Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung
Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen?

Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen?


Log-Analyse und Auswertung: Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen?

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML

Antwort
Seite 1 von 2 1 2
Alt 22.08.2012, 15:27   #1
muschelkram
 
Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen? - Standard

Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen?


So !
Ich hab eben schon mal einen langen Text zu meinem Problem verfasst und plötzlich war er weg ! Ich weiß nicht wo er ist!

Also nochmal:

meine 15 jährige Tochter hat gravierende Mängel auf ihrem, DIESEM Laptop, die ich für sie bereinigen möchte, weil sie grad selber keine Zeit dazu hat.

ICH hab absolut keinen Plan von diesen Sachen, stelle mich aber der Herausorderung und googel sogar Fremdwörter, wie Logfile ! (Nur damit Sie bescheid wissen !)

Der Laptop lief am Wochenende nicht richtig.
Er fuhr hoch, meldete dann aber recht schnell, dass er innerhalb einer Minute wieder runtergefahren würde. Und so war es dann auch. Hoch - runter, immer wieder.
Heute schaltete ich ihn nach 30 stündiger Ausszeit mal wieder an, und er fuhr einwandfrei hoch, sodass ich wenigstens mal den Malware Scan durchführen konnte. Leider ziemlich viel Mist drauf. Wie krieg ich das also dauerhaft gelöscht?
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org

Datenbank Version: v2012.08.22.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Juliana x3 :: ENTE [Administrator]

21.08.2012 13:43:53
mbam-log-2012-08-21 (16-25-30).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|D:\|E:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 324137
Laufzeit: 40 Minute(n), 41 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 24
HKCR\CLSID\{00cbb66b-1d3b-46d3-9577-323a336acb50} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\wit4ie.WitBHO.2 (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\wit4ie.WitBHO (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\tdataprotocol.CTData.1 (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\tdataprotocol.CTData (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\updatebho.TimerBHO.1 (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\updatebho.TimerBHO (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\PROTOCOLS\HANDLER\BASE64 (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\PROTOCOLS\HANDLER\CHROME (PUP.Blabbers) -> Keine Aktion durchgeführt.
HKCR\PROTOCOLS\HANDLER\PROX (PUP.Blabbers) -> Keine Aktion durchgeführt.

Infizierte Registrierungswerte: 3
HKCR\protocols\Handler\base64|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Keine Aktion durchgeführt.
HKCR\protocols\Handler\chrome|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Keine Aktion durchgeführt.
HKCR\protocols\Handler\prox|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Keine Aktion durchgeführt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 1
C:\Program Files (x86)\BrowserCompanion (PUP.Blabbers) -> Keine Aktion durchgeführt.

Infizierte Dateien: 12
C:\Program Files (x86)\BrowserCompanion\jsloader.dll (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Users\Juliana x3\AppData\LocalLow\bbrs_002.tb\content\BCHelper.exe (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\BrowserCompanion\blabbers-ff-full.xpi (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\BrowserCompanion\logo.ico (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\BrowserCompanion\terms.lnk.url (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\BrowserCompanion\toolbar.dll (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\BrowserCompanion\uninstall.exe (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\BrowserCompanion\updater.ini (PUP.Blabbers) -> Keine Aktion durchgeführt.
C:\Program Files (x86)\BrowserCompanion\widgetserv.exe (PUP.Blabbers) -> Keine Aktion durchgeführt.

(Ende)



Danke für Ihre Hilfe.

Gruß
Muschelkram
Hier noch die Daten zum Gerät:
Acer Laptop mit Windows 7
x64 basierter PC
Geändert von muschelkram (22.08.2012 um 15:40 Uhr) Grund: Daten vergessen

Alt 22.08.2012, 15:52   #2
markusg
/// Malware-holic
 
Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen? - Standard

Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen?


hi
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop
  • Starte bitte die
    OTL.exe
    .
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Kopiere nun den Inhalt in die
    Textbox.
Code:
ATTFilter
activex
netsvcs
msconfig
%SYSTEMDRIVE%\*.
%PROGRAMFILES%\*.exe
%LOCALAPPDATA%\*.exe
%systemroot%\*. /mp /s
C:\Windows\system32\*.tsp
/md5start
userinit.exe
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
ws2ifsl.sys
sceclt.dll
ntelogon.dll
winlogon.exe
logevent.dll
user32.DLL
explorer.exe
iaStor.sys
nvstor.sys
atapi.sys
IdeChnDr.sys
viasraid.sys
AGP440.sys
vaxscsi.sys
nvatabus.sys
viamraid.sys
nvata.sys
nvgts.sys
iastorv.sys
ViPrt.sys
eNetHook.dll
ahcix86.sys
KR10N.sys
nvstor32.sys
ahcix86s.sys
/md5stop
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%USERPROFILE%\*.*
%USERPROFILE%\Local Settings\Temp\*.exe
%USERPROFILE%\Local Settings\Temp\*.dll
%USERPROFILE%\Application Data\*.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs
CREATERESTOREPOINT
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Kopiere
    nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread
__________________

__________________
Alt 22.08.2012, 17:43   #3
muschelkram
 
Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen? - Standard

Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen?


Hups, das ging ja fix !
Nur bin ICH leider nicht so schne, und dieses Laptop schon gar nicht.
OT hatte ich vorher schon aufs Desktop geladen, aber in der Aufregung vergesen, die Texte ierher zu kopieren.


Da das mit dem Zippen bei und mit mir leider überhaupt nicht funktioniert hat, schcke ich das mal im Anhang. Immer zu groß .
Ich gebs gleich auf.
Das ist nix für mich !

Sorry.

OTL logfile created on: 21.08.2012 17:25:56 - Run 2
OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\Juliana x3\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

3,80 Gb Total Physical Memory | 2,14 Gb Available Physical Memory | 56,34% Memory free
7,60 Gb Paging File | 5,93 Gb Available in Paging File | 78,14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 281,88 Gb Total Space | 209,19 Gb Free Space | 74,21% Space Free | Partition Type: NTFS

Computer Name: ENTE | User Name: Juliana x3 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - C:\Users\Juliana x3\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Users\Juliana x3\AppData\Roaming\BrowserCompanion\tbhcn.exe ()
PRC - C:\Programme\Web Assistant\ExtensionUpdaterService.exe ()
PRC - C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe (Wajam)
PRC - C:\Programme\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe ()
PRC - C:\Programme\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe ()
PRC - C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe ()
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe (Atheros)
PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated)
PRC - C:\Program Files (x86)\XSManager\WTGService.exe ()
PRC - C:\Program Files (x86)\XSManager\XSManager.exe ()
PRC - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation)
PRC - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe ()
PRC - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe (Intel Corporation)
PRC - C:\Windows\V0640Mon.exe (Creative Technology Ltd.)
PRC - c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Cyberlink\MediaEspresso\DeviceDetector\DeviceDetector.exe (CyberLink)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)


========== Modules (No Company Name) ==========

MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Users\Juliana x3\AppData\Roaming\BrowserCompanion\tbhcn.exe ()
MOD - C:\Programme\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe ()
MOD - C:\Programme\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe ()
MOD - C:\Program Files (x86)\XSManager\WTGXMLUtil.dll ()
MOD - C:\Program Files (x86)\XSManager\WtgUtil.dll ()
MOD - C:\Program Files (x86)\XSManager\WTGSMSPCClient.Dll ()
MOD - C:\Program Files (x86)\XSManager\WtgDetection.dll ()
MOD - C:\Program Files (x86)\XSManager\WtgPorts.dll ()
MOD - C:\Program Files (x86)\XSManager\WtgDialup.dll ()
MOD - C:\Program Files (x86)\XSManager\WtgDriverInstall.dll ()
MOD - C:\Program Files (x86)\XSManager\WTGDriverInstallX.Dll ()
MOD - C:\Program Files (x86)\XSManager\WtgCore.dll ()
MOD - C:\Program Files (x86)\XSManager\WtgBluetooth.dll ()
MOD - C:\Program Files (x86)\XSManager\WtgDatabase.dll ()
MOD - C:\Program Files (x86)\XSManager\WTGDebugs.dll ()
MOD - C:\Program Files (x86)\XSManager\XSManager.exe ()
MOD - C:\Program Files (x86)\XSManager\NDISDirectDial.dll ()
MOD - C:\Program Files (x86)\XSManager\ToolKit.dll ()
MOD - C:\Program Files (x86)\XSManager\LogModule.dll ()
MOD - C:\Program Files (x86)\XSManager\4GSystems_WTGSMSPCClientGer.dll ()
MOD - C:\Program Files (x86)\XSManager\4GSystems_OneClickAssistantGer.dll ()
MOD - C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll ()
MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe ()
MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll ()
MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll ()
MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll ()
MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll ()
MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll ()
MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll ()
MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll ()
MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll ()
MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll ()
MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll ()
MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll ()
MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll ()
MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll ()
MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll ()
MOD - C:\Program Files (x86)\XSManager\sqlite3.dll ()
MOD - C:\Program Files (x86)\XSManager\tinyxml.dll ()


