Moin Moin!

Mein PC wurde gestern vom "GVU Trojaner" befallen. Nach Recherche im Forum habe ich durch eine Systemwiederherstellung den PC wieder zum laufen bekommen, dann mit Malwarebytes Anti-Malware meinen PC gescannt und folgenden log-File erhalten

Zitat:

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Datenbank Version: v2013.01.19.09

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Christian :: CHRISTIAN-PC [Administrator]

19.01.2013 20:56:04
MBAM-log-2013-01-20 (09-58-47).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 732277
Laufzeit: 3 Stunde(n), 1 Minute(n), 37 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 2
C:\Users\Christian\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\14\4cce7d0e-6a92cc46 (Trojan.FakeMS.ED) -> Keine Aktion durchgeführt.
C:\ProgramData\dsgsdgdsgdsgw.pad (Exploit.Drop.GSA) -> Keine Aktion durchgeführt.

(Ende)

Die beiden Dateien wurden dann mit Malwarebytes entfernt. Anschließend habe ich mir OTL von Oldtimer runtergeladen und nach Anleitung aus älteren Themen auch damit meinen PC gescannt. Die Ausgaben sieht wie folgt aus:

Eine Unter dem Namen "Extras"

Zitat:

OTL Extras logfile created on: 20.01.2013 10:08:29 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Christian\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16443)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,68 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 50,67% Memory free
7,35 Gb Paging File | 5,33 Gb Available in Paging File | 72,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446,13 Gb Total Space | 198,42 Gb Free Space | 44,48% Space Free | Partition Type: NTFS

Computer Name: CHRISTIAN-PC | User Name: Christian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3427454082-1433254171-2550170084-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
"" =
"DisableMonitoring" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{C3F3D319-E549-4BE1-A9FC-BDC2945CD0C9}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{CD4A55A3-AC69-4910-B11D-11764353D2A1}" = lport=3580-3581 | protocol=17 | dir=in | app=c:\program files (x86)\national instruments\shared\ni webserver\systemwebserver.exe |
"{E9F3CA92-CAD3-46F6-BDA4-C9D733553497}" = lport=3580-3581 | protocol=6 | dir=in | app=c:\program files (x86)\national instruments\shared\ni webserver\systemwebserver.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0002051B-A9AA-4B3F-8728-415E8986B18F}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{1E025FFB-F3DC-4BAB-927B-E8A28EFC8DE0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{22EC3136-CADE-4416-9D77-F40268D55AD2}" = protocol=6 | dir=in | app=c:\program files (x86)\national instruments\shared\ni webserver\applicationwebserver.exe |
"{24B0F5B8-367F-4003-81F9-B333A7E4A603}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{3B848BF1-A2CB-49D8-BEDD-6E15C4BDB929}" = protocol=17 | dir=in | app=c:\program files (x86)\national instruments\shared\ni webserver\applicationwebserver.exe |
"{4F08CF52-B016-4A68-944C-1304C9C0BE35}" = protocol=6 | dir=in | app=c:\program files\national instruments\shared\ni webserver\applicationwebserver.exe |
"{64A41D71-4802-4358-9DDE-FB6D5A5F5E4E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{65097186-6D9F-4CF7-9E31-98A177A9E854}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{739C1546-3698-4773-8EB0-6DD03D9F65D2}" = dir=in | app=c:\program files (x86)\acer\acer vcm\rs_service.exe |
"{74DE7639-63F3-4EDD-B839-662F624F9177}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{76DE96BD-A4A8-4472-BEC4-40D409142AE4}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{80AD7445-008F-49B8-A201-F84C3D3ADF0C}" = protocol=17 | dir=in | app=c:\users\christian\appdata\roaming\dropbox\bin\dropbox.exe |
"{991246E6-355B-4D50-BEE5-2A0393D9204B}" = dir=in | app=c:\program files (x86)\acer\acer vcm\vc.exe |
"{B185F427-5223-47AF-9266-A55E14954CE5}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{B1980848-AC16-4785-AA90-5E68C46E91F7}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{BC36A650-6FE2-42F1-8955-4B0FB5A4B57F}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{C229CA86-D1D2-4089-A45B-2E31E803BAF1}" = protocol=17 | dir=in | app=c:\program files\national instruments\shared\ni webserver\applicationwebserver.exe |
"{D033238B-AFAF-4217-8896-F7F4897C83EA}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{D8BF5C84-9061-4BE1-A579-B6E7942B8191}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{EA41689F-F52B-4717-929B-C9382B4CB8F0}" = protocol=6 | dir=in | app=c:\users\christian\appdata\roaming\dropbox\bin\dropbox.exe |
"{FD7E4F10-4E4E-4A6F-8B44-A7071B5C16F3}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00606A59-716C-484A-AE64-5F7E3F23B3BD}" = NI GMP Windows 64-bit Installer 12.0.0
"{01C99994-625D-47DC-8C4C-59DE0533E170}" = NI-MXDF 3.0.0f0 for 64 Bit Windows
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{07E00E94-7A78-40FA-9BEF-71C190E98041}" = NI VC2008MSMs x64
"{08BCFE15-8AA1-4A58-B018-4FEF486BA922}" = Autodesk Inventor Fusion for Inventor 2013 Add-in
"{092BCB63-AE94-4A14-A0CD-9535FCCF89EE}" = NI-MXLC Core (64-bit)
"{0C0F0825-84A8-40A1-BBB5-E80ABAD6237C}" = NI PXI Platform Framework 1.6.0 64-bit
"{0CA30245-F843-407F-8FA6-52880DF8E67C}" = 3Dconnexion Plug-In for NX v3.0 - v8.0
"{0D872C37-F656-427F-9571-A09B9AF8E126}" = 3Dconnexion Plug-In for 3ds Max v9 - 2013
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{0EA4894B-C99B-48E4-976A-94B55CB89239}" = NI MXS 5.3.0 for 64 Bit Windows
"{1111706F-666A-4037-7777-203648764D10}" = JavaFX 2.0.3 (64-bit)
"{143A274F-B49C-4888-BA03-2AE7795C5860}" = NI PXI Hardware 64-bit Support 3.0.3
"{19418057-9919-4B01-A0CE-38FF8D36EB66}" = NI Ethernet Device Enumerator 64-Bit
"{197B80EB-D791-4DA4-9398-B5F029738E22}" = NI System State Publisher (64-bit)
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{2001197F-7545-41F7-9078-E8D23B3BBEAF}" = 3Dconnexion Plug-In for Photoshop CS3 - CS5
"{2222706F-666A-4037-7777-203648764D10}" = JavaFX 2.0.3 SDK (64-bit)
"{234B1EF7-81E5-5613-1F01-E43EA36C2F17}" = ATI Catalyst Install Manager
"{2616018C-1E77-48E3-BB9B-7FC79D849CAB}" = NI-DAQmx STC for 64 Bit Windows 1.11.0
"{266597A9-1764-0000-0100-DCBF2B69166B}" = Autodesk Vault Basic 2013 (Client) German Language Pack
"{26A24AE4-039D-4CA4-87B4-2F86417003FF}" = Java(TM) 7 Update 3 (64-bit)
"{3D622E97-44A1-4D81-8FD0-812B919CD207}" = NI-PAL 2.9.0f0 for 64 Bit Windows
"{3F7CDE88-3B1B-42C1-ACDF-05720E0B04BB}" = NI Web Application Server 12.0 (64 Bit)
"{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}" = WIDCOMM Bluetooth Software
"{45A790D5-C7EB-4BE0-B71A-10C550844AF6}" = NI Portable Configuration for 64 Bit Windows 5.3.0
"{461DA426-1693-4B89-A076-BDAA5BE91211}" = NI-DAQmx Timing for 64 Bit Windows 2.6.0
"{467D5E81-8349-4892-9E81-C3674ED8E451}" = Cisco Systems VPN Client 5.0.07.0290
"{46EF0477-FBC0-47D4-B9B6-81DB345C18E9}" = NI Network Discovery 5.3 for Windows 64-bit
"{48F51087-D7F3-44A9-AB97-4C13C4BB1090}" = NI Logos64 XT Support
"{4BD13FBE-808E-43FB-82F0-C0C5126DA31A}" = NI-DAQmx MIO Device Drivers for 64 Bit Windows 2.9.0
"{4DD08E99-6FC1-4188-9A2E-0AF968279E41}" = NI mDNS Responder 2.1 for Windows 64-bit
"{50B2D9D8-87B6-49EE-BC5C-874119FD6B7B}" = NI Xerces Delay Load 2.7.3 64-bit
"{5783F2D7-B028-0409-0100-0060B0CE6BBA}" = DWG TrueView 2013
"{5B91AB39-58C2-4857-9F3E-43FE03341402}" = NI PXI SystemAPI Expert 64-bit 3.0.3
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{60B316B8-5D19-40DD-A74B-BB15E2A0BD4C}" = NI RTSI Cable Core Installer for 64 Bit Windows 1.3.0
"{64A3A4F4-B792-11D6-A78A-00B0D0170030}" = Java(TM) SE Development Kit 7 Update 3 (64-bit)
"{6B56ED69-9CF4-4FC8-82DC-FAECCCB0835A}" = NI-DAQmx Common Digital for 64 Bit Windows 1.15.0
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{6E4E0AAC-0A90-421A-B10B-43C2B51D939F}" = 3Dconnexion 3DxWare (x64)
"{774510C7-E6AC-4ECB-ACEF-D5284FED4D0A}" = NI-RPC 4.3.0f0 for 64 Bit Windows
"{792A9A32-718A-40D1-9867-A903F76AE2F8}" = Eco Materials Adviser for Autodesk Inventor 2013
"{794A9BD9-4F2B-40D2-9DAD-3F3EAE4901F1}" = 3Dconnexion Add-In for Solid Edge V18 - ST4
"{7D381A8A-F3FF-4720-B39D-42B6B9DF9F3E}" = 3Dconnexion Plug-In for Maya v8.5 - 2013
"{7EB5A9FE-9F83-4656-B75D-F14FBC008E3D}" = NI-DAQmx SCXI for 64 Bit Windows 2.1.1
"{7F4DD591-1764-0001-0000-7107D70F3DB4}" = Autodesk Inventor Professional 2013
"{7F4DD591-1764-0001-1031-7107D70F3DB4}" = Autodesk Inventor Professional 2013 Language Pack - Deutsch (German)
"{89D130E0-B897-415D-B879-5517AFAB1C59}" = NI-APAL 2.2 64-Bit Error Files
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8F1EF5CE-DB74-4A76-AC44-8DB470FFA067}" = NI-MRU 3.0.0f0 for 64 Bit Windows
"{8FD1C991-DF8F-4BF0-AD45-A5576C42F9ED}" = NI System API Windows 64-bit 5.3.1
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{917B8F5B-B527-4061-A9D0-EA80C7D72C76}" = 3Dconnexion Add-In for SolidWorks 2005 - 2012 (x64)
"{99346652-9C3C-4915-A87F-56BDD018072C}" = NI-DAQmx FSL Installer for 64-Bit Windows 2.2.0
"{9C10623C-BF56-4D66-8F1F-B2D667E44986}" = NI System Web Server Base 12.0.0 (64-bit)
"{A69A94FC-1AA8-4E23-AA87-3F62C4DA8346}" = NI-MDBG 3.0.0f0 for 64 Bit Windows
"{AC599511-CD0C-4B9E-9DC1-C0D3C87D6FCA}" = NI-ORB 3.0 for 64-bit Windows
"{ACA45A9D-5C68-429F-AE87-0F2917136FCC}" = Unterstützung für NI SSL (64 Bit)
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AFE7987B-E282-42CE-AD5A-E333BE31E204}" = NI Curl 12.0.0 (64-bit)
"{B40566D7-9383-4C54-ABC5-8B062834FB90}" = 3Dconnexion Add-In for Inventor 11 - 2013
"{B409E210-BD7F-44B4-B18A-EA2004AF89BA}" = NI RTSI PAL Device Library Installer for 64 Bit Windows 1.3.0
"{B423298D-3A8D-401B-A2CF-13FE218E1AE3}" = NI-DAQmx Dynamic Signal Acquisition for 64 Bit Windows 2.5.0
"{B46DECD1-1764-4EF1-0000-22D71E81877C}" = Autodesk Inventor Content Center Libraries 2013 (Desktop Content)
"{B618335B-11D2-4780-B5CE-AA2D111DB693}" = NI Authentication 12.0.0 (64-bit)
"{BC38CBF6-030B-4E45-956C-4AF4512D54F3}" = 3Dconnexion Add-On for XSI v5.0 - 2013
"{BD432073-6A5D-4F0F-8952-43B3C21A31C3}" = NI Trace Engine (64-bit)
"{C3FB95A9-7A13-431E-B6E5-0E1E43DB8176}" = 3Dconnexion Plug-In for Pro/ENGINEER Wildfire 3.0 - Creo 1.0
"{C4CBE331-9BFC-456B-A4D8-4E43E5EA3788}" = 3Dconnexion Add-In for AutoCAD 2007 - 2010
"{C54BD62F-DD9E-4BDF-863B-6BD9DA95945E}" = NI-PAL 2.9 64-Bit Error Files
"{C788B026-20BD-4E96-B698-533F1D6C5013}" = 64 Bit HP CIO Components Installer
"{CF526A26-1764-0000-0000-02E95019B628}" = Autodesk Vault Basic 2013 (Client)
"{D25FF5C1-1764-469A-9794-69309387C193}" = Schnell-Deinstallations-Tool für Autodesk Inventor 2013
"{D3EC7EFA-59C5-4C1A-89B8-82521548FD5A}" = NI-DAQmx Switch Core for 64 Bit Windows 2.5.0
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{DFE888DA-79D5-C64A-8439-1B224D330F2F}" = ccc-utility64
"{E027C59C-4C47-4BE8-8078-BCD3D2680EC3}" = Eco Materials Adviser (x64)
"{E3E3E625-8F74-44CE-A6D2-C31CB43DA23D}" = NI VC2005MSMs x64
"{EB4F834C-DD0D-42E3-A43D-D61A86246FEB}" = NI-DAQmx 653x Installer for 64 Bit Windows 1.9.5
"{EE5F74BC-5CD5-4EF2-86BA-81E6CF46A18F}" = Autodesk Sync
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6072087-8D41-4911-A319-6CBF61F42811}" = NI-DAQmx MX Expert Framework for 64 Bit Windows 2.12.0
"{F7B62B13-5E47-4511-B317-4F9FBA627BA6}" = NI Logos64 5.2.0
"{FE22D7F1-040E-4900-A03B-230EBB590836}" = NI-DIM 3.0.0f0 for 64 Bit Windows
"{FFF5619F-2013-0064-A85E-9994F70A9E5D}" = Autodesk Inventor Fusion 2013
"Autodesk Inventor Fusion 2013" = Autodesk Inventor Fusion 2013
"Autodesk Inventor Professional 2013" = Autodesk Inventor Professional 2013 Deutsch (German)
"DWG TrueView 2013" = DWG TrueView 2013
"EPSON SX235 Series" = EPSON SX235 Series Printer Uninstall
"GIMP-2_is1" = GIMP 2.8.0
"HP LaserJet Professional P1100-P1560-P1600 Series" = HP LaserJet Professional P1100-P1560-P1600 Series
"Matlab R2012b" = MATLAB R2012b
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01CF3725-EE33-4308-BBF9-90BF6AC43814}" = NI Logos 5.2.0
"{036C09F0-1423-4097-9720-D9E034CFF50A}" = NI Web Application Server 12.0
"{047F790A-7A2A-4B6A-AD02-38092BA63DAC}" = Acer VCM
"{080FA973-1BE0-6E71-C03D-8F6081C3F64B}" = CCC Help Danish
"{0869FCA0-E7F7-45B4-8AA6-C7F38BDC999A}" = NI Ethernet Device Enumerator
"{0B5A281E-677E-4F61-9A82-964FCAFDFF2F}" = NI MDF Support
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{0DF90E6F-09C8-4BC1-A479-22C68B016AE7}" = 3Dconnexion Plug-in for Acrobat 3D
"{0ED710B6-AD9C-4FC7-A166-6355E97E925C}" = NI System API Windows 32-bit 5.3.1
"{101B3A2E-D391-52C7-2EEA-744F8B0CD0AC}" = CCC Help Dutch
"{10C2A6F0-6700-4D31-AC24-D0D5100B79CC}" = NI Network Discovery 5.3
"{117EBEEB-5DB0-43C8-9FD6-DD583DB152DD}" = Autodesk Material Library 2013
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{14A34B7D-E675-8775-5975-987E9193CE8F}" = CCC Help Spanish
"{153DB567-6FF3-49AD-AC4F-86F8A3CCFDFB}" = Autodesk Design Review 2013
"{15C418EB-7675-42be-B2B3-281952DA014D}" = Sophos AutoUpdate
"{18F3394D-1A34-F631-E789-C0BD57DAC2BA}" = CCC Help Finnish
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1998C8AE-87D7-E562-51D1-582F6D3CBE50}" = CCC Help Italian
"{1B192700-C368-49C1-BF81-D2F9BA065534}" = Catalyst Control Center - Branding
"{23F2FE39-9979-408C-BB18-16EE58C561A5}" = NI-PAL 2.9.0f0
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{24E75860-8DFB-4420-B22A-DBA52F5C521D}" = NI-DIM 3.0.0f0
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{27C6C0A2-2EC9-4FEA-BE2B-659EAAC2C68C}" = Autodesk Material Library Low Resolution Image Library 2013
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{2E3C5EA7-5034-4673-EC48-0B9F0D108F96}" = CCC Help Japanese
"{2FAC789B-8DC2-4147-8DD7-6690E13EB9FD}" = NI-DAQmx 9.6.0
"{30B533D1-F0AB-2C56-648A-C204C033CB6C}" = ccc-core-static
"{30FACB40-F397-42DF-A40C-1FA6B3E69D18}" = NI PXI Platform Services 3.0.3 Expert
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{34F2DA68-5394-490F-7426-B6BBEF9E9271}" = CCC Help Thai
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer PowerSmart Manager
"{3DFE81D3-F8A9-4746-BC91-1C219EDEC95A}" = NI-ORB 3.0
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4273A992-97B0-22D1-1E72-2B634E161232}" = CCC Help Chinese Traditional
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{44ABC0C0-CB66-4120-BBA5-70514745109F}" = NI Certificates Deployment Support
"{44D6B4F3-47AA-424E-A4AE-9F62D80D6701}" = NI-APAL 2.2 Error Files for LabVIEW RT
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AD89ED9-446F-4B07-8015-354E5EAB4220}" = NI-DAQmx FSL Installer 2.2.0
"{4B877FC6-F44C-4B39-B0B6-CE15ADC63997}" = NI VC2005MSMs x86
"{4C7AB285-CE33-459F-AB26-0E2DBCCDA2D7}" = NI Trace Engine
"{4E515022-7CE0-2FBF-B65A-0D22B983B3B8}" = CCC Help Korean
"{526FED3E-499E-4989-B9F9-207E2FE425AA}" = Unterstützung für NI SSL
"{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2627.01)
"{5545EEE4-FA36-4F76-B6BE-5696E7F4E2D6}" = VBA (2701.01)
"{570AFAC0-96B1-4491-B24B-6D251C52AFA4}" = NI System Web Server 12.0
"{571AA09E-720E-5FC0-1A52-39D3959A128E}" = PX Profile Update
"{59DA8C21-C667-47D0-A259-AA942C9A9717}" = NI Curl 12.0.0
"{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader
"{5A60B78C-0AC1-4D49-9D74-1B3C8D8734EA}" = NI Atomic PXIe Peripheral Module Driver 2.3.0
"{606E12B9-641F-4644-A22A-FF38AE980AFD}" = Autodesk Material Library Base Resolution Image Library 2013
"{60E20402-AC6B-CA7D-7BB7-F022D74313C6}" = CCC Help Swedish
"{637F773A-C136-4F92-A906-67BF43ECD1E6}" = NI-DAQmx MX Expert Framework 2.12.0
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65788064-4757-CB23-92A7-9D5D447F32BC}" = CCC Help Hungarian
"{6AAB8068-BEB6-4CB6-958E-717EA6402467}" = 3Dconnexion Trainer
"{6C4E5692-4447-41EF-B792-D6795681B6AD}" = NI-MDBG 3.0.0f0
"{6D236956-B79D-4748-BEA3-A039334A66AB}" = 3Dconnexion Collage
"{6E22CE6C-3F93-4B52-9D4D-BE9BEA3C3B23}" = NI Portable Configuration 5.3.0
"{6F7B933C-55A2-4F8A-BFA5-BF98CBD61C24}" = NI mDNS Responder 2.1.0
"{70018574-BBF0-AFF0-E3A4-8B242404CAFD}" = CCC Help Polish
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{74A1254E-2B30-49D8-A962-202CC9C09528}" = NI-DAQmx Common Digital 1.15.0
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{78016C20-89B4-481D-BDD6-5D6ADBC3443F}" = NI-DAQmx Dynamic Signal Acquisition Installer 2.5.0
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7C2E5CDC-2265-439A-8637-6C940E3D0A7B}" = NI PXI Platform Framework 1.6.0
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{821B5AF9-4956-4B67-BF41-650B68CE3F1C}" = NI-DAQmx Switch Core 2.5.0
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
"{85A12E3C-16F1-6129-F2D6-80016A30ED0D}" = CCC Help Chinese Standard
"{892F1E79-65C7-EBFA-2D82-D45D53C106C3}" = CCC Help English
"{89463BCF-A199-8F20-2692-1158A84225BB}" = CCC Help Russian
"{8AFFC1A0-EF7A-4D32-AA2C-9EA459E21276}" = NI-DAQmx SCXI 2.1.1
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{96AD092D-E344-464E-8D2B-F6ACA6E83EFF}" = NI PXI Platform Services 3.0.3
"{979308D8-0616-46E3-8269-E4C6661CB946}" = NI-DAQmx 653x Installer 1.9.5
"{97A47220-6DF7-45A5-A766-59EF36E1F600}" = NI-RPC 4.3.0f0
"{9930C553-9EDC-403A-9088-BAD296D5341B}" = NI PXI SystemAPI Expert 3.0.3
"{99913581-07B0-6B84-9528-F65C248AA3D2}" = CCC Help Greek
"{9ACB414D-9347-40B6-A453-5EFB2DB59DFA}" = Sophos Anti-Virus
"{9D8FC253-CDAA-481E-BDA2-D38253292F37}" = NI-DAQ INF Files 19.6.0
"{9FB9427D-FCEF-4831-9083-950A476DE091}" = NI-MXLC Core (32-bit)
"{A11FBE34-2710-EC90-7149-7A78EDC498AB}" = CCC Help Czech
"{A1A00855-1BED-47B3-9A10-BF07CC0F0930}" = NI-DAQmx MIO Device Drivers 2.9.0
"{A27F9884-D0F7-4788-B016-CC55FA3015D3}" = NI Logos XT Support
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{AB3549BC-69A5-48DD-94DD-D2145413613C}" = NI RTSI Cable Core Installer 1.3.0
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.01) - Deutsch
"{AE09C972-EEB2-4DA5-8090-0FCF54576854}" = Optical Drive Power Management
"{AED17FC7-86C3-47BE-84F9-9F078F522770}" = NI System State Publisher
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B3137CC2-0CC4-4763-B38A-AC0ACEE27740}" = NI-RPC 4.3.0f0 for Phar Lap ETS
"{B4D7F809-ED68-49FD-A1A0-1C77FC956965}" = NI MXS 5.3.0
"{BABFD9C0-6596-4460-AD25-9866304230E2}" = NI Uninstaller
"{BAFCA6AC-8B37-405B-B57E-C1D45DE70ACC}" = 3Dconnexion 3DxSoftware (x64 Edition)
"{BF15BE5B-A45E-6312-304F-39475AE9722F}" = CCC Help Turkish
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C574D5B8-AAF5-431D-BAE3-BF89EAF4BDFC}" = NI EulaDepot
"{C64AB16A-3FFF-45C4-A830-3365CF88CA4A}" = NI RTSI PAL Device Library Installer 1.3.0
"{C9690FF6-AD3E-43B0-A7FD-6D8A4C929D2C}" = NI System Web Server Base 12.0.0
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{D1280DCC-F2CC-BBDF-2E1E-EF8D0A4CD3C3}" = Catalyst Control Center Localization All
"{D535632D-624E-0B64-A107-6E3AD09893E3}" = Catalyst Control Center Graphics Previews Vista
"{D6C630BF-8DBB-4042-8562-DC9A52CB6E7E}" = Intel(R) Turbo Boost Technology Driver
"{D767A1E2-930B-93DC-B0D8-AC6456A19C82}" = CCC Help Norwegian
"{D7FBD47D-565E-4D03-974D-8ED6C76D887E}" = NI-MXDF 3.0.0f0
"{DAC3C995-8C29-8310-558B-9869CED00978}" = CCC Help Portuguese
"{DEC25D81-2317-47F6-8B26-D54A939DA1EE}" = NI LabVIEW C Interface
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E566097D-791C-C25F-8559-B440021AC7D7}" = CCC Help French
"{E6068691-1FBC-4EF0-87E8-609CDB32038A}" = NI Xerces Delay Load 2.7.3
"{E84997A1-4D6F-4C0B-B60D-F85B360D2666}" = NI VC2008MSMs x86
"{E9592CCE-3058-4308-B52A-5AEA08E54F13}" = NI Authentication 12.0.0
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EAC44648-E378-45C7-BEF3-3DD68980E465}" = NI GMP Windows 32-bit Installer 12.0.0
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2057D50-4306-4156-A002-0C3B306E3CA3}" = 3Dconnexion Extension for SketchUp
"{F25EC416-A553-4EC4-B06E-F805C36E1FAB}" = NI-DAQmx STC 1.11.0
"{F41EED10-5D40-4641-ABE7-8EDBDEE3E0FB}" = NI-APAL 2.2 Error Files
"{F4439A5D-D097-4FC1-8E29-8A77AAA8EE77}" = NI-PAL 2.9 Error Files
"{F4B4D855-425A-6BC9-9461-03F03FA77690}" = Catalyst Control Center InstallProxy
"{F6C735A7-BCE1-4CC8-B018-055F167E1C1E}" = NI-DAQmx Timing Installer 2.6.0
"{F7E9AFE9-1EC3-4E03-BEBC-0E1B5817DD60}" = NI-MRU 3.0.0f0
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FDCDE331-EEB2-E1EE-8765-B195B2B0B25D}" = CCC Help German
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Autodesk Design Review 2013" = Autodesk Design Review 2013
"Autodesk Vault Basic 2013 (Client)" = Autodesk Vault Basic 2013 (Client)
"FormatFactory" = FormatFactory 3.0.1
"Identity Card" = Identity Card
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{5A22D889-FBDD-4AE8-86EC-089D45FC133E}" = Alcor Micro USB Card Reader
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"MiKTeX 2.9" = MiKTeX 2.9
"Mozilla Firefox 18.0.1 (x86 de)" = Mozilla Firefox 18.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NI Uninstaller" = National Instruments - Software
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"Softonic" = Softonic toolbar on IE
"VirtualCloneDrive" = VirtualCloneDrive
"VLC media player" = VLC media player 2.0.2

