Serenum - ok
22:40:04.0327 5976        Serial          (c1d8e28b2c2adfaec4ba89e9fda69bd6) C:\Windows\system32\DRIVERS\serial.sys
22:40:04.0358 5976        Serial - ok
22:40:04.0405 5976        sermouse        (1c545a7d0691cc4a027396535691c3e3) C:\Windows\system32\DRIVERS\sermouse.sys
22:40:04.0405 5976        sermouse - ok
22:40:04.0451 5976        SessionEnv      (c3bc61ce47ff6f4e88ab8a3b429a36af) C:\Windows\system32\sessenv.dll
22:40:04.0498 5976        SessionEnv - ok
22:40:04.0529 5976        sffdisk        (a554811bcd09279536440c964ae35bbf) C:\Windows\system32\drivers\sffdisk.sys
22:40:04.0592 5976        sffdisk - ok
22:40:04.0607 5976        sffp_mmc        (ff414f0baefeba59bc6c04b3db0b87bf) C:\Windows\system32\drivers\sffp_mmc.sys
22:40:04.0654 5976        sffp_mmc - ok
22:40:04.0670 5976        sffp_sd        (178298f767fe638c9fedcbdef58bb5e4) C:\Windows\system32\drivers\sffp_sd.sys
22:40:04.0717 5976        sffp_sd - ok
22:40:04.0748 5976        sfloppy        (a9d601643a1647211a1ee2ec4e433ff4) C:\Windows\system32\DRIVERS\sfloppy.sys
22:40:04.0779 5976        sfloppy - ok
22:40:04.0841 5976        SharedAccess    (b95f6501a2f8b2e78c697fec401970ce) C:\Windows\System32\ipnathlp.dll
22:40:04.0935 5976        SharedAccess - ok
22:40:04.0997 5976        ShellHWDetection (0298ac45d0efffb2db4baa7dd186e7bf) C:\Windows\System32\shsvcs.dll
22:40:05.0060 5976        ShellHWDetection - ok
22:40:05.0091 5976        SiSRaid2        (843caf1e5fde1ffd5ff768f23a51e2e1) C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:40:05.0122 5976        SiSRaid2 - ok
22:40:05.0122 5976        SiSRaid4        (6a6c106d42e9ffff8b9fcb4f754f6da4) C:\Windows\system32\DRIVERS\sisraid4.sys
22:40:05.0138 5976        SiSRaid4 - ok
22:40:05.0450 5976        Skype C2C Service (2a99850c2a6edd6c6602e822c716edaf) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
22:40:05.0575 5976        Skype C2C Service - ok
22:40:05.0699 5976        SkypeUpdate    (c70aebd3608ed9fcea2a1bae83567ffc) C:\Program Files (x86)\Skype\Updater\Updater.exe
22:40:05.0731 5976        SkypeUpdate - ok
22:40:05.0871 5976        Smb            (548260a7b8654e024dc30bf8a7c5baa4) C:\Windows\system32\DRIVERS\smb.sys
22:40:05.0949 5976        Smb - ok
22:40:05.0996 5976        SNMPTRAP        (6313f223e817cc09aa41811daa7f541d) C:\Windows\System32\snmptrap.exe
22:40:06.0027 5976        SNMPTRAP - ok
22:40:06.0058 5976        spldr          (b9e31e5cacdfe584f34f730a677803f9) C:\Windows\system32\drivers\spldr.sys
22:40:06.0074 5976        spldr - ok
22:40:06.0136 5976        Spooler        (f8e1fa03cb70d54a9892ac88b91d1e7b) C:\Windows\System32\spoolsv.exe
22:40:06.0214 5976        Spooler - ok
22:40:06.0885 5976        sppsvc          (913d843498553a1bc8f8dbad6358e49f) C:\Windows\system32\sppsvc.exe
22:40:06.0994 5976        sppsvc - ok
22:40:07.0119 5976        sppuinotify    (93d7d61317f3d4bc4f4e9f8a96a7de45) C:\Windows\system32\sppuinotify.dll
22:40:07.0166 5976        sppuinotify - ok
22:40:07.0337 5976        SQLAgent$SQLEXPRESS (45e65fb17a4cd5facbd3ca16c8334c82) c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
22:40:07.0369 5976        SQLAgent$SQLEXPRESS - ok
22:40:07.0509 5976        SQLBrowser      (10d936dced9eacd1a1b3fcdda6d7a4eb) c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
22:40:07.0540 5976        SQLBrowser - ok
22:40:07.0649 5976        SQLWriter      (f92e5f93be572b512da3c016b675ede0) c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
22:40:07.0681 5976        SQLWriter - ok
22:40:07.0774 5976        srv            (2408c0366d96bcdf63e8f1c78e4a29c5) C:\Windows\system32\DRIVERS\srv.sys
22:40:07.0837 5976        srv - ok
22:40:07.0899 5976        srv2            (76548f7b818881b47d8d1ae1be9c11f8) C:\Windows\system32\DRIVERS\srv2.sys
22:40:07.0961 5976        srv2 - ok
22:40:08.0008 5976        srvnet          (0af6e19d39c70844c5caa8fb0183c36e) C:\Windows\system32\DRIVERS\srvnet.sys
22:40:08.0055 5976        srvnet - ok
22:40:08.0102 5976        SSDPSRV        (51b52fbd583cde8aa9ba62b8b4298f33) C:\Windows\System32\ssdpsrv.dll
22:40:08.0180 5976        SSDPSRV - ok
22:40:08.0195 5976        SstpSvc        (ab7aebf58dad8daab7a6c45e6a8885cb) C:\Windows\system32\sstpsvc.dll
22:40:08.0242 5976        SstpSvc - ok
22:40:08.0320 5976        Steam Client Service - ok
22:40:08.0367 5976        stexstor        (f3817967ed533d08327dc73bc4d5542a) C:\Windows\system32\DRIVERS\stexstor.sys
22:40:08.0383 5976        stexstor - ok
22:40:08.0492 5976        stisvc          (52d0e33b681bd0f33fdc08812fee4f7d) C:\Windows\System32\wiaservc.dll
22:40:08.0523 5976        stisvc - ok
22:40:08.0539 5976        swenum          (d01ec09b6711a5f8e7e6564a4d0fbc90) C:\Windows\system32\DRIVERS\swenum.sys
22:40:08.0554 5976        swenum - ok
22:40:08.0663 5976        swprv          (e08e46fdd841b7184194011ca1955a0b) C:\Windows\System32\swprv.dll
22:40:08.0710 5976        swprv - ok
22:40:08.0788 5976        SynTP          (ce9b5a79aee330bc7e88c0441e5727bb) C:\Windows\system32\DRIVERS\SynTP.sys
22:40:08.0819 5976        SynTP - ok
22:40:09.0053 5976        SysMain        (3c1284516a62078fb68f768de4f1a7be) C:\Windows\system32\sysmain.dll
22:40:09.0147 5976        SysMain - ok
22:40:09.0256 5976        TabletInputService (238935c3cf2854886dc7cbb2a0e2cc66) C:\Windows\System32\TabSvc.dll
22:40:09.0303 5976        TabletInputService - ok
22:40:09.0350 5976        TapiSrv        (884264ac597b690c5707c89723bb8e7b) C:\Windows\System32\tapisrv.dll
22:40:09.0412 5976        TapiSrv - ok
22:40:09.0428 5976        TBS            (1be03ac720f4d302ea01d40f588162f6) C:\Windows\System32\tbssvc.dll
22:40:09.0490 5976        TBS - ok
22:40:09.0693 5976        Tcpip          (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\drivers\tcpip.sys
22:40:09.0818 5976        Tcpip - ok
22:40:10.0099 5976        TCPIP6          (624c5b3aa4c99b3184bb922d9ece3ff0) C:\Windows\system32\DRIVERS\tcpip.sys
22:40:10.0161 5976        TCPIP6 - ok
22:40:10.0239 5976        tcpipreg        (76d078af6f587b162d50210f761eb9ed) C:\Windows\system32\drivers\tcpipreg.sys
22:40:10.0301 5976        tcpipreg - ok
22:40:10.0317 5976        TDPIPE          (3371d21011695b16333a3934340c4e7c) C:\Windows\system32\drivers\tdpipe.sys
22:40:10.0411 5976        TDPIPE - ok
22:40:10.0442 5976        TDTCP          (7518f7bcfd4b308abc9192bacaf6c970) C:\Windows\system32\drivers\tdtcp.sys
22:40:10.0489 5976        TDTCP - ok
22:40:10.0520 5976        tdx            (079125c4b17b01fcaeebce0bcb290c0f) C:\Windows\system32\DRIVERS\tdx.sys
22:40:10.0598 5976        tdx - ok
22:40:10.0629 5976        TermDD          (c448651339196c0e869a355171875522) C:\Windows\system32\DRIVERS\termdd.sys
22:40:10.0629 5976        TermDD - ok
22:40:10.0738 5976        TermService    (0f05ec2887bfe197ad82a13287d2f404) C:\Windows\System32\termsrv.dll
22:40:10.0816 5976        TermService - ok