========== Win32 Services (SafeList) ==========

SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (Web Assistant Updater) -- C:\Programme\Web Assistant\ExtensionUpdaterService.exe ()
SRV - (WajamUpdater) -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe (Wajam)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe ()
SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Atheros Commnucations)
SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated)
SRV - (ZAtheros Wlan Agent) -- C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe (Atheros)
SRV - (ePowerSvc) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated)
SRV - (Live Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated)
SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation)
SRV - (WTGService) -- C:\Program Files (x86)\XSManager\WTGService.exe ()
SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation)
SRV - (ZuneWlanCfgSvc) -- C:\Programme\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation)
SRV - (WMZuneComm) -- C:\Programme\Zune\WMZuneComm.exe (Microsoft Corporation)
SRV - (ZuneNetworkSvc) -- C:\Programme\Zune\ZuneNss.exe (Microsoft Corporation)
SRV - (EgisTec Ticket Service) -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe (Egis Technology Inc. )
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (AdobeARMservice) -- c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.)
SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)


========== Driver Services (SafeList) ==========

DRV:64bit: - (cmntnet) -- C:\Windows\SysNative\drivers\cmntnet.sys (Wireless Data Device)
DRV:64bit: - (cmnuusbser) -- C:\Windows\SysNative\drivers\cmnuusbser.sys (Wireless Device)
DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)
DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)
DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)
DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (mcaudrv_simple) -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys (ManyCam LLC)
DRV:64bit: - (RSBASTOR) -- C:\Windows\SysNative\drivers\RtsBaStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (ManyCam) -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys (ManyCam LLC)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (V0640Vid) -- C:\Windows\SysNative\drivers\V0640Vid.sys (Creative Technology Ltd.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NTI Corporation)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NTI Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Babylon Search
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=109958&tt=190712_n_mont_3012_1&babsrc=SP_ss&mntrId=704c667500000000000000a0c6000000
IE - HKCU\..\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}: "URL" = hxxp://www.searchplusnetwork.com/?sp=vit4&q={searchTerms}
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb164/?search={searchTerms}&loc=IB_DS&a=6R8zRb0kIv&i=26
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..CT3018509.browser.search.defaultthis.engineName: true
FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)"
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3018509&SearchSource=2&q="


FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()
FF - HKLM\Software\MozillaPlugins\Adobe Reader: c:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Juliana x3\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found

64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012.07.23 13:32:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012.07.23 13:32:03 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.21 12:39:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