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3427454082-1433254171-2550170084-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 10.01.2013 07:26:44 | Computer Name = Christian-PC | Source = Bonjour Service | ID = 100
Description =

Error - 10.01.2013 07:26:44 | Computer Name = Christian-PC | Source = Bonjour Service | ID = 100
Description =

Error - 10.01.2013 07:26:45 | Computer Name = Christian-PC | Source = Bonjour Service | ID = 100
Description =

Error - 10.01.2013 07:26:45 | Computer Name = Christian-PC | Source = Bonjour Service | ID = 100
Description =

Error - 10.01.2013 07:26:45 | Computer Name = Christian-PC | Source = Bonjour Service | ID = 100
Description =

Error - 10.01.2013 12:36:21 | Computer Name = Christian-PC | Source = Bonjour Service | ID = 100
Description =

Error - 10.01.2013 12:36:21 | Computer Name = Christian-PC | Source = Bonjour Service | ID = 100
Description =

Error - 10.01.2013 12:36:21 | Computer Name = Christian-PC | Source = Bonjour Service | ID = 100
Description =

Error - 11.01.2013 14:15:24 | Computer Name = Christian-PC | Source = Sophos Anti-Virus | ID = 131073
Description = Es sind keine Versionen der Komponente 'MessageResDSFactory' registriert.
MessageResDSFactory kann nicht ausgegeben werden.

Error - 11.01.2013 14:15:24 | Computer Name = Christian-PC | Source = Sophos Anti-Virus | ID = 131073
Description = Es sind keine Versionen der Komponente 'MessageResDSFactory' registriert.
MessageResDSFactory kann nicht ausgegeben werden.

[ System Events ]
Error - 19.01.2013 15:35:16 | Computer Name = Christian-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068

Error - 19.01.2013 15:35:16 | Computer Name = Christian-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068

Error - 19.01.2013 15:35:16 | Computer Name = Christian-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068

Error - 19.01.2013 15:35:16 | Computer Name = Christian-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068

Error - 19.01.2013 15:35:16 | Computer Name = Christian-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068

Error - 19.01.2013 15:35:16 | Computer Name = Christian-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068

Error - 19.01.2013 15:35:16 | Computer Name = Christian-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068

Error - 19.01.2013 15:35:16 | Computer Name = Christian-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location
Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1068

Error - 19.01.2013 15:35:58 | Computer Name = Christian-PC | Source = DCOM | ID = 10005
Description =

Error - 19.01.2013 15:48:25 | Computer Name = Christian-PC | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80070643 fehlgeschlagen: Definition Update for Windows Defender - KB915597
(Definition 1.143.193.0)


< End of report >

Und eine unter dem Namen "OTL"

Zitat:

OTL logfile created on: 20.01.2013 10:08:29 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Christian\Desktop
64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16443)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,68 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 50,67% Memory free
7,35 Gb Paging File | 5,33 Gb Available in Paging File | 72,52% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 446,13 Gb Total Space | 198,42 Gb Free Space | 44,48% Space Free | Partition Type: NTFS

Computer Name: CHRISTIAN-PC | User Name: Christian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Christian\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\SysWOW64\nipxism.exe (National Instruments Corporation)
PRC - C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe (National Instruments Corporation)
PRC - C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe (National Instruments Corporation)
PRC - C:\Program Files (x86)\National Instruments\MAX\nimxs.exe (National Instruments Corporation)
PRC - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe (National Instruments Corporation)
PRC - C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe (National Instruments Corporation)
PRC - C:\Windows\SysWOW64\nipalsm.exe (National Instruments Corporation)
PRC - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe (Sophos Plc)
PRC - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe (Sophos Plc)
PRC - C:\Program Files (x86)\Sophos\AutoUpdate\ALMon.exe (Sophos Plc)
PRC - C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe (Sophos Plc)
PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
PRC - C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe (National Instruments Corporation)
PRC - C:\Windows\SysWOW64\lktsrv.exe (National Instruments Corporation)
PRC - C:\Windows\SysWOW64\lkads.exe (National Instruments Corporation)
PRC - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe (Sophos Plc)
PRC - C:\Windows\PLFSetI.exe ()
PRC - C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
PRC - C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
PRC - C:\Windows\SysWOW64\lkcitdl.exe (National Instruments, Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Group)
PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\dd2d0cf72eac6e5b113a0059aeb3cab5\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\01b47a246b4ec7bfec31bf4503aceda1\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\c6fb88c8055653672314c29ca4b78a7e\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\e2ee5d77ebe0bd025e7a7a317a43d677\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\82a4c4666ad83c3a375210247e69646b\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\10aba2c167cc1119b80159fd9ac71ca8\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\96a3b737db1e72adaf32d2b350e50c23\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\c54750e64ba10d0fb7b6a636fb3695ca\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\b0b8554c05f194f546a8ed531320760b\mscorlib.ni.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll ()
MOD - C:\Windows\PLFSetI.exe ()
MOD - C:\Program Files (x86)\Launch Manager\CdDirIo.dll ()


========== Services (SafeList) ==========

SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (HPSIService) -- C:\Windows\SysNative\HPSIsvc.exe (HP)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (nipxirmu) -- C:\Windows\SysWOW64\nipxism.exe (National Instruments Corporation)
SRV - (NINetworkDiscovery) -- C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe (National Instruments Corporation)
SRV - (nimDNSResponder) -- C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe (National Instruments Corporation)
SRV - (mxssvr) -- C:\Program Files (x86)\National Instruments\MAX\nimxs.exe (National Instruments Corporation)
SRV - (niSvcLoc) -- C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe (National Instruments Corporation)
SRV - (NIApplicationWebServer64) -- C:\Programme\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe (National Instruments Corporation)
SRV - (NIApplicationWebServer) -- C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe (National Instruments Corporation)
SRV - (FLEXnet Licensing Service 64) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe (Flexera Software, Inc.)
SRV - (mitsijm2013) -- C:\Programme\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe ( )
SRV - (nidevldu) -- C:\Windows\SysWOW64\nipalsm.exe (National Instruments Corporation)
SRV - (swi_service) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe (Sophos Plc)
SRV - (SAVAdminService) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe (Sophos Plc)
SRV - (Sophos AutoUpdate Service) -- C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe (Sophos Plc)
SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (NIDomainService) -- C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe (National Instruments Corporation)
SRV - (lkTimeSync) -- C:\Windows\SysWOW64\lktsrv.exe (National Instruments Corporation)
SRV - (lkClassAds) -- C:\Windows\SysWOW64\lkads.exe (National Instruments Corporation)
SRV - (SAVService) -- C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe (Sophos Plc)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer PowerSmart Manager\ePowerSvc.exe (Acer Incorporated)
SRV - (MWLService) -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe (Egis Technology Inc.)
SRV - (ODDPwrSvc) -- C:\Programme\Acer\Optical Drive Power Management\ODDPWRSvc.exe (Acer Incorporated)
SRV - (CVPND) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (LkCitadelServer) -- C:\Windows\SysWOW64\lkcitdl.exe (National Instruments, Inc.)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (RS_Service) -- C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe (Acer Incorporated)
SRV - (Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Group)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (niufurk) -- C:\Windows\SysNative\drivers\niufurkl.sys (National Instruments Corporation)
DRV:64bit: - (niwfrk) -- C:\Windows\SysNative\drivers\niwfrkl.sys (National Instruments Corporation)
DRV:64bit: - (nissrk) -- C:\Windows\SysNative\drivers\nissrkl.sys (National Instruments Corporation)
DRV:64bit: - (niesrk) -- C:\Windows\SysNative\drivers\niesrkl.sys (National Instruments Corporation)
DRV:64bit: - (nixsrk) -- C:\Windows\SysNative\drivers\nixsrkl.sys (National Instruments Corporation)
DRV:64bit: - (niemrk) -- C:\Windows\SysNative\drivers\niemrkl.sys (National Instruments Corporation)
DRV:64bit: - (niemrkw) -- C:\Windows\SysNative\drivers\niemrkw.sys (National Instruments Corporation)
DRV:64bit: - (nicmrk) -- C:\Windows\SysNative\drivers\nicmrkl.sys (National Instruments Corporation)
DRV:64bit: - (niraptrk) -- C:\Windows\SysNative\drivers\niraptrkl.sys (National Instruments Corporation)
DRV:64bit: - (nicsrk) -- C:\Windows\SysNative\drivers\nicsrkl.sys (National Instruments Corporation)
DRV:64bit: - (nicondrk) -- C:\Windows\SysNative\drivers\nicondrkl.sys (National Instruments Corporation)
DRV:64bit: - (nidsark) -- C:\Windows\SysNative\drivers\nidsarkl.sys (National Instruments Corporation)
DRV:64bit: - (niswdk) -- C:\Windows\SysNative\drivers\niswdkl.sys (National Instruments Corporation)
DRV:64bit: - (nistc3rk) -- C:\Windows\SysNative\drivers\nistc3rkl.sys (National Instruments Corporation)
DRV:64bit: - (nitiork) -- C:\Windows\SysNative\drivers\nitiorkl.sys (National Instruments Corporation)
DRV:64bit: - (nicdcck) -- C:\Windows\SysNative\drivers\nicdcckl.sys (National Instruments Corporation)
DRV:64bit: - (nipxirmk) -- C:\Windows\SysNative\drivers\nipxirmkl.sys (National Instruments Corporation)
DRV:64bit: - (nifslk) -- C:\Windows\SysNative\drivers\nifslkl.sys (National Instruments Corporation)
DRV:64bit: - (nimsdrk) -- C:\Windows\SysNative\drivers\nimsdrkl.sys (National Instruments Corporation)
DRV:64bit: - (nimxpk) -- C:\Windows\SysNative\drivers\nimxpkl.sys (National Instruments Corporation)
DRV:64bit: - (nimstsk) -- C:\Windows\SysNative\drivers\nimstskl.sys (National Instruments Corporation)
DRV:64bit: - (nidmxfk) -- C:\Windows\SysNative\drivers\nidmxfkl.sys (National Instruments Corporation)
DRV:64bit: - (lvalarmk) -- C:\Windows\SysNative\drivers\lvalarmk.sys (National Instruments Corporation)
DRV:64bit: - (nimru2k) -- C:\Windows\SysNative\drivers\nimru2kl.sys (National Instruments Corporation)
DRV:64bit: - (nimxdfk) -- C:\Windows\SysNative\drivers\nimxdfkl.sys (National Instruments Corporation)
DRV:64bit: - (nidimk) -- C:\Windows\SysNative\drivers\nidimkl.sys (National Instruments Corporation)
DRV:64bit: - (nimdbgk) -- C:\Windows\SysNative\drivers\nimdbgkl.sys (National Instruments Corporation)
DRV:64bit: - (niorbk) -- C:\Windows\SysNative\drivers\niorbkl.sys (National Instruments Corporation)
DRV:64bit: - (nipalfwedl) -- C:\Windows\SysNative\drivers\nipalfwedl.sys (National Instruments Corporation)
DRV:64bit: - (nipalusbedl) -- C:\Windows\SysNative\drivers\nipalusbedl.sys (National Instruments Corporation)
DRV:64bit: - (NIPALK) -- C:\Windows\SysNative\drivers\nipalk.sys (National Instruments Corporation)
DRV:64bit: - (nipxibrc) -- C:\Windows\SysNative\drivers\nipxibrc.sys (National Instruments Corporation)
DRV:64bit: - (nispdk) -- C:\Windows\SysNative\drivers\nispdkl.sys (National Instruments Corporation)
DRV:64bit: - (niscdk) -- C:\Windows\SysNative\drivers\niscdkl.sys (National Instruments Corporation)
DRV:64bit: - (ni1065k) -- C:\Windows\SysNative\drivers\ni1065k.sys (National Instruments Corporation)
DRV:64bit: - (ni1045k) -- C:\Windows\SysNative\drivers\ni1045kl.sys (National Instruments Corporation)
DRV:64bit: - (ni1006k) -- C:\Windows\SysNative\drivers\ni1006k.sys (National Instruments Corporation)
DRV:64bit: - (nipxibaf) -- C:\Windows\SysNative\drivers\nipxibaf.sys (National Instruments Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (nisdigk) -- C:\Windows\SysNative\drivers\nisdigkl.sys (National Instruments Corporation)
DRV:64bit: - (NIEthernetDeviceEnumerator) -- C:\Windows\SysNative\drivers\niede.sys (National Instruments Corporation)
DRV:64bit: - (nipbcfk) -- C:\Windows\SysNative\drivers\nipbcfk.sys (National Instruments Corporation)
DRV:64bit: - (nipxigpk) -- C:\Windows\SysNative\drivers\nipxigpk.sys (National Instruments Corporation)
DRV:64bit: - (usb6xxxkw) -- C:\Windows\SysNative\drivers\usb6xxxkw.sys (National Instruments Corporation)
DRV:64bit: - (nicdrk) -- C:\Windows\SysNative\drivers\nicdrkl.sys (National Instruments Corporation)
DRV:64bit: - (nistcrk) -- C:\Windows\SysNative\drivers\nistcrkl.sys (National Instruments Corporation)
DRV:64bit: - (nisftk) -- C:\Windows\SysNative\drivers\nisftkl.sys (National Instruments Corporation)
DRV:64bit: - (ninshsdk) -- C:\Windows\SysNative\drivers\ninshsdkl.sys (National Instruments Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (VClone) -- C:\Windows\SysNative\drivers\VClone.sys (Elaborate Bytes AG)
DRV:64bit: - (ElbyCDIO) -- C:\Windows\SysNative\drivers\ElbyCDIO.sys (Elaborate Bytes AG)
DRV:64bit: - (SAVOnAccess) -- C:\Windows\SysNative\drivers\savonaccess.sys (Sophos Plc)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (intelkmd) -- C:\Windows\SysNative\drivers\igdpmd64.sys (Intel Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (btwampfl) -- C:\Windows\SysNative\drivers\btwampfl.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NTI Corporation)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NTI Corporation)
DRV:64bit: - (CVPNDRVA) -- C:\Windows\SysNative\drivers\CVPNDRVA.sys ()
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (SophosBootDriver) -- C:\Windows\SysNative\drivers\SophosBootDriver.sys (Sophos Plc)
DRV:64bit: - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:64bit: - (CVirtA) -- C:\Windows\SysNative\drivers\CVirtA64.sys (Cisco Systems, Inc.)
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.)
DRV:64bit: - (nistc2k) -- C:\Windows\SysNative\drivers\nistc2kl.sys (National Instruments Corporation)
DRV:64bit: - (DNE) -- C:\Windows\SysNative\drivers\dne64x.sys (Deterministic Networks, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3427454082-1433254171-2550170084-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
IE - HKU\S-1-5-21-3427454082-1433254171-2550170084-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer.msn.com
IE - HKU\S-1-5-21-3427454082-1433254171-2550170084-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3427454082-1433254171-2550170084-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3427454082-1433254171-2550170084-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "LEO Eng-Deu"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.zeit.de/index"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.3.1: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.3.1: C:\Program Files\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.20 10:02:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.20 10:02:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012.03.26 18:45:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christian\AppData\Roaming\mozilla\Extensions
[2012.10.23 19:14:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Christian\AppData\Roaming\mozilla\Firefox\Profiles\impqc2l0.default\extensions
[2012.05.23 11:34:24 | 000,000,933 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\mozilla\firefox\profiles\impqc2l0.default\searchplugins\11-suche.xml
[2012.05.23 11:34:24 | 000,002,419 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\mozilla\firefox\profiles\impqc2l0.default\searchplugins\englische-ergebnisse.xml
[2012.05.23 11:34:24 | 000,010,525 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\mozilla\firefox\profiles\impqc2l0.default\searchplugins\gmx-suche.xml
[2012.05.23 11:34:24 | 000,002,457 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\mozilla\firefox\profiles\impqc2l0.default\searchplugins\lastminute.xml
[2012.05.23 11:34:24 | 000,005,508 | ---- | M] () -- C:\Users\Christian\AppData\Roaming\mozilla\firefox\profiles\impqc2l0.default\searchplugins\webde-suche.xml
[2013.01.19 15:50:55 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.01.19 21:08:50 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\updated\extensions
[2013.01.19 21:08:50 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\updated\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.01.20 10:02:35 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2013.01.20 10:02:31 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2013.01.20 10:02:31 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2013.01.20 10:02:31 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2013.01.20 10:02:31 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2013.01.20 10:02:31 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2013.01.20 10:02:31 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Sophos Web Content Scanner) - {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SophosBHOX64.dll (Sophos Plc)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Sophos Web Content Scanner) - {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SophosBHO.dll (Sophos Plc)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Softonic Helper Object) - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.5.24.3\bh\Softonic.dll (Softonic.com)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Softonic Toolbar) - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.5.24.3\SoftonicTlbr.dll (Softonic.com)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (AlcorMicro Co., Ltd.)
O4:64bit: - HKLM..\Run: [Autodesk Sync] C:\Programme\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [ODDPwr] C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\ootag.exe (Microsoft)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe ()
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe (Microsoft)
O4 - HKLM..\Run: [Sophos AutoUpdate Monitor] C:\Program Files (x86)\Sophos\AutoUpdate\almon.exe (Sophos Plc)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3427454082-1433254171-2550170084-1000..\Run: [EPSON SX235 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /FU "C:\Users\CHRIST~1\AppData\Local\Temp\E_SF5B4.tmp" /EF "HKCU" File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Programme\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll (National Instruments Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll (Sophos Plc)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll (Sophos Plc)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll (Sophos Plc)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll (Sophos Plc)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll (Sophos Plc)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll (Sophos Plc)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll (Sophos Plc)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll (Sophos Plc)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000020 - C:\ProgramData\Sophos Web Intelligence\swi_lsp_64.dll (Sophos Plc)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsNSP.dll (National Instruments Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll (Sophos Plc)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll (Sophos Plc)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll (Sophos Plc)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll (Sophos Plc)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll (Sophos Plc)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll (Sophos Plc)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll (Sophos Plc)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll (Sophos Plc)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\ProgramData\Sophos Web Intelligence\swi_lsp.dll (Sophos Plc)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 10.3.1)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab (Java Plug-in 1.7.0_03)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6CFA7C1D-77CA-4F44-B72B-E5BBA17824D7}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL) - C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~2.DLL (Sophos Plc)
O20 - AppInit_DLLs: (C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL) - C:\PROGRA~2\Sophos\SOPHOS~1\SOPHOS~1.DLL (Sophos Plc)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.04.29 14:40:29 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O33 - MountPoints2\{f045b150-2809-11e2-82bc-b34082cbe503}\Shell - "" = AutoRun
O33 - MountPoints2\{f045b150-2809-11e2-82bc-b34082cbe503}\Shell\AutoRun\command - "" = D:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013.01.20 10:06:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Christian\Desktop\OTL.exe
[2013.01.19 20:55:03 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Roaming\Malwarebytes
[2013.01.19 20:54:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.01.19 20:54:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.01.19 20:54:35 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.01.19 20:54:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.01.19 20:54:24 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Programs
[2013.01.19 20:44:25 | 000,000,000 | ---D | C] -- C:\Users\Christian\AppData\Local\Sophos
[2013.01.16 13:46:21 | 000,000,000 | ---D | C] -- C:\Users\Christian\Desktop\Neuseeland
[2013.01.13 19:03:02 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2013.01.13 19:02:00 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2013.01.13 19:01:59 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2013.01.13 19:01:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes
[2013.01.13 19:01:59 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
[2013.01.11 17:24:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.01.10 10:57:07 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013.01.10 10:57:07 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013.01.10 10:56:49 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013.01.10 10:56:47 | 000,801,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013.01.10 10:56:39 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013.01.10 10:56:37 | 002,745,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013.01.10 10:56:37 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013.01.10 10:56:37 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013.01.10 10:56:37 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013.01.10 10:56:37 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013.01.10 10:56:37 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013.01.10 10:56:37 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013.01.10 10:56:37 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013.01.10 10:56:37 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013.01.10 10:56:37 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013.01.10 10:56:37 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013.01.10 10:56:37 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013.01.10 10:56:37 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013.01.10 10:56:37 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013.01.10 10:56:37 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013.01.10 10:56:37 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013.01.10 10:56:37 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013.01.10 10:56:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013.01.10 10:56:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013.01.10 10:56:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013.01.10 10:56:37 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013.01.10 10:56:37 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013.01.10 10:56:37 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013.01.10 10:56:36 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013.01.10 10:56:36 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013.01.10 10:56:36 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013.01.10 10:56:36 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013.01.10 10:56:36 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013.01.10 10:56:36 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013.01.10 10:56:36 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013.01.10 10:56:36 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013.01.10 10:56:17 | 000,424,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013.01.10 10:56:16 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013.01.10 10:56:16 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013.01.10 10:56:16 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013.01.10 10:56:16 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013.01.10 10:56:16 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.01.10 10:56:16 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013.01.10 10:56:16 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.01.10 10:56:16 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013.01.10 10:56:16 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.01.10 10:56:16 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.10 10:56:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.10 10:56:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.10 10:56:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013.01.10 10:56:16 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013.01.10 10:56:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.10 10:56:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013.01.10 10:56:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013.01.10 10:56:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013.01.10 10:56:16 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.10 10:56:15 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.01.10 10:56:15 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.01.10 10:56:15 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013.01.10 10:56:15 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013.01.10 10:56:15 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013.01.10 10:56:15 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013.01.10 10:56:15 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.10 10:56:15 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.10 10:56:15 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.10 10:56:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013.01.10 10:56:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.10 10:56:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.10 10:56:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013.01.10 10:56:15 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013.01.10 10:56:15 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013.01.10 10:56:15 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.01.09 12:08:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe
[2012.12.25 16:48:18 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\Windows\SysNative\atmlib.dll
[2012.12.25 16:48:18 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\SysWow64\atmlib.dll
[2012.12.25 16:48:16 | 000,367,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysNative\atmfd.dll
[2012.12.25 16:48:16 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\atmfd.dll
[2012.12.24 16:45:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\EPSON
[2012.12.24 16:45:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
[2012.12.24 16:45:22 | 000,000,000 | ---D | C] -- C:\ProgramData\EPSON
[2012.12.24 16:43:56 | 000,010,752 | ---- | C] (SEIKO EPSON CORP.) -- C:\Windows\SysNative\E_GCINST.DLL
[2012.12.24 16:43:54 | 000,118,784 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_ILMHLE.DLL
[2012.12.24 16:43:53 | 000,088,064 | ---- | C] (SEIKO EPSON CORPORATION) -- C:\Windows\SysNative\E_IBCBHLE.DLL