22:40:10.0847 5976        Themes          (f0344071948d1a1fa732231785a0664c) C:\Windows\system32\themeservice.dll
22:40:10.0894 5976        Themes - ok
22:40:10.0910 5976        THREADORDER    (e40e80d0304a73e8d269f7141d77250b) C:\Windows\system32\mmcss.dll
22:40:10.0972 5976        THREADORDER - ok
22:40:10.0988 5976        TrkWks          (7e7afd841694f6ac397e99d75cead49d) C:\Windows\System32\trkwks.dll
22:40:11.0050 5976        TrkWks - ok
22:40:11.0128 5976        TrustedInstaller (840f7fb849f5887a49ba18c13b2da920) C:\Windows\servicing\TrustedInstaller.exe
22:40:11.0175 5976        TrustedInstaller - ok
22:40:11.0191 5976        tssecsrv        (61b96c26131e37b24e93327a0bd1fb95) C:\Windows\system32\DRIVERS\tssecsrv.sys
22:40:11.0237 5976        tssecsrv - ok
22:40:11.0269 5976        tunnel          (3836171a2cdf3af8ef10856db9835a70) C:\Windows\system32\DRIVERS\tunnel.sys
22:40:11.0347 5976        tunnel - ok
22:40:11.0378 5976        uagp35          (b4dd609bd7e282bfc683cec7eaaaad67) C:\Windows\system32\DRIVERS\uagp35.sys
22:40:11.0393 5976        uagp35 - ok
22:40:11.0409 5976        UBHelper        (2e22c1fd397a5a9ffef55e9d1fc96c00) C:\Windows\system32\drivers\UBHelper.sys
22:40:11.0425 5976        UBHelper - ok
22:40:11.0456 5976        udfs            (d47baead86c65d4f4069d7ce0a4edceb) C:\Windows\system32\DRIVERS\udfs.sys
22:40:11.0549 5976        udfs - ok
22:40:11.0581 5976        UI0Detect      (3cbdec8d06b9968aba702eba076364a1) C:\Windows\system32\UI0Detect.exe
22:40:11.0596 5976        UI0Detect - ok
22:40:11.0643 5976        uliagpkx        (4bfe1bc28391222894cbf1e7d0e42320) C:\Windows\system32\DRIVERS\uliagpkx.sys
22:40:11.0659 5976        uliagpkx - ok
22:40:11.0690 5976        umbus          (eab6c35e62b1b0db0d1b48b671d3a117) C:\Windows\system32\DRIVERS\umbus.sys
22:40:11.0737 5976        umbus - ok
22:40:11.0783 5976        UmPass          (b2e8e8cb557b156da5493bbddcc1474d) C:\Windows\system32\DRIVERS\umpass.sys
22:40:11.0799 5976        UmPass - ok
22:40:12.0049 5976        UNS            (41118d920b2b268c0adc36421248cdcf) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:40:12.0158 5976        UNS ( UnsignedFile.Multi.Generic ) - warning
22:40:12.0158 5976        UNS - detected UnsignedFile.Multi.Generic (1)
22:40:12.0251 5976        Updater Service (f9ec9acd504d823d9b9ca98a4f8d3ca2) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
22:40:12.0298 5976        Updater Service - ok
22:40:12.0454 5976        upnphost        (d47ec6a8e81633dd18d2436b19baf6de) C:\Windows\System32\upnphost.dll
22:40:12.0548 5976        upnphost - ok
22:40:12.0626 5976        usbaudio        (77b01bc848298223a95d4ec23e1785a1) C:\Windows\system32\drivers\usbaudio.sys
22:40:12.0657 5976        usbaudio - ok
22:40:12.0704 5976        usbccgp        (537a4e03d7103c12d42dfd8ffdb5bdc9) C:\Windows\system32\DRIVERS\usbccgp.sys
22:40:12.0751 5976        usbccgp - ok
22:40:12.0813 5976        usbcir          (af0892a803fdda7492f595368e3b68e7) C:\Windows\system32\DRIVERS\usbcir.sys
22:40:12.0829 5976        usbcir - ok
22:40:12.0860 5976        usbehci        (fbb21ebe49f6d560db37ac25fbc68e66) C:\Windows\system32\drivers\usbehci.sys
22:40:12.0875 5976        usbehci - ok
22:40:12.0938 5976        usbhub          (6b7a8a99c4a459e73c286a6763ea24cc) C:\Windows\system32\DRIVERS\usbhub.sys
22:40:12.0953 5976        usbhub - ok
22:40:13.0000 5976        usbohci        (8c88aa7617b4cbc2e4bed61d26b33a27) C:\Windows\system32\drivers\usbohci.sys
22:40:13.0000 5976        usbohci - ok
22:40:13.0031 5976        usbprint        (73188f58fb384e75c4063d29413cee3d) C:\Windows\system32\DRIVERS\usbprint.sys
22:40:13.0078 5976        usbprint - ok
22:40:13.0109 5976        USBSTOR        (f39983647bc1f3e6100778ddfe9dce29) C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:40:13.0187 5976        USBSTOR - ok
22:40:13.0219 5976        usbuhci        (0b5b3b2df3fd1709618acfa50b8392b0) C:\Windows\system32\drivers\usbuhci.sys
22:40:13.0250 5976        usbuhci - ok
22:40:13.0312 5976        usbvideo        (7cb8c573c6e4a2714402cc0a36eab4fe) C:\Windows\System32\Drivers\usbvideo.sys
22:40:13.0375 5976        usbvideo - ok
22:40:13.0406 5976        UxSms          (edbb23cbcf2cdf727d64ff9b51a6070e) C:\Windows\System32\uxsms.dll
22:40:13.0453 5976        UxSms - ok
22:40:13.0484 5976        VaultSvc        (156f6159457d0aa7e59b62681b56eb90) C:\Windows\system32\lsass.exe
22:40:13.0515 5976        VaultSvc - ok
22:40:13.0546 5976        vdrvroot        (c5c876ccfc083ff3b128f933823e87bd) C:\Windows\system32\DRIVERS\vdrvroot.sys
22:40:13.0562 5976        vdrvroot - ok
22:40:13.0609 5976        vds            (44d73e0bbc1d3c8981304ba15135c2f2) C:\Windows\System32\vds.exe
22:40:13.0655 5976        vds - ok
22:40:13.0671 5976        vga            (da4da3f5e02943c2dc8c6ed875de68dd) C:\Windows\system32\DRIVERS\vgapnp.sys
22:40:13.0702 5976        vga - ok
22:40:13.0718 5976        VgaSave        (53e92a310193cb3c03bea963de7d9cfc) C:\Windows\System32\drivers\vga.sys
22:40:13.0780 5976        VgaSave - ok
22:40:13.0796 5976        vhdmp          (c82e748660f62a242b2dfac1442f22a4) C:\Windows\system32\DRIVERS\vhdmp.sys
22:40:13.0811 5976        vhdmp - ok
22:40:13.0843 5976        viaide          (e5689d93ffe4e5d66c0178761240dd54) C:\Windows\system32\DRIVERS\viaide.sys
22:40:13.0858 5976        viaide - ok
22:40:13.0874 5976        volmgr          (2b1a3dae2b4e70dbba822b7a03fbd4a3) C:\Windows\system32\DRIVERS\volmgr.sys
22:40:13.0889 5976        volmgr - ok
22:40:13.0936 5976        volmgrx        (99b0cbb569ca79acaed8c91461d765fb) C:\Windows\system32\drivers\volmgrx.sys
22:40:13.0952 5976        volmgrx - ok
22:40:13.0983 5976        volsnap        (58f82eed8ca24b461441f9c3e4f0bf5c) C:\Windows\system32\DRIVERS\volsnap.sys
22:40:14.0014 5976        volsnap - ok
22:40:14.0045 5976        vsmraid        (5e2016ea6ebaca03c04feac5f330d997) C:\Windows\system32\DRIVERS\vsmraid.sys
22:40:14.0077 5976        vsmraid - ok
22:40:14.0233 5976        VSS            (787898bf9fb6d7bd87a36e2d95c899ba) C:\Windows\system32\vssvc.exe
22:40:14.0326 5976        VSS - ok
22:40:14.0467 5976        vwifibus        (36d4720b72b5c5d9cb2b9c29e9df67a1) C:\Windows\system32\DRIVERS\vwifibus.sys
22:40:14.0482 5976        vwifibus - ok
22:40:14.0513 5976        vwififlt        (6a3d66263414ff0d6fa754c646612f3f) C:\Windows\system32\DRIVERS\vwififlt.sys
22:40:14.0545 5976        vwififlt - ok
22:40:14.0623 5976        W32Time        (1c9d80cc3849b3788048078c26486e1a) C:\Windows\system32\w32time.dll
22:40:14.0701 5976        W32Time - ok
22:40:14.0732 5976        WacomPen        (4e9440f4f152a7b944cb1663d3935a3e) C:\Windows\system32\DRIVERS\wacompen.sys
22:40:14.0779 5976        WacomPen - ok
22:40:14.0841 5976        WANARP          (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
22:40:14.0903 5976        WANARP - ok
22:40:14.0903 5976        Wanarpv6        (47ca49400643effd3f1c9a27e1d69324) C:\Windows\system32\DRIVERS\wanarp.sys