[2012.07.21 12:40:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Juliana x3\AppData\Roaming\mozilla\Extensions
[2012.08.06 20:41:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Juliana x3\AppData\Roaming\mozilla\Firefox\Profiles\8tgq9v2f.default\extensions
[2012.07.28 00:05:45 | 000,000,000 | ---D | M] (Game Master 2.1) -- C:\Users\Juliana x3\AppData\Roaming\mozilla\Firefox\Profiles\8tgq9v2f.default\extensions\{22dfbf5b-a7cd-4b25-9471-3dc68c71855f}
[2012.07.24 16:16:45 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Juliana x3\AppData\Roaming\mozilla\Firefox\Profiles\8tgq9v2f.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.07.21 19:41:47 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Users\Juliana x3\AppData\Roaming\mozilla\Firefox\Profiles\8tgq9v2f.default\extensions\bbrs_002@blabbers.com
[2012.07.24 16:15:39 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Juliana x3\AppData\Roaming\mozilla\Firefox\Profiles\8tgq9v2f.default\extensions\ffxtlbr@babylon.com
[2012.07.23 13:32:11 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Users\Juliana x3\AppData\Roaming\mozilla\Firefox\Profiles\8tgq9v2f.default\extensions\ffxtlbr@incredibar.com
[2012.07.21 21:21:47 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Juliana x3\AppData\Roaming\mozilla\Firefox\Profiles\8tgq9v2f.default\extensions\ich@maltegoetz.de
[2012.07.23 13:31:54 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Juliana x3\AppData\Roaming\mozilla\Firefox\Profiles\8tgq9v2f.default\extensions\plugin@yontoo.com
[2012.07.28 08:41:27 | 000,000,923 | ---- | M] () -- C:\Users\Juliana x3\AppData\Roaming\Mozilla\Firefox\Profiles\8tgq9v2f.default\searchplugins\conduit.xml
[2012.07.23 13:31:52 | 000,002,203 | ---- | M] () -- C:\Users\Juliana x3\AppData\Roaming\Mozilla\Firefox\Profiles\8tgq9v2f.default\searchplugins\MyStart Search.xml
[2012.07.21 19:41:49 | 000,002,792 | ---- | M] () -- C:\Users\Juliana x3\AppData\Roaming\Mozilla\Firefox\Profiles\8tgq9v2f.default\searchplugins\Plusnetwork.xml
[2012.07.22 21:28:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.07.22 21:28:25 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.07.23 13:34:05 | 000,036,333 | ---- | M] () (No name found) -- C:\USERS\JULIANA X3\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8TGQ9V2F.DEFAULT\EXTENSIONS\{5A95A9E0-59DD-4314-BD84-4D18CA83A0E2}.XPI
[2012.07.14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.07.24 16:14:50 | 000,002,363 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.07.14 02:45:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension64.dll ()
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Browser Companion Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll ( )
O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension32.dll ()
O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Browser Companion Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll ( )
O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)
O4:64bit: - HKLM..\Run: [C:\Windows\system32\V0640Ext.ax] C:\Windows\SysNative\V0640Ext.ax (Creative Technology Ltd.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [InstantUpdate] C:\Programme\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe ()
O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Power Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [C:\Windows\SysWOW64\V0640Ext.ax] C:\Windows\SysWOW64\V0640Ext.ax (Creative Technology Ltd.)
O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation)
O4 - HKLM..\Run: [V0640Mon.exe] C:\Windows\V0640Mon.exe (Creative Technology Ltd.)
O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
O4 - Startup: C:\Users\Juliana x3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk = C:\Users\Juliana x3\AppData\Roaming\BrowserCompanion\tbhcn.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Juliana x3\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube Download - C:\Users\Juliana x3\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.74.210.210 10.74.210.211
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1923A337-52E2-46FD-BAD4-0FE05C477ADC}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{26125EF1-A377-4746-A693-B10BD08E57A1}: DhcpNameServer = 10.74.210.210 10.74.210.211
O18:64bit: - Protocol\Handler\base64 - No CLSID value found
O18:64bit: - Protocol\Handler\chrome - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\prox - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\E\Shell - "" = AutoRun
O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\XSManagerinstallation.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012.08.21 15:37:58 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\Desktop\System
[2012.08.21 15:15:45 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Juliana x3\Desktop\OTL.exe
[2012.08.21 13:04:03 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Roaming\Malwarebytes
[2012.08.21 13:03:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.08.21 13:03:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2012.08.21 13:03:33 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.08.21 13:03:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2012.08.21 10:54:24 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\Diagnostics
[2012.08.20 10:50:34 | 000,000,000 | ---D | C] -- C:\209b4ba434fb60ca06
[2012.08.20 10:48:40 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\ElevatedDiagnostics
[2012.08.19 21:00:19 | 000,000,000 | RHSD | C] -- C:\Users\Juliana x3\M-10-6897-8685-3464
[2012.08.16 23:42:59 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\Dies das
[2012.08.16 16:44:49 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\Google
[2012.08.09 23:59:31 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{0F087850-80E9-4C6B-B8F6-3447A3886EC4}
[2012.08.09 23:59:19 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{968A2331-6A0C-4228-996F-1D5D01A93906}
[2012.08.08 22:30:03 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft
[2012.08.08 22:30:02 | 000,000,000 | R--D | C] -- C:\Users\Juliana x3\Podcasts
[2012.08.08 22:28:32 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\Cyberlink
[2012.08.08 22:28:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ms-MY
[2012.08.08 22:27:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune
[2012.08.08 22:27:37 | 000,000,000 | ---D | C] -- C:\Program Files\Zune
[2012.08.06 11:02:51 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{9F0EA29D-A0DF-4BF6-8048-8177D62D2F46}
[2012.08.06 11:02:41 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{5B185BFA-1AE0-4372-9E8C-E8F72C88377B}
[2012.08.05 16:04:12 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Roaming\WildTangent
[2012.08.05 13:41:31 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{9040C9C7-2D49-4EF5-A53A-F42DEEFFC7F1}
[2012.08.05 13:39:23 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{5BAF4CBD-3A94-4B73-831F-4B2A60BA81B4}
[2012.08.04 07:54:33 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{BBE27A26-1A57-4F5E-B7E7-8A58017FD4A6}
[2012.08.03 21:57:02 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{8C142544-9FFC-4449-AA65-5C4B2E36B399}
[2012.08.03 18:54:56 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\Microsoft Games
[2012.08.02 20:47:38 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{5DDBE5D1-26E0-46E8-B176-D815C44A4F6F}
[2012.08.02 20:47:38 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{3541B706-7CB2-436B-8006-66D8DF2A153D}
[2012.08.01 08:53:32 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{9B6D1DAA-CBAB-4F24-AE3B-1FACCE8D4C2A}
[2012.08.01 08:52:24 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{C5C0D6F3-32C0-4AFF-B901-A01890BE0D3A}
[2012.07.31 22:18:21 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{5C2D9CAB-7276-4747-B247-A530592386E8}
[2012.07.31 20:14:48 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{52562437-6B8C-40BE-AEC2-91D32C354948}
[2012.07.31 20:02:58 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{C8FCDBD3-39AA-4785-9694-2BCA332D2A17}
[2012.07.31 12:20:30 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{D0CD6401-20EF-47DC-8CDD-16B518020CBA}
[2012.07.30 21:10:02 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{D00C72CF-9162-4396-9AF5-882AA75A4E9B}
[2012.07.30 21:08:22 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{81AADDF1-368E-408E-90B6-E49C545922FA}
[2012.07.29 22:36:49 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{C7DBFDBD-962C-4FFA-A682-A6E03A888710}
[2012.07.29 18:57:31 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{D3507E2D-5224-4D0E-AE5E-81D5B5C3923D}
[2012.07.29 18:55:05 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{46116EA7-F488-4225-BBFD-4A5274126A97}
[2012.07.29 17:52:46 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{E75B59B3-96A0-4B31-9846-4C00831880BC}
[2012.07.28 11:04:15 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{EF6ED102-E578-46F4-9511-C1484144168D}
[2012.07.28 11:03:54 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{FF76FB70-BD44-4294-8F75-8D8C2E43DF11}
[2012.07.28 00:12:27 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
[2012.07.28 00:12:15 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\Documents\VirtualDJ
[2012.07.28 00:12:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualDJ
[2012.07.27 23:01:45 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{D188D6AA-2A50-4272-8C16-FD3F1CF1D7F5}
[2012.07.27 23:01:33 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{7A29DC6E-143F-4A73-8FE1-7461D49DE271}
[2012.07.27 20:33:15 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\Desktop\FB
[2012.07.27 12:59:35 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{E58EC932-9FAA-455E-AE63-140A2E4B4C0E}
[2012.07.27 11:01:07 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{4769FC44-2A87-49E2-A660-33F1B0F67767}
[2012.07.27 10:52:38 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{D1E8A74E-C8EA-4049-94FA-576F283E0DF3}
[2012.07.27 10:47:02 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{0339D831-721A-4F5A-8027-1F6E599DB3D2}
[2012.07.26 15:38:44 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{C116445B-CE1C-47CA-A693-08A1CF604556}
[2012.07.26 15:38:32 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{CFB2FB7F-627C-47D6-8633-839832D57123}
[2012.07.26 14:58:36 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{4A0FE9A3-B9C6-4610-822F-63A341697EFD}
[2012.07.26 14:52:57 | 000,000,000 | ---D | C] -- C:\Windows\de
[2012.07.26 14:50:01 | 000,000,000 | ---D | C] -- C:\Windows\pt-pt
[2012.07.26 14:49:54 | 000,000,000 | ---D | C] -- C:\Windows\ar
[2012.07.26 14:49:49 | 000,000,000 | ---D | C] -- C:\Windows\bg
[2012.07.26 14:49:44 | 000,000,000 | ---D | C] -- C:\Windows\cs
[2012.07.26 14:49:40 | 000,000,000 | ---D | C] -- C:\Windows\da
[2012.07.26 14:49:35 | 000,000,000 | ---D | C] -- C:\Windows\el
[2012.07.26 14:49:31 | 000,000,000 | ---D | C] -- C:\Windows\en
[2012.07.26 14:49:26 | 000,000,000 | ---D | C] -- C:\Windows\es
[2012.07.26 14:49:21 | 000,000,000 | ---D | C] -- C:\Windows\fi
[2012.07.26 14:49:17 | 000,000,000 | ---D | C] -- C:\Windows\fr
[2012.07.26 14:49:13 | 000,000,000 | ---D | C] -- C:\Windows\he
[2012.07.26 14:49:08 | 000,000,000 | ---D | C] -- C:\Windows\hr
[2012.07.26 14:49:03 | 000,000,000 | ---D | C] -- C:\Windows\hu
[2012.07.26 14:48:58 | 000,000,000 | ---D | C] -- C:\Windows\it
[2012.07.26 14:48:54 | 000,000,000 | ---D | C] -- C:\Windows\nl
[2012.07.26 14:48:49 | 000,000,000 | ---D | C] -- C:\Windows\no
[2012.07.26 14:48:44 | 000,000,000 | ---D | C] -- C:\Windows\pl
[2012.07.26 14:48:39 | 000,000,000 | ---D | C] -- C:\Windows\pt-br
[2012.07.26 14:48:35 | 000,000,000 | ---D | C] -- C:\Windows\ro
[2012.07.26 14:48:30 | 000,000,000 | ---D | C] -- C:\Windows\ru
[2012.07.26 14:48:25 | 000,000,000 | ---D | C] -- C:\Windows\sk
[2012.07.26 14:48:20 | 000,000,000 | ---D | C] -- C:\Windows\sl
[2012.07.26 14:48:16 | 000,000,000 | ---D | C] -- C:\Windows\sv
[2012.07.26 14:48:11 | 000,000,000 | ---D | C] -- C:\Windows\th
[2012.07.26 14:48:06 | 000,000,000 | ---D | C] -- C:\Windows\tr
[2012.07.26 14:48:02 | 000,000,000 | ---D | C] -- C:\Windows\zh-tw
[2012.07.26 14:47:56 | 000,000,000 | ---D | C] -- C:\Windows\ca
[2012.07.26 14:23:37 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{0DFA0B56-67BD-48A3-A961-08B80638516E}
[2012.07.26 14:21:29 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{B4FE279B-91C7-4126-B122-EBF6D74780B2}
[2012.07.25 20:50:31 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{111053C4-9F54-4C58-A40D-FA8D45D83A79}
[2012.07.25 20:47:52 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{F9C5D0A1-A4A9-4BB4-829B-A6DFC82BDBE7}
[2012.07.25 20:42:50 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{53C303E8-F52A-47CF-83C9-E01E5714F6AC}
[2012.07.25 19:37:59 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{5AFA6F49-BA58-471E-B65C-2F4BD76666FE}
[2012.07.25 19:37:47 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{C9FEE6EC-130F-495C-A44F-E88414C3E32D}
[2012.07.25 19:37:36 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{7E710058-03DA-456A-9880-6419B39C2880}
[2012.07.25 19:37:26 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{DF1DC2B1-8EA0-4B43-8F98-0345E32A1216}
[2012.07.25 19:37:15 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{CBED6339-8D06-40BE-AF6C-D021E1B0C41A}
[2012.07.25 19:37:03 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{DF9AA097-9373-4ACF-BCC5-9046BEC4DDDA}
[2012.07.25 19:36:32 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{F2E8DA6A-FCED-4239-B943-8B02C30966AA}
[2012.07.25 19:36:21 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{B36C2C6E-2A02-4712-8A9E-2EC5B9DCA41E}
[2012.07.25 19:36:10 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{FF4E3861-A98D-48EF-AD45-AD468C1AFED3}
[2012.07.25 19:35:59 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{D55FA49E-4F65-4064-90FE-2BD1FD03D64E}
[2012.07.25 19:35:46 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{368989C3-B1D4-430A-BCAB-698B72456096}
[2012.07.25 19:35:34 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{5D0CB388-FE9D-4C68-992A-57AFA80339EE}
[2012.07.25 19:35:24 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{F639FE54-15EC-4071-AAE2-60346EC62D1C}
[2012.07.25 19:35:12 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{34650857-0C69-47B3-9522-95215E8B0C0E}
[2012.07.25 19:34:59 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{02AA87A2-923A-4F91-B4F8-3BB981317672}
[2012.07.25 19:34:47 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{E90C61A9-8FA0-4C43-B9F6-15A0CE7F9F2F}
[2012.07.25 19:31:45 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{D497D35C-A262-4279-BBB8-34945675EBCE}
[2012.07.25 19:31:34 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{CF3DB857-CDC0-4840-84E6-30F97E90E0AB}
[2012.07.25 18:57:52 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{868AC950-2F0C-4437-9B2C-2EE32B30E9A4}
[2012.07.25 16:37:50 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{8B3D311B-34AA-4077-B865-39E2A881B78D}
[2012.07.25 16:30:46 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{4D1F3180-60BA-46FD-B0D0-5364C002BB14}
[2012.07.25 16:28:34 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{878F479D-6165-4720-BF5B-89F59F2B7105}
[2012.07.25 16:27:43 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{44D21341-355A-4083-85AA-1CA7D0FA2D04}
[2012.07.25 16:27:27 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\Tracing
[2012.07.25 16:24:00 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{1742E983-1BAC-45E5-A258-656704EF9AFE}
[2012.07.25 16:20:20 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{EAF84193-8C57-4005-8101-C3525267CC85}
[2012.07.25 16:20:07 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{BF25A10E-E2F4-4FD2-9706-39898E312F63}
[2012.07.25 16:19:08 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{5EEACB44-4E4A-43B5-A9C2-D0814436F9EE}
[2012.07.25 16:15:40 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{F17D2D97-034D-4528-A549-96CA4FE4039C}
[2012.07.25 16:14:59 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{20B03CEB-F884-445E-BFD2-338CF8787DBD}
[2012.07.24 21:04:35 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\Windows Live
[2012.07.24 21:04:35 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{44C2470E-C096-4857-A503-1DCEBD3D6109}
[2012.07.24 21:04:17 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{01C4052B-A21B-4374-B8D0-9DDAA8843E3E}
[2012.07.24 21:03:17 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\Adobe
[2012.07.24 20:40:59 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\Facebook
[2012.07.24 16:23:09 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\InstallShare
[2012.07.24 16:16:44 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.07.24 16:16:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2012.07.24 16:16:39 | 000,405,144 | ---- | C] (Newtonsoft) -- C:\Windows\SysWow64\Newtonsoft.Json.Net20.dll
[2012.07.24 16:15:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2012.07.24 16:15:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2012.07.24 16:14:59 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Roaming\DVDVideoSoft
[2012.07.24 16:14:44 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Roaming\Babylon
[2012.07.24 16:14:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012.07.24 11:34:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2012.07.24 11:34:40 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2012.07.24 11:12:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client
[2012.07.24 11:12:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client
[2012.07.23 13:32:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask
[2012.07.23 13:32:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Incredibar.com
[2012.07.23 13:32:02 | 000,000,000 | ---D | C] -- C:\Program Files\Web Assistant
[2012.07.23 13:31:55 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
[2012.07.23 13:31:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yontoo
[2012.07.23 13:31:53 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\Wajam
[2012.07.23 13:31:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wajam
[2012.07.23 13:31:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2012.07.22 21:33:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET
[2012.07.22 21:27:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2012.07.22 21:27:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype

========== Files - Modified Within 30 Days ==========

[2012.08.21 17:30:00 | 000,000,396 | ---- | M] () -- C:\Windows\tasks\Acer Registration - Reminder Recall task.job
[2012.08.21 17:13:11 | 001,505,034 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.08.21 17:13:11 | 000,656,266 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.08.21 17:13:11 | 000,618,108 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.08.21 17:13:11 | 000,131,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.08.21 17:13:11 | 000,107,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.08.21 16:46:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.21 16:22:05 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2970694026-3300511978-113912794-1000UA.job
[2012.08.21 15:46:30 | 000,000,000 | ---- | M] () -- C:\Users\Juliana x3\defogger_reenable
[2012.08.21 15:45:36 | 000,050,477 | ---- | M] () -- C:\Users\Juliana x3\Desktop\Defogger.exe
[2012.08.21 15:17:02 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Juliana x3\Desktop\OTL.exe
[2012.08.21 15:06:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.08.21 13:22:00 | 000,000,926 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2970694026-3300511978-113912794-1000Core.job
[2012.08.21 13:03:35 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.08.21 11:41:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2012.08.21 11:28:15 | 000,024,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.08.21 11:28:15 | 000,024,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.08.21 11:09:05 | 000,001,931 | ---- | M] () -- C:\Users\Public\Desktop\XSManager.lnk
[2012.08.21 11:09:01 | 000,141,824 | ---- | M] (Wireless Data Device) -- C:\Windows\SysNative\drivers\cmntnet.sys
[2012.08.21 11:09:01 | 000,133,120 | ---- | M] (C-motech Co.,Ltd.) -- C:\Windows\SysNative\drivers\cm_netamd.sys
[2012.08.21 11:09:01 | 000,123,904 | ---- | M] (Wireless Device) -- C:\Windows\SysNative\drivers\cmnuusbser.sys
[2012.08.21 11:09:01 | 000,118,272 | ---- | M] (C-motech Co.,Ltd.) -- C:\Windows\SysNative\drivers\cm_seramd.sys
[2012.08.21 11:09:01 | 000,117,888 | ---- | M] (Mobile Connector) -- C:\Windows\SysNative\drivers\cmnsusbser.sys
[2012.08.21 11:09:01 | 000,112,640 | ---- | M] (C-motech Co.,Ltd.) -- C:\Windows\SysNative\drivers\cm_net32.sys
[2012.08.21 11:09:01 | 000,103,680 | ---- | M] (C-motech Co.,Ltd.) -- C:\Windows\SysNative\drivers\cm_ser32.sys
[2012.08.21 11:09:01 | 000,101,056 | ---- | M] () -- C:\Windows\SysNative\drivers\dvb_nova_12mhz_b0.inp
[2012.08.21 11:09:01 | 000,092,456 | ---- | M] () -- C:\Windows\SysNative\drivers\isdbt_nova_12mhz_b0.inp
[2012.08.21 11:09:01 | 000,079,036 | ---- | M] () -- C:\Windows\SysNative\drivers\tdmb_nova_12mhz_b0.inp
[2012.08.21 11:09:01 | 000,063,648 | ---- | M] (Siano) -- C:\Windows\SysNative\drivers\smsbda.sys
[2012.08.21 11:09:01 | 000,000,040 | ---- | M] () -- C:\Windows\SysNative\drivers\smsbda.cfg
[2012.08.21 10:24:41 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2012.08.21 10:23:45 | 3058,905,088 | -HS- | M] () -- C:\hiberfil.sys
[2012.08.19 22:56:09 | 000,000,848 | ---- | M] () -- C:\Users\Juliana x3\Desktop\geschichte.rtf
[2012.08.16 16:26:03 | 000,283,160 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.08.08 22:28:05 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_ZuneDriver_01_09_00.Wdf
[2012.08.08 22:28:05 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2012.08.08 22:27:43 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\Zune.lnk
[2012.08.03 19:29:31 | 000,001,414 | ---- | M] () -- C:\Users\Juliana x3\Documents\Für Charlo.rtf
[2012.08.03 19:19:02 | 000,000,136 | ---- | M] () -- C:\Users\Juliana x3\Desktop\Spider Solitär - Verknüpfung.lnk
[2012.07.28 10:55:00 | 000,138,372 | ---- | M] () -- C:\Users\Juliana x3\Documents\40.ter.wlmp
[2012.07.28 00:12:27 | 000,001,050 | ---- | M] () -- C:\Users\Juliana x3\Desktop\VirtualDJ Home FREE.lnk
[2012.07.27 23:32:29 | 000,002,848 | ---- | M] () -- C:\Users\Juliana x3\Documents\spermien.wlmp
[2012.07.27 20:40:19 | 000,007,168 | -H-- | M] () -- C:\Users\Juliana x3\Desktop\photothumb.db
[2012.07.26 19:28:38 | 000,009,187 | ---- | M] () -- C:\Users\Juliana x3\Documents\Unten und oben.wlmp
[2012.07.24 16:16:41 | 000,001,306 | ---- | M] () -- C:\Users\Juliana x3\Desktop\Free YouTube Download.lnk
[2012.07.24 16:15:12 | 000,000,765 | ---- | M] () -- C:\user.js
[2012.07.24 11:34:42 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.07.24 11:13:02 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif
[2012.07.24 11:12:56 | 001,526,948 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.07.22 21:27:32 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk

========== Files Created - No Company Name ==========

[2012.08.21 15:46:30 | 000,000,000 | ---- | C] () -- C:\Users\Juliana x3\defogger_reenable
[2012.08.21 15:45:36 | 000,050,477 | ---- | C] () -- C:\Users\Juliana x3\Desktop\Defogger.exe
[2012.08.21 13:03:35 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2012.08.20 10:43:42 | 000,001,919 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
[2012.08.09 06:13:34 | 000,000,848 | ---- | C] () -- C:\Users\Juliana x3\Desktop\geschichte.rtf
[2012.08.08 22:28:05 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_ZuneDriver_01_09_00.Wdf
[2012.08.08 22:28:05 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUSB_01009.Wdf
[2012.08.08 22:27:43 | 000,000,931 | ---- | C] () -- C:\Users\Public\Desktop\Zune.lnk
[2012.08.03 19:29:31 | 000,001,414 | ---- | C] () -- C:\Users\Juliana x3\Documents\Für Charlo.rtf
[2012.08.03 19:19:02 | 000,000,136 | ---- | C] () -- C:\Users\Juliana x3\Desktop\Spider Solitär - Verknüpfung.lnk
[2012.07.28 00:12:27 | 000,001,050 | ---- | C] () -- C:\Users\Juliana x3\Desktop\VirtualDJ Home FREE.lnk
[2012.07.27 23:32:29 | 000,002,848 | ---- | C] () -- C:\Users\Juliana x3\Documents\spermien.wlmp
[2012.07.27 20:40:18 | 000,007,168 | -H-- | C] () -- C:\Users\Juliana x3\Desktop\photothumb.db
[2012.07.25 17:24:50 | 000,138,372 | ---- | C] () -- C:\Users\Juliana x3\Documents\40.ter.wlmp
[2012.07.25 16:36:51 | 000,009,187 | ---- | C] () -- C:\Users\Juliana x3\Documents\Unten und oben.wlmp
[2012.07.24 20:41:04 | 000,000,948 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2970694026-3300511978-113912794-1000UA.job
[2012.07.24 20:41:04 | 000,000,926 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2970694026-3300511978-113912794-1000Core.job
[2012.07.24 16:16:41 | 000,001,306 | ---- | C] () -- C:\Users\Juliana x3\Desktop\Free YouTube Download.lnk
[2012.07.24 11:34:42 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2012.07.24 11:13:02 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif
[2012.07.24 11:12:56 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.07.23 13:32:11 | 000,000,765 | ---- | C] () -- C:\user.js
[2012.07.22 21:27:32 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2012.05.12 17:22:50 | 000,000,267 | ---- | C] () -- C:\Windows\LaunApp.ini
[2012.05.12 17:11:35 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2012.05.12 17:11:35 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2012.05.12 17:11:33 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2012.05.12 17:11:33 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.05.12 17:11:32 | 013,212,672 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2012.05.12 17:09:52 | 000,001,332 | ---- | C] () -- C:\Windows\WPatchProgress.ini
[2012.03.28 20:27:10 | 000,002,048 | -HS- | C] () -- C:\Users\Juliana x3\AppData\Local\{4069bdaa-51af-876b-cd71-6805ef685e58}\@
[2012.03.28 20:13:21 | 000,000,445 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2012.03.28 20:13:21 | 000,000,395 | ---- | C] () -- C:\Windows\WisPriority.ini
[2012.03.28 20:13:21 | 000,000,168 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2012.02.02 22:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== LOP Check ==========

[2012.07.24 16:14:44 | 000,000,000 | ---D | M] -- C:\Users\Juliana x3\AppData\Roaming\Babylon
[2012.08.21 17:26:32 | 000,000,000 | ---D | M] -- C:\Users\Juliana x3\AppData\Roaming\BrowserCompanion
[2012.07.21 12:15:51 | 000,000,000 | ---D | M] -- C:\Users\Juliana x3\AppData\Roaming\clear.fiMVPSDK20
[2012.07.24 16:17:07 | 000,000,000 | ---D | M] -- C:\Users\Juliana x3\AppData\Roaming\DVDVideoSoft
[2012.07.24 16:16:45 | 000,000,000 | ---D | M] -- C:\Users\Juliana x3\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.07.21 12:19:56 | 000,000,000 | ---D | M] -- C:\Users\Juliana x3\AppData\Roaming\FoozKids
[2012.08.21 20:22:42 | 000,000,000 | ---D | M] -- C:\Users\Juliana x3\AppData\Roaming\PhotoScape
[2012.07.21 12:12:39 | 000,000,000 | ---D | M] -- C:\Users\Juliana x3\AppData\Roaming\Screensaver
[2012.07.21 12:12:44 | 000,000,000 | ---D | M] -- C:\Users\Juliana x3\AppData\Roaming\Synaptics
[2012.08.05 16:04:13 | 000,000,000 | ---D | M] -- C:\Users\Juliana x3\AppData\Roaming\WildTangent
[2012.07.31 20:43:50 | 000,000,000 | ---D | M] -- C:\Users\Juliana x3\AppData\Roaming\XSManager
[2012.08.21 17:30:00 | 000,000,396 | ---- | M] () -- C:\Windows\Tasks\Acer Registration - Reminder Recall task.job
[2012.08.21 13:22:00 | 000,000,926 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2970694026-3300511978-113912794-1000Core.job
[2012.08.21 16:22:05 | 000,000,948 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2970694026-3300511978-113912794-1000UA.job
[2012.08.21 10:24:41 | 000,000,828 | ---- | M] () -- C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2012.08.21 11:41:00 | 000,000,830 | ---- | M] () -- C:\Windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2009.07.14 07:08:49 | 000,024,380 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



========== Custom Scans ==========

< OTL logfile created on: 21.08.2012 17:13:33 - Run 2 >

< OTL by OldTimer - Version 3.2.58.1 Folder = C:\Users\Juliana x3\Desktop >

< 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation >

< Internet Explorer (Version = 9.0.8112.16421) >

< Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy >

< >

< 3,80 Gb Total Physical Memory | 1,94 Gb Available Physical Memory | 51,18% Memory free >

< 7,60 Gb Paging File | 5,67 Gb Available in Paging File | 74,67% Paging File free >

< Paging file location(s): ?:\pagefile.sys [binary data] >

< >

< %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) >

< Drive C: | 281,88 Gb Total Space | 209,19 Gb Free Space | 74,21% Space Free | Partition Type: NTFS >

< >

< Computer Name: ENTE | User Name: Juliana x3 | Logged in as Administrator. >

< Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans >

< Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days >

< >

< ========== Processes (SafeList) ========== >
Invalid Switch: color]

< >

< PRC - C:\Users\Juliana x3\Desktop\OTL.exe (OldTimer Tools) >

< PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_271.exe (Adobe Systems, Inc.) >

< PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation) >

< PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.) >

< PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) >

< PRC - C:\Users\Juliana x3\AppData\Roaming\BrowserCompanion\tbhcn.exe () >

< PRC - C:\Programme\Web Assistant\ExtensionUpdaterService.exe () >

< PRC - C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe (Wajam) >

< PRC - C:\Programme\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe () >

< PRC - C:\Programme\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe () >

< PRC - C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Dritek System Inc.) >

< PRC - C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.) >

< PRC - C:\Program Files (x86)\Launch Manager\LMworker.exe (Dritek System Inc.) >

< PRC - C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) >

< PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) >

< PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) >

< PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe () >

< PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) >

< PRC - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated) >

< PRC - C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe (Atheros) >

< PRC - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) >

< PRC - C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated) >

< PRC - C:\Program Files (x86)\XSManager\WTGService.exe () >

< PRC - C:\Program Files (x86)\XSManager\XSManager.exe () >

< PRC - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation) >

< PRC - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation) >

< PRC - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe () >

< PRC - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\ismagent.exe (Intel Corporation) >

< PRC - C:\Windows\V0640Mon.exe (Creative Technology Ltd.) >

< PRC - c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) >

< PRC - C:\Program Files (x86)\Cyberlink\MediaEspresso\DeviceDetector\DeviceDetector.exe (CyberLink) >

< PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) >

< >

< >

< ========== Modules (No Company Name) ========== >
Invalid Switch: color]