========== Files - Modified Within 30 Days ==========

[2013.01.20 10:08:23 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.20 10:08:23 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.20 10:06:26 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Christian\Desktop\OTL.exe
[2013.01.20 10:01:20 | 000,000,554 | ---- | M] () -- C:\Windows\tasks\MATLAB R2012b Startup Accelerator.job
[2013.01.20 10:00:33 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.20 10:00:31 | 2962,243,584 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.20 09:58:11 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.01.19 20:54:42 | 000,001,117 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.01.18 10:07:16 | 000,008,378 | ---- | M] () -- C:\Users\Christian\AppData\Local\recently-used.xbel
[2013.01.16 12:29:22 | 000,004,092 | ---- | M] () -- C:\Users\Christian\Desktop\5. Semester.lnk
[2013.01.16 12:26:49 | 001,612,484 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.01.16 12:26:49 | 000,696,870 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.01.16 12:26:49 | 000,652,148 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.16 12:26:49 | 000,148,134 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.01.16 12:26:49 | 000,121,080 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.01.15 15:06:01 | 001,703,844 | ---- | M] () -- C:\Users\Christian\Desktop\vorlesungsskript.pdf
[2013.01.14 12:51:35 | 445,599,787 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.01.13 19:03:06 | 000,001,787 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.01.11 20:44:12 | 000,544,736 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.01.11 16:25:20 | 001,590,378 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.01.10 15:39:25 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.01.10 15:39:25 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.01.09 12:08:37 | 000,002,023 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2012.12.26 20:39:17 | 000,000,508 | ---- | M] () -- C:\Windows\wininit.ini
[2012.12.26 20:39:03 | 000,000,995 | ---- | M] () -- C:\Users\Christian\Desktop\Dropbox.lnk

========== Files Created - No Company Name ==========

[2013.01.19 20:54:42 | 000,001,117 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.01.18 10:07:16 | 000,008,378 | ---- | C] () -- C:\Users\Christian\AppData\Local\recently-used.xbel
[2013.01.16 12:29:22 | 000,004,092 | ---- | C] () -- C:\Users\Christian\Desktop\5. Semester.lnk
[2013.01.15 15:05:58 | 001,703,844 | ---- | C] () -- C:\Users\Christian\Desktop\vorlesungsskript.pdf
[2013.01.13 19:03:06 | 000,001,787 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2013.01.09 12:08:37 | 000,002,023 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk
[2013.01.09 12:08:36 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
[2012.06.07 14:13:22 | 000,000,508 | ---- | C] () -- C:\Windows\wininit.ini
[2012.05.23 14:50:42 | 000,000,244 | ---- | C] () -- C:\Windows\SysWow64\nirpc.ini
[2012.05.17 13:14:10 | 000,000,036 | ---- | C] () -- C:\Users\Christian\.org.eclipse.epp.usagedata.recording.userId
[2012.04.03 09:33:10 | 001,590,378 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.03.29 17:36:00 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\spwini.dll
[2012.03.26 22:13:39 | 000,000,142 | ---- | C] () -- C:\Windows\ODBC.INI
[2012.03.26 11:39:16 | 000,001,075 | ---- | C] () -- C:\Users\Christian\Dokumente - Verknüpfung.lnk
[2012.03.15 21:31:18 | 000,206,208 | ---- | C] () -- C:\Windows\PLFSetI.exe
[2012.03.15 21:31:18 | 000,193,400 | ---- | C] () -- C:\Windows\flicker.dll
[2012.03.15 21:31:18 | 000,066,424 | ---- | C] () -- C:\Windows\setpwlin.exe
[2012.03.15 21:31:18 | 000,059,992 | ---- | C] ( ) -- C:\Windows\AutosetFrequency.exe
[2012.03.15 21:31:18 | 000,000,673 | ---- | C] () -- C:\Windows\AutoSetFrequency.ini
[2012.03.15 21:31:18 | 000,000,378 | ---- | C] () -- C:\Windows\PidList.ini
[2012.03.15 21:12:55 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.03.15 21:10:08 | 000,002,189 | ---- | C] () -- C:\Windows\SysWow64\atipblup.dat
[2012.03.07 21:22:40 | 000,051,296 | ---- | C] () -- C:\Windows\SysWow64\nispdu.dll
[2012.03.07 21:09:48 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\niscdrau.dll
[2011.11.07 16:23:59 | 000,131,984 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2011.11.07 15:44:01 | 000,870,560 | ---- | C] () -- C:\Windows\SysWow64\igkrng575.bin
[2011.11.07 15:44:01 | 000,208,896 | ---- | C] () -- C:\Windows\SysWow64\iglhsip32.dll
[2011.11.07 15:44:01 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\iglhcp32.dll
[2011.11.07 15:44:01 | 000,127,868 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng575.bin
[2011.11.07 15:44:01 | 000,104,636 | ---- | C] () -- C:\Windows\SysWow64\igfcg575m.bin
[2011.11.07 15:44:00 | 000,002,189 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat

========== ZeroAccess Check ==========

[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:30:56 | 014,165,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:46:56 | 012,868,608 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.07.14 02:15:20 | 000,605,696 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >

Was ist jetzt der nächste Schritt?

Vielen Dank schonmal für die Hilfe!

Hi
auch hier fehlen updates, wie zb das Servicepack1 für windows7
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
c: öffnen, tdsskiller-datum-version.txt öffnen, Inhalt posten

Hier der Inhalt der Datei

Zitat:

15:10:54.0243 6708 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:10:54.0623 6708 ============================================================
15:10:54.0623 6708 Current date / time: 2013/01/20 15:10:54.0623
15:10:54.0623 6708 SystemInfo:
15:10:54.0623 6708
15:10:54.0623 6708 OS Version: 6.1.7600 ServicePack: 0.0
15:10:54.0623 6708 Product type: Workstation
15:10:54.0623 6708 ComputerName: CHRISTIAN-PC
15:10:54.0623 6708 UserName: Christian
15:10:54.0623 6708 Windows directory: C:\Windows
15:10:54.0623 6708 System windows directory: C:\Windows
15:10:54.0623 6708 Running under WOW64
15:10:54.0623 6708 Processor architecture: Intel x64
15:10:54.0623 6708 Number of processors: 4
15:10:54.0623 6708 Page size: 0x1000
15:10:54.0623 6708 Boot type: Normal boot
15:10:54.0623 6708 ============================================================
15:10:56.0393 6708 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:10:56.0403 6708 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:10:56.0473 6708 ============================================================
15:10:56.0473 6708 \Device\Harddisk0\DR0:
15:10:56.0473 6708 MBR partitions:
15:10:56.0473 6708 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2710800, BlocksNum 0x32000
15:10:56.0473 6708 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x2742800, BlocksNum 0x37C42800
15:10:56.0473 6708 \Device\Harddisk1\DR1:
15:10:56.0513 6708 MBR partitions:
15:10:56.0513 6708 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C02
15:10:56.0513 6708 ============================================================
15:10:56.0553 6708 C: <-> \Device\Harddisk0\DR0\Partition2
15:10:56.0593 6708 E: <-> \Device\Harddisk1\DR1\Partition1
15:10:56.0593 6708 ============================================================
15:10:56.0593 6708 Initialize success
15:10:56.0593 6708 ============================================================
15:11:37.0338 6468 ============================================================
15:11:37.0338 6468 Scan started
15:11:37.0338 6468 Mode: Manual; SigCheck; TDLFS;
15:11:37.0338 6468 ============================================================
15:11:39.0438 6468 ================ Scan system memory ========================
15:11:39.0438 6468 System memory - ok
15:11:39.0438 6468 ================ Scan services =============================
15:11:39.0878 6468 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
15:11:40.0548 6468 1394ohci - ok
15:11:40.0608 6468 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
15:11:40.0648 6468 ACPI - ok
15:11:40.0698 6468 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
15:11:40.0818 6468 AcpiPmi - ok
15:11:41.0118 6468 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:11:41.0138 6468 AdobeARMservice - ok
15:11:41.0308 6468 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:11:41.0318 6468 AdobeFlashPlayerUpdateSvc - ok
15:11:41.0488 6468 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:11:41.0558 6468 adp94xx - ok
15:11:41.0598 6468 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:11:41.0638 6468 adpahci - ok
15:11:41.0658 6468 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:11:41.0688 6468 adpu320 - ok
15:11:41.0758 6468 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:11:42.0058 6468 AeLookupSvc - ok
15:11:42.0148 6468 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
15:11:42.0328 6468 AFD - ok
15:11:42.0428 6468 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
15:11:42.0458 6468 agp440 - ok
15:11:42.0508 6468 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
15:11:42.0608 6468 ALG - ok
15:11:42.0668 6468 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
15:11:42.0698 6468 aliide - ok
15:11:42.0798 6468 [ FF779F9DE1CDF477033858B7681CEDA8 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
15:11:42.0988 6468 AMD External Events Utility - ok
15:11:43.0048 6468 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
15:11:43.0078 6468 amdide - ok
15:11:43.0118 6468 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:11:43.0198 6468 AmdK8 - ok
15:11:43.0478 6468 [ EF2B99DCEE397B45F50594696D7B5339 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:11:43.0838 6468 amdkmdag - ok
15:11:43.0888 6468 [ 239DCE60BEE6E1576C803948AB4D54C5 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
15:11:43.0948 6468 amdkmdap - ok
15:11:43.0998 6468 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:11:44.0058 6468 AmdPPM - ok
15:11:44.0198 6468 [ EC7EBAB00A4D8448BAB68D1E49B4BEB9 ] amdsata C:\Windows\system32\drivers\amdsata.sys
15:11:44.0228 6468 amdsata - ok
15:11:44.0278 6468 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:11:44.0308 6468 amdsbs - ok
15:11:44.0328 6468 [ DB27766102C7BF7E95140A2AA81D042E ] amdxata C:\Windows\system32\drivers\amdxata.sys
15:11:44.0348 6468 amdxata - ok
15:11:44.0418 6468 [ 391887990CDAA83DE5C56C3FDE966DA1 ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
15:11:44.0538 6468 AmUStor - ok
15:11:44.0708 6468 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
15:11:44.0908 6468 AppID - ok
15:11:44.0958 6468 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:11:45.0048 6468 AppIDSvc - ok
15:11:45.0098 6468 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
15:11:45.0248 6468 Appinfo - ok
15:11:45.0438 6468 [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:11:45.0458 6468 Apple Mobile Device - ok
15:11:45.0518 6468 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
15:11:45.0538 6468 arc - ok
15:11:45.0568 6468 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:11:45.0588 6468 arcsas - ok
15:11:46.0018 6468 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:11:46.0078 6468 aspnet_state - ok
15:11:46.0119 6468 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:11:46.0199 6468 AsyncMac - ok
15:11:46.0249 6468 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
15:11:46.0279 6468 atapi - ok
15:11:46.0389 6468 [ 2D648572BA9A610952FCAFBA1E119C2D ] AtiHdmiService C:\Windows\system32\drivers\AtiHdmi.sys
15:11:46.0689 6468 AtiHdmiService - ok
15:11:46.0739 6468 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:11:46.0839 6468 AudioEndpointBuilder - ok
15:11:46.0899 6468 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
15:11:46.0949 6468 AudioSrv - ok
15:11:47.0019 6468 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:11:47.0139 6468 AxInstSV - ok
15:11:47.0239 6468 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
15:11:47.0369 6468 b06bdrv - ok
15:11:47.0469 6468 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
15:11:47.0529 6468 b57nd60a - ok
15:11:47.0659 6468 [ 2D659B569A76CDB83B815675A80D7096 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
15:11:47.0909 6468 BCM43XX - ok
15:11:47.0979 6468 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
15:11:48.0069 6468 BDESVC - ok
15:11:48.0139 6468 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
15:11:48.0279 6468 Beep - ok
15:11:48.0399 6468 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
15:11:48.0499 6468 BFE - ok
15:11:48.0599 6468 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
15:11:49.0019 6468 BITS - ok
15:11:49.0109 6468 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:11:49.0179 6468 blbdrive - ok
15:11:49.0269 6468 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:11:49.0289 6468 Bonjour Service - ok
15:11:49.0359 6468 [ 91CE0D3DC57DD377E690A2D324022B08 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:11:49.0439 6468 bowser - ok
15:11:49.0529 6468 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:11:49.0589 6468 BrFiltLo - ok
15:11:49.0609 6468 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:11:49.0639 6468 BrFiltUp - ok
15:11:49.0699 6468 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
15:11:49.0879 6468 Browser - ok
15:11:50.0039 6468 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:11:50.0110 6468 Brserid - ok
15:11:50.0170 6468 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:11:50.0220 6468 BrSerWdm - ok
15:11:50.0250 6468 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:11:50.0310 6468 BrUsbMdm - ok
15:11:50.0340 6468 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:11:50.0400 6468 BrUsbSer - ok
15:11:50.0560 6468 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
15:11:50.0760 6468 BthEnum - ok
15:11:50.0800 6468 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:11:50.0840 6468 BTHMODEM - ok
15:11:50.0890 6468 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
15:11:50.0920 6468 BthPan - ok
15:11:51.0070 6468 [ D59773C7FDD3D795D6FE402EEEA8D71E ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
15:11:51.0130 6468 BTHPORT - ok
15:11:51.0170 6468 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
15:11:51.0270 6468 bthserv - ok
15:11:51.0300 6468 [ 8504842634DD144C075B6B0C982CCEC4 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
15:11:51.0370 6468 BTHUSB - ok
15:11:51.0510 6468 [ 73A1C54749FE4F0019241E36C796AB86 ] btwampfl C:\Windows\system32\drivers\btwampfl.sys
15:11:51.0610 6468 btwampfl - ok
15:11:51.0660 6468 [ 1872074ED0A3FB22E3F1E3197B984BFA ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
15:11:51.0680 6468 btwaudio - ok
15:11:51.0710 6468 [ 691CF076C33AB1C3A5B2FD5450300733 ] btwavdt C:\Windows\system32\DRIVERS\btwavdt.sys
15:11:51.0730 6468 btwavdt - ok
15:11:52.0110 6468 [ 4E6AC6475EF653BDFFDA67A74B9591D8 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
15:11:52.0170 6468 btwdins - ok
15:11:52.0220 6468 [ 07096D2BC22CCB6CEA5A532DF0BE8A75 ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
15:11:52.0240 6468 btwl2cap - ok
15:11:52.0250 6468 [ C9273B20DEC8CE38DBCE5D29DE63C907 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
15:11:52.0270 6468 btwrchid - ok
15:11:52.0320 6468 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:11:52.0410 6468 cdfs - ok
15:11:52.0510 6468 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:11:52.0560 6468 cdrom - ok
15:11:52.0640 6468 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
15:11:52.0710 6468 CertPropSvc - ok
15:11:52.0750 6468 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:11:52.0840 6468 circlass - ok
15:11:52.0960 6468 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
15:11:53.0060 6468 CLFS - ok
15:11:53.0150 6468 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:11:53.0210 6468 clr_optimization_v2.0.50727_32 - ok
15:11:53.0270 6468 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:11:53.0300 6468 clr_optimization_v2.0.50727_64 - ok
15:11:53.0630 6468 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:11:53.0760 6468 clr_optimization_v4.0.30319_32 - ok
15:11:53.0790 6468 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:11:53.0810 6468 clr_optimization_v4.0.30319_64 - ok
15:11:53.0870 6468 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:11:53.0930 6468 CmBatt - ok
15:11:53.0950 6468 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
15:11:53.0980 6468 cmdide - ok
15:11:54.0110 6468 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
15:11:54.0180 6468 CNG - ok
15:11:54.0200 6468 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:11:54.0220 6468 Compbatt - ok
15:11:54.0270 6468 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:11:54.0330 6468 CompositeBus - ok
15:11:54.0360 6468 COMSysApp - ok
15:11:54.0390 6468 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:11:54.0420 6468 crcdisk - ok
15:11:54.0470 6468 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:11:54.0620 6468 CryptSvc - ok
15:11:54.0660 6468 [ 44BDDEB03C84A1C993C992FFB5700357 ] CVirtA C:\Windows\system32\DRIVERS\CVirtA64.sys
15:11:54.0690 6468 CVirtA - ok
15:11:54.0810 6468 [ 66257CB4E4FB69887CDDC71663741435 ] CVPND C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
15:11:54.0880 6468 CVPND - ok
15:11:54.0980 6468 [ CC8E52DAA9826064BA464DBE531F2BB5 ] CVPNDRVA C:\Windows\system32\Drivers\CVPNDRVA.sys
15:11:55.0010 6468 CVPNDRVA - ok
15:11:55.0120 6468 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
15:11:55.0190 6468 DcomLaunch - ok
15:11:55.0230 6468 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
15:11:55.0320 6468 defragsvc - ok
15:11:55.0380 6468 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:11:55.0450 6468 DfsC - ok
15:11:55.0570 6468 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
15:11:55.0700 6468 Dhcp - ok
15:11:55.0770 6468 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
15:11:55.0870 6468 discache - ok
15:11:55.0900 6468 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:11:55.0920 6468 Disk - ok
15:11:56.0000 6468 [ 05CB5910B3CA6019FC3CCA815EE06FFB ] DNE C:\Windows\system32\DRIVERS\dne64x.sys
15:11:56.0040 6468 DNE - ok
15:11:56.0100 6468 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:11:56.0160 6468 Dnscache - ok
15:11:56.0190 6468 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
15:11:56.0350 6468 dot3svc - ok
15:11:56.0370 6468 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
15:11:56.0450 6468 DPS - ok
15:11:56.0500 6468 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:11:56.0530 6468 drmkaud - ok
15:11:56.0720 6468 [ 9CF46FDF163E06B83D03FF929EF2296C ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
15:11:56.0780 6468 DsiWMIService - ok
15:11:56.0840 6468 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:11:56.0920 6468 DXGKrnl - ok
15:11:56.0990 6468 [ EDC6E9C057C9D7F83EEA22B4CEF5DCAD ] E1G60 C:\Windows\system32\DRIVERS\E1G6032E.sys
15:11:57.0040 6468 E1G60 - ok
15:11:57.0090 6468 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
15:11:57.0180 6468 EapHost - ok
15:11:57.0380 6468 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
15:11:57.0630 6468 ebdrv - ok
15:11:57.0690 6468 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
15:11:57.0830 6468 EFS - ok
15:11:57.0890 6468 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:11:58.0020 6468 ehRecvr - ok
15:11:58.0040 6468 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
15:11:58.0090 6468 ehSched - ok
15:11:58.0320 6468 [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
15:11:58.0340 6468 ElbyCDIO - ok
15:11:58.0390 6468 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:11:58.0430 6468 elxstor - ok
15:11:58.0530 6468 [ EB78FBD1C3DB8223EEB364D485627EF1 ] ePowerSvc C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
15:11:58.0570 6468 ePowerSvc - ok
15:11:58.0600 6468 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
15:11:58.0670 6468 ErrDev - ok
15:11:58.0820 6468 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
15:11:58.0910 6468 EventSystem - ok
15:11:58.0950 6468 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
15:11:59.0030 6468 exfat - ok
15:11:59.0070 6468 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:11:59.0140 6468 fastfat - ok
15:11:59.0280 6468 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
15:11:59.0370 6468 Fax - ok
15:11:59.0390 6468 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:11:59.0440 6468 fdc - ok
15:11:59.0470 6468 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
15:11:59.0520 6468 fdPHost - ok
15:11:59.0550 6468 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
15:11:59.0630 6468 FDResPub - ok
15:11:59.0650 6468 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:11:59.0680 6468 FileInfo - ok
15:11:59.0690 6468 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:11:59.0770 6468 Filetrace - ok
15:11:59.0990 6468 [ 64AB6F28047744B9B19C97459C2AB31B ] FLEXnet Licensing Service 64 C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
15:12:00.0211 6468 FLEXnet Licensing Service 64 - ok
15:12:00.0231 6468 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:12:00.0251 6468 flpydisk - ok
15:12:00.0281 6468 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:12:00.0321 6468 FltMgr - ok
15:12:00.0471 6468 [ CB5E4B9C319E3C6BB363EB7E58A4A051 ] FontCache C:\Windows\system32\FntCache.dll
15:12:00.0621 6468 FontCache - ok
15:12:00.0691 6468 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:12:00.0731 6468 FontCache3.0.0.0 - ok
15:12:00.0751 6468 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:12:00.0771 6468 FsDepends - ok
15:12:00.0831 6468 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:12:00.0851 6468 Fs_Rec - ok
15:12:00.0951 6468 [ AE87BA80D0EC3B57126ED2CDC15B24ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:12:00.0991 6468 fvevol - ok
15:12:01.0031 6468 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:12:01.0061 6468 gagp30kx - ok
15:12:01.0121 6468 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:12:01.0141 6468 GEARAspiWDM - ok
15:12:01.0211 6468 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
15:12:01.0301 6468 gpsvc - ok
15:12:01.0381 6468 [ 0191DEE9B9EB7902AF2CF4F67301095D ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
15:12:01.0401 6468 GREGService - ok
15:12:01.0481 6468 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:12:01.0561 6468 hcw85cir - ok
15:12:01.0631 6468 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:12:01.0701 6468 HdAudAddService - ok
15:12:01.0751 6468 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:12:01.0801 6468 HDAudBus - ok
15:12:01.0851 6468 [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
15:12:01.0871 6468 HECIx64 - ok
15:12:01.0901 6468 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:12:01.0951 6468 HidBatt - ok
15:12:01.0981 6468 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:12:02.0051 6468 HidBth - ok
15:12:02.0101 6468 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:12:02.0161 6468 HidIr - ok
15:12:02.0181 6468 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
15:12:02.0261 6468 hidserv - ok
15:12:02.0331 6468 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:12:02.0351 6468 HidUsb - ok
15:12:02.0431 6468 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:12:02.0511 6468 hkmsvc - ok
15:12:02.0531 6468 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:12:02.0651 6468 HomeGroupListener - ok
15:12:02.0691 6468 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:12:02.0761 6468 HomeGroupProvider - ok
15:12:02.0801 6468 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
15:12:02.0831 6468 HpSAMD - ok
15:12:02.0891 6468 [ 5A539A3CBD6EC1609D5333B486D5F74C ] HPSIService C:\Windows\system32\HPSIsvc.exe
15:12:02.0911 6468 HPSIService - ok
15:12:02.0951 6468 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:12:03.0071 6468 HTTP - ok
15:12:03.0161 6468 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:12:03.0191 6468 hwpolicy - ok
15:12:03.0291 6468 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:12:03.0311 6468 i8042prt - ok
15:12:03.0381 6468 [ ABBF174CB394F5C437410A788B7E404A ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
15:12:03.0401 6468 iaStor - ok
15:12:03.0471 6468 [ 31A0E93CDF29007D6C6FFFB632F375ED ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
15:12:03.0481 6468 IAStorDataMgrSvc - ok
15:12:03.0621 6468 [ B75E45C564E944A2657167D197AB29DA ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
15:12:03.0691 6468 iaStorV - ok
15:12:03.0751 6468 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:12:04.0001 6468 idsvc - ok
15:12:04.0031 6468 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:12:04.0061 6468 iirsp - ok
15:12:04.0091 6468 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
15:12:04.0191 6468 IKEEXT - ok
15:12:04.0301 6468 [ 4B6363CD4610BB848531BB260B15DFCC ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
15:12:04.0351 6468 Impcd - ok
15:12:04.0491 6468 [ CB5FD9B681AD43B560490B5283DDC1C1 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:12:04.0681 6468 IntcAzAudAddService - ok
15:12:04.0721 6468 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
15:12:04.0741 6468 intelide - ok
15:12:05.0231 6468 [ B744E1375CD1DB3EB7B89781B8C93D9F ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
15:12:05.0551 6468 intelkmd - ok
15:12:05.0601 6468 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:12:05.0661 6468 intelppm - ok
15:12:05.0711 6468 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:12:05.0801 6468 IPBusEnum - ok
15:12:05.0831 6468 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:12:05.0901 6468 IpFilterDriver - ok
15:12:05.0981 6468 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:12:06.0101 6468 iphlpsvc - ok
15:12:06.0121 6468 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
15:12:06.0171 6468 IPMIDRV - ok
15:12:06.0191 6468 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:12:06.0261 6468 IPNAT - ok
15:12:06.0481 6468 [ 0F261EC4F514926177C70C1832374231 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
15:12:06.0521 6468 iPod Service - ok
15:12:06.0571 6468 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:12:06.0651 6468 IRENUM - ok
15:12:06.0741 6468 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
15:12:06.0771 6468 isapnp - ok
15:12:06.0801 6468 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
15:12:06.0831 6468 iScsiPrt - ok
15:12:06.0871 6468 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:12:06.0911 6468 kbdclass - ok
15:12:06.0971 6468 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:12:07.0041 6468 kbdhid - ok
15:12:07.0111 6468 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
15:12:07.0141 6468 KeyIso - ok
15:12:07.0191 6468 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:12:07.0211 6468 KSecDD - ok
15:12:07.0221 6468 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:12:07.0251 6468 KSecPkg - ok
15:12:07.0341 6468 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
15:12:07.0421 6468 ksthunk - ok
15:12:07.0451 6468 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
15:12:07.0531 6468 KtmRm - ok
15:12:07.0561 6468 [ A4A9CA24E54E81C6C3E469EAEB4B3F42 ] L1C C:\Windows\system32\DRIVERS\L1C62x64.sys
15:12:07.0581 6468 L1C - ok
15:12:07.0631 6468 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:12:07.0681 6468 LanmanServer - ok
15:12:07.0821 6468 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:12:07.0881 6468 LanmanWorkstation - ok
15:12:08.0021 6468 [ 20CDB07017497C94A0BAD253C4BAFCBC ] LkCitadelServer C:\Windows\SysWOW64\lkcitdl.exe
15:12:08.0071 6468 LkCitadelServer - ok
15:12:08.0132 6468 [ 4CF1212843E92442265E61F945FDD7BC ] lkClassAds C:\Windows\SysWOW64\lkads.exe
15:12:08.0152 6468 lkClassAds - ok
15:12:08.0232 6468 [ 37F285D5645A4B01C2E2C98246436811 ] lkTimeSync C:\Windows\SysWOW64\lktsrv.exe
15:12:08.0242 6468 lkTimeSync - ok
15:12:08.0302 6468 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:12:08.0372 6468 lltdio - ok
15:12:08.0412 6468 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:12:08.0542 6468 lltdsvc - ok
15:12:08.0562 6468 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:12:08.0612 6468 lmhosts - ok
15:12:08.0682 6468 [ A1C148801B4AF64847AEB9F3AD9594EF ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:12:08.0712 6468 LMS ( UnsignedFile.Multi.Generic ) - warning
15:12:08.0712 6468 LMS - detected UnsignedFile.Multi.Generic (1)
15:12:08.0782 6468 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:12:08.0812 6468 LSI_FC - ok
15:12:08.0842 6468 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:12:08.0872 6468 LSI_SAS - ok
15:12:08.0902 6468 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:12:08.0922 6468 LSI_SAS2 - ok
15:12:08.0942 6468 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:12:08.0962 6468 LSI_SCSI - ok
15:12:08.0982 6468 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
15:12:09.0032 6468 luafv - ok
15:12:09.0112 6468 [ CC21E57379C8D43AF038F619D32746F6 ] lvalarmk C:\Windows\system32\drivers\lvalarmk.sys
15:12:09.0142 6468 lvalarmk - ok
15:12:09.0192 6468 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:12:09.0302 6468 Mcx2Svc - ok
15:12:09.0332 6468 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:12:09.0352 6468 megasas - ok
15:12:09.0382 6468 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:12:09.0412 6468 MegaSR - ok
15:12:09.0772 6468 [ 551A5E070F5DF69A64463852E93009DD ] mitsijm2013 C:\Program Files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe
15:12:09.0822 6468 mitsijm2013 - ok
15:12:09.0862 6468 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
15:12:09.0922 6468 MMCSS - ok
15:12:09.0952 6468 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
15:12:10.0022 6468 Modem - ok
15:12:10.0082 6468 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:12:10.0142 6468 monitor - ok
15:12:10.0212 6468 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:12:10.0262 6468 mouclass - ok
15:12:10.0332 6468 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:12:10.0362 6468 mouhid - ok
15:12:10.0412 6468 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:12:10.0432 6468 mountmgr - ok
15:12:10.0712 6468 [ 9C3758018DED02F4AE53CCA1C5F084A2 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:12:10.0742 6468 MozillaMaintenance - ok
15:12:10.0772 6468 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
15:12:10.0812 6468 mpio - ok
15:12:10.0832 6468 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:12:10.0882 6468 mpsdrv - ok
15:12:11.0062 6468 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:12:11.0172 6468 MpsSvc - ok
15:12:11.0212 6468 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:12:11.0262 6468 MRxDAV - ok
15:12:11.0292 6468 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:12:11.0362 6468 mrxsmb - ok
15:12:11.0472 6468 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:12:11.0532 6468 mrxsmb10 - ok
15:12:11.0572 6468 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:12:11.0622 6468 mrxsmb20 - ok
15:12:11.0652 6468 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
15:12:11.0672 6468 msahci - ok
15:12:11.0692 6468 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
15:12:11.0752 6468 msdsm - ok
15:12:11.0812 6468 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
15:12:11.0872 6468 MSDTC - ok
15:12:11.0902 6468 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:12:11.0962 6468 Msfs - ok
15:12:12.0022 6468 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:12:12.0102 6468 mshidkmdf - ok
15:12:12.0132 6468 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
15:12:12.0152 6468 msisadrv - ok
15:12:12.0222 6468 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:12:12.0362 6468 MSiSCSI - ok
15:12:12.0362 6468 msiserver - ok
15:12:12.0432 6468 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:12:12.0482 6468 MSKSSRV - ok
15:12:12.0542 6468 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:12:12.0592 6468 MSPCLOCK - ok
15:12:12.0612 6468 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:12:12.0682 6468 MSPQM - ok
15:12:12.0742 6468 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:12:12.0872 6468 MsRPC - ok
15:12:12.0882 6468 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:12:12.0902 6468 mssmbios - ok
15:12:12.0952 6468 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:12:13.0032 6468 MSTEE - ok
15:12:13.0072 6468 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:12:13.0122 6468 MTConfig - ok
15:12:13.0152 6468 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
15:12:13.0182 6468 Mup - ok
15:12:13.0212 6468 [ 6FFECC25B39DC7652A0CEC0ADA9DB589 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
15:12:13.0232 6468 mwlPSDFilter - ok
15:12:13.0252 6468 [ 0BEFE32CA56D6EE89D58175725596A85 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
15:12:13.0282 6468 mwlPSDNServ - ok
15:12:13.0302 6468 [ D43BC633B8660463E446E28E14A51262 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
15:12:13.0322 6468 mwlPSDVDisk - ok
15:12:13.0502 6468 [ 3E5E20817259F7328C8F3BE5421F35B9 ] MWLService C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe
15:12:13.0542 6468 MWLService - ok
15:12:13.0652 6468 [ 68C5321CBC7BE2FA7278809A2D6544D0 ] mxssvr C:\Program Files (x86)\National Instruments\MAX\nimxs.exe
15:12:13.0662 6468 mxssvr - ok
15:12:13.0762 6468 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
15:12:13.0852 6468 napagent - ok
15:12:13.0902 6468 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:12:13.0962 6468 NativeWifiP - ok
15:12:14.0082 6468 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
15:12:14.0222 6468 NDIS - ok
15:12:14.0262 6468 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:12:14.0332 6468 NdisCap - ok
15:12:14.0432 6468 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:12:14.0502 6468 NdisTapi - ok
15:12:14.0532 6468 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:12:14.0602 6468 Ndisuio - ok
15:12:14.0612 6468 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:12:14.0672 6468 NdisWan - ok
15:12:14.0712 6468 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:12:14.0792 6468 NDProxy - ok
15:12:14.0842 6468 [ D4F51E88C71BF8F06EA1BE320B0BB75B ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:12:14.0872 6468 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:12:14.0872 6468 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:12:14.0912 6468 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:12:15.0022 6468 NetBIOS - ok
15:12:15.0042 6468 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:12:15.0142 6468 NetBT - ok
15:12:15.0182 6468 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
15:12:15.0192 6468 Netlogon - ok
15:12:15.0302 6468 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
15:12:15.0382 6468 Netman - ok
15:12:15.0482 6468 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:12:15.0552 6468 NetMsmqActivator - ok
15:12:15.0562 6468 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:12:15.0572 6468 NetPipeActivator - ok
15:12:15.0642 6468 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
15:12:15.0732 6468 netprofm - ok
15:12:15.0782 6468 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:12:15.0792 6468 NetTcpActivator - ok
15:12:15.0812 6468 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:12:15.0822 6468 NetTcpPortSharing - ok
15:12:15.0862 6468 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:12:15.0892 6468 nfrd960 - ok
15:12:15.0962 6468 [ 51845465FA15703CA34EA48E3D288809 ] ni1006k C:\Windows\system32\drivers\ni1006k.sys
15:12:15.0982 6468 ni1006k - ok
15:12:16.0012 6468 [ 9C8971E928171BF35EBBE25CE1FC3D30 ] ni1045k C:\Windows\system32\drivers\ni1045kl.sys
15:12:16.0032 6468 ni1045k - ok
15:12:16.0072 6468 [ 84D3E3C31E204AF43DDB8EBEF0D207B0 ] ni1065k C:\Windows\system32\drivers\ni1065k.sys
15:12:16.0092 6468 ni1065k - ok
15:12:16.0193 6468 [ 2FADAD2DED79972C0B25570394AA519C ] NIApplicationWebServer C:\Program Files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
15:12:16.0203 6468 NIApplicationWebServer - ok
15:12:16.0293 6468 [ B441512CE5E25B4DFF66AC5014F31EDF ] NIApplicationWebServer64 C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe
15:12:16.0323 6468 NIApplicationWebServer64 - ok
15:12:16.0503 6468 [ 36B70886741C9FFA5C21371A8A0AC37A ] nicdcck C:\Windows\system32\drivers\nicdcckl.sys
15:12:16.0533 6468 nicdcck - ok
15:12:16.0573 6468 [ 9E30BB0A9F467AD8725BC084EC216017 ] nicdrk C:\Windows\system32\drivers\nicdrkl.sys
15:12:16.0593 6468 nicdrk - ok
15:12:16.0643 6468 [ A22FB8A80AEA0228801754459D1C3724 ] nicmrk C:\Windows\system32\drivers\nicmrkl.sys
15:12:16.0663 6468 nicmrk - ok
15:12:16.0683 6468 [ BC8D48323231359C4062DAC4A8FD0FB5 ] nicondrk C:\Windows\system32\drivers\nicondrkl.sys