22:40:14.0950 5976        Wanarpv6 - ok
22:40:15.0137 5976        wbengine        (5ab1bb85bd8b5089cc5d64200dedae68) C:\Windows\system32\wbengine.exe
22:40:15.0247 5976        wbengine - ok
22:40:15.0403 5976        WbioSrvc        (3aa101e8edab2db4131333f4325c76a3) C:\Windows\System32\wbiosrvc.dll
22:40:15.0434 5976        WbioSrvc - ok
22:40:15.0496 5976        wcncsvc        (dd1bae8ebfc653824d29ccf8c9054d68) C:\Windows\System32\wcncsvc.dll
22:40:15.0590 5976        wcncsvc - ok
22:40:15.0605 5976        WcsPlugInService (20f7441334b18cee52027661df4a6129) C:\Windows\System32\WcsPlugInService.dll
22:40:15.0652 5976        WcsPlugInService - ok
22:40:15.0699 5976        Wd              (72889e16ff12ba0f235467d6091b17dc) C:\Windows\system32\DRIVERS\wd.sys
22:40:15.0715 5976        Wd - ok
22:40:15.0777 5976        Wdf01000        (441bd2d7b4f98134c3a4f9fa570fd250) C:\Windows\system32\drivers\Wdf01000.sys
22:40:15.0839 5976        Wdf01000 - ok
22:40:15.0886 5976        WdiServiceHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:40:15.0917 5976        WdiServiceHost - ok
22:40:15.0917 5976        WdiSystemHost  (bf1fc3f79b863c914687a737c2f3d681) C:\Windows\system32\wdi.dll
22:40:15.0949 5976        WdiSystemHost - ok
22:40:16.0011 5976        WebClient      (733006127f235be7c35354ebee7b9a7b) C:\Windows\System32\webclnt.dll
22:40:16.0073 5976        WebClient - ok
22:40:16.0120 5976        Wecsvc          (c749025a679c5103e575e3b48e092c43) C:\Windows\system32\wecsvc.dll
22:40:16.0183 5976        Wecsvc - ok
22:40:16.0214 5976        wercplsupport  (7e591867422dc788b9e5bd337a669a08) C:\Windows\System32\wercplsupport.dll
22:40:16.0276 5976        wercplsupport - ok
22:40:16.0307 5976        WerSvc          (6d137963730144698cbd10f202e9f251) C:\Windows\System32\WerSvc.dll
22:40:16.0370 5976        WerSvc - ok
22:40:16.0448 5976        WfpLwf          (611b23304bf067451a9fdee01fbdd725) C:\Windows\system32\DRIVERS\wfplwf.sys
22:40:16.0510 5976        WfpLwf - ok
22:40:16.0526 5976        WIMMount        (05ecaec3e4529a7153b3136ceb49f0ec) C:\Windows\system32\drivers\wimmount.sys
22:40:16.0541 5976        WIMMount - ok
22:40:16.0588 5976        WinDefend - ok
22:40:16.0588 5976        WinHttpAutoProxySvc - ok
22:40:16.0682 5976        Winmgmt        (19b07e7e8915d701225da41cb3877306) C:\Windows\system32\wbem\WMIsvc.dll
22:40:16.0775 5976        Winmgmt - ok
22:40:16.0963 5976        WinRM          (41fbb751936b387f9179e7f03a74fe29) C:\Windows\system32\WsmSvc.dll
22:40:17.0103 5976        WinRM - ok
22:40:17.0290 5976        WinUsb          (817eaff5d38674edd7713b9dfb8e9791) C:\Windows\system32\DRIVERS\WinUsb.sys
22:40:17.0306 5976        WinUsb - ok
22:40:17.0493 5976        Wlansvc        (4fada86e62f18a1b2f42ba18ae24e6aa) C:\Windows\System32\wlansvc.dll
22:40:17.0555 5976        Wlansvc - ok
22:40:17.0633 5976        wlcrasvc        (06c8fa1cf39de6a735b54d906ba791c6) C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
22:40:17.0649 5976        wlcrasvc - ok
22:40:17.0930 5976        wlidsvc        (2bacd71123f42cea603f4e205e1ae337) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
22:40:18.0039 5976        wlidsvc - ok
22:40:18.0164 5976        WmiAcpi        (f6ff8944478594d0e414d3f048f0d778) C:\Windows\system32\DRIVERS\wmiacpi.sys
22:40:18.0195 5976        WmiAcpi - ok
22:40:18.0273 5976        wmiApSrv        (38b84c94c5a8af291adfea478ae54f93) C:\Windows\system32\wbem\WmiApSrv.exe
22:40:18.0335 5976        wmiApSrv - ok
22:40:18.0382 5976        WMPNetworkSvc - ok
22:40:18.0413 5976        WPCSvc          (96c6e7100d724c69fcf9e7bf590d1dca) C:\Windows\System32\wpcsvc.dll
22:40:18.0445 5976        WPCSvc - ok
22:40:18.0491 5976        WPDBusEnum      (2e57ddf2880a7e52e76f41c7e96d327b) C:\Windows\system32\wpdbusenum.dll
22:40:18.0554 5976        WPDBusEnum - ok
22:40:18.0585 5976        ws2ifsl        (6bcc1d7d2fd2453957c5479a32364e52) C:\Windows\system32\drivers\ws2ifsl.sys
22:40:18.0632 5976        ws2ifsl - ok
22:40:18.0663 5976        wscsvc          (8f9f3969933c02da96eb0f84576db43e) C:\Windows\System32\wscsvc.dll
22:40:18.0725 5976        wscsvc - ok
22:40:18.0741 5976        WSearch - ok
22:40:18.0975 5976        wuauserv        (d9ef901dca379cfe914e9fa13b73b4c4) C:\Windows\system32\wuaueng.dll
22:40:19.0084 5976        wuauserv - ok
22:40:19.0256 5976        WudfPf          (7cadc74271dd6461c452c271b30bd378) C:\Windows\system32\drivers\WudfPf.sys
22:40:19.0303 5976        WudfPf - ok
22:40:19.0349 5976        WUDFRd          (3b197af0fff08aa66b6b2241ca538d64) C:\Windows\system32\DRIVERS\WUDFRd.sys
22:40:19.0412 5976        WUDFRd - ok
22:40:19.0443 5976        wudfsvc        (b551d6637aa0e132c18ac6e504f7b79b) C:\Windows\System32\WUDFSvc.dll
22:40:19.0552 5976        wudfsvc - ok
22:40:19.0615 5976        WwanSvc        (9a3452b3c2a46c073166c5cf49fad1ae) C:\Windows\System32\wwansvc.dll
22:40:19.0661 5976        WwanSvc - ok
22:40:19.0739 5976        MBR (0x1B8)    (a36c5e4f47e84449ff07ed3517b43a31) \Device\Harddisk0\DR0
22:40:20.0207 5976        \Device\Harddisk0\DR0 - ok
22:40:20.0207 5976        Boot (0x1200)  (44101f44101f000ab99cf92604fb59f8) \Device\Harddisk0\DR0\Partition0
22:40:20.0223 5976        \Device\Harddisk0\DR0\Partition0 - ok
22:40:20.0239 5976        Boot (0x1200)  (d2135d601e3b41ed543901ad0b93fc55) \Device\Harddisk0\DR0\Partition1
22:40:20.0254 5976        \Device\Harddisk0\DR0\Partition1 - ok
22:40:20.0270 5976        Boot (0x1200)  (4b7bd285c2dcf71fc0388f5031b55066) \Device\Harddisk0\DR0\Partition2
22:40:20.0270 5976        \Device\Harddisk0\DR0\Partition2 - ok
22:40:20.0270 5976        ============================================================
22:40:20.0270 5976        Scan finished
22:40:20.0270 5976        ============================================================
22:40:20.0285 6868        Detected object count: 6
22:40:20.0285 6868        Actual detected object count: 6
22:40:32.0500 6868        Akamai ( HiddenFile.Multi.Generic ) - skipped by user
22:40:32.0500 6868        Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
22:40:32.0500 6868        IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
22:40:32.0500 6868        IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:40:32.0500 6868        LMS ( UnsignedFile.Multi.Generic ) - skipped by user
22:40:32.0500 6868        LMS ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:40:32.0500 6868        NTI IScheduleSvc ( UnsignedFile.Multi.Generic ) - skipped by user
22:40:32.0500 6868        NTI IScheduleSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:40:32.0516 6868        RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
22:40:32.0516 6868        RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
22:40:32.0516 6868        UNS ( UnsignedFile.Multi.Generic ) - skipped by user
22:40:32.0516 6868        UNS ( UnsignedFile.Multi.Generic ) - User select action: Skip
Gruß Christian