< >

< MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll () >

< MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll () >

< MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll () >

< MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll () >

< MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll () >

< MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll () >

< MOD - C:\Users\Juliana x3\AppData\Roaming\BrowserCompanion\tbhcn.exe () >

< MOD - C:\Programme\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe () >

< MOD - C:\Programme\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe () >

< MOD - C:\Program Files (x86)\XSManager\WTGXMLUtil.dll () >

< MOD - C:\Program Files (x86)\XSManager\WtgUtil.dll () >

< MOD - C:\Program Files (x86)\XSManager\WTGSMSPCClient.Dll () >

< MOD - C:\Program Files (x86)\XSManager\WtgDetection.dll () >

< MOD - C:\Program Files (x86)\XSManager\WtgPorts.dll () >

< MOD - C:\Program Files (x86)\XSManager\WtgDialup.dll () >

< MOD - C:\Program Files (x86)\XSManager\WtgDriverInstall.dll () >

< MOD - C:\Program Files (x86)\XSManager\WTGDriverInstallX.Dll () >

< MOD - C:\Program Files (x86)\XSManager\WtgCore.dll () >

< MOD - C:\Program Files (x86)\XSManager\WtgBluetooth.dll () >

< MOD - C:\Program Files (x86)\XSManager\WtgDatabase.dll () >

< MOD - C:\Program Files (x86)\XSManager\WTGDebugs.dll () >

< MOD - C:\Program Files (x86)\XSManager\XSManager.exe () >

< MOD - C:\Program Files (x86)\XSManager\NDISDirectDial.dll () >

< MOD - C:\Program Files (x86)\XSManager\ToolKit.dll () >

< MOD - C:\Program Files (x86)\XSManager\LogModule.dll () >

< MOD - C:\Program Files (x86)\XSManager\4GSystems_WTGSMSPCClientGer.dll () >

< MOD - C:\Program Files (x86)\XSManager\4GSystems_OneClickAssistantGer.dll () >

< MOD - C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll () >

< MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\updateui.exe () >

< MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\plugin\PServerPlugin.dll () >

< MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\featureController.dll () >

< MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\DeviceProfile.dll () >

< MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\eventsSender.dll () >

< MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\log4cplus.dll () >

< MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\libgsoap.dll () >

< MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\sqlite3.dll () >

< MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtGui4.dll () >

< MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtXml4.dll () >

< MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtCore4.dll () >

< MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtNetwork4.dll () >

< MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\zlib1.dll () >

< MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\QtWebKit4.dll () >

< MOD - C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\phonon4.dll () >

< MOD - C:\Program Files (x86)\XSManager\sqlite3.dll () >

< MOD - C:\Program Files (x86)\XSManager\tinyxml.dll () >

< >

< >

< ========== Win32 Services (SafeList) ========== >
Invalid Switch: color]

< >

< SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) >

< SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) >

< SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) >

< SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.) >

< SRV - (Web Assistant Updater) -- C:\Programme\Web Assistant\ExtensionUpdaterService.exe () >

< SRV - (WajamUpdater) -- C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe (Wajam) >

< SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation) >

< SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.) >

< SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation) >

< SRV - (MsMpSvc) -- c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation) >

< SRV - (DsiWMIService) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.) >

< SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) >

< SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) >

< SRV - (Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe () >

< SRV - (jhi_service) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) >

< SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\adminservice.exe (Atheros Commnucations) >

< SRV - (GREGService) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated) >

< SRV - (ZAtheros Wlan Agent) -- C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe (Atheros) >

< SRV - (ePowerSvc) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated) >

< SRV - (Live Updater Service) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe (Acer Incorporated) >

< SRV - (Intel(R) -- C:\Programme\Intel\iCLS Client\HeciServer.exe (Intel(R) Corporation) >

< SRV - (WTGService) -- C:\Program Files (x86)\XSManager\WTGService.exe () >

< SRV - (NTI IScheduleSvc) -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe (NTI Corporation) >

< SRV - (ZuneWlanCfgSvc) -- C:\Programme\Zune\ZuneWlanCfgSvc.exe (Microsoft Corporation) >

< SRV - (WMZuneComm) -- C:\Programme\Zune\WMZuneComm.exe (Microsoft Corporation) >

< SRV - (ZuneNetworkSvc) -- C:\Programme\Zune\ZuneNss.exe (Microsoft Corporation) >

< SRV - (EgisTec Ticket Service) -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe (Egis Technology Inc. ) >

< SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.) >

< SRV - (AdobeARMservice) -- c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) >

< SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation) >

< SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) >

< SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.) >

< SRV - (wlcrasvc) -- C:\Programme\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) >

< SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) >

< SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) >

< >

< >

< ========== Driver Services (SafeList) ========== >
Invalid Switch: color]

< >

< DRV:64bit: - (cmntnet) -- C:\Windows\SysNative\drivers\cmntnet.sys (Wireless Data Device) >
Invalid Switch: b] - (cmntnet) -- C:\Windows\SysNative\drivers\cmntnet.sys (Wireless Data Device)

< DRV:64bit: - (cmnuusbser) -- C:\Windows\SysNative\drivers\cmnuusbser.sys (Wireless Device) >
Invalid Switch: b] - (cmnuusbser) -- C:\Windows\SysNative\drivers\cmnuusbser.sys (Wireless Device)

< DRV:64bit: - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.) >
Invalid Switch: b] - (mwlPSDVDisk) -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys (Egis Technology Inc.)

< DRV:64bit: - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.) >
Invalid Switch: b] - (mwlPSDFilter) -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys (Egis Technology Inc.)

< DRV:64bit: - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.) >
Invalid Switch: b] - (mwlPSDNServ) -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys (Egis Technology Inc.)

< DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) >
Invalid Switch: b] - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)

< DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation) >
Invalid Switch: b] - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)

< DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) >
Invalid Switch: b] - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )

< DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros) >
Invalid Switch: b] - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)

< DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros) >
Invalid Switch: b] - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)

< DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros) >
Invalid Switch: b] - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)

< DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros) >
Invalid Switch: b] - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)

< DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros) >
Invalid Switch: b] - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)

< DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros) >
Invalid Switch: b] - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)

< DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Atheros) >
Invalid Switch: b] - (btath_avdt) -- C:\Windows\SysNative\drivers\btath_avdt.sys (Atheros)

< DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros) >
Invalid Switch: b] - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)

< DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated) >
Invalid Switch: b] - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)

< DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) >
Invalid Switch: b] - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)

< DRV:64bit: - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation) >
Invalid Switch: b] - (iusb3xhc) -- C:\Windows\SysNative\drivers\iusb3xhc.sys (Intel Corporation)

< DRV:64bit: - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation) >
Invalid Switch: b] - (iusb3hub) -- C:\Windows\SysNative\drivers\iusb3hub.sys (Intel Corporation)

< DRV:64bit: - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation) >
Invalid Switch: b] - (iusb3hcs) -- C:\Windows\SysNative\drivers\iusb3hcs.sys (Intel Corporation)

< DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Qualcomm Atheros Communications, Inc.) >
Invalid Switch: b] - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Qualcomm Atheros Communications, Inc.)

< DRV:64bit: - (mcaudrv_simple) -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys (ManyCam LLC) >
Invalid Switch: b] - (mcaudrv_simple) -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys (ManyCam LLC)

< DRV:64bit: - (RSBASTOR) -- C:\Windows\SysNative\drivers\RtsBaStor.sys (Realtek Semiconductor Corp.) >
Invalid Switch: b] - (RSBASTOR) -- C:\Windows\SysNative\drivers\RtsBaStor.sys (Realtek Semiconductor Corp.)

< DRV:64bit: - (ManyCam) -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys (ManyCam LLC) >
Invalid Switch: b] - (ManyCam) -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys (ManyCam LLC)

< DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation) >
Invalid Switch: b] - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)

< DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) >
Invalid Switch: b] - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)

< DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) >
Invalid Switch: b] - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)

< DRV:64bit: - (V0640Vid) -- C:\Windows\SysNative\drivers\V0640Vid.sys (Creative Technology Ltd.) >
Invalid Switch: b] - (V0640Vid) -- C:\Windows\SysNative\drivers\V0640Vid.sys (Creative Technology Ltd.)

< DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) >
Invalid Switch: b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)

< DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) >
Invalid Switch: b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)

< DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) >
Invalid Switch: b] - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)

< DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) >
Invalid Switch: b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)

< DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) >
Invalid Switch: b] - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)

< DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NTI Corporation) >
Invalid Switch: b] - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NTI Corporation)

< DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NTI Corporation) >
Invalid Switch: b] - (NTIDrvr) -- C:\Windows\SysNative\drivers\NTIDrvr.sys (NTI Corporation)

< DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) >
Invalid Switch: b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)

< DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) >
Invalid Switch: b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)

< DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) >
Invalid Switch: b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)

< DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) >
Invalid Switch: b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)

< DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) >
Invalid Switch: b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)

< DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) >
Invalid Switch: b] - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)

< DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) >
Invalid Switch: b] - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)

< DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) >

< >

< >

< ========== Standard Registry (SafeList) ========== >
Invalid Switch: color]

< >

< >

< ========== Internet Explorer ========== >
Invalid Switch: color]

< >

< IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN >
Invalid Switch: acer.msn.com

< IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN >
Invalid Switch: acer.msn.com

< IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} >
Invalid Switch: b] - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

< IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox >

< IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN >
Invalid Switch: acer.msn.com

< IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm >

< IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN >
Invalid Switch: acer.msn.com

< IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A} >

< IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=AARTDF&pc=MAAR&src=IE-SearchBox >

< >

< IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN Deutschland: Hotmail, Skype Download und Messenger sowie Nachrichten, Unterhaltung, Video, Sport, Lifestyle, Finanzen, Auto uvm. bei MSN >
Invalid Switch: acer.msn.com

< IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Babylon Search >
Invalid Switch: ?affID=109958&tt=190712_n_mont_3012_1&babsrc=HP_ss&mntrId=704c667500000000000000a0c6000000

< IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} >

< IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=109958&tt=190712_n_mont_3012_1&babsrc=SP_ss&mntrId=704c667500000000000000a0c6000000 >

< IE - HKCU\..\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}: "URL" = hxxp://www.searchplusnetwork.com/?sp=vit4&q={searchTerms} >

< IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredibar.com/mb164/?search={searchTerms}&loc=IB_DS&a=6R8zRb0kIv&i=26 >

< IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 >

< >

< ========== FireFox ========== >
Invalid Switch: color]

< >

< FF - prefs.js..CT3018509.browser.search.defaultthis.engineName: true >

< FF - prefs.js..browser.search.defaultenginename: "Search the web (Babylon)" >

< FF - prefs.js..browser.search.order.1: "Search the web (Babylon)" >

< FF - prefs.js..browser.startup.homepage: "about:home" >

< FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3018509&SearchSource=2&q=" >

< >

< >

< FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found >
Invalid Switch: FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_271.dll File not found

< FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll () >
Invalid Switch: FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_271.dll ()

< FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) >
Invalid Switch: Intel WebAPI ipt;version=2.0.59: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

< FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) >
Invalid Switch: Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

< FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation) >
Invalid Switch: NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)

< FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) >
Invalid Switch: WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

< FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) >
Invalid Switch: WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

< FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) >
Invalid Switch: WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

< FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll () >
Invalid Switch: GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll ()

< FF - HKLM\Software\MozillaPlugins\Adobe Reader: c:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) >

< FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Juliana x3\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found >
Invalid Switch: Facebook Video Calling Plugin: C:\Users\Juliana x3\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll File not found

< >

< 64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\WEB ASSISTANT\FIREFOX [2012.07.23 13:32:03 | 000,000,000 | ---D | M] >

< FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\Web Assistant\Firefox [2012.07.23 13:32:03 | 000,000,000 | ---D | M] >

< FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.07.21 12:39:50 | 000,000,000 | ---D | M] >

< FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins >

< >

< [2012.07.21 12:40:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Juliana x3\AppData\Roaming\mozilla\Extensions >

< [2012.08.06 20:41:11 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Juliana x3\AppData\Roaming\mozilla\Firefox\Profiles\8tgq9v2f.default\extensions >

< [2012.07.28 00:05:45 | 000,000,000 | ---D | M] (Game Master 2.1) -- C:\Users\Juliana x3\AppData\Roaming\mozilla\Firefox\Profiles\8tgq9v2f.default\extensions\{22dfbf5b-a7cd-4b25-9471-3dc68c71855f} >

< [2012.07.24 16:16:45 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Juliana x3\AppData\Roaming\mozilla\Firefox\Profiles\8tgq9v2f.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} >

< [2012.07.21 19:41:47 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Users\Juliana x3\AppData\Roaming\mozilla\Firefox\Profiles\8tgq9v2f.default\extensions\bbrs_002@blabbers.com >

< [2012.07.24 16:15:39 | 000,000,000 | ---D | M] (Babylon) -- C:\Users\Juliana x3\AppData\Roaming\mozilla\Firefox\Profiles\8tgq9v2f.default\extensions\ffxtlbr@babylon.com >

< [2012.07.23 13:32:11 | 000,000,000 | ---D | M] (incredibar.com) -- C:\Users\Juliana x3\AppData\Roaming\mozilla\Firefox\Profiles\8tgq9v2f.default\extensions\ffxtlbr@incredibar.com >

< [2012.07.21 21:21:47 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Juliana x3\AppData\Roaming\mozilla\Firefox\Profiles\8tgq9v2f.default\extensions\ich@maltegoetz.de >

< [2012.07.23 13:31:54 | 000,000,000 | ---D | M] (Yontoo) -- C:\Users\Juliana x3\AppData\Roaming\mozilla\Firefox\Profiles\8tgq9v2f.default\extensions\plugin@yontoo.com >

< [2012.07.28 08:41:27 | 000,000,923 | ---- | M] () -- C:\Users\Juliana x3\AppData\Roaming\Mozilla\Firefox\Profiles\8tgq9v2f.default\searchplugins\conduit.xml >

< [2012.07.23 13:31:52 | 000,002,203 | ---- | M] () -- C:\Users\Juliana x3\AppData\Roaming\Mozilla\Firefox\Profiles\8tgq9v2f.default\searchplugins\MyStart Search.xml >

< [2012.07.21 19:41:49 | 000,002,792 | ---- | M] () -- C:\Users\Juliana x3\AppData\Roaming\Mozilla\Firefox\Profiles\8tgq9v2f.default\searchplugins\Plusnetwork.xml >

< [2012.07.22 21:28:23 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions >

< [2012.07.22 21:28:25 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} >

< [2012.07.23 13:34:05 | 000,036,333 | ---- | M] () (No name found) -- C:\USERS\JULIANA X3\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\8TGQ9V2F.DEFAULT\EXTENSIONS\{5A95A9E0-59DD-4314-BD84-4D18CA83A0E2}.XPI >

< [2012.07.14 02:15:45 | 000,136,672 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll >

< [2012.07.14 02:45:08 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml >

< [2012.07.24 16:14:50 | 000,002,363 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml >

< [2012.07.14 02:45:08 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml >

< [2012.07.14 02:45:08 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml >

< [2012.07.14 02:45:08 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml >

< [2012.07.14 02:45:08 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml >

< [2012.07.14 02:45:07 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml >

< >

< O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts >

< O2:64bit: - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension64.dll () >
Invalid Switch: b] - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension64.dll ()

< O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) >
Invalid Switch: b] - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

< O2 - BHO: (Browser Companion Helper) - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll ( ) >

< O2 - BHO: (Web Assistant) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Programme\Web Assistant\Extension32.dll () >

< O2 - BHO: (Incredibar.com Helper Object) - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD) >

< O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) >

< O2 - BHO: (Browser Companion Helper Verifier) - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll ( ) >

< O2 - BHO: (Wajam) - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam) >

< O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) >

< O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) >

< O2 - BHO: (Yontoo) - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC) >

< O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. >
Invalid Switch: b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

< O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) >
__________________
Alt 22.08.2012, 17:52   #4
muschelkram
 
Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen? - Standard

Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen?


Weiter:


< O3 - HKLM\..\Toolbar: (Incredibar Toolbar) - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD) >

< O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. >

< O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations) >
Invalid Switch: b] - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)

< O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications) >
Invalid Switch: b] - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Communications)

< O4:64bit: - HKLM..\Run: [C:\Windows\system32\V0640Ext.ax] C:\Windows\SysNative\V0640Ext.ax (Creative Technology Ltd.) >
Invalid Switch: b] - HKLM..\Run: [C:\Windows\system32\V0640Ext.ax] C:\Windows\SysNative\V0640Ext.ax (Creative Technology Ltd.)