15:12:16.0703 6468 nicondrk - ok
15:12:16.0733 6468 [ 889EA70DCBEB7F7A097A2AE9DEED5854 ] nicsrk C:\Windows\system32\drivers\nicsrkl.sys
15:12:16.0753 6468 nicsrk - ok
15:12:16.0803 6468 [ A3BA8A14490FDBF106939C37A125E82C ] nidevldu C:\Windows\SysWOW64\nipalsm.exe
15:12:16.0813 6468 nidevldu - ok
15:12:16.0913 6468 [ 71A7A0D8EB070128BCD6A62BC1525587 ] nidimk C:\Windows\system32\drivers\nidimkl.sys
15:12:16.0933 6468 nidimk - ok
15:12:16.0963 6468 [ C7BBCB64399F459348F3C252EF5010F7 ] nidmxfk C:\Windows\system32\drivers\nidmxfkl.sys
15:12:16.0983 6468 nidmxfk - ok
15:12:17.0043 6468 [ 159E95CFC105A27A2EC6D7632BB254A8 ] NIDomainService C:\Program Files (x86)\National Instruments\Shared\Security\nidmsrv.exe
15:12:17.0063 6468 NIDomainService - ok
15:12:17.0083 6468 [ 7853D76D4D069D6FD465E064732BD965 ] nidsark C:\Windows\system32\drivers\nidsarkl.sys
15:12:17.0103 6468 nidsark - ok
15:12:17.0193 6468 [ 9DE48A49621110B027B26B8B730ED501 ] niemrk C:\Windows\system32\drivers\niemrkl.sys
15:12:17.0213 6468 niemrk - ok
15:12:17.0283 6468 [ 90CF6C08D8AB2A91DC9820398C278856 ] niemrkw C:\Windows\system32\DRIVERS\niemrkw.sys
15:12:17.0303 6468 niemrkw - ok
15:12:17.0343 6468 [ 752D6496BBB6511D8EC97AEE5D6D639F ] niesrk C:\Windows\system32\drivers\niesrkl.sys
15:12:17.0363 6468 niesrk - ok
15:12:17.0423 6468 [ 4BF901A678408022003E4DB2445F7CE8 ] NIEthernetDeviceEnumerator C:\Windows\system32\DRIVERS\niede.sys
15:12:17.0443 6468 NIEthernetDeviceEnumerator - ok
15:12:17.0493 6468 [ 35A9AC4B494428C43A1D56A57184A20C ] nifslk C:\Windows\system32\drivers\nifslkl.sys
15:12:17.0513 6468 nifslk - ok
15:12:17.0543 6468 [ 2B2D063BECA4CC1FF30A9CDD00F7585D ] nimdbgk C:\Windows\system32\drivers\nimdbgkl.sys
15:12:17.0563 6468 nimdbgk - ok
15:12:17.0673 6468 [ 902A9B8EC25EAC8C8DD5594F5866F80C ] nimDNSResponder C:\Program Files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe
15:12:17.0693 6468 nimDNSResponder - ok
15:12:17.0743 6468 [ DADAB3DB0C07F43C516453E350DE7888 ] nimru2k C:\Windows\system32\drivers\nimru2kl.sys
15:12:17.0763 6468 nimru2k - ok
15:12:17.0793 6468 [ 85A2FA36EFA2360FDE6ED5A0151266BD ] nimsdrk C:\Windows\system32\drivers\nimsdrkl.sys
15:12:17.0823 6468 nimsdrk - ok
15:12:17.0863 6468 [ 1D06F34C2B8E242B4635E8243E3A2F73 ] nimstsk C:\Windows\system32\drivers\nimstskl.sys
15:12:17.0883 6468 nimstsk - ok
15:12:17.0923 6468 [ 7B58EB1A946918A7C8C51D1228A2516C ] nimxdfk C:\Windows\system32\drivers\nimxdfkl.sys
15:12:17.0943 6468 nimxdfk - ok
15:12:17.0983 6468 [ 0846F6CEAFB4C66B25C172EA5CB92160 ] nimxpk C:\Windows\system32\drivers\nimxpkl.sys
15:12:18.0013 6468 nimxpk - ok
15:12:18.0103 6468 [ DF0AB139C5C5ADEF39A88D7FE51F0CB4 ] NINetworkDiscovery C:\Program Files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe
15:12:18.0123 6468 NINetworkDiscovery - ok
15:12:18.0163 6468 [ 529AED5DD105018E1F1C19681F417B13 ] ninshsdk C:\Windows\system32\drivers\ninshsdkl.sys
15:12:18.0183 6468 ninshsdk - ok
15:12:18.0213 6468 [ CA1163CE98AEBD9B4ADAB295E12195C0 ] niorbk C:\Windows\system32\drivers\niorbkl.sys
15:12:18.0233 6468 niorbk - ok
15:12:18.0273 6468 [ 84CF2A20E5472ED282A3EBC00B235D12 ] nipalfwedl C:\Windows\system32\drivers\nipalfwedl.sys
15:12:18.0293 6468 nipalfwedl - ok
15:12:18.0383 6468 [ 5045918369ED17BA436D65A730E44217 ] NIPALK C:\Windows\system32\drivers\nipalk.sys
15:12:18.0543 6468 NIPALK - ok
15:12:18.0583 6468 [ 72D5C12C64F72921FFAD2F7322CFCCA6 ] nipalusbedl C:\Windows\system32\drivers\nipalusbedl.sys
15:12:18.0603 6468 nipalusbedl - ok
15:12:18.0633 6468 [ 0AEF3D16A49AB7DBA0C2D96588980F69 ] nipbcfk C:\Windows\system32\drivers\nipbcfk.sys
15:12:18.0663 6468 nipbcfk - ok
15:12:18.0673 6468 [ BABC1855C7FAF84F1EC67DA68A4AEF8B ] nipxibaf C:\Windows\system32\drivers\nipxibaf.sys
15:12:18.0703 6468 nipxibaf - ok
15:12:18.0723 6468 [ 29FE889AEC8E7252781ECF4A8EF83C4A ] nipxibrc C:\Windows\system32\drivers\nipxibrc.sys
15:12:18.0753 6468 nipxibrc - ok
15:12:18.0793 6468 [ A9C7EB44F22CB0C89D897D460AAC5F2D ] nipxigpk C:\Windows\system32\drivers\nipxigpk.sys
15:12:18.0823 6468 nipxigpk - ok
15:12:18.0843 6468 [ E97B83C43B17CB3B56CCB030DC6D06BF ] nipxirmk C:\Windows\system32\drivers\nipxirmkl.sys
15:12:18.0863 6468 nipxirmk - ok
15:12:18.0903 6468 [ 957EC95849C3BC710ADA754F85D2FCE2 ] nipxirmu C:\Windows\SysWOW64\nipxism.exe
15:12:18.0913 6468 nipxirmu - ok
15:12:19.0033 6468 [ 6D6DECD1DBDBB4191BD8EBE20539599A ] niraptrk C:\Windows\system32\drivers\niraptrkl.sys
15:12:19.0053 6468 niraptrk - ok
15:12:19.0133 6468 [ 7B032FCE66E2FE611DB65EDEBA754FD4 ] niscdk C:\Windows\system32\drivers\niscdkl.sys
15:12:19.0153 6468 niscdk - ok
15:12:19.0223 6468 [ 3C310D888B1FDBE3870A871C315E0B18 ] nisdigk C:\Windows\system32\drivers\nisdigkl.sys
15:12:19.0243 6468 nisdigk - ok
15:12:19.0293 6468 [ 66370DA65F8C08A6A6F1B4DBE9081F24 ] nisftk C:\Windows\system32\drivers\nisftkl.sys
15:12:19.0313 6468 nisftk - ok
15:12:19.0373 6468 [ 2A2D92C9D8C48489A0A814D2209405A3 ] nispdk C:\Windows\system32\drivers\nispdkl.sys
15:12:19.0393 6468 nispdk - ok
15:12:19.0433 6468 [ 8C3F42486B370DE5254B21CE54B6A499 ] nissrk C:\Windows\system32\drivers\nissrkl.sys
15:12:19.0463 6468 nissrk - ok
15:12:19.0493 6468 [ A7ED8A3E7769722416A7AB3A1795F2D6 ] nistc2k C:\Windows\system32\drivers\nistc2kl.sys
15:12:19.0523 6468 nistc2k - ok
15:12:19.0543 6468 [ 96F4193C30B3161275CB55DA208B306B ] nistc3rk C:\Windows\system32\drivers\nistc3rkl.sys
15:12:19.0563 6468 nistc3rk - ok
15:12:19.0573 6468 [ BE01059A69ADA0CEA710D9F85072B3E0 ] nistcrk C:\Windows\system32\drivers\nistcrkl.sys
15:12:19.0593 6468 nistcrk - ok
15:12:19.0633 6468 [ D66D5FCC4911646347F9F5CD8C3F0000 ] niSvcLoc C:\Program Files (x86)\National Instruments\Shared\NI WebServer\SystemWebServer.exe
15:12:19.0663 6468 niSvcLoc - ok
15:12:19.0723 6468 [ 484AC3447B6F2C65268563BB6244518B ] niswdk C:\Windows\system32\drivers\niswdkl.sys
15:12:19.0743 6468 niswdk - ok
15:12:19.0763 6468 [ 634301C6221B574FDA7259F7DE7CC3CD ] nitiork C:\Windows\system32\drivers\nitiorkl.sys
15:12:19.0783 6468 nitiork - ok
15:12:19.0843 6468 [ 374C983BC6972FE03386B577D16D85C9 ] niufurk C:\Windows\system32\drivers\niufurkl.sys
15:12:19.0863 6468 niufurk - ok
15:12:19.0943 6468 [ AC43CB1C654B9BA56C5F400A6FFE3141 ] niwfrk C:\Windows\system32\drivers\niwfrkl.sys
15:12:19.0963 6468 niwfrk - ok
15:12:19.0993 6468 [ 0C864230445E9176ABFE96411709D28B ] nixsrk C:\Windows\system32\drivers\nixsrkl.sys
15:12:20.0013 6468 nixsrk - ok
15:12:20.0043 6468 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:12:20.0113 6468 NlaSvc - ok
15:12:20.0173 6468 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:12:20.0263 6468 Npfs - ok
15:12:20.0283 6468 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
15:12:20.0353 6468 nsi - ok
15:12:20.0373 6468 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:12:20.0423 6468 nsiproxy - ok
15:12:20.0553 6468 [ 184C189D4FC416978550FC599BB4EDDA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:12:20.0683 6468 Ntfs - ok
15:12:20.0803 6468 [ 9A308FCDCCA98A15B6F62D36A272160E ] NTI IScheduleSvc C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
15:12:20.0823 6468 NTI IScheduleSvc - ok
15:12:20.0873 6468 [ 28C59F594044CBF8598B18C927097091 ] NTIBackupSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
15:12:20.0953 6468 NTIBackupSvc - ok
15:12:21.0013 6468 [ 710263B44C1D1AEE07525A53401FBE48 ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
15:12:21.0033 6468 NTIDrvr - ok
15:12:21.0123 6468 [ B8D903B2894FF9AFBD99CA51C35590D7 ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
15:12:21.0243 6468 NTISchedulerSvc - ok
15:12:21.0253 6468 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
15:12:21.0353 6468 Null - ok
15:12:21.0403 6468 [ A4D9C9A608A97F59307C2F2600EDC6A4 ] nvraid C:\Windows\system32\drivers\nvraid.sys
15:12:21.0433 6468 nvraid - ok
15:12:21.0513 6468 [ 6C1D5F70E7A6A3FD1C90D840EDC048B9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
15:12:21.0543 6468 nvstor - ok
15:12:21.0583 6468 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
15:12:21.0613 6468 nv_agp - ok
15:12:21.0693 6468 [ BA7DAC1B8A86D9402C3E04E1FCAA600D ] ODDPwrSvc C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
15:12:21.0713 6468 ODDPwrSvc - ok
15:12:21.0733 6468 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
15:12:21.0813 6468 ohci1394 - ok
15:12:22.0033 6468 [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:12:22.0073 6468 ose - ok
15:12:22.0463 6468 [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:12:22.0643 6468 osppsvc - ok
15:12:22.0683 6468 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:12:22.0803 6468 p2pimsvc - ok
15:12:22.0883 6468 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
15:12:23.0043 6468 p2psvc - ok
15:12:23.0103 6468 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:12:23.0133 6468 Parport - ok
15:12:23.0184 6468 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:12:23.0204 6468 partmgr - ok
15:12:23.0274 6468 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:12:23.0324 6468 PcaSvc - ok
15:12:23.0364 6468 PCDSRVC{6368CD8C-4CE77011-06020200}_0 - ok
15:12:23.0394 6468 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
15:12:23.0414 6468 pci - ok
15:12:23.0434 6468 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
15:12:23.0464 6468 pciide - ok
15:12:23.0484 6468 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:12:23.0514 6468 pcmcia - ok
15:12:23.0524 6468 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
15:12:23.0544 6468 pcw - ok
15:12:23.0654 6468 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:12:23.0784 6468 PEAUTH - ok
15:12:23.0834 6468 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
15:12:23.0884 6468 PerfHost - ok
15:12:24.0104 6468 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
15:12:24.0254 6468 pla - ok
15:12:24.0334 6468 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:12:24.0454 6468 PlugPlay - ok
15:12:24.0574 6468 [ 9A80707D8B6C1806531BFD7399B3CC76 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:12:24.0614 6468 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:12:24.0614 6468 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:12:24.0664 6468 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:12:24.0714 6468 PNRPAutoReg - ok
15:12:24.0764 6468 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:12:24.0784 6468 PNRPsvc - ok
15:12:24.0814 6468 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:12:24.0904 6468 PolicyAgent - ok
15:12:24.0994 6468 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
15:12:25.0114 6468 Power - ok
15:12:25.0164 6468 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:12:25.0254 6468 PptpMiniport - ok
15:12:25.0274 6468 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:12:25.0314 6468 Processor - ok
15:12:25.0374 6468 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
15:12:25.0444 6468 ProfSvc - ok
15:12:25.0514 6468 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:12:25.0554 6468 ProtectedStorage - ok
15:12:25.0624 6468 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:12:25.0684 6468 Psched - ok
15:12:25.0774 6468 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:12:25.0864 6468 ql2300 - ok
15:12:25.0884 6468 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:12:25.0904 6468 ql40xx - ok
15:12:25.0934 6468 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
15:12:25.0974 6468 QWAVE - ok
15:12:26.0004 6468 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:12:26.0074 6468 QWAVEdrv - ok
15:12:26.0104 6468 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:12:26.0174 6468 RasAcd - ok
15:12:26.0224 6468 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:12:26.0274 6468 RasAgileVpn - ok
15:12:26.0324 6468 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
15:12:26.0434 6468 RasAuto - ok
15:12:26.0474 6468 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:12:26.0544 6468 Rasl2tp - ok
15:12:26.0564 6468 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
15:12:26.0654 6468 RasMan - ok
15:12:26.0664 6468 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:12:26.0754 6468 RasPppoe - ok
15:12:26.0774 6468 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:12:26.0854 6468 RasSstp - ok
15:12:26.0894 6468 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:12:27.0004 6468 rdbss - ok
15:12:27.0044 6468 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:12:27.0074 6468 rdpbus - ok
15:12:27.0094 6468 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:12:27.0154 6468 RDPCDD - ok
15:12:27.0204 6468 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:12:27.0294 6468 RDPENCDD - ok
15:12:27.0304 6468 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:12:27.0364 6468 RDPREFMP - ok
15:12:27.0414 6468 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:12:27.0484 6468 RDPWD - ok
15:12:27.0544 6468 [ E5DC9BA9E439D6DBDD79F8CAACB5BF01 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:12:27.0574 6468 rdyboost - ok
15:12:27.0604 6468 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:12:27.0724 6468 RemoteAccess - ok
15:12:27.0754 6468 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:12:27.0834 6468 RemoteRegistry - ok
15:12:27.0884 6468 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
15:12:27.0964 6468 RFCOMM - ok
15:12:28.0004 6468 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:12:28.0094 6468 RpcEptMapper - ok
15:12:28.0124 6468 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
15:12:28.0144 6468 RpcLocator - ok
15:12:28.0234 6468 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
15:12:28.0284 6468 RpcSs - ok
15:12:28.0344 6468 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:12:28.0424 6468 rspndr - ok
15:12:28.0474 6468 [ 7CB9F0FDD730F4A4ECF6CDE15EA12E8A ] RS_Service C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
15:12:28.0484 6468 RS_Service - ok
15:12:28.0504 6468 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
15:12:28.0524 6468 SamSs - ok
15:12:28.0714 6468 [ BD57B12FA4C21B1CE7DA3570410BF12D ] SAVAdminService C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SAVAdminService.exe
15:12:28.0734 6468 SAVAdminService - ok
15:12:28.0804 6468 [ D9057E8CA97628E275979A09EA66B34B ] SAVOnAccess C:\Windows\system32\DRIVERS\savonaccess.sys
15:12:28.0874 6468 SAVOnAccess - ok
15:12:28.0934 6468 [ 836AEC603665F6DB83965EE57B3DCF57 ] SAVService C:\Program Files (x86)\Sophos\Sophos Anti-Virus\SavService.exe
15:12:28.0954 6468 SAVService - ok
15:12:28.0974 6468 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
15:12:29.0004 6468 sbp2port - ok
15:12:29.0024 6468 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:12:29.0114 6468 SCardSvr - ok
15:12:29.0164 6468 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:12:29.0254 6468 scfilter - ok
15:12:29.0304 6468 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
15:12:29.0404 6468 Schedule - ok
15:12:29.0424 6468 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
15:12:29.0474 6468 SCPolicySvc - ok
15:12:29.0554 6468 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:12:29.0664 6468 SDRSVC - ok
15:12:29.0734 6468 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:12:29.0814 6468 secdrv - ok
15:12:29.0844 6468 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
15:12:29.0914 6468 seclogon - ok
15:12:29.0934 6468 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
15:12:30.0004 6468 SENS - ok
15:12:30.0044 6468 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:12:30.0104 6468 SensrSvc - ok
15:12:30.0174 6468 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:12:30.0224 6468 Serenum - ok
15:12:30.0294 6468 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:12:30.0364 6468 Serial - ok
15:12:30.0434 6468 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:12:30.0484 6468 sermouse - ok
15:12:30.0524 6468 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
15:12:30.0574 6468 SessionEnv - ok
15:12:30.0604 6468 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
15:12:30.0694 6468 sffdisk - ok
15:12:30.0764 6468 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
15:12:30.0824 6468 sffp_mmc - ok
15:12:30.0864 6468 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
15:12:30.0904 6468 sffp_sd - ok
15:12:30.0924 6468 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:12:30.0954 6468 sfloppy - ok
15:12:30.0984 6468 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:12:31.0374 6468 SharedAccess - ok
15:12:31.0444 6468 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:12:31.0494 6468 ShellHWDetection - ok
15:12:31.0524 6468 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:12:31.0544 6468 SiSRaid2 - ok
15:12:31.0554 6468 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:12:31.0574 6468 SiSRaid4 - ok
15:12:31.0714 6468 [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
15:12:31.0914 6468 SkypeUpdate - ok
15:12:31.0964 6468 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:12:32.0044 6468 Smb - ok
15:12:32.0154 6468 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:12:32.0204 6468 SNMPTRAP - ok
15:12:32.0294 6468 [ E4A3CFFD81B4169128F187729E137417 ] Sophos AutoUpdate Service C:\Program Files (x86)\Sophos\AutoUpdate\ALsvc.exe
15:12:32.0314 6468 Sophos AutoUpdate Service - ok
15:12:32.0454 6468 [ 69FBE35A8165ADBC313AA7F64B868CA1 ] SophosBootDriver C:\Windows\system32\DRIVERS\SophosBootDriver.sys
15:12:32.0474 6468 SophosBootDriver - ok
15:12:32.0504 6468 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
15:12:32.0534 6468 spldr - ok
15:12:32.0594 6468 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
15:12:32.0714 6468 Spooler - ok
15:12:33.0094 6468 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
15:12:33.0704 6468 sppsvc - ok
15:12:33.0734 6468 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:12:33.0834 6468 sppuinotify - ok
15:12:33.0874 6468 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:12:33.0934 6468 srv - ok
15:12:33.0974 6468 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:12:34.0034 6468 srv2 - ok
15:12:34.0054 6468 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:12:34.0104 6468 srvnet - ok
15:12:34.0244 6468 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:12:34.0364 6468 SSDPSRV - ok
15:12:34.0394 6468 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:12:34.0454 6468 SstpSvc - ok
15:12:34.0484 6468 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:12:34.0514 6468 stexstor - ok
15:12:34.0604 6468 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
15:12:34.0714 6468 stisvc - ok
15:12:34.0744 6468 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:12:34.0764 6468 swenum - ok
15:12:35.0034 6468 [ AB22D10457BB1B8BB587C61AF03F909F ] swi_service C:\Program Files (x86)\Sophos\Sophos Anti-Virus\Web Intelligence\swi_service.exe
15:12:35.0114 6468 swi_service - ok
15:12:35.0144 6468 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
15:12:35.0314 6468 swprv - ok
15:12:35.0384 6468 [ CE9B5A79AEE330BC7E88C0441E5727BB ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
15:12:35.0414 6468 SynTP - ok
15:12:35.0474 6468 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
15:12:35.0604 6468 SysMain - ok
15:12:35.0634 6468 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:12:35.0734 6468 TabletInputService - ok
15:12:35.0764 6468 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
15:12:35.0854 6468 TapiSrv - ok
15:12:35.0864 6468 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
15:12:35.0934 6468 TBS - ok
15:12:36.0014 6468 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:12:36.0164 6468 Tcpip - ok
15:12:36.0345 6468 [ 624C5B3AA4C99B3184BB922D9ECE3FF0 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:12:36.0395 6468 TCPIP6 - ok
15:12:36.0425 6468 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:12:36.0475 6468 tcpipreg - ok
15:12:36.0505 6468 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:12:36.0635 6468 TDPIPE - ok
15:12:36.0685 6468 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:12:36.0755 6468 TDTCP - ok
15:12:36.0785 6468 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:12:36.0865 6468 tdx - ok
15:12:36.0865 6468 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:12:36.0895 6468 TermDD - ok
15:12:37.0035 6468 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
15:12:37.0135 6468 TermService - ok
15:12:37.0165 6468 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
15:12:37.0205 6468 Themes - ok
15:12:37.0255 6468 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
15:12:37.0305 6468 THREADORDER - ok
15:12:37.0335 6468 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
15:12:37.0395 6468 TrkWks - ok
15:12:37.0455 6468 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:12:37.0505 6468 TrustedInstaller - ok
15:12:37.0555 6468 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:12:37.0625 6468 tssecsrv - ok
15:12:37.0695 6468 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:12:37.0775 6468 tunnel - ok
15:12:37.0805 6468 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:12:37.0825 6468 uagp35 - ok
15:12:37.0895 6468 [ 40079B0B801C5432BA435B5AD61CE6E3 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
15:12:37.0915 6468 UBHelper - ok
15:12:37.0945 6468 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:12:38.0015 6468 udfs - ok
15:12:38.0055 6468 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:12:38.0085 6468 UI0Detect - ok
15:12:38.0115 6468 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
15:12:38.0135 6468 uliagpkx - ok
15:12:38.0215 6468 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:12:38.0265 6468 umbus - ok
15:12:38.0335 6468 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:12:38.0395 6468 UmPass - ok
15:12:38.0775 6468 [ 41118D920B2B268C0ADC36421248CDCF ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:12:38.0875 6468 UNS ( UnsignedFile.Multi.Generic ) - warning
15:12:38.0875 6468 UNS - detected UnsignedFile.Multi.Generic (1)
15:12:38.0945 6468 [ F9EC9ACD504D823D9B9CA98A4F8D3CA2 ] Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
15:12:38.0975 6468 Updater Service - ok
15:12:39.0095 6468 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
15:12:39.0303 6468 upnphost - ok
15:12:39.0313 6468 usb6xxxk - ok
15:12:39.0363 6468 [ 77419E7A36ECB3B0137176A45F95832B ] usb6xxxkw C:\Windows\system32\DRIVERS\usb6xxxkw.sys
15:12:39.0383 6468 usb6xxxkw - ok
15:12:39.0473 6468 [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
15:12:39.0583 6468 USBAAPL64 - ok
15:12:39.0623 6468 [ 537A4E03D7103C12D42DFD8FFDB5BDC9 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:12:39.0703 6468 usbccgp - ok
15:12:39.0773 6468 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
15:12:39.0813 6468 usbcir - ok
15:12:39.0873 6468 [ FBB21EBE49F6D560DB37AC25FBC68E66 ] usbehci C:\Windows\system32\drivers\usbehci.sys
15:12:39.0903 6468 usbehci - ok
15:12:40.0003 6468 [ 6B7A8A99C4A459E73C286A6763EA24CC ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:12:40.0073 6468 usbhub - ok
15:12:40.0093 6468 [ 8C88AA7617B4CBC2E4BED61D26B33A27 ] usbohci C:\Windows\system32\drivers\usbohci.sys
15:12:40.0143 6468 usbohci - ok
15:12:40.0203 6468 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:12:40.0243 6468 usbprint - ok
15:12:40.0273 6468 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
15:12:40.0293 6468 usbscan - ok
15:12:40.0373 6468 [ F39983647BC1F3E6100778DDFE9DCE29 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:12:40.0533 6468 USBSTOR - ok
15:12:40.0573 6468 [ 0B5B3B2DF3FD1709618ACFA50B8392B0 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
15:12:40.0623 6468 usbuhci - ok
15:12:40.0723 6468 [ 7CB8C573C6E4A2714402CC0A36EAB4FE ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
15:12:40.0893 6468 usbvideo - ok
15:12:40.0913 6468 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
15:12:40.0963 6468 UxSms - ok
15:12:40.0993 6468 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
15:12:41.0023 6468 VaultSvc - ok
15:12:41.0193 6468 [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone C:\Windows\system32\DRIVERS\VClone.sys
15:12:41.0244 6468 VClone - ok
15:12:41.0334 6468 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
15:12:41.0354 6468 vdrvroot - ok
15:12:41.0384 6468 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
15:12:41.0434 6468 vds - ok
15:12:41.0484 6468 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:12:41.0504 6468 vga - ok
15:12:41.0524 6468 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
15:12:41.0594 6468 VgaSave - ok
15:12:41.0614 6468 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
15:12:41.0644 6468 vhdmp - ok
15:12:41.0674 6468 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
15:12:41.0704 6468 viaide - ok
15:12:41.0724 6468 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
15:12:41.0754 6468 volmgr - ok
15:12:41.0764 6468 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:12:41.0824 6468 volmgrx - ok
15:12:41.0884 6468 [ 9E425AC5C9A5A973273D169F43B4F5E1 ] volsnap C:\Windows\system32\drivers\volsnap.sys
15:12:41.0954 6468 volsnap - ok
15:12:41.0994 6468 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:12:42.0024 6468 vsmraid - ok
15:12:42.0084 6468 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
15:12:42.0204 6468 VSS - ok
15:12:42.0254 6468 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
15:12:42.0284 6468 vwifibus - ok
15:12:42.0314 6468 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
15:12:42.0364 6468 vwififlt - ok
15:12:42.0404 6468 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
15:12:42.0454 6468 W32Time - ok
15:12:42.0484 6468 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:12:42.0554 6468 WacomPen - ok
15:12:42.0644 6468 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:12:42.0724 6468 WANARP - ok
15:12:42.0734 6468 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:12:42.0774 6468 Wanarpv6 - ok
15:12:42.0834 6468 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
15:12:42.0954 6468 wbengine - ok
15:12:43.0014 6468 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:12:43.0064 6468 WbioSrvc - ok
15:12:43.0114 6468 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:12:43.0294 6468 wcncsvc - ok
15:12:43.0334 6468 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:12:43.0434 6468 WcsPlugInService - ok
15:12:43.0464 6468 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:12:43.0494 6468 Wd - ok
15:12:43.0524 6468 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:12:43.0584 6468 Wdf01000 - ok
15:12:43.0594 6468 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:12:43.0634 6468 WdiServiceHost - ok
15:12:43.0644 6468 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:12:43.0664 6468 WdiSystemHost - ok
15:12:43.0734 6468 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
15:12:43.0794 6468 WebClient - ok
15:12:43.0834 6468 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:12:43.0984 6468 Wecsvc - ok
15:12:44.0014 6468 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:12:44.0104 6468 wercplsupport - ok
15:12:44.0144 6468 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
15:12:44.0224 6468 WerSvc - ok
15:12:44.0274 6468 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:12:44.0324 6468 WfpLwf - ok
15:12:44.0354 6468 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:12:44.0384 6468 WIMMount - ok
15:12:44.0424 6468 WinDefend - ok
15:12:44.0434 6468 WinHttpAutoProxySvc - ok
15:12:44.0494 6468 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:12:44.0574 6468 Winmgmt - ok
15:12:44.0634 6468 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
15:12:44.0734 6468 WinRM - ok
15:12:44.0874 6468 [ 817EAFF5D38674EDD7713B9DFB8E9791 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
15:12:44.0924 6468 WinUsb - ok
15:12:44.0984 6468 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
15:12:45.0034 6468 Wlansvc - ok
15:12:45.0094 6468 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:12:45.0124 6468 WmiAcpi - ok
15:12:45.0154 6468 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:12:45.0204 6468 wmiApSrv - ok
15:12:45.0234 6468 WMPNetworkSvc - ok
15:12:45.0334 6468 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:12:45.0394 6468 WPCSvc - ok
15:12:45.0434 6468 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:12:45.0514 6468 WPDBusEnum - ok
15:12:45.0544 6468 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:12:45.0624 6468 ws2ifsl - ok
15:12:45.0684 6468 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\System32\wscsvc.dll
15:12:45.0744 6468 wscsvc - ok
15:12:45.0754 6468 WSearch - ok
15:12:45.0954 6468 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
15:12:46.0064 6468 wuauserv - ok
15:12:46.0104 6468 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:12:46.0174 6468 WudfPf - ok
15:12:46.0294 6468 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:12:46.0374 6468 WUDFRd - ok
15:12:46.0404 6468 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:12:46.0434 6468 wudfsvc - ok
15:12:46.0474 6468 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
15:12:46.0704 6468 WwanSvc - ok
15:12:46.0754 6468 ================ Scan global ===============================
15:12:46.0804 6468 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:12:46.0894 6468 [ C4C551E6AB333C0EB812A3A4672E89DB ] C:\Windows\system32\winsrv.dll
15:12:46.0904 6468 [ C4C551E6AB333C0EB812A3A4672E89DB ] C:\Windows\system32\winsrv.dll
15:12:46.0924 6468 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:12:46.0954 6468 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:12:46.0964 6468 [Global] - ok
15:12:46.0964 6468 ================ Scan MBR ==================================
15:12:46.0974 6468 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:12:47.0674 6468 \Device\Harddisk0\DR0 - ok
15:12:47.0754 6468 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
15:12:48.0044 6468 \Device\Harddisk1\DR1 - ok
15:12:48.0044 6468 ================ Scan VBR ==================================
15:12:48.0054 6468 [ 89BF1D64B65AB703F753351BE4A73448 ] \Device\Harddisk0\DR0\Partition1
15:12:48.0064 6468 \Device\Harddisk0\DR0\Partition1 - ok
15:12:48.0094 6468 [ DCD244FFF0477314B6ACC7E7256465E8 ] \Device\Harddisk0\DR0\Partition2
15:12:48.0094 6468 \Device\Harddisk0\DR0\Partition2 - ok
15:12:48.0104 6468 [ 1C665B0A37B7F59385946FE0B283AEAA ] \Device\Harddisk1\DR1\Partition1
15:12:48.0104 6468 \Device\Harddisk1\DR1\Partition1 - ok
15:12:48.0104 6468 ============================================================
15:12:48.0104 6468 Scan finished
15:12:48.0104 6468 ============================================================
15:12:48.0114 7156 Detected object count: 4
15:12:48.0114 7156 Actual detected object count: 4
15:13:07.0807 7156 LMS ( UnsignedFile.Multi.Generic ) - skipped by user
15:13:07.0807 7156 LMS ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:13:07.0807 7156 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:13:07.0807 7156 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:13:07.0807 7156 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:13:07.0807 7156 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
15:13:07.0817 7156 UNS ( UnsignedFile.Multi.Generic ) - skipped by user
15:13:07.0817 7156 UNS ( UnsignedFile.Multi.Generic ) - User select action: Skip