cosinus 13.07.2012 22:11
Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.

ChrissCross6 14.07.2012 13:25
Hey,

super, danke :) habe ComboFix ausgeführt und die Fehlermeldung beim Starten des Pc's ist jetzt weg. Hier ist die Log Datei von ComboFix:

Code:
ComboFix 12-07-13.03 - Home 14.07.2012  12:36:18.1.4 - x64
Microsoft Windows 7 Home Premium  6.1.7600.0.1252.49.1031.18.3767.2090 [GMT 2:00]
ausgeführt von:: c:\users\Home\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ctfmon.lnk
c:\users\Public\Documents\NTILiveUpdate.dll
.
.
(((((((((((((((((((((((  Dateien erstellt von 2012-06-14 bis 2012-07-14  ))))))))))))))))))))))))))))))
.
.
2012-07-14 10:50 . 2012-07-14 10:50        --------        d-----w-        c:\users\Internet\AppData\Local\temp
2012-07-14 10:50 . 2012-07-14 10:50        --------        d-----w-        c:\users\Default\AppData\Local\temp
2012-07-14 10:42 . 2012-07-14 10:42        69000        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{2066B171-EC4F-4619-A36D-9D4A3C18880E}\offreg.dll
2012-07-13 10:06 . 2012-05-31 04:04        9013136        ----a-w-        c:\programdata\Microsoft\Windows Defender\Definition Updates\{2066B171-EC4F-4619-A36D-9D4A3C18880E}\mpengine.dll
2012-07-13 09:24 . 2012-07-13 09:24        --------        d-----w-        C:\_OTL
2012-07-12 01:14 . 2012-06-12 03:02        3147264        ----a-w-        c:\windows\system32\win32k.sys
2012-07-11 16:36 . 2012-06-06 05:50        2003968        ----a-w-        c:\windows\system32\msxml6.dll
2012-07-11 16:36 . 2012-06-06 05:50        1880064        ----a-w-        c:\windows\system32\msxml3.dll
2012-07-11 16:36 . 2012-06-06 05:09        1389568        ----a-w-        c:\windows\SysWow64\msxml6.dll
2012-07-11 16:36 . 2012-06-06 05:09        1236992        ----a-w-        c:\windows\SysWow64\msxml3.dll
2012-07-11 16:35 . 2012-06-02 05:38        95088        ----a-w-        c:\windows\system32\drivers\ksecdd.sys
2012-07-11 16:35 . 2012-06-02 05:38        152432        ----a-w-        c:\windows\system32\drivers\ksecpkg.sys
2012-07-11 16:35 . 2012-06-02 05:37        459216        ----a-w-        c:\windows\system32\drivers\cng.sys
2012-07-11 16:35 . 2012-06-02 05:27        340992        ----a-w-        c:\windows\system32\schannel.dll
2012-07-11 16:35 . 2012-06-02 05:27        307200        ----a-w-        c:\windows\system32\ncrypt.dll
2012-07-11 16:35 . 2012-06-02 04:48        225280        ----a-w-        c:\windows\SysWow64\schannel.dll
2012-07-11 16:35 . 2012-06-02 04:47        219136        ----a-w-        c:\windows\SysWow64\ncrypt.dll
2012-07-11 16:35 . 2012-06-02 04:48        22016        ----a-w-        c:\windows\SysWow64\secur32.dll
2012-07-11 16:35 . 2012-06-02 04:42        96768        ----a-w-        c:\windows\SysWow64\sspicli.dll
2012-07-11 16:35 . 2012-06-06 05:50        1425408        ----a-w-        c:\program files\Common Files\System\ado\msado15.dll
2012-07-11 16:35 . 2012-06-06 05:09        987136        ----a-w-        c:\program files (x86)\Common Files\System\ado\msado15.dll
2012-07-07 15:25 . 2012-07-07 15:28        --------        d-----w-        c:\users\Home\AppData\Roaming\Red Alert 3
2012-07-06 15:17 . 2012-07-06 15:17        --------        d-----w-        c:\program files (x86)\ESET
2012-07-04 13:53 . 2012-07-04 13:53        --------        d-----w-        c:\users\Home\AppData\Roaming\Malwarebytes
2012-07-04 13:51 . 2012-07-04 13:51        --------        d-----w-        c:\programdata\Malwarebytes
2012-07-04 13:51 . 2012-07-04 13:51        --------        d-----w-        c:\program files (x86)\Malwarebytes' Anti-Malware
2012-07-04 13:51 . 2012-04-04 13:56        24904        ----a-w-        c:\windows\system32\drivers\mbam.sys
2012-06-28 11:22 . 2012-06-28 11:22        --------        d-----w-        c:\program files (x86)\LogMeIn Hamachi
2012-06-19 15:35 . 2012-06-19 15:35        4967624        ----a-w-        c:\program files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\components\SkypeFfComponent.dll
2012-06-19 11:51 . 2012-06-19 11:51        --------        d-----w-        c:\program files (x86)\MozBackup
2012-06-19 09:43 . 2012-07-11 20:34        70344        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-06-19 09:43 . 2012-07-11 20:34        426184        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2012-06-19 08:51 . 2012-06-02 22:19        2428952        ----a-w-        c:\windows\system32\wuaueng.dll
2012-06-19 08:51 . 2012-06-02 22:19        57880        ----a-w-        c:\windows\system32\wuauclt.exe
2012-06-19 08:51 . 2012-06-02 22:19        44056        ----a-w-        c:\windows\system32\wups2.dll
2012-06-19 08:51 . 2012-06-02 22:15        2622464        ----a-w-        c:\windows\system32\wucltux.dll
2012-06-19 08:50 . 2012-06-02 22:19        38424        ----a-w-        c:\windows\system32\wups.dll
2012-06-19 08:50 . 2012-06-02 22:19        701976        ----a-w-        c:\windows\system32\wuapi.dll
2012-06-19 08:50 . 2012-06-02 22:15        99840        ----a-w-        c:\windows\system32\wudriver.dll
2012-06-19 08:50 . 2012-06-02 13:19        186752        ----a-w-        c:\windows\system32\wuwebv.dll
2012-06-19 08:50 . 2012-06-02 13:15        36864        ----a-w-        c:\windows\system32\wuapp.exe
2012-06-18 10:25 . 2012-06-18 10:25        --------        d-----w-        c:\users\Home\AppData\Local\Macromedia
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-05-21 15:46 . 2011-02-16 16:58        107832        ----a-w-        c:\windows\SysWow64\PnkBstrB.exe
2012-05-21 15:45 . 2011-02-16 16:58        66872        ----a-w-        c:\windows\SysWow64\PnkBstrA.exe
2012-05-21 15:45 . 2011-02-16 16:58        2250024        ----a-w-        c:\windows\SysWow64\pbsvc.exe
2012-05-13 18:02 . 2011-07-03 17:22        280736        ----a-w-        c:\windows\SysWow64\PnkBstrB.xtr
2012-05-13 17:59 . 2011-02-16 16:58        215128        ----a-w-        c:\windows\SysWow64\PnkBstrB.ex0
2012-05-08 11:35 . 2012-01-09 15:27        98848        ----a-w-        c:\windows\system32\drivers\avgntflt.sys
2012-05-08 11:35 . 2012-01-09 15:27        132832        ----a-w-        c:\windows\system32\drivers\avipbb.sys
2012-05-04 10:52 . 2012-06-13 17:00        5505392        ----a-w-        c:\windows\system32\ntoskrnl.exe
2012-05-04 10:08 . 2012-06-13 17:00        3958128        ----a-w-        c:\windows\SysWow64\ntkrnlpa.exe
2012-05-04 10:08 . 2012-06-13 17:00        3902320        ----a-w-        c:\windows\SysWow64\ntoskrnl.exe
2012-05-03 02:54 . 2012-05-03 02:54        42392        ----a-w-        c:\windows\SysWow64\xfcodec.dll
2012-05-03 02:54 . 2012-05-03 02:54        28056        ----a-w-        c:\windows\system32\xfcodec64.dll
2012-05-02 05:32 . 2012-06-13 17:00        208896        ----a-w-        c:\windows\system32\profsvc.dll
2012-04-28 03:50 . 2012-06-13 17:00        204800        ----a-w-        c:\windows\system32\drivers\rdpwd.sys
2012-04-26 05:34 . 2012-06-13 17:00        76288        ----a-w-        c:\windows\system32\rdpwsx.dll
2012-04-26 05:34 . 2012-06-13 17:00        149504        ----a-w-        c:\windows\system32\rdpcorekmts.dll
2012-04-26 05:28 . 2012-06-13 17:00        9216        ----a-w-        c:\windows\system32\rdrmemptylst.exe
2012-04-24 05:59 . 2012-06-13 17:00        182272        ----a-w-        c:\windows\system32\cryptsvc.dll
2012-04-24 05:59 . 2012-06-13 17:00        1460224        ----a-w-        c:\windows\system32\crypt32.dll
2012-04-24 05:59 . 2012-06-13 17:00        140288        ----a-w-        c:\windows\system32\cryptnet.dll
2012-04-24 04:47 . 2012-06-13 17:00        139264        ----a-w-        c:\windows\SysWow64\cryptsvc.dll
2012-04-24 04:47 . 2012-06-13 17:00        103936        ----a-w-        c:\windows\SysWow64\cryptnet.dll
2012-04-24 04:47 . 2012-06-13 17:00        1156608        ----a-w-        c:\windows\SysWow64\crypt32.dll
2011-12-07 09:41 . 2011-12-08 12:42        3539040        ----a-w-        c:\program files\Alwil Softw
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20        64792        ----a-w-        c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20        64792        ----a-w-        c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20        64792        ----a-w-        c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20        64792        ----a-w-        c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20        64792        ----a-w-        c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20        64792        ----a-w-        c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20        64792        ----a-w-        c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20        64792        ----a-w-        c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20        64792        ----a-w-        c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-04-17 05:55        120176        ----a-w-        c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="c:\program files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-05-14 39408]
"Steam"="a:\spiele\Steam\steam.exe" [2011-08-11 1242448]
"Akamai NetSession Interface"="c:\users\Home\AppData\Local\Akamai\netsession_win.exe" [2012-05-26 4327744]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2012-06-05 17344176]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-04-17 337264]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-03-11 201584]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-11 407920]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-03-08 260608]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-03-03 1300560]
"MDS_Menu"="c:\program files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" [2009-05-19 222504]
"ArcadeMovieService"="c:\program files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe" [2010-04-23 124136]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-03 843712]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-05-24 336384]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2012-05-08 348624]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2011-11-01 59240]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
"Malwarebytes' Anti-Malware"="c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-04-04 462408]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2010-5-14 704032]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-3-26 1125152]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages        REG_MULTI_SZ          kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe [2012-02-10 193816]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 gupdate;Google Update Service (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-13 135664]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-06-19 3048136]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-06-05 160944]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-11 250056]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-03-05 335400]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-03-01 39464]
R3 dump_wmimmc;dump_wmimmc;c:\program files\eFusion\BlackShot\system\GameGuard\dump_wmimmc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]
R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-13 135664]
R3 Mkd2Bthf;Mkd2Bthf;c:\windows\system32\drivers\Mkd2Bthf.sys [2010-03-08 97368]
R3 Mkd2Nadr;Mkd2Nadr;c:\windows\system32\drivers\Mkd2Nadr.sys [2010-11-19 107096]
R3 Mkd3kfNt;Mkd3kfNt;c:\windows\system32\drivers\Mkd3kfNt.sys [2010-09-13 182872]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-06-14 113120]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-04-17 305520]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des [x]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-06 50432]
R4 MSSQLServerADHelper100;SQL Server Hilfsdienst für Active Directory;c:\program files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [2009-07-21 61976]
R4 RsFx0105;RsFx0105 Driver;c:\windows\system32\DRIVERS\RsFx0105.sys [2011-09-22 311144]
R4 SQLAgent$SQLEXPRESS;SQL Server-Agent (SQLEXPRESS);c:\program files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2011-09-22 431464]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-22 57184]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys [2011-12-15 27760]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2011-08-22 254528]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-04-20 202752]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [2012-05-08 86224]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-03-03 325200]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2010-04-23 820768]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-06-27 2369960]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-04-04 654408]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-03-08 250368]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-06 144640]
S2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-04-22 171040]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-29 260640]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-28 243232]
S3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atipmdag.sys [2010-04-21 6406144]
S3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [2010-04-20 188928]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe [2012-02-10 240408]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2010-04-20 10322848]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2009-12-22 74280]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-04-04 24904]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Akamai        REG_MULTI_SZ          Akamai
.
Inhalt des "geplante Tasks" Ordners
.
2012-07-14 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-19 20:34]
.
2012-07-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-13 13:35]
.
2012-07-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-01-13 13:35]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20        75544        ----a-w-        c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20        75544        ----a-w-        c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20        75544        ----a-w-        c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20        75544        ----a-w-        c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20        75544        ----a-w-        c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20        75544        ----a-w-        c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20        75544        ----a-w-        c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20        75544        ----a-w-        c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 08:20        75544        ----a-w-        c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-04-17 05:58        137584        ----a-w-        c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
"ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2010-04-22 223264]
"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-04-17 349552]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-04-20 166424]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-04-20 391192]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-04-20 413720]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-01-13 206208]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2010-04-23 496160]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5820tg&r=27360111t516l0453z115t6611k53o
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\Home\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\Home\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm
TCP: DhcpNameServer = 192.168.0.1
FF - ProfilePath - c:\users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\k2e0147e.default\
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://www.google.de/
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-Age of Conan_is1 - c:\program files (x86)\Funcom\Age of Conan\unins000.exe
AddRemove-FUSSBALL MANAGER 11 DEMO - a:\spiele\FM11Demo\eauninstall.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
AddRemove-Steam App 10530 - c:\program files (x86)\Steam\steam.exe
AddRemove-Steam App 20510 - c:\program files (x86)\Steam\steam.exe
AddRemove-Steam App 550 - c:\program files (x86)\Steam\steam.exe
AddRemove-Steam App 91600 - c:\program files (x86)\Steam\steam.exe
AddRemove-TalonRO_is1 - c:\spiele\TalonRO\RO\unins000.exe
AddRemove-Winter Sports 2011_is1 - c:\program files (x86)\Winter Sports 2011\unins000.exe
AddRemove-{195C3D8C-1468-42F9-B169-110E79062D62}_is1 - a:\spiele\Godlike-RO\unins000.exe
AddRemove-{1E05CF2E-BF5F-4A43-9147-2CCBBE57BC3C}_is1 - c:\program files (x86)\Mein Gutscheincode Finder\unins000.exe
AddRemove-{980A182F-E0A2-4A40-94C1-AE0C1235902E} - c:\program files (x86)\Pando Networks\Media Booster\uninst.exe
AddRemove-bet365casino - c:\casino\Casino at bet365\_SetupCasino_a616b8.exe
AddRemove-OldschoolRO - a:\spiele\RO - Kopie\Uninstal.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_4f7fccd.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-907013825-1055173690-614559143-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-907013825-1055173690-614559143-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-907013825-1055173690-614559143-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:1f,a2,26,c1,c3,02,4f,29,5c,17,0c,3b,4c,b6,65,b6,ea,d6,a5,41,06,14,1d,
  f7,05,c3,c7,20,79,11,98,da,ac,a6,dc,76,f2,e6,d0,9d,5e,66,72,59,51,91,fb,00,\
"??"=hex:a1,5e,47,db,25,65,bb,27,8b,92,55,34,10,3f,d9,49
.
[HKEY_USERS\S-1-5-21-907013825-1055173690-614559143-1001\Software\SecuROM\License information*]
"datasecu"=hex:b5,98,b5,b6,7c,f0,00,dc,af,4f,c3,03,4c,b0,87,cd,a2,96,d8,90,16,
  ec,f0,8c,34,68,59,d3,6e,2d,b2,b8,7d,97,ec,d1,7d,8e,46,15,a3,e6,4d,1c,0c,2b,\
"rkeysecu"=hex:22,73,f5,fc,76,ca,35,b2,2e,50,da,5b,ad,a8,8f,46
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
  00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-07-14  13:15:18
ComboFix-quarantined-files.txt  2012-07-14 11:15
.
Vor Suchlauf: 21 Verzeichnis(se), 78.162.345.984 Bytes frei
Nach Suchlauf: 26 Verzeichnis(se), 77.645.312.000 Bytes frei
.
- - End Of File - - 2D789F75D9B98ED3C0F6A67A721DF274
Gruß Christian