< O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation) >
Invalid Switch: b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

< O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation) >
Invalid Switch: b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

< O4:64bit: - HKLM..\Run: [InstantUpdate] C:\Programme\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe () >
Invalid Switch: b] - HKLM..\Run: [InstantUpdate] C:\Programme\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe ()

< O4:64bit: - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation) >
Invalid Switch: b] - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)

< O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation) >
Invalid Switch: b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

< O4:64bit: - HKLM..\Run: [Power Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) >
Invalid Switch: b] - HKLM..\Run: [Power Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)

< O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor) >
Invalid Switch: b] - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)

< O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) >
Invalid Switch: b] - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

< O4:64bit: - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation) >
Invalid Switch: b] - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)

< O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation) >

< O4 - HKLM..\Run: [C:\Windows\SysWOW64\V0640Ext.ax] C:\Windows\SysWOW64\V0640Ext.ax (Creative Technology Ltd.) >

< O4 - HKLM..\Run: [Dolby Advanced Audio v2] C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.) >

< O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.) >

< O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) >

< O4 - HKLM..\Run: [USB3MON] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Intel Corporation) >

< O4 - HKLM..\Run: [V0640Mon.exe] C:\Windows\V0640Mon.exe (Creative Technology Ltd.) >

< O4 - HKLM..\RunOnce: [ Malwarebytes Anti-Malware ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) >

< O4 - Startup: C:\Users\Juliana x3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tbhcn.lnk = C:\Users\Juliana x3\AppData\Roaming\BrowserCompanion\tbhcn.exe () >

< O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 >

< O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 >

< O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 >

< O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 >

< O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Juliana x3\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () >
Invalid Switch: b] - Extra context menu item: Free YouTube Download - C:\Users\Juliana x3\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()

< O8 - Extra context menu item: Free YouTube Download - C:\Users\Juliana x3\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm () >

< O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations) >

< O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) >

< O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) >

< O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041) >

< O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) >
Invalid Switch: b] - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

< O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.) >
Invalid Switch: b] - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)

< O1364bit: - gopher Prefix: missing >
Invalid Switch: b] - gopher Prefix: missing

< O13 - gopher Prefix: missing >

< O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.74.210.210 10.74.210.211 >

< O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1923A337-52E2-46FD-BAD4-0FE05C477ADC}: DhcpNameServer = 192.168.178.1 >

< O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{26125EF1-A377-4746-A693-B10BD08E57A1}: DhcpNameServer = 10.74.210.210 10.74.210.211 >

< O18:64bit: - Protocol\Handler\base64 - No CLSID value found >
Invalid Switch: b] - Protocol\Handler\base64 - No CLSID value found

< O18:64bit: - Protocol\Handler\chrome - No CLSID value found >
Invalid Switch: b] - Protocol\Handler\chrome - No CLSID value found

< O18:64bit: - Protocol\Handler\livecall - No CLSID value found >
Invalid Switch: b] - Protocol\Handler\livecall - No CLSID value found

< O18:64bit: - Protocol\Handler\msnim - No CLSID value found >
Invalid Switch: b] - Protocol\Handler\msnim - No CLSID value found

< O18:64bit: - Protocol\Handler\prox - No CLSID value found >
Invalid Switch: b] - Protocol\Handler\prox - No CLSID value found

< O18:64bit: - Protocol\Handler\skype4com - No CLSID value found >
Invalid Switch: b] - Protocol\Handler\skype4com - No CLSID value found

< O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found >
Invalid Switch: b] - Protocol\Handler\skype-ie-addon-data - No CLSID value found

< O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found >
Invalid Switch: b] - Protocol\Handler\wlmailhtml - No CLSID value found

< O18:64bit: - Protocol\Handler\wlpg - No CLSID value found >
Invalid Switch: b] - Protocol\Handler\wlpg - No CLSID value found

< O18 - Protocol\Handler\base64 {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) >

< O18 - Protocol\Handler\chrome {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) >

< O18 - Protocol\Handler\prox {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (Blabbers Communications Ltd) >

< O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) >

< O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) >

< O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) >
Invalid Switch: b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

< O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) >
Invalid Switch: b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

< O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found >
Invalid Switch: pagefile) - File not found

< O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) >

< O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) >

< O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found >
Invalid Switch: pagefile) - File not found

< O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation) >
Invalid Switch: b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

< O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. >
Invalid Switch: b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

< O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. >

< O32 - HKLM CDRom: AutoRun - 1 >

< O33 - MountPoints2\E\Shell - "" = AutoRun >

< O33 - MountPoints2\E\Shell\AutoRun\command - "" = E:\XSManagerinstallation.exe >

< O34 - HKLM BootExecute: (autocheck autochk *) >

< O35:64bit: - HKLM\..comfile [open] -- "%1" %* >

< O35:64bit: - HKLM\..exefile [open] -- "%1" %* >

< O35 - HKLM\..comfile [open] -- "%1" %* >

< O35 - HKLM\..exefile [open] -- "%1" %* >

< O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* >

< O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* >

< O37 - HKLM\...com [@ = comfile] -- "%1" %* >

< O37 - HKLM\...exe [@ = exefile] -- "%1" %* >

< O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) >

< O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) >

< O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) >

< >

< ========== Files/Folders - Created Within 30 Days ========== >
Invalid Switch: color]

< >

< [2012.08.21 15:37:58 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\Desktop\System >

< [2012.08.21 15:15:45 | 000,596,480 | ---- | C] (OldTimer Tools) -- C:\Users\Juliana x3\Desktop\OTL.exe >

< [2012.08.21 13:04:03 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Roaming\Malwarebytes >

< [2012.08.21 13:03:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware >

< [2012.08.21 13:03:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes >

< [2012.08.21 13:03:33 | 000,024,904 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys >

< [2012.08.21 13:03:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware >

< [2012.08.21 10:54:24 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\Diagnostics >

< [2012.08.20 10:50:34 | 000,000,000 | ---D | C] -- C:\209b4ba434fb60ca06 >

< [2012.08.20 10:48:40 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\ElevatedDiagnostics >

< [2012.08.19 21:00:19 | 000,000,000 | RHSD | C] -- C:\Users\Juliana x3\M-10-6897-8685-3464 >

< [2012.08.19 16:41:45 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe.4027CD2087361494 >

< [2012.08.19 16:38:30 | 000,328,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe.492D2D3C6B629EBB >

< [2012.08.16 23:42:59 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\Dies das >

< [2012.08.16 16:44:49 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\Google >

< [2012.08.15 20:26:47 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll >

< [2012.08.15 20:26:47 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll >

< [2012.08.15 20:26:46 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll >

< [2012.08.15 20:26:46 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll >

< [2012.08.15 20:26:44 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll >

< [2012.08.15 20:26:43 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl >

< [2012.08.15 20:26:43 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll >

< [2012.08.15 20:26:43 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe >

< [2012.08.15 20:26:43 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe >

< [2012.08.15 20:26:42 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll >

< [2012.08.15 20:26:42 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl >

< [2012.08.15 20:26:40 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll >

< [2012.08.15 20:26:40 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll >

< [2012.08.15 18:30:48 | 000,503,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\srcore.dll >

< [2012.08.15 18:30:47 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netapi32.dll >

< [2012.08.15 18:30:47 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browcli.dll >

< [2012.08.15 18:30:47 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\browcli.dll >

< [2012.08.15 18:30:46 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll >

< [2012.08.15 18:30:45 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll >

< [2012.08.15 18:30:45 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\splwow64.exe >

< [2012.08.15 18:30:40 | 000,956,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\localspl.dll >

< [2012.08.09 23:59:31 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{0F087850-80E9-4C6B-B8F6-3447A3886EC4} >

< [2012.08.09 23:59:19 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{968A2331-6A0C-4228-996F-1D5D01A93906} >

< [2012.08.08 22:30:03 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\microsoft >

< [2012.08.08 22:30:02 | 000,000,000 | R--D | C] -- C:\Users\Juliana x3\Podcasts >

< [2012.08.08 22:28:32 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\Cyberlink >

< [2012.08.08 22:28:02 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\ms-MY >

< [2012.08.08 22:27:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zune >

< [2012.08.08 22:27:37 | 000,000,000 | ---D | C] -- C:\Program Files\Zune >

< [2012.08.06 11:02:51 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{9F0EA29D-A0DF-4BF6-8048-8177D62D2F46} >

< [2012.08.06 11:02:41 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{5B185BFA-1AE0-4372-9E8C-E8F72C88377B} >

< [2012.08.05 16:04:12 