hi
wieso eröffnest du noch ein Thema, willst du formatieren, da du nach der Recovery fragst?
bitte Fragen in einem Thema stellen, da dies zu deinem aktuellen Problem gehört
womit hast du die Recovery erstellt?

Recovery wäre nur die Notlösung. Am liebsten möchte ich den Trojaner natürlich ohne Formatierung los werden!
(Die Recovery-CD hab ich mit dem entsprechenden Windows-Tool gebrannt)

Gut
ich frag nur, nich das wir uns Arbeit umsonst machen, wir beide.
combofix:

Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop

• Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

Die die Log-Datei

Combofix Logfile:

Code: Alles auswählenAufklappen

ATTFilter

ComboFix 13-01-17.04 - Christian 20.01.2013  17:00:41.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7600.0.1252.49.1031.18.3767.2506 [GMT 1:00]
ausgeführt von:: c:\users\Christian\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
c:\windows\Downloaded Program Files\IDropPTB.dll
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-12-20 bis 2013-01-20  ))))))))))))))))))))))))))))))
.
.
2013-01-20 16:10 . 2013-01-20 16:10	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-01-20 16:06 . 2013-01-20 16:06	76232	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{A112F0BF-4A39-4E71-84AA-48D04B06F6C0}\offreg.dll
2013-01-20 14:25 . 2013-01-15 01:45	9161176	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{A112F0BF-4A39-4E71-84AA-48D04B06F6C0}\mpengine.dll
2013-01-19 19:55 . 2013-01-19 19:55	--------	d-----w-	c:\users\Christian\AppData\Roaming\Malwarebytes
2013-01-19 19:54 . 2013-01-19 19:54	--------	d-----w-	c:\programdata\Malwarebytes
2013-01-19 19:54 . 2013-01-19 19:54	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-01-19 19:54 . 2012-12-14 15:49	24176	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-01-19 19:54 . 2013-01-19 19:54	--------	d-----w-	c:\users\Christian\AppData\Local\Programs
2013-01-19 19:44 . 2013-01-19 19:44	--------	d-----w-	c:\users\Christian\AppData\Local\Sophos
2013-01-13 18:02 . 2013-01-13 18:02	--------	d-----w-	c:\program files\iPod
2013-01-13 18:01 . 2013-01-13 18:02	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-01-13 18:01 . 2013-01-13 18:02	--------	d-----w-	c:\program files\iTunes
2013-01-13 18:01 . 2013-01-13 18:02	--------	d-----w-	c:\program files (x86)\iTunes
2013-01-10 09:57 . 2012-11-09 05:34	751104	----a-w-	c:\windows\system32\win32spl.dll
2013-01-10 09:57 . 2012-11-09 04:49	492032	----a-w-	c:\windows\SysWow64\win32spl.dll
2013-01-09 11:08 . 2013-01-09 11:08	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2012-12-25 15:48 . 2012-12-16 16:52	46080	----a-w-	c:\windows\system32\atmlib.dll
2012-12-25 15:48 . 2012-12-16 14:25	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2012-12-25 15:48 . 2012-12-16 14:40	367616	----a-w-	c:\windows\system32\atmfd.dll
2012-12-25 15:48 . 2012-12-16 14:25	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2012-12-24 15:45 . 2012-12-24 15:45	--------	d-----w-	c:\program files\Common Files\EPSON
2012-12-24 15:45 . 2012-12-24 15:45	--------	d-----w-	c:\programdata\EPSON
2012-12-24 15:43 . 2007-04-09 15:06	10752	----a-w-	c:\windows\system32\E_GCINST.DLL
2012-12-24 15:43 . 2008-11-11 17:00	118784	----a-w-	c:\windows\system32\E_ILMHLE.DLL
2012-12-24 15:43 . 2009-09-30 17:01	88064	----a-w-	c:\windows\system32\E_IBCBHLE.DLL
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-10 14:39 . 2012-04-02 18:24	74248	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-10 14:39 . 2012-04-02 18:24	697864	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-30 04:56 . 2013-01-10 09:56	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2012-11-14 07:06 . 2012-12-14 09:02	17811968	----a-w-	c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-14 09:02	10925568	----a-w-	c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-14 09:02	2312704	----a-w-	c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-14 09:02	1346048	----a-w-	c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-14 09:02	1392128	----a-w-	c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-14 09:02	1494528	----a-w-	c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-14 09:02	237056	----a-w-	c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-14 09:02	85504	----a-w-	c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-14 09:02	816640	----a-w-	c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-14 09:02	599040	----a-w-	c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-14 09:02	173056	----a-w-	c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-14 09:02	2144768	----a-w-	c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-14 09:02	729088	----a-w-	c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-14 09:02	96768	----a-w-	c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-14 09:02	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-14 09:02	248320	----a-w-	c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-14 09:02	1800704	----a-w-	c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-14 09:02	1427968	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-14 09:02	1129472	----a-w-	c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-14 09:02	142848	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-14 09:02	420864	----a-w-	c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-14 09:02	2382848	----a-w-	c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:34 . 2012-12-13 07:41	2048	----a-w-	c:\windows\system32\tzres.dll
2012-11-09 04:49 . 2012-12-13 07:41	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2012-11-08 10:29 . 2012-11-08 10:29	1402312	----a-w-	c:\windows\SysWow64\msxml4.dll
2012-11-02 05:27 . 2012-12-13 07:40	478208	----a-w-	c:\windows\system32\dpnet.dll
2012-11-02 04:48 . 2012-12-13 07:40	376832	----a-w-	c:\windows\SysWow64\dpnet.dll
2012-10-25 02:12 . 2012-10-25 02:12	94208	----a-w-	c:\windows\SysWow64\QuickTimeVR.qtx
2012-10-25 02:12 . 2012-10-25 02:12	69632	----a-w-	c:\windows\SysWow64\QuickTime.qts
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}]
2012-05-29 07:05	244840	----a-w-	c:\program files (x86)\Softonic\Softonic\1.5.24.3\bh\Softonic.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{5018CFD2-804D-4C99-9F81-25EAEA2769DE}"= "c:\program files (x86)\Softonic\Softonic\1.5.24.3\SoftonicTlbr.dll" [2012-05-29 253032]
.
[HKEY_CLASSES_ROOT\clsid\{5018cfd2-804d-4c99-9f81-25eaea2769de}]
[HKEY_CLASSES_ROOT\Softonic.dskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\Softonic.dskBnd]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 03:40	120176	----a-w-	c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-05-27 337264]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-03-11 201584]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-11 407920]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-06-28 265984]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-25 98304]
"OOTag"="c:\program files (x86)\Acer\OOBEOffer\OOTag.exe" [2010-02-23 13856]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-03 284696]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Sophos AutoUpdate Monitor"="c:\program files (x86)\Sophos\AutoUpdate\almon.exe" [2010-09-21 439536]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2011-11-7 704032]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-25 1129760]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-06-25 342056]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-06-25 39464]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-04-29 1432400]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
R3 lvalarmk;lvalarmk;c:\windows\system32\drivers\lvalarmk.sys [2012-06-29 25336]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520]
R3 ni1006k;NI PXI-1006 Chassis Pilot;c:\windows\system32\drivers\ni1006k.sys [2012-03-06 30800]
R3 ni1045k;NI PXI-1045 Chassis Pilot;c:\windows\system32\drivers\ni1045kl.sys [2012-03-06 12952]
R3 ni1065k;NI PXIe-1065 Chassis Pilot;c:\windows\system32\drivers\ni1065k.sys [2012-03-06 27288]
R3 nicdcck;nicdcck;c:\windows\system32\drivers\nicdcckl.sys [2012-07-10 12992]
R3 nicdrk;nicdrk;c:\windows\system32\drivers\nicdrkl.sys [2011-07-21 11864]
R3 nicmrk;nicmrk;c:\windows\system32\drivers\nicmrkl.sys [2012-07-16 13008]
R3 nicondrk;nicondrk;c:\windows\system32\drivers\nicondrkl.sys [2012-07-16 12976]
R3 nicsrk;nicsrk;c:\windows\system32\drivers\nicsrkl.sys [2012-07-16 12976]
R3 nidmxfk;nidmxfk;c:\windows\system32\drivers\nidmxfkl.sys [2012-07-09 12976]
R3 nidsark;nidsark;c:\windows\system32\drivers\nidsarkl.sys [2012-07-16 12992]
R3 niemrk;niemrk;c:\windows\system32\drivers\niemrkl.sys [2012-07-16 12976]
R3 niemrkw;niemrkw;c:\windows\system32\DRIVERS\niemrkw.sys [2012-07-16 12464]
R3 niesrk;niesrk;c:\windows\system32\drivers\niesrkl.sys [2012-07-16 12976]
R3 nifslk;nifslk;c:\windows\system32\drivers\nifslkl.sys [2012-07-09 12992]
R3 nimsdrk;nimsdrk;c:\windows\system32\drivers\nimsdrkl.sys [2012-07-09 13032]
R3 nimxpk;nimxpk;c:\windows\system32\drivers\nimxpkl.sys [2012-07-09 13008]
R3 ninshsdk;ninshsdk;c:\windows\system32\drivers\ninshsdkl.sys [2011-05-17 12968]
R3 nipalfwedl;nipalfwedl;c:\windows\system32\drivers\nipalfwedl.sys [2012-06-27 12520]
R3 nipalusbedl;nipalusbedl;c:\windows\system32\drivers\nipalusbedl.sys [2012-06-27 12520]
R3 nipxigpk;NI PXI Generic Chassis Pilot;c:\windows\system32\drivers\nipxigpk.sys [2011-08-09 22680]
R3 niraptrk;niraptrk;c:\windows\system32\drivers\niraptrkl.sys [2012-07-16 12976]
R3 niscdk;niscdk;c:\windows\system32\drivers\niscdkl.sys [2012-03-07 12984]
R3 nisdigk;nisdigk;c:\windows\system32\drivers\nisdigkl.sys [2012-02-05 12960]
R3 nisftk;nisftk;c:\windows\system32\drivers\nisftkl.sys [2011-07-08 12952]
R3 nispdk;nispdk;c:\windows\system32\drivers\nispdkl.sys [2012-03-07 12984]
R3 nissrk;nissrk;c:\windows\system32\drivers\nissrkl.sys [2012-07-16 12976]
R3 nistc2k;nistc2k;c:\windows\system32\drivers\nistc2kl.sys [2009-01-05 11824]
R3 nistc3rk;nistc3rk;c:\windows\system32\drivers\nistc3rkl.sys [2012-07-10 12968]
R3 nistcrk;nistcrk;c:\windows\system32\drivers\nistcrkl.sys [2011-07-18 12968]
R3 niswdk;niswdk;c:\windows\system32\drivers\niswdkl.sys [2012-07-11 12976]
R3 nitiork;nitiork;c:\windows\system32\drivers\nitiorkl.sys [2012-07-10 13000]
R3 niufurk;niufurk;c:\windows\system32\drivers\niufurkl.sys [2012-07-16 13008]
R3 niwfrk;niwfrk;c:\windows\system32\drivers\niwfrkl.sys [2012-07-16 12984]
R3 nixsrk;nixsrk;c:\windows\system32\drivers\nixsrkl.sys [2012-07-16 12976]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2010-04-17 50432]
R3 PCDSRVC{6368CD8C-4CE77011-06020200}_0;PCDSRVC{6368CD8C-4CE77011-06020200}_0 - PCDR Kernel Mode Service Helper Driver;c:\users\admini~1\appdata\local\temp\ahxcfic8slpq\pcdrdiag\bin\pcdsrvc_x64.pkms [x]
R3 usb6xxxk;usb6xxxk;c:\windows\system32\drivers\usb6xxxkl.sys [x]
R3 usb6xxxkw;usb6xxxkw;c:\windows\system32\DRIVERS\usb6xxxkw.sys [2011-07-21 11384]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
R4 NIApplicationWebServer64;NI Application Web Server (64-bit);c:\program files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2012-05-22 76488]
S0 nipbcfk;National Instruments Class Upper Filter Driver;c:\windows\System32\drivers\nipbcfk.sys [2012-01-12 16984]
S0 nipxibaf;National Instruments PXI Bridge Access Driver;c:\windows\System32\drivers\nipxibaf.sys [2012-03-06 84688]
S0 nipxibrc;National Instruments PXI Bridge Configuration Driver;c:\windows\System32\drivers\nipxibrc.sys [2012-04-16 60640]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-08-25 203264]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2010-06-11 821792]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [2010-04-07 127800]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
S2 mitsijm2013;Autodesk Moldflow Inventor Tool Suite Integration 2013 Job Manager;c:\program files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe [2012-01-31 339776]
S2 NIApplicationWebServer;NI Application Web Server;c:\program files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2012-05-22 53960]
S2 nidevldu;NI Device Loader;c:\windows\SysWOW64\nipalsm.exe [2012-01-12 12696]
S2 nimDNSResponder;NI mDNS Responder Service;c:\program files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2012-05-31 258776]
S2 NINetworkDiscovery;NI Network Discovery;c:\program files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [2012-06-05 169192]
S2 nipxirmk;nipxirmk;c:\windows\system32\drivers\nipxirmkl.sys [2012-07-10 12984]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2010-04-17 144640]
S2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-04-22 171040]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2010-08-25 10331840]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
S3 nidimk;nidimk;c:\windows\system32\drivers\nidimkl.sys [2012-06-28 13000]
S3 NIEthernetDeviceEnumerator;NI Ethernet Device Enumerator Driver;c:\windows\system32\DRIVERS\niede.sys [2012-01-12 38064]
S3 nimru2k;nimru2k;c:\windows\system32\drivers\nimru2kl.sys [2012-06-28 13008]
S3 nimstsk;nimstsk;c:\windows\system32\drivers\nimstskl.sys [2012-07-09 13008]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-01-20 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 14:39]
.
2013-01-20 c:\windows\Tasks\MATLAB R2012b Startup Accelerator.job
- c:\program files\MATLAB\R2012b\bin\win64\MATLABStartupAccelerator.exe [2012-11-06 17:59]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 03:42	137584	----a-w-	c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2010-04-22 223264]
"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-05-27 349552]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 414744]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-13 11046504]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-07-13 2103912]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-06-09 206208]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2010-06-11 496160]
"OOTag"="c:\program files (x86)\Acer\OOBEOffer\ootag.exe" [2010-02-23 13856]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2012-02-05 415680]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://acer.msn.com
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\impqc2l0.default\
FF - prefs.js: browser.search.selectedEngine - LEO Eng-Deu
FF - prefs.js: browser.startup.homepage - hxxp://www.zeit.de/index
FF - user.js: extensions.Softonic.rvrtMsg - Click Yes to keep current home page and default search settings, Click No to restore original settings
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic_i.newTab - false
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=1&cc=&q=
FF - user.js: extensions.Softonic.id - c493733e00000000000078e40067b2f5
FF - user.js: extensions.Softonic.instlDay - 15491
FF - user.js: extensions.Softonic.vrsn - 1.5.24.3
FF - user.js: extensions.Softonic.vrsni - 1.5.24.3
FF - user.js: extensions.Softonic_i.vrsnTs - 1.5.24.322:27
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - SD
FF - user.js: extensions.Softonic_i.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - base
FF - user.js: extensions.Softonic.instlRef - MON00015
FF - user.js: extensions.Softonic.dfltLng - de
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.admin - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{6368CD8C-4CE77011-06020200}_0]
"ImagePath"="\??\c:\users\admini~1\appdata\local\temp\ahxcfic8slpq\pcdrdiag\bin\pcdsrvc_x64.pkms"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-01-20  17:13:41
ComboFix-quarantined-files.txt  2013-01-20 16:13
.
Vor Suchlauf: 12 Verzeichnis(se), 224.201.158.656 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 225.388.056.576 Bytes frei
.
- - End Of File - - 490BFCDCC17D73F05A8F8B4C38D9A6D8
         