cosinus 14.07.2012 15:23
Bitte nun Logs mit GMER und OSAM erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim 2. Mal nicht will, lass es einfach weg und führ nur OSAM aus - die Online-Abfrage durch OSAM bitte überspringen.
Bei OSAM bitte darauf auch achten, dass Du das Log auch als *.log und nicht *.html oder so abspeicherst.

Hinweis: Zum Entpacken von OSAM bitte WinRAR oder 7zip verwenden! Stell auch unbedingt den Virenscanner ab, besonders der Scanner von McAfee meldet oft einen Fehalarm in OSAM!

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).



Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

ChrissCross6 16.07.2012 13:15
Hey,

sorry hat ein bisschen länger gedauert hatte noch eine Prüfung. :)
Hier sind die Logs:

GMER:
Code:
GMER 1.0.15.15641 - hxxp://www.gmer.net
Rootkit scan 2012-07-16 14:10:22
Windows 6.1.7600 
Running: sq5pcnsy.exe


---- Registry - GMER 1.0.15 ----

Reg  HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\506313b8238d                     
Reg  HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\506313b8238d (not active ControlSet) 

---- EOF - GMER 1.0.15 ----
OSAM:

Code:
Report of OSAM: Autorun Manager v5.0.11926.0
hxxp://www.online-solutions.ru/en/
Saved at 13:18:36 on 16.07.2012

OS: Windows 7 Home Premium Edition (Build 7600), 64-bit
Default Browser: Mozilla Corporation Firefox 13.0.1

Scanner Settings
[x] Rootkits detection (hidden registry)
[x] Rootkits detection (hidden files)
[x] Retrieve files information
[x] Check Microsoft signatures

Filters
[ ] Trusted entries
[ ] Empty entries
[x] Hidden registry entries (rootkit activity)
[x] Exclusively opened files
[x] Not found files
[x] Files without detailed information
[x] Existing files
[ ] Non-startable services
[ ] Non-startable drivers
[x] Active entries
[x] Disabled entries


[Common]
-----( %SystemRoot%\Tasks )-----
"GoogleUpdateTaskMachineCore.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
"GoogleUpdateTaskMachineUA.job" - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
"Adobe Flash Player Updater.job" - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

[Control Panel Objects]
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Control Panel\Cpls )-----
"mlcfg32.cpl" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\MLCFG32.CPL
"Pando" - "Pando Networks" - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.cpl

[Drivers]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"atksgt" (atksgt) - ? - C:\Windows\System32\DRIVERS\atksgt.sys  (File found, but it contains no detailed information)
"avgntflt" (avgntflt) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avgntflt.sys
"avipbb" (avipbb) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avipbb.sys
"avkmgr" (avkmgr) - "Avira GmbH" - C:\Windows\System32\DRIVERS\avkmgr.sys
"catchme" (catchme) - ? - C:\ComboFix\catchme.sys  (File not found)
"Cisco Systems Inc. IPSec Driver" (CVPNDRVA) - ? - C:\Windows\system32\Drivers\CVPNDRVA.sys  (File found, but it contains no detailed information)
"dump_wmimmc" (dump_wmimmc) - ? - C:\Program Files\eFusion\BlackShot\system\GameGuard\dump_wmimmc.sys  (File not found)
"EagleX64" (EagleX64) - ? - C:\Windows\system32\drivers\EagleX64.sys  (File not found)
"FssFltr" (fssfltr) - "Microsoft Corporation" - C:\Windows\System32\DRIVERS\fssfltr.sys
"Hamachi Network Interface" (hamachi) - "LogMeIn, Inc." - C:\Windows\System32\DRIVERS\hamachi.sys
"lirsgt" (lirsgt) - ? - C:\Windows\System32\DRIVERS\lirsgt.sys  (File found, but it contains no detailed information)
"MBAMProtector" (MBAMProtector) - "Malwarebytes Corporation" - C:\Windows\system32\drivers\mbam.sys
"Mkd2Bthf" (Mkd2Bthf) - "AhnLab, Inc." - C:\Windows\System32\drivers\Mkd2Bthf.sys
"Mkd2Nadr" (Mkd2Nadr) - "AhnLab, Inc." - C:\Windows\System32\drivers\Mkd2Nadr.sys
"Mkd3kfNt" (Mkd3kfNt) - "AhnLab, Inc." - C:\Windows\System32\drivers\Mkd3kfNt.sys
"NPPTNT2" (NPPTNT2) - ? - C:\Windows\system32\npptNT2.sys  (File not found)
"NTIDrvr" (NTIDrvr) - "NewTech Infosystems, Inc." - C:\Windows\system32\drivers\NTIDrvr.sys
"Service for Realtek HD Audio (WDM)" (IntcAzAudAddService) - ? - C:\Windows\System32\drivers\RTKVHD64.sys  (File not found)
"UBHelper" (UBHelper) - "NewTech Infosystems Corporation" - C:\Windows\system32\drivers\UBHelper.sys

[Explorer]
-----( HKLM\Software\Classes\Folder\shellex\ColumnHandlers )-----
{F9DB5320-233E-11D1-9F84-707F02C10627} "PDF Shell Extension" - "Adobe Systems, Inc." - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll
{30351349-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
-----( HKLM\Software\Classes\Protocols\Filter )-----
{807563E5-5146-11D5-A672-00B0D022E945} "Microsoft Office InfoPath XML Mime Filter" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
-----( HKLM\Software\Classes\Protocols\Handler )-----
{E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} "Album Download IE Asynchronous Pluggable Protocol Interface" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
{314111c7-a502-11d2-bbca-00c04f8ec294} "HxProtocol Class" - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Help\hxds.dll
{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} "IEProtocolHandler Class" - "Skype Technologies" - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
{828030A1-22C1-4009-854F-8E305202313F} "livecall" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
{88FED34C-F0CA-4636-A375-3CB6248B04CD} "Local Groove Web Services Protocol" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
{0A9007C0-4076-11D3-8789-0000F8105754} "Microsoft Infotech Storage Protocol for IE 4.0" - "Microsoft Corporation" - c:\Program Files (x86)\Common Files\Microsoft Shared\Information Retrieval\msitss.dll
{828030A1-22C1-4009-854F-8E305202313F} "msnim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll
{D1F8BD1E-7967-11D2-B43A-006094B9EADB} "SAP HTML Pluggable Protocol" - "SAP, Walldorf" - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll
{D1F8BD1E-7967-11D2-B43A-006094B9EADB} "SAP HTML Pluggable Protocol" - "SAP, Walldorf" - c:\program files (x86)\sap\frontend\sapgui\saphtmlp.dll
{91774881-D725-4E58-B298-07617B9B86A8} "Skype IE add-on Pluggable Protocol" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
{03C514A3-1EFB-4856-9F99-10D7BE1653C0} "Windows Live Mail HTML Asynchronous Pluggable Protocol Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks )-----
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved )-----
{5E2121EE-0300-11D4-8D3B-444553540000} "Catalyst Context Menu extension" - ? -  (File not found | COM-object registry key not found)
{D8D1CE8C-B1EB-4E95-B63B-1531BA60E992} "DivX Property Handler" - "DivX, Inc." - C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll
{83238FAE-D346-4E12-8734-D42F7554B3E6} "DivX Thumbnail Provider" - "DivX, Inc." - C:\Program Files (x86)\DivX\DivX Plus Media Foundation Components\DivXThumbnailProvider.dll
{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} "DragDropProtect Class" - "Egis Technology Inc." - C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll
{99FD978C-D287-4F50-827F-B2C658EDA8E7} "Groove Explorer Icon Overlay 1 (GFS Unread Stub)" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} "Groove Explorer Icon Overlay 2 (GFS Stub)" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
{920E6DB1-9907-4370-B3A0-BAFC03D81399} "Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
{16F3DD56-1AF5-4347-846D-7C10C4192619} "Groove Explorer Icon Overlay 3 (GFS Folder)" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} "Groove Explorer Icon Overlay 4 (GFS Unread Mark)" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} "Groove Folder Synchronization" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
{6C467336-8281-4E60-8204-430CED96822D} "Groove GFS Context Menu Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "Groove GFS Stub Execution Hook" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
{A449600E-1DC6-4232-B948-9BD794D62056} "Groove GFS Stub Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
{387E725D-DC16-4D76-B310-2C93ED4752A0} "Groove XML Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
{42042206-2D85-11D3-8CFF-005004838597} "Microsoft Office HTML Icon Handler" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\msohevi.dll
{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} "Microsoft Office Metadata Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} "Microsoft Office OneNote Namespace Extension for Windows Desktop Search" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\ONFILTER.DLL
{00020D75-0000-0000-C000-000000000046} "Microsoft Office Outlook" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\MLSHEXT.DLL
{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} "Microsoft Office Thumbnail Handler" - "Microsoft Corporation" - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396} "OpenOffice.org Column Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{087B3AE3-E237-4467-B8DB-5A38AB959AC9} "OpenOffice.org Infotip Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{AE424E85-F6DF-4910-A6A9-438797986431} "OpenOffice.org Property Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\propertyhdl.dll
{63542C48-9552-494A-84F7-73AA6A7C99C1} "OpenOffice.org Property Sheet Handler" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{3B092F0C-7696-40E3-A80F-68D74DA84210} "OpenOffice.org Thumbnail Viewer" - ? - C:\Program Files (x86)\OpenOffice.org 3\Basis\program\shlxthdl\shlxthdl.dll
{0006F045-0000-0000-C000-000000000046} "Outlook File Icon Extension" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\OLKFSTUB.DLL
{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} "RealOne Player Context Menu Class" - "RealNetworks, Inc." - c:\program files (x86)\real\realplayer\rpshell.dll
{30351346-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
{30351347-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
{30351348-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
{30351349-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
{3035134A-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
{3035134B-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
{3035134C-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
{3035134D-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
{3035134E-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
{3035134F-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
{30351350-7B7D-4FCC-81B4-1E394CA267EB} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
{C5994560-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
{C5994561-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
{C5994562-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
{C5994563-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
{C5994564-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
{C5994565-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
{C5994566-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
{C5994567-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
{C5994568-53D9-4125-87C9-F193FC689CB2} "TortoiseSVN" - "hxxp://tortoisesvn.net" - C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} "Windows Live Photo Gallery Autoplay Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} "Windows Live Photo Gallery Editor Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} "Windows Live Photo Gallery Editor Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F30F90-3E96-453B-AFCD-D71989ECC2C7} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F33137-EE26-412F-8D71-F84E4C2C6625} "Windows Live Photo Gallery Viewer Autoplay Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
{00F374B7-B390-4884-B372-2FC349F2172B} "Windows Live Photo Gallery Viewer Drop Target" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe
{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} "Windows Live Photo Gallery Viewer Shim" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\PhotoViewerShim.dll
{B41DB860-8EE4-11D2-9906-E49FADC173CA} "WinRAR" - ? - C:\Program Files (x86)\WinRAR\rarext.dll
{B41DB860-64E4-11D2-9906-E49FADC173CA} "WinRAR shell extension" - ? -  (File not found | COM-object registry key not found)
{0563DB41-F538-4B37-A92D-4659049B7766} "WLMD Message Handler" - ? -  (File not found | COM-object registry key not found)
{06A2568A-CED6-4187-BB20-400B8C02BE5A} "{06A2568A-CED6-4187-BB20-400B8C02BE5A}" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe

[Internet Explorer]
-----( HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser )-----
<binary data> "Google Toolbar" - "Google Inc." - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
ITBar7Height "ITBar7Height" - ? -  (File not found | COM-object registry key not found)
<binary data> "ITBar7Layout" - ? -  (File not found | COM-object registry key not found)
-----( HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units )-----
{063F7D71-5E0B-48F2-87D5-F63C5917947E} "Aosmgr Control" - "AhnLab, Inc." - C:\PROGRA~2\AhnLab\ASP\COMPON~1\aosmgr\aosmgr.ocx / hxxp://ahnlabdownload.nefficient.co.kr/aos/plugin/aosmgr.cab
{CC450D71-CC90-424C-8638-1F2DBAC87A54} "ArmHelper Control" - ? - ./Images/armhelper.ocx  (File not found) / file:///C:/Program%20Files%20(x86)/Plants%20vs.%20Zombies%20-%20Game%20of%20the%20Year%20Edition/Images/armhelper.ocx
{8AD9C840-044E-11D1-B3E9-00805F499D93} "Java Plug-in 1.6.0_30" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
{CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} "Java Plug-in 1.6.0_30" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2iexp.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
{CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} "Java Plug-in 1.6.0_30" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\npjpi160_30.dll / hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab
{149E45D8-163E-4189-86FC-45022AB2B6C9} "SpinTop DRM Control" - "SpinTop Media Inc." - C:\Windows\Downloaded Program Files\stg_drm.ocx / file:///C:/Program%20Files%20(x86)/Plants%20vs.%20Zombies%20-%20Game%20of%20the%20Year%20Edition/Images/stg_drm.ocx
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions )-----
{B63DBA5F-523F-4B9C-A43D-65DF1977EAD3} "@C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
{5F7B1267-94A9-47F5-98DB-E99415F33AEC} "@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
{FF059E31-CC5A-4E2E-BF3B-96E929D65503} "Research" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
{48E73304-E1D6-4330-914C-F5F514E3486C} "Send to OneNote" - "Microsoft Corporation" - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
"Senden an Bluetooth" - ? - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
{898EA8C8-E7FF-479B-8935-AEC46303B9E5} "Skype Click to Call" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
-----( HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar )-----
{8dcb7100-df86-4384-8842-8fa844297b3f} "Bing Bar" - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
<binary data> "Google Toolbar" - "Google Inc." - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects )-----
{18DF081C-E8AD-4283-A596-FA578C2EBDC3} "Adobe PDF Link Helper" - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
{d2ce3e00-f94a-4740-988e-03dc2f38c34f} "Bing Bar Helper" - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BingExt.dll
{593DDEC6-7468-4cdd-90E1-42DADAA222E9} "DivX HiQ" - "DivX, LLC" - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
{326E768D-4182-46FD-9C16-1449A49795F4} "DivX Plus Web Player HTML5 <video>" - "DivX, LLC" - C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} "Google Toolbar Helper" - "Google Inc." - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
{72853161-30C5-4D22-B7F9-0BBC1D38A37E} "Groove GFS Browser Helper" - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
{DBC80044-A445-435b-BC74-9C25C1C588A9} "Java(tm) Plug-In 2 SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} "Java(tm) Plug-In SSV Helper" - "Sun Microsystems, Inc." - C:\Program Files (x86)\Java\jre6\bin\ssv.dll
{3049C3E9-B461-4BC5-8870-4C09146192CA} "RealPlayer Download and Record Plugin for Internet Explorer" - "RealPlayer" - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll
{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} "Skype Browser Helper" - "Skype Technologies S.A." - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
{9030D464-4C02-4ABF-8ECC-5164760863C6} "Windows Live ID-Anmelde-Hilfsprogramm" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
{9FDDE16B-836F-4806-AB1F-1455CBEFF289} "Windows Live Messenger Companion Helper" - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

[LSA Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Lsa )-----
"Security Packages" - "Microsoft Corp." - C:\Windows\system32\livessp.dll

[Logon]
-----( %APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"desktop.ini" - ? - C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-----( %AllUsersProfile%\Microsoft\Windows\Start Menu\Programs\Startup )-----
"Acer VCM.lnk" - "Acer Incorporated" - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe  (Shortcut exists | File exists)
"desktop.ini" - ? - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
"Bluetooth.lnk" - ? - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe  (Shortcut exists | File not found)
-----( HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run )-----
"Akamai NetSession Interface" - "Akamai Technologies, Inc" - "C:\Users\Home\AppData\Local\Akamai\netsession_win.exe"
"Skype" - "Skype Technologies S.A." - "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
"Steam" - "Valve Corporation" - "A:\Spiele\Steam\steam.exe" -silent
"swg" - "Google Inc." - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
-----( HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\Wds\rdpwd )-----
"StartupPrograms" - ? - rdpclip  (File not found)
-----( HKLM\Software\Microsoft\Windows\CurrentVersion\Run )-----
"Adobe ARM" - "Adobe Systems Incorporated" - "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"APSDaemon" - "Apple Inc." - "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"ArcadeMovieService" - "CyberLink Corp." - "C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe"
"avgnt" - "Avira Operations GmbH & Co. KG" - "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
"BackupManagerTray" - "NewTech Infosystems, Inc." - "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k
"EgisTecPMMUpdate" - "Egis Technology Inc." - "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"EgisUpdate" - "Egis Technology Inc." - "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d
"GrooveMonitor" - "Microsoft Corporation" - "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"IAStorIcon" - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
"LManager" - "Dritek System Inc." - C:\Program Files (x86)\Launch Manager\LManager.exe
"Malwarebytes' Anti-Malware" - "Malwarebytes Corporation" - "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
"MDS_Menu" - "CyberLink Corp." - "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso" UpdateWithCreateOnce "Software\CyberLink\MediaShow Espresso\5.6"
"StartCCC" - "Advanced Micro Devices, Inc." - "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"SuiteTray" - "Egis Technology Inc." - "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
"SunJavaUpdateSched" - "Sun Microsystems, Inc." - "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[Print Monitors]
-----( HKLM\SYSTEM\CurrentControlSet\Control\Print\Monitors )-----
"pdfcmon" - "pdfforge GbR" - C:\Windows\system32\pdfcmon.dll