--- --- ---

Bitte beginne damit, Windows Updates zu instalieren.
Am besten geht dies, wenn du über Start, Suchen gehst, und dort Windows Updates eingibst.
Prüfe unter "Einstellungen ändern" dass folgendes ausgewählt ist:
- Updates automatisch Instalieren,
- Täglich
- Uhrzeit wählen
- Bitte den gesammten rest anhaken, außer:
- detailierte benachichtungen anzeigen, wenn neue Microsoft software verfügbar ist.
Klicke jetzt die Schaltfläche "OK"
Klicke jetzt "nach Updates suchen".
Bitte instaliere zunächst wichtige Updates.
Es wird nötig sein, den PC zwischendurch neu zu starten. falls dies der Fall ist, musst du erneut über Start, Suchen, Windows Update aufrufen, auf Updates suchen klicken und die nächsten instalieren.
Mache das selbe bitte mit den optionalen Updates.
wenn du fertig bist, rechtsklick Computer, eigenschaften, prüfe, ob das Servicepack1 (sp1) instaliert ist, melden, wenn fertig.

also die Updates sind alle geladen und servicepack 1 ist auch installiert!

Sehr gut.
combofix:

Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop

• Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten

Zitat:

Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.

starte den Rechner einfach neu. Dies sollte das Problem beheben.

und bitte =)

Combofix Logfile:

Code: Alles auswählenAufklappen

ATTFilter

ComboFix 13-01-21.01 - Christian 21.01.2013  17:05:16.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3767.2530 [GMT 1:00]
ausgeführt von:: c:\users\Christian\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-12-21 bis 2013-01-21  ))))))))))))))))))))))))))))))
.
.
2013-01-21 16:22 . 2013-01-21 16:22	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-01-21 11:28 . 2013-01-21 11:28	--------	d-----w-	c:\windows\system32\SPReview
2013-01-21 10:46 . 2010-11-20 04:00	2560	----a-w-	c:\windows\system32\drivers\de-DE\rdpwd.sys.mui
2013-01-21 10:46 . 2010-11-20 04:12	7168	----a-w-	c:\windows\system32\drivers\de-DE\msdsm.sys.mui
2013-01-21 10:46 . 2010-11-20 04:07	3584	----a-w-	c:\windows\system32\drivers\de-DE\tsusbflt.sys.mui
2013-01-21 10:46 . 2010-11-20 04:00	4608	----a-w-	c:\windows\system32\drivers\de-DE\vdrvroot.sys.mui
2013-01-21 10:46 . 2010-11-20 04:07	2560	----a-w-	c:\windows\system32\drivers\de-DE\disk.sys.mui
2013-01-21 10:36 . 2010-11-20 04:26	194048	----a-w-	c:\windows\system32\itircl.dll
2013-01-21 10:35 . 2010-11-20 04:27	71680	----a-w-	c:\windows\system32\wkscli.dll
2013-01-21 10:34 . 2010-11-20 04:27	455168	----a-w-	c:\windows\system32\nshipsec.dll
2013-01-21 10:19 . 2013-01-21 10:19	--------	d-----w-	c:\windows\system32\EventProviders
2013-01-21 09:33 . 2011-02-18 10:51	31232	----a-w-	c:\windows\system32\prevhost.exe
2013-01-21 09:33 . 2011-02-18 05:39	31232	----a-w-	c:\windows\SysWow64\prevhost.exe
2013-01-21 09:33 . 2011-02-23 04:55	90624	----a-w-	c:\windows\system32\drivers\bowser.sys
2013-01-21 09:33 . 2011-12-16 08:46	634880	----a-w-	c:\windows\system32\msvcrt.dll
2013-01-21 09:33 . 2011-02-12 11:34	267776	----a-w-	c:\windows\system32\FXSCOVER.exe
2013-01-21 09:33 . 2010-11-20 13:25	974336	----a-w-	c:\windows\system32\WFS.exe
2013-01-21 09:33 . 2011-12-16 07:52	690688	----a-w-	c:\windows\SysWow64\msvcrt.dll
2013-01-21 09:33 . 2011-05-03 05:29	976896	----a-w-	c:\windows\system32\inetcomm.dll
2013-01-21 09:33 . 2011-05-03 04:30	741376	----a-w-	c:\windows\SysWow64\inetcomm.dll
2013-01-21 09:22 . 2013-01-21 09:22	--------	d-----w-	c:\users\Christian\AppData\Local\ElevatedDiagnostics
2013-01-20 19:00 . 2013-01-20 19:00	--------	d-----w-	c:\windows\CheckSur
2013-01-20 18:45 . 2013-01-20 18:45	--------	d-----w-	c:\windows\de
2013-01-20 18:43 . 2013-01-20 18:44	--------	d-----w-	c:\program files (x86)\Windows Live
2013-01-20 18:43 . 2009-09-04 16:44	69464	----a-w-	c:\windows\SysWow64\XAPOFX1_3.dll
2013-01-20 18:43 . 2009-09-04 16:44	515416	----a-w-	c:\windows\SysWow64\XAudio2_5.dll
2013-01-20 18:43 . 2009-09-04 16:29	453456	----a-w-	c:\windows\SysWow64\d3dx10_42.dll
2013-01-20 18:43 . 2009-09-04 16:29	523088	----a-w-	c:\windows\system32\d3dx10_42.dll
2013-01-20 18:38 . 2013-01-20 18:38	7450888	----a-w-	c:\program files (x86)\Common Files\Windows Live\.cache\5ca0707e1cdf73d47\bingbarsetup.exe
2013-01-20 18:36 . 2013-01-20 18:36	15712	----a-w-	c:\program files (x86)\Common Files\Windows Live\.cache\1e15107b1cdf73d39\MeshBetaRemover.exe
2013-01-20 18:34 . 2013-01-20 18:34	89944	----a-w-	c:\program files (x86)\Common Files\Windows Live\.cache\d4147cf81cdf73c2b\DSETUP.dll
2013-01-20 18:34 . 2013-01-20 18:34	537432	----a-w-	c:\program files (x86)\Common Files\Windows Live\.cache\d4147cf81cdf73c2b\DXSETUP.exe
2013-01-20 18:34 . 2013-01-20 18:34	1801048	----a-w-	c:\program files (x86)\Common Files\Windows Live\.cache\d4147cf81cdf73c2b\dsetup32.dll
2013-01-20 18:34 . 2013-01-20 18:34	94040	----a-w-	c:\program files (x86)\Common Files\Windows Live\.cache\d0eed2ae1cdf73c2a\DSETUP.dll
2013-01-20 18:34 . 2013-01-20 18:34	525656	----a-w-	c:\program files (x86)\Common Files\Windows Live\.cache\d0eed2ae1cdf73c2a\DXSETUP.exe
2013-01-20 18:34 . 2013-01-20 18:34	1691480	----a-w-	c:\program files (x86)\Common Files\Windows Live\.cache\d0eed2ae1cdf73c2a\dsetup32.dll
2013-01-20 18:28 . 2013-01-20 18:28	--------	d-----w-	c:\users\Christian\AppData\Local\Windows Live
2013-01-20 18:24 . 2012-12-16 16:31	67599240	----a-w-	c:\windows\system32\MRT.exe
2013-01-20 16:21 . 2013-01-21 16:03	--------	d-----w-	c:\programdata\Sophos Web Intelligence
2013-01-20 14:25 . 2013-01-15 01:45	9161176	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{A112F0BF-4A39-4E71-84AA-48D04B06F6C0}\mpengine.dll
2013-01-19 19:55 . 2013-01-19 19:55	--------	d-----w-	c:\users\Christian\AppData\Roaming\Malwarebytes
2013-01-19 19:54 . 2013-01-19 19:54	--------	d-----w-	c:\programdata\Malwarebytes
2013-01-19 19:54 . 2013-01-19 19:54	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-01-19 19:54 . 2012-12-14 15:49	24176	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-01-19 19:54 . 2013-01-19 19:54	--------	d-----w-	c:\users\Christian\AppData\Local\Programs
2013-01-19 19:44 . 2013-01-19 19:44	--------	d-----w-	c:\users\Christian\AppData\Local\Sophos
2013-01-13 18:02 . 2013-01-13 18:02	--------	d-----w-	c:\program files\iPod
2013-01-13 18:01 . 2013-01-13 18:02	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-01-13 18:01 . 2013-01-13 18:02	--------	d-----w-	c:\program files\iTunes
2013-01-13 18:01 . 2013-01-13 18:02	--------	d-----w-	c:\program files (x86)\iTunes
2013-01-10 09:57 . 2012-11-09 05:45	750592	----a-w-	c:\windows\system32\win32spl.dll
2013-01-10 09:57 . 2012-11-09 04:43	492032	----a-w-	c:\windows\SysWow64\win32spl.dll
2013-01-09 11:08 . 2013-01-09 11:08	--------	d-----w-	c:\program files (x86)\Common Files\Adobe
2012-12-25 15:48 . 2012-12-16 17:11	46080	----a-w-	c:\windows\system32\atmlib.dll
2012-12-25 15:48 . 2012-12-16 14:13	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2012-12-25 15:48 . 2012-12-16 14:45	367616	----a-w-	c:\windows\system32\atmfd.dll
2012-12-25 15:48 . 2012-12-16 14:13	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2012-12-24 15:45 . 2012-12-24 15:45	--------	d-----w-	c:\program files\Common Files\EPSON
2012-12-24 15:45 . 2012-12-24 15:45	--------	d-----w-	c:\programdata\EPSON
2012-12-24 15:43 . 2007-04-09 15:06	10752	----a-w-	c:\windows\system32\E_GCINST.DLL
2012-12-24 15:43 . 2008-11-11 17:00	118784	----a-w-	c:\windows\system32\E_ILMHLE.DLL
2012-12-24 15:43 . 2009-09-30 17:01	88064	----a-w-	c:\windows\system32\E_IBCBHLE.DLL
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-21 11:16 . 2009-07-14 02:36	175616	----a-w-	c:\windows\system32\msclmd.dll
2013-01-21 11:16 . 2009-07-14 02:36	152576	----a-w-	c:\windows\SysWow64\msclmd.dll
2013-01-20 18:44 . 2011-03-28 17:36	19696	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-01-10 14:39 . 2012-04-02 18:24	74248	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-10 14:39 . 2012-04-02 18:24	697864	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-11-30 04:45 . 2013-01-10 09:56	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2012-11-14 07:06 . 2012-12-14 09:02	17811968	----a-w-	c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-14 09:02	10925568	----a-w-	c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-14 09:02	2312704	----a-w-	c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-14 09:02	1346048	----a-w-	c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-14 09:02	1392128	----a-w-	c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-14 09:02	1494528	----a-w-	c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-14 09:02	237056	----a-w-	c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-14 09:02	85504	----a-w-	c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-14 09:02	816640	----a-w-	c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-14 09:02	599040	----a-w-	c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-14 09:02	173056	----a-w-	c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-14 09:02	2144768	----a-w-	c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-14 09:02	729088	----a-w-	c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-14 09:02	96768	----a-w-	c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-14 09:02	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-14 09:02	248320	----a-w-	c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-14 09:02	1800704	----a-w-	c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-14 09:02	1427968	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-14 09:02	1129472	----a-w-	c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-14 09:02	142848	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-14 09:02	420864	----a-w-	c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-14 09:02	2382848	----a-w-	c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-13 07:41	2048	----a-w-	c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-13 07:41	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2012-11-08 10:29 . 2012-11-08 10:29	1402312	----a-w-	c:\windows\SysWow64\msxml4.dll
2012-11-02 05:59 . 2012-12-13 07:40	478208	----a-w-	c:\windows\system32\dpnet.dll
2012-11-02 05:11 . 2012-12-13 07:40	376832	----a-w-	c:\windows\SysWow64\dpnet.dll
2012-10-25 02:12 . 2012-10-25 02:12	94208	----a-w-	c:\windows\SysWow64\QuickTimeVR.qtx
2012-10-25 02:12 . 2012-10-25 02:12	69632	----a-w-	c:\windows\SysWow64\QuickTime.qts
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\Wow6432Node\~\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}]
2012-05-29 07:05	244840	----a-w-	c:\program files (x86)\Softonic\Softonic\1.5.24.3\bh\Softonic.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{5018CFD2-804D-4C99-9F81-25EAEA2769DE}"= "c:\program files (x86)\Softonic\Softonic\1.5.24.3\SoftonicTlbr.dll" [2012-05-29 253032]
.
[HKEY_CLASSES_ROOT\clsid\{5018cfd2-804d-4c99-9f81-25eaea2769de}]
[HKEY_CLASSES_ROOT\Softonic.dskBnd.1]
[HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}]
[HKEY_CLASSES_ROOT\Softonic.dskBnd]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	129272	----a-w-	c:\users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt.17.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 03:40	120176	----a-w-	c:\program files (x86)\EgisTec MyWinLocker\x86\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2010-05-27 337264]
"EgisUpdate"="c:\program files (x86)\EgisTec IPS\EgisUpdate.exe" [2010-03-11 201584]
"EgisTecPMMUpdate"="c:\program files (x86)\EgisTec IPS\PmmUpdate.exe" [2010-03-11 407920]
"BackupManagerTray"="c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" [2010-06-28 265984]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-08-25 98304]
"OOTag"="c:\program files (x86)\Acer\OOBEOffer\OOTag.exe" [2010-02-23 13856]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-03-03 284696]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2010-08-10 975952]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2010-05-14 248552]
"Sophos AutoUpdate Monitor"="c:\program files (x86)\Sophos\AutoUpdate\almon.exe" [2010-09-21 439536]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-10-25 421888]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-12-18 946352]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544]
"BingDesktop"="c:\program files (x86)\Microsoft\BingDesktop\BingDesktop.exe" [2012-11-22 2127896]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Acer VCM.lnk - c:\program files (x86)\Acer\Acer VCM\AcerVCM.exe [2011-11-7 704032]
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2010-6-25 1129760]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-11-09 160944]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2009-05-26 40448]
R3 btwampfl;Bluetooth AMP USB Filter;c:\windows\system32\drivers\btwampfl.sys [2010-06-25 342056]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [2010-06-25 39464]
R3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64;c:\program files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2012-04-29 1432400]
R3 Impcd;Impcd;c:\windows\system32\DRIVERS\Impcd.sys [2010-02-10 158720]
R3 lvalarmk;lvalarmk;c:\windows\system32\drivers\lvalarmk.sys [2012-06-29 25336]
R3 MWLService;MyWinLocker Service;c:\program files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-05-27 305520]
R3 ni1006k;NI PXI-1006 Chassis Pilot;c:\windows\system32\drivers\ni1006k.sys [2012-03-06 30800]
R3 ni1045k;NI PXI-1045 Chassis Pilot;c:\windows\system32\drivers\ni1045kl.sys [2012-03-06 12952]
R3 ni1065k;NI PXIe-1065 Chassis Pilot;c:\windows\system32\drivers\ni1065k.sys [2012-03-06 27288]
R3 nicdcck;nicdcck;c:\windows\system32\drivers\nicdcckl.sys [2012-07-10 12992]
R3 nicdrk;nicdrk;c:\windows\system32\drivers\nicdrkl.sys [2011-07-21 11864]
R3 nicmrk;nicmrk;c:\windows\system32\drivers\nicmrkl.sys [2012-07-16 13008]
R3 nicondrk;nicondrk;c:\windows\system32\drivers\nicondrkl.sys [2012-07-16 12976]
R3 nicsrk;nicsrk;c:\windows\system32\drivers\nicsrkl.sys [2012-07-16 12976]
R3 nidmxfk;nidmxfk;c:\windows\system32\drivers\nidmxfkl.sys [2012-07-09 12976]
R3 nidsark;nidsark;c:\windows\system32\drivers\nidsarkl.sys [2012-07-16 12992]
R3 niemrk;niemrk;c:\windows\system32\drivers\niemrkl.sys [2012-07-16 12976]
R3 niemrkw;niemrkw;c:\windows\system32\DRIVERS\niemrkw.sys [2012-07-16 12464]
R3 niesrk;niesrk;c:\windows\system32\drivers\niesrkl.sys [2012-07-16 12976]
R3 nifslk;nifslk;c:\windows\system32\drivers\nifslkl.sys [2012-07-09 12992]
R3 nimsdrk;nimsdrk;c:\windows\system32\drivers\nimsdrkl.sys [2012-07-09 13032]
R3 nimxpk;nimxpk;c:\windows\system32\drivers\nimxpkl.sys [2012-07-09 13008]
R3 ninshsdk;ninshsdk;c:\windows\system32\drivers\ninshsdkl.sys [2011-05-17 12968]
R3 nipalfwedl;nipalfwedl;c:\windows\system32\drivers\nipalfwedl.sys [2012-06-27 12520]
R3 nipalusbedl;nipalusbedl;c:\windows\system32\drivers\nipalusbedl.sys [2012-06-27 12520]
R3 nipxigpk;NI PXI Generic Chassis Pilot;c:\windows\system32\drivers\nipxigpk.sys [2011-08-09 22680]
R3 niraptrk;niraptrk;c:\windows\system32\drivers\niraptrkl.sys [2012-07-16 12976]
R3 niscdk;niscdk;c:\windows\system32\drivers\niscdkl.sys [2012-03-07 12984]
R3 nisdigk;nisdigk;c:\windows\system32\drivers\nisdigkl.sys [2012-02-05 12960]
R3 nisftk;nisftk;c:\windows\system32\drivers\nisftkl.sys [2011-07-08 12952]
R3 nispdk;nispdk;c:\windows\system32\drivers\nispdkl.sys [2012-03-07 12984]
R3 nissrk;nissrk;c:\windows\system32\drivers\nissrkl.sys [2012-07-16 12976]
R3 nistc2k;nistc2k;c:\windows\system32\drivers\nistc2kl.sys [2009-01-05 11824]
R3 nistc3rk;nistc3rk;c:\windows\system32\drivers\nistc3rkl.sys [2012-07-10 12968]
R3 nistcrk;nistcrk;c:\windows\system32\drivers\nistcrkl.sys [2011-07-18 12968]
R3 niswdk;niswdk;c:\windows\system32\drivers\niswdkl.sys [2012-07-11 12976]
R3 nitiork;nitiork;c:\windows\system32\drivers\nitiorkl.sys [2012-07-10 13000]
R3 niufurk;niufurk;c:\windows\system32\drivers\niufurkl.sys [2012-07-16 13008]
R3 niwfrk;niwfrk;c:\windows\system32\drivers\niwfrkl.sys [2012-07-16 12984]
R3 nixsrk;nixsrk;c:\windows\system32\drivers\nixsrkl.sys [2012-07-16 12976]
R3 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2010-04-17 50432]
R3 PCDSRVC{6368CD8C-4CE77011-06020200}_0;PCDSRVC{6368CD8C-4CE77011-06020200}_0 - PCDR Kernel Mode Service Helper Driver;c:\users\admini~1\appdata\local\temp\ahxcfic8slpq\pcdrdiag\bin\pcdsrvc_x64.pkms [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 usb6xxxk;usb6xxxk;c:\windows\system32\drivers\usb6xxxkl.sys [x]
R3 usb6xxxkw;usb6xxxkw;c:\windows\system32\DRIVERS\usb6xxxkw.sys [2011-07-21 11384]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
R4 NIApplicationWebServer64;NI Application Web Server (64-bit);c:\program files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2012-05-22 76488]
S0 nipbcfk;National Instruments Class Upper Filter Driver;c:\windows\System32\drivers\nipbcfk.sys [2012-01-12 16984]
S0 nipxibaf;National Instruments PXI Bridge Access Driver;c:\windows\System32\drivers\nipxibaf.sys [2012-03-06 84688]
S0 nipxibrc;National Instruments PXI Bridge Configuration Driver;c:\windows\System32\drivers\nipxibrc.sys [2012-04-16 60640]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2009-06-03 22576]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2009-06-03 20016]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2009-06-03 60464]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2010-08-25 203264]
S2 BingDesktopUpdate;Bing Desktop Update service;c:\program files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2012-11-22 166424]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2010-08-10 321104]
S2 ePowerSvc;Acer ePower Service;c:\program files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2010-06-11 821792]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2010-01-08 23584]
S2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [2010-04-07 127800]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-03 13336]
S2 mitsijm2013;Autodesk Moldflow Inventor Tool Suite Integration 2013 Job Manager;c:\program files\Autodesk\Inventor 2013\Moldflow\bin\mitsijm.exe [2012-01-31 339776]
S2 NIApplicationWebServer;NI Application Web Server;c:\program files (x86)\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2012-05-22 53960]
S2 nidevldu;NI Device Loader;c:\windows\SysWOW64\nipalsm.exe [2012-01-12 12696]
S2 nimDNSResponder;NI mDNS Responder Service;c:\program files (x86)\National Instruments\Shared\mDNS Responder\nimdnsResponder.exe [2012-05-31 258776]
S2 NINetworkDiscovery;NI Network Discovery;c:\program files (x86)\National Instruments\Shared\NI Network Discovery\niDiscSvc.exe [2012-06-05 169192]
S2 nipxirmk;nipxirmk;c:\windows\system32\drivers\nipxirmkl.sys [2012-07-10 12984]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-06-28 255744]
S2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2010-04-17 144640]
S2 ODDPwrSvc;Acer ODD Power Service;c:\program files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [2010-04-22 171040]
S2 RS_Service;Raw Socket Service;c:\program files (x86)\Acer\Acer VCM\RS_Service.exe [2010-01-30 260640]
S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-09-30 2314240]
S2 Updater Service;Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2010-01-29 243232]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys [2010-08-25 10331840]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
S3 nidimk;nidimk;c:\windows\system32\drivers\nidimkl.sys [2012-06-28 13000]
S3 NIEthernetDeviceEnumerator;NI Ethernet Device Enumerator Driver;c:\windows\system32\DRIVERS\niede.sys [2012-01-12 38064]
S3 nimru2k;nimru2k;c:\windows\system32\drivers\nimru2kl.sys [2012-06-28 13008]
S3 nimstsk;nimstsk;c:\windows\system32\drivers\nimstskl.sys [2012-07-09 13008]
.
.
Inhalt des "geplante Tasks" Ordners
.
2013-01-21 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-02 14:39]
.
2013-01-21 c:\windows\Tasks\MATLAB R2012b Startup Accelerator.job
- c:\program files\MATLAB\R2012b\bin\win64\MATLABStartupAccelerator.exe [2012-11-06 17:59]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2012-11-13 23:32	162552	----a-w-	c:\users\Christian\AppData\Roaming\Dropbox\bin\DropboxExt64.17.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2010-05-27 03:42	137584	----a-w-	c:\program files (x86)\EgisTec MyWinLocker\x64\PSDProtect.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ODDPwr"="c:\program files\Acer\Optical Drive Power Management\ODDPwr.exe" [2010-04-22 223264]
"mwlDaemon"="c:\program files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe" [2010-05-27 349552]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2010-08-25 161304]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2010-08-25 386584]
"Persistence"="c:\windows\system32\igfxpers.exe" [2010-08-25 414744]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2010-07-13 11046504]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2010-07-13 2103912]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-04-09 320000]
"SynTPEnh"="c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe" [BU]
"PLFSetI"="c:\windows\PLFSetI.exe" [2010-06-09 206208]
"Acer ePower Management"="c:\program files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe" [2010-06-11 496160]
"OOTag"="c:\program files (x86)\Acer\OOBEOffer\ootag.exe" [2010-02-23 13856]
"Autodesk Sync"="c:\program files\Autodesk\Autodesk Sync\AdSync.exe" [2012-02-05 415680]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://acer.msn.com
mDefault_Page_URL = hxxp://acer.msn.com
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\impqc2l0.default\
FF - prefs.js: browser.search.selectedEngine - LEO Eng-Deu
FF - prefs.js: browser.startup.homepage - hxxp://www.zeit.de/index
FF - user.js: extensions.Softonic.rvrtMsg - Click Yes to keep current home page and default search settings, Click No to restore original settings
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic_i.newTab - false
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/MON00015/tb_v1?SearchSource=1&cc=&q=
FF - user.js: extensions.Softonic.id - c493733e00000000000078e40067b2f5
FF - user.js: extensions.Softonic.instlDay - 15491
FF - user.js: extensions.Softonic.vrsn - 1.5.24.3
FF - user.js: extensions.Softonic.vrsni - 1.5.24.3
FF - user.js: extensions.Softonic_i.vrsnTs - 1.5.24.322:27
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - SD
FF - user.js: extensions.Softonic_i.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - base
FF - user.js: extensions.Softonic.instlRef - MON00015
FF - user.js: extensions.Softonic.dfltLng - de
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.admin - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\PCDSRVC{6368CD8C-4CE77011-06020200}_0]
"ImagePath"="\??\c:\users\admini~1\appdata\local\temp\ahxcfic8slpq\pcdrdiag\bin\pcdsrvc_x64.pkms"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2013-01-21  17:41:17
ComboFix-quarantined-files.txt  2013-01-21 16:41
.
Vor Suchlauf: 17 Verzeichnis(se), 231.997.452.288 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 231.097.270.272 Bytes frei
.
- - End Of File - - D941B308BF88D1833103BC2E3B87F500
         