[Services]
-----( HKLM\SYSTEM\CurrentControlSet\Services )-----
"@%ProgramFiles%\Windows Defender\MsMpRes.dll,-103" (WinDefend) - ? - C:\Program Files (x86)\Windows Defender\mpsvc.dll  (File not found)
"@%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101" (WMPNetworkSvc) - ? - "C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe"  (File not found)
"Acer ePower Service" (ePowerSvc) - "Acer Incorporated" - C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
"Acer ODD Power Service" (ODDPwrSvc) - "Acer Incorporated" - C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
"Adobe Acrobat Update Service" (AdobeARMservice) - "Adobe Systems Incorporated" - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
"Adobe Flash Player Update Service" (AdobeFlashPlayerUpdateSvc) - "Adobe Systems Incorporated" - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
"Akamai NetSession Interface" (Akamai) - "Akamai Technologies, Inc" - c:\program files (x86)\common files\akamai\netsession_win_4f7fccd.dll
"Apple Mobile Device" (Apple Mobile Device) - "Apple Inc." - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
"ASP.NET-Zustandsdienst" (aspnet_state) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
"Avira Echtzeit Scanner" (AntiVirService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
"Avira Planer" (AntiVirSchedulerService) - "Avira Operations GmbH & Co. KG" - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
"BBUpdate" (BBUpdate) - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\SeaPort.exe
"BingBar Service" (BBSvc) - "Microsoft Corporation." - C:\Program Files (x86)\Microsoft\BingBar\7.1.361.0\BBSvc.exe
"Bluetooth Service" (btwdins) - "Broadcom Corporation." - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
"Cisco Systems, Inc. VPN Service" (CVPND) - "Cisco Systems, Inc." - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
"Cyberlink RichVideo Service(CRVS)" (RichVideo) - ? - C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
"Dienst "Bonjour"" (Bonjour Service) - "Apple Inc." - C:\Program Files\Bonjour\mDNSResponder.exe
"Dritek WMI Service" (DsiWMIService) - "Dritek System Inc." - C:\Program Files (x86)\Launch Manager\dsiwmis.exe
"Google Software Updater" (gusvc) - "Google" - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
"Google Update Service (gupdate)" (gupdate) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
"Google Update-Dienst (gupdatem)" (gupdatem) - "Google Inc." - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
"GREGService" (GREGService) - "Acer Incorporated" - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
"InstallDriver Table Manager" (IDriverT) - "Macrovision Corporation" - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
"Intel(R) Management & Security Application User Notification Service" (UNS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
"Intel(R) Management and Security Application Local Management Service" (LMS) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
"Intel(R) Rapid Storage Technology" (IAStorDataMgrSvc) - "Intel Corporation" - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
"LogMeIn Hamachi Tunneling Engine" (Hamachi2Svc) - "LogMeIn Inc." - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
"MBAMService" (MBAMService) - "Malwarebytes Corporation" - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
"Microsoft .NET Framework NGEN v4.0.30319_X64" (clr_optimization_v4.0.30319_64) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
"Microsoft .NET Framework NGEN v4.0.30319_X86" (clr_optimization_v4.0.30319_32) - "Microsoft Corporation" - C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
"Microsoft Office Diagnostics Service" (odserv) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
"Microsoft Office Groove Audit Service" (Microsoft Office Groove Audit Service) - "Microsoft Corporation" - C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
"Mozilla Maintenance Service" (MozillaMaintenance) - "Mozilla Foundation" - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
"MyWinLocker Service" (MWLService) - "Egis Technology Inc." - C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
"nProtect GameGuard Service" (npggsvc) - ? - C:\Windows\system32\GameMon.des -service  (File not found)
"NTI Backup Now 5 Backup Service" (NTIBackupSvc) - "NewTech InfoSystems, Inc." - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
"NTI Backup Now 5 Scheduler Service" (NTISchedulerSvc) - "NewTech Infosystems, Inc." - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
"NTI IScheduleSvc" (NTI IScheduleSvc) - "NewTech Infosystems, Inc." - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
"Office Source Engine" (ose) - "Microsoft Corporation" - C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
"PnkBstrA" (PnkBstrA) - ? - C:\Windows\system32\PnkBstrA.exe  (File not found)
"PnkBstrB" (PnkBstrB) - ? - C:\Windows\system32\PnkBstrB.exe  (File not found)
"Raw Socket Service" (RS_Service) - "Acer Incorporated" - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
"Skype C2C Service" (Skype C2C Service) - "Skype Technologies S.A." - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
"Skype Updater" (SkypeUpdate) - "Skype Technologies" - C:\Program Files (x86)\Skype\Updater\Updater.exe
"SQL Server (SQLEXPRESS)" (MSSQL$SQLEXPRESS) - "Microsoft Corporation" - c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
"SQL Server VSS Writer" (SQLWriter) - "Microsoft Corporation" - c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
"Steam Client Service" (Steam Client Service) - "Valve Corporation" - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
"Updater Service" (Updater Service) - "Acer Group" - C:\Program Files\Acer\Acer Updater\UpdaterService.exe
"Windows Live Family Safety Service" (fsssvc) - "Microsoft Corporation" - C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
"Windows Live ID Sign-in Assistant" (wlidsvc) - "Microsoft Corp." - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

[Winsock Providers]
-----( HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries )-----
"mdnsNSP" - "Apple Inc." - C:\Program Files (x86)\Bonjour\mdnsNSP.dll
"WindowsLive Local NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
"WindowsLive NSP" - "Microsoft Corp." - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

===[ Logfile end ]=========================================[ Logfile end ]===

If You have questions or want to get some help, You can visit hxxp://forum.online-solutions.ru
aswMBR:

Code:
aswMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
Run date: 2012-07-16 13:26:59
-----------------------------
13:26:59.869    OS Version: Windows x64 6.1.7600
13:26:59.869    Number of processors: 4 586 0x2502
13:26:59.869    ComputerName: HOME-PC  UserName: Home
13:27:01.089    Initialize success
13:27:06.881    AVAST engine defs: 12071600
13:28:12.151    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
13:28:12.161    Disk 0 Vendor: WDC_WD50 01.0 Size: 476940MB BusType: 3
13:28:12.221    Disk 0 MBR read successfully
13:28:12.221    Disk 0 MBR scan
13:28:12.231    Disk 0 Windows 7 default MBR code
13:28:12.241    Disk 0 Partition 1 00    27 Hidden NTFS WinRE NTFS        13312 MB offset 2048
13:28:12.271    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 27265024
13:28:12.291    Disk 0 Partition 3 00    07    HPFS/NTFS NTFS      231828 MB offset 27469824
13:28:12.301    Disk 0 Partition - 00    0F Extended LBA            231698 MB offset 502253568
13:28:12.321    Disk 0 Partition 4 00    07    HPFS/NTFS NTFS      231697 MB offset 502255616
13:28:12.361    Disk 0 scanning C:\Windows\system32\drivers
13:28:24.900    Service scanning
13:29:03.732    Modules scanning
13:29:04.062    Disk 0 trace - called modules:
13:29:04.102    ntoskrnl.exe CLASSPNP.SYS disk.sys iaStor.sys
13:29:04.112    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c64060]
13:29:04.112    3 CLASSPNP.SYS[fffff88001a9343f] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80049aa050]
13:29:04.122    Scan finished successfully
13:30:49.295    Disk 0 MBR has been saved successfully to "C:\Users\Home\Desktop\MBR.dat"
13:30:49.295    The log file has been saved successfully to "C:\Users\Home\Desktop\aswMBR.txt"
Gruß Christian

cosinus 16.07.2012 16:33
Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle Vollscans mit Malwarebytes und SASW und poste die Logs.
Denk dran beide Tools zu updaten vor dem Scan!!

ChrissCross6 17.07.2012 12:43
Hey,

okay klingt ja schon mal gut, :) hier sind noch die beide Vollscans:

Malwarebytes:

Code:
Malwarebytes Anti-Malware (Test) 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.07.17.07

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Home :: HOME-PC [Administrator]

Schutz: Aktiviert

17.07.2012 11:08:22
mbam-log-2012-07-17 (11-08-22).txt

Art des Suchlaufs: Vollständiger Suchlauf (A:\|C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 624235
Laufzeit: 2 Stunde(n), 19 Minute(n), 11 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
SUPERAntiSpyware:

Code:
SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 07/16/2012 at 10:42 PM

Application Version : 5.5.1006

Core Rules Database Version : 8907
Trace Rules Database Version: 6719

Scan type      : Complete Scan
Total Scan Time : 02:13:07

Operating System Information
Windows 7 Home Premium 64-bit (Build 6.01.7600)
UAC On - Administrator

Memory items scanned      : 857
Memory threats detected  : 0
Registry items scanned    : 69386
Registry threats detected : 0
File items scanned        : 141311
File threats detected    : 459