--- --- ---

passt.
lade den CCleaner standard:
CCleaner - Download - Filepony
falls der CCleaner
bereits instaliert, überspringen.
öffnen, Tools (extras),uninstall Llist, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

Hier die Liste

Zitat:

3Dconnexion 3DxSoftware (x64 Edition) 3Dconnexion 29.04.2012 3.15.3 NOTWENDIG
Acer Backup Manager NewTech Infosystems 07.11.2011 27,5MB 2.0.0.68 NOTWENDIG
Acer Crystal Eye Webcam Suyin Optronics Corp 15.03.2012 5.3.38.1 NOTWENDIG
Acer eRecovery Management Acer Incorporated 07.11.2011 4.05.3013 NOTWENDIG
Acer PowerSmart Manager Acer Incorporated 15.03.2012 5.02.3004 NOTWENDIG
Acer Registration Acer Incorporated 15.03.2012 1.03.3003 NOTWENDIG
Acer ScreenSaver Acer Incorporated 15.03.2012 1.1.0222.2010 NOTWENDIG
Acer Updater Acer Incorporated 07.11.2011 1.02.3001 NOTWENDIG
Acer VCM Acer Incorporated 07.11.2011 4.05.3002 NOTWENDIG
Acrobat.com Adobe Systems Incorporated 07.11.2011 1,60MB 1.6.65 NOTWENDIG
Adobe AIR Adobe Systems Inc. 07.11.2011 1.5.0.7220 UNBEKANNT
Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 10.01.2013 6,00MB 11.5.502.146 NOTWENDIG
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 10.01.2013 6,00MB 11.5.502.146 NOTWENDIG
Adobe Reader XI (11.0.01) - Deutsch Adobe Systems Incorporated 09.01.2013 132MB 11.0.01 NOTWENDIG
Alcor Micro USB Card Reader Alcor Micro Corp. 15.03.2012 2,86MB 1.2.17.05001 UNBEKANNT
Apple Application Support Apple Inc. 12.12.2012 65,0MB 2.3.2 NOTWENDIG
Apple Mobile Device Support Apple Inc. 12.12.2012 25,1MB 6.0.1.3 NOTWENDIG
Apple Software Update Apple Inc. 26.03.2012 2,38MB 2.1.3.127 NOTWENDIG
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver Atheros Communications Inc. 15.03.2012 1.0.0.35 NOTWENDIG
ATI Catalyst Install Manager ATI Technologies, Inc. 15.03.2012 22,3MB 3.0.778.0 NOTWENDIG
Autodesk Design Review 2013 Autodesk, Inc. 29.04.2012 13.0.0.82 NOTWENDIG
Autodesk Inventor Content Center Libraries 2013 (Desktop Content) Autodesk 29.04.2012 1,31MB 17.0.13800.0000 NOTWENDIG
Autodesk Inventor Fusion 2013 Autodesk, Inc. 29.04.2012 585MB 2.0.0.206 NOTWENDIG
Autodesk Inventor Fusion for Inventor 2013 Add-in Autodesk 29.04.2012 12,9MB 1.0.0.111 NOTWENDIG
Autodesk Inventor Professional 2013 Deutsch (German) Autodesk 29.04.2012 3,51GB 17.0.13800.0000 NOTWENDIG
Autodesk Material Library 2013 Autodesk 29.04.2012 94,9MB 3.0.13 NOTWENDIG
Autodesk Material Library Base Resolution Image Library 2013 Autodesk 29.04.2012 71,4MB 3.0.13 NOTWENDIG
Autodesk Material Library Low Resolution Image Library 2013 Autodesk 29.04.2012 245MB 3.0.13 NOTWENDIG
Autodesk Sync Autodesk, Inc. 29.04.2012 57,5MB 3.5.24.0 NOTWENDIG
Autodesk Vault Basic 2013 (Client) Autodesk 29.04.2012 17.0.61.0 NOTWENDIG
Bing-Desktop Microsoft Corporation 20.01.2013 5,25MB 1.1.165.0 UNNÖTIG
Bonjour Apple Inc. 26.03.2012 2,00MB 3.0.0.10 NOTWENDIG
CCleaner Piriform 19.12.2012 3.26 NOTWENDIG
Cisco Systems VPN Client 5.0.07.0290 10.04.2012 10,6MB NOTWENDIG
Dropbox Dropbox, Inc. 26.12.2012 1.6.10 NOTWENDIG
DWG TrueView 2013 Autodesk 29.04.2012 19.0.55.0 NOTWENDIG
Eco Materials Adviser (x64) Granta Design Limited 03.04.2012 55,6MB 1.32.0.0 NOTWENDIG
Eco Materials Adviser for Autodesk Inventor 2013 Granta Design Limited 29.04.2012 50,0MB 3.9.12.0 NOTWENDIG
EPSON SX235 Series Printer Uninstall SEIKO EPSON Corporation 24.12.2012 UNNÖTIG
GIMP 2.8.0 The GIMP Team 19.05.2012 241MB 2.8.0 NOTWENDIG
Google Chrome Google Inc. 21.01.2013 24.0.1312.52 UNNÖTIG
HP LaserJet Professional P1100-P1560-P1600 Series 03.04.2012 NOTWENDIG
Identity Card Acer Incorporated 15.03.2012 1.00.3003 UNBEKANNT
Intel(R) Control Center Intel Corporation 20.01.2013 1.2.1.1007 UNBEKANNT
Intel(R) Management Engine Components Intel Corporation 20.01.2013 6.0.0.1179 UNBEKANNT
Intel(R) Rapid Storage Technology Intel Corporation 20.01.2013 9.6.0.1014 UNBEKANNT
Intel(R) Turbo Boost Technology Driver Intel Corporation 20.01.2013 01.01.01.1007 UNBEKANNT
iTunes Apple Inc. 13.01.2013 189MB 11.0.1.12 NOTWENDIG
Java(TM) 6 Update 22 Oracle 03.04.2012 97,0MB 6.0.220 NOTWENDIG
Java(TM) 7 Update 3 (64-bit) Oracle 03.04.2012 93,6MB 7.0.30 NOTWENDIG
Java(TM) SE Development Kit 7 Update 3 (64-bit) Oracle 03.04.2012 141MB 1.7.0.30 NOTWENDIG
JavaFX 2.0.3 (64-bit) Oracle Corporation 03.04.2012 20,8MB 2.0.3 NOTWENDIG
JavaFX 2.0.3 SDK (64-bit) Oracle Corporation 03.04.2012 66,7MB 2.0.3 NOTWENDIG
Launch Manager Acer Inc. 15.03.2012 4.0.14 NOTWENDIG
Malwarebytes Anti-Malware Version 1.70.0.1100 Malwarebytes Corporation 19.01.2013 18,4MB 1.70.0.1100 NOTWENDIG
MATLAB R2012b The MathWorks, Inc. 06.11.2012 8.0 NOTWENDIG
Merriam Websters Spell Jam Oberon Media 15.03.2012 UNBEKANNT
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 03.04.2012 38,8MB 4.0.30319 NOTWENDIG
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 29.04.2012 2,93MB 4.0.30319 NOTWENDIG
Microsoft .NET Framework 4 Extended Microsoft Corporation 03.04.2012 51,9MB 4.0.30319 NOTWENDIG
Microsoft .NET Framework 4 Extended DEU Language Pack Microsoft Corporation 29.04.2012 10,6MB 4.0.30319 NOTWENDIG
Microsoft Chart Controls for Microsoft .NET Framework 3.5 Microsoft Corporation 04.04.2012 13,8MB 3.5.30730.0 NOTWENDIG
Microsoft Office Professional Plus 2010 Microsoft Corporation 09.06.2012 14.0.6029.1000 NOTWENDIG
Microsoft Silverlight Microsoft Corporation 21.10.2012 50,6MB 5.1.10411.0 NOTWENDIG
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 20.01.2013 1,69MB 3.1.0000 NOTWENDIG
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 14.11.2012 572KB 8.0.61000 NOTWENDIG
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 14.11.2012 788KB 9.0.30729.6161 NOTWENDIG
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 Microsoft Corporation 11.01.2013 5,28MB 10.0.30319 NOTWENDIG
Microsoft WSE 3.0 Runtime Microsoft Corp. 03.04.2012 942KB 3.0.5305.0 UNBEKANNT
MiKTeX 2.9 MiKTeX.org 23.04.2012 2.9 NOTWENDIG
Mozilla Firefox 18.0.1 (x86 de) Mozilla 20.01.2013 86,4MB 18.0.1 NOTWENDIG
Mozilla Maintenance Service Mozilla 20.01.2013 330KB 18.0.1 UNBEAKKNT
MSXML 4.0 SP3 Parser Microsoft Corporation 26.03.2012 1,47MB 4.30.2100.0 UNBEKANNT
MSXML 4.0 SP3 Parser (KB2721691) Microsoft Corporation 12.07.2012 1,53MB 4.30.2114.0 UNBEKANNT
MSXML 4.0 SP3 Parser (KB2758694) Microsoft Corporation 11.01.2013 1,54MB 4.30.2117.0 UNBEKANNT
MSXML 4.0 SP3 Parser (KB973685) Microsoft Corporation 28.03.2012 1,53MB 4.30.2107.0 UNBEKANNT
MyWinLocker Suite Egis Technology Inc. 07.11.2011 2,20MB 3.1.212.0 UNBEKANNT
National Instruments - Software National Instruments 13.11.2012 NOTWENDIG
NTI Backup Now 5 NewTech Infosystems 07.11.2011 467MB 5.1.2.630 UNBEKANNT
NTI Media Maker 8 NewTech Infosystems 07.11.2011 773MB 8.0.12.6636 UNBEKANNT
OpenOffice.org 3.3 OpenOffice.org 03.04.2012 414MB 3.3.9567 NOTWENDIG
Optical Drive Power Management Acer Incorporated 07.11.2011 1.01.3007 NOTWENDIG
QuickTime Apple Inc. 12.12.2012 73,1MB 7.73.80.64 NOTWENDIG
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 15.03.2012 6.0.1.6156 NOTWENDIG
Schnell-Deinstallations-Tool für Autodesk Inventor 2013 Autodesk 29.04.2012 1,78MB 17.0.13800.0000 NOTWENDIG
Skype™ 6.0 Skype Technologies S.A. 09.12.2012 20,3MB 6.0.126 NOTWENDIG
Softonic toolbar on IE Softonic 31.05.2012 NOTWENDIG
Sophos Anti-Virus Sophos Plc 21.01.2013 21,3MB 9.5.5 NOTWENDIG
Sophos AutoUpdate Sophos Plc 21.01.2013 8,66MB 2.5.7 NOTWENDIG
Synaptics Pointing Device Driver Synaptics Incorporated 15.03.2012 15.0.12.0 UNBEKANNT
VLC media player 2.0.2 VideoLAN 30.07.2012 2.0.2 NOTWENDIG
Welcome Center Acer Incorporated 15.03.2012 1.02.3004 NOTWENDIG
WIDCOMM Bluetooth Software Broadcom Corporation 15.03.2012 183MB 6.3.0.6000 NOTWENDIG
Windows Live Essentials Microsoft Corporation 20.01.2013 15.4.3555.0308 UNNÖTIG

deinstaliere:
Adobe Flash Player alle
Adobe - Install Adobe Flash Player
neueste version laden, instalieren.
adobe reader:
Java-Downloads für alle Betriebssysteme
klicke:
Download der Java-Software für Windows Offline
laden, und instalieren
deinstaliere:
Merriam
Softonic : finger weg von Softonic und deren tgoolbars, lade Software nur beim Hersteller!
Windows Live

Öffne CCleaner analysieren starten, PC neustarten.
Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Starte die adwcleaner.exe mit einem Doppelklick.
• Klicke auf Suche.
• Nach Ende des Suchlaufs öffnet sich eine Textdatei.
• Poste
  mir den Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner[R1].txt.

und bitte:

Zitat:

# AdwCleaner v2.107 - Datei am 21/01/2013 um 19:51:35 erstellt
# Aktualisiert am 21/01/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Christian - CHRISTIAN-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Christian\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gefunden : C:\user.js
Datei Gefunden : C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\impqc2l0.default\searchplugins\11-suche.xml
Ordner Gefunden : C:\ProgramData\boost_interprocess

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v18.0.1 (de)

Datei : C:\Users\Christian\AppData\Roaming\Mozilla\Firefox\Profiles\impqc2l0.default\prefs.js

Gefunden : user_pref("extensions.Softonic.admin", false);
Gefunden : user_pref("extensions.Softonic.aflt", "SD");
Gefunden : user_pref("extensions.Softonic.autoRvrt", "false");
Gefunden : user_pref("extensions.Softonic.dfltLng", "de");
Gefunden : user_pref("extensions.Softonic.excTlbr", false);
Gefunden : user_pref("extensions.Softonic.id", "c493733e00000000000078e40067b2f5");
Gefunden : user_pref("extensions.Softonic.instlDay", "15491");
Gefunden : user_pref("extensions.Softonic.instlRef", "MON00015");
Gefunden : user_pref("extensions.Softonic.prdct", "Softonic");
Gefunden : user_pref("extensions.Softonic.prtnrId", "softonic");
Gefunden : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search set[...]
Gefunden : user_pref("extensions.Softonic.tlbrId", "base");
Gefunden : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MON00015/tb_v1?SearchSource[...]
Gefunden : user_pref("extensions.Softonic.vrsn", "1.5.24.3");
Gefunden : user_pref("extensions.Softonic.vrsni", "1.5.24.3");
Gefunden : user_pref("extensions.Softonic_i.newTab", false);
Gefunden : user_pref("extensions.Softonic_i.smplGrp", "none");
Gefunden : user_pref("extensions.Softonic_i.vrsnTs", "1.5.24.322:27:05");

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Christian\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [2455 octets] - [21/01/2013 19:51:35]

########## EOF - C:\AdwCleaner[R1].txt - [2515 octets] ##########