Adware.Tracking Cookie
        C:\Users\Home\AppData\Roaming\Microsoft\Windows\Cookies\MTIKVEXY.txt [ /atdmt.com ]
        C:\Users\Home\AppData\Roaming\Microsoft\Windows\Cookies\R4UIOVAX.txt [ /tracking.quisma.com ]
        C:\Users\Home\AppData\Roaming\Microsoft\Windows\Cookies\SZ115G2T.txt [ /fastclick.net ]
        C:\Users\Home\AppData\Roaming\Microsoft\Windows\Cookies\B594BWHR.txt [ /c.atdmt.com ]
        C:\Users\Home\AppData\Roaming\Microsoft\Windows\Cookies\30CU9Q0D.txt [ /ad.zanox.com ]
        C:\Users\Home\AppData\Roaming\Microsoft\Windows\Cookies\K130K4JY.txt [ /mediaplex.com ]
        C:\Users\Home\AppData\Roaming\Microsoft\Windows\Cookies\QFWIDD3C.txt [ /ad2.adfarm1.adition.com ]
        C:\Users\Home\AppData\Roaming\Microsoft\Windows\Cookies\OU0RCQOD.txt [ /apmebf.com ]
        C:\Users\Home\AppData\Roaming\Microsoft\Windows\Cookies\R3DDYJPW.txt [ /imrworldwide.com ]
        C:\Users\Home\AppData\Roaming\Microsoft\Windows\Cookies\YK74671Q.txt [ /adfarm1.adition.com ]
        C:\Users\Home\AppData\Roaming\Microsoft\Windows\Cookies\WK3ZOQU8.txt [ /zanox.com ]
        C:\Users\Home\AppData\Roaming\Microsoft\Windows\Cookies\VB0U0UI3.txt [ /ad1.adfarm1.adition.com ]
        C:\USERS\HOME\Cookies\MTIKVEXY.txt [ Cookie:home@atdmt.com/ ]
        C:\USERS\HOME\Cookies\SZ115G2T.txt [ Cookie:home@fastclick.net/ ]
        C:\USERS\HOME\Cookies\B594BWHR.txt [ Cookie:home@c.atdmt.com/ ]
        C:\USERS\HOME\Cookies\30CU9Q0D.txt [ Cookie:home@ad.zanox.com/ ]
        C:\USERS\HOME\Cookies\K130K4JY.txt [ Cookie:home@mediaplex.com/ ]
        C:\USERS\HOME\Cookies\QFWIDD3C.txt [ Cookie:home@ad2.adfarm1.adition.com/ ]
        C:\USERS\HOME\Cookies\OU0RCQOD.txt [ Cookie:home@apmebf.com/ ]
        C:\USERS\HOME\Cookies\R3DDYJPW.txt [ Cookie:home@imrworldwide.com/cgi-bin ]
        C:\USERS\HOME\Cookies\YK74671Q.txt [ Cookie:home@adfarm1.adition.com/ ]
        C:\USERS\HOME\Cookies\WK3ZOQU8.txt [ Cookie:home@zanox.com/ ]
        C:\USERS\HOME\Cookies\VB0U0UI3.txt [ Cookie:home@ad1.adfarm1.adition.com/ ]
        delivery.ibanner.de [ C:\USERS\HOME\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\VMFBM8J6 ]
        .doubleclick.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .mediaplex.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        tracking.quisma.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        tracking.mlsat02.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        track.adform.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .atdmt.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .atdmt.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        track.adform.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        tracking.sim-technik.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adbrite.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .server.cpmstar.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .advertising.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .advertising.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .ru4.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .ru4.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .a.revenuemax.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .ad.adnet.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        server.adform.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        server.adform.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        ad.dyntracker.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        track.adform.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .specificclick.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .apmebf.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .overture.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .server.cpmstar.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        www.moviepilot.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .moviepilot.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .moviepilot.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .moviepilot.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .imrworldwide.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .imrworldwide.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        in.getclicky.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .amazon-adsystem.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .amazon-adsystem.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .at.atwola.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .game-advertising-online.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .lucidmedia.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .ad-emea.doubleclick.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .technoratimedia.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .technoratimedia.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .doubleclick.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .unister-adservices.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        de.sitestat.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .oms.122.2o7.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        zbox.zanox.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        server.adformdsp.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adformdsp.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adform.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        www.usenext.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .questionmarket.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .questionmarket.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        advertising.finon.info [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        ww251.smartadserver.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        ad.zanox.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .traffictrack.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .traffictrack.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .tto2.traffictrack.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        adx.chip.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .server.cpmstar.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .yieldmanager.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .unitymedia.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .unitymedia.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        forum.elitekingdoms.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        forum.elitekingdoms.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        ads.saymedia.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adserver.adtechus.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .saymedia.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adbrite.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .collective-media.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .saymedia.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .ad.adnet.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .server.cpmstar.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .server.cpmstar.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .server.cpmstar.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        accounts.youtube.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .bs.serving-sys.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .bs.serving-sys.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        tracking.quisma.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .tracker.vinsight.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .kontera.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .tracking.mindshare.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .ad.adnet.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        www.etracker.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        partners.webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .mediaplex.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        www.googleadservices.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        stats.gluxx.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .traffictrack.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .e-2dj6aelienajokq.stats.esomniture.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .fastclick.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .traffictrack.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        track.effiliation.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .paypal.112.2o7.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .mediaplex.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .stats.paypal.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .doubleclick.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        statse.webtrendslive.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        stats.bmw.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adform.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .2o7.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        ad1.adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adbrite.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .casalemedia.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        stats.computecmedia.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .im.banner.t-online.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adviva.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        stats.bmw.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .e-2dj6wnliagd5mkq.stats.esomniture.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .advertising.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .advertising.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        ad.adserver01.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        accounts.google.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        accounts.youtube.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        tomtailor.dyntracker.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .zanox.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        ad.zanox.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .tribalfusion.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .zanox-affiliate.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        ad.dyntracker.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        www.zanox-affiliate.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        ad3.adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adtech.de [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        ad4.adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        ad2.adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        track.adform.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .adform.net [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        eas.apm.emediate.eu [ C:\USERS\HOME\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\K2E0147E.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        tracking.quisma.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        tracking.quisma.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .imrworldwide.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .imrworldwide.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        ww251.smartadserver.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .webmasterplan.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .smartadserver.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .zedo.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .zedo.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .zedo.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .zedo.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .zedo.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .zedo.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .atdmt.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .atdmt.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .ru4.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .adbrite.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .adbrite.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .lucidmedia.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .ru4.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .invitemedia.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .revsci.net [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        beacons.hottraffic.nl [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .adxpose.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .media6degrees.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .doubleclick.net [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .yieldmanager.net [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .adfarm1.adition.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        ad2.adfarm1.adition.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .zanox.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        ad.zanox.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .tradedoubler.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .traffictrack.de [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        www.nettrack.nl [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .kpn.solution.weborama.fr [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .kpn.solution.weborama.fr [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .kpn.solution.weborama.fr [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .kpn.solution.weborama.fr [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        ad.yieldmanager.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        fl01.ct2.comclick.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .weborama.fr [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .edgeadserver.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .edgeadserver.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .view.atdmt.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .bs.serving-sys.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .tracking.quisma.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .conversioncompany.solution.weborama.fr [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .conversioncompany.solution.weborama.fr [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .conversioncompany.solution.weborama.fr [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .conversioncompany.solution.weborama.fr [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        fl01.ct2.comclick.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .ffdthuisapotheek.solution.weborama.fr [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .ffdthuisapotheek.solution.weborama.fr [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .ffdthuisapotheek.solution.weborama.fr [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .ffdthuisapotheek.solution.weborama.fr [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]
        .serving-sys.com [ C:\USERS\INTERNET\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\LHCHF2II.DEFAULT\COOKIES.SQLITE ]

Trojan.Agent/Gen-Skelten[Ex]
        C:\SERVER\EATHENA\TOOLS\DIFF PATCHER\K3DTDIFFPATCHER_BETA.EXE

Heur.Agent/Gen-WhiteBox
        C:\SPIELE\TOM CLANCYS RAINBOW SIX_DOWNLOADER.EXE

Trojan.Agent/Gen-Sisproc
        C:\WINDOWS\IFINST27.EXE
Gruß Christian

cosinus 18.07.2012 11:26
Code:
Trojan.Agent/Gen-Skelten[Ex]
        C:\SERVER\EATHENA\TOOLS\DIFF PATCHER\K3DTDIFFPATCHER_BETA.EXE

Heur.Agent/Gen-WhiteBox
        C:\SPIELE\TOM CLANCYS RAINBOW SIX_DOWNLOADER.EXE

Trojan.Agent/Gen-Sisproc
        C:\WINDOWS\IFINST27.EXE
Sind dir diese Dateien bekannt?

ChrissCross6 18.07.2012 11:39
Hey,

also der Diff Patcher und das Spiel ja, sprich die ersten beiden, aber das letzte hab ich noch nie gesehen keine Ahnung was das ist. ^o^

Gruß Christian

cosinus 18.07.2012 19:28
Kannst du mir alle drei Dateien mal zusammen in eine zip Datei packen und bei uns hochladen? => http://www.trojaner-board.de/54791-a...ner-board.html

ChrissCross6 18.07.2012 21:55
Hey,

ja hab alle 3 Dateien als .rar Datei hochgeladen hoffe das passt so. :)

Gruß Christian

cosinus 19.07.2012 16:36
Also ich würde bei diesen Dateien vorsichtig sein!
Da könnte man schon fast den Verdacht haben, das seien Cracks oder irgendwas anderes Illegales, aber sicher bin ich mir da nicht!

https://www.virustotal.com/file/5f30...is/1342712060/

https://www.virustotal.com/file/5734...is/1342712076/

ChrissCross6 23.07.2012 15:21
Hey,

also die eine .exe ist ja fürs Downloaden von dem Game, das hab ich mir legal auf mcgame.com gekauft und das andere ist zum Ändern von einer .exe Datei von einem Game, um z.B. keine Effekte mehr anzuzeigen oder "/", "@" Befehle usw. zu deaktivieren.
Sollte ich beides vorsichtshalber löschen?

Gruß Christian

cosinus 23.07.2012 15:37
Wenn du der Meinung bist diese Dateien sind legitim, dann behalte sie. Superantispyware kann nämlich auch leider sehr fehlalarmlastig sein

ChrissCross6 26.07.2012 10:44
Hmm okay, naja dann überleg ich mir das mal :)
Vielen Dank nochmal für die intensive und gute Hilfe, sowie den jetzt sauberen Pc!!! :D

Gruß Christian

cosinus 26.07.2012 16:03
Dann wären wir durch! :abklatsch:

Die Programme, die hier zum Einsatz kamen, können alle wieder runter. Mit Hilfe von OTL kannst du auch viele Tools entfernen:

Starte bitte OTL und klicke auf Bereinigung.
Dies wird die meisten Tools entfernen, die wir zur Bereinigung benötigt haben. Sollte etwas bestehen bleiben, bitte mit Rechtsklick --> Löschen entfernen.


Malwarebytes zu behalten ist zu empfehlen. Kannst ja 1x im Monat damit einen Vollscan machen, aber immer vorher ans Update denken.


Bitte abschließend die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden.
Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern.


Microsoftupdate

Windows XP: Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.

Windows Vista/7: Anleitung Windows-Update


PDF-Reader aktualisieren
Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast)

Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers:
Prüfen => Adobe - Flash Player
Downloadlinks => http://www.adobe.com/products/flashp...ribution3.html

Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind.


Java-Update
Veraltete Java-Installationen sind ein Sicherheitsrisiko, daher solltest Du die alten Versionen löschen (falls vorhanden, am besten mit JavaRa) und auf die neuste aktualisieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.


Alle Zeitangaben in WEZ +1. Es ist jetzt 08:35 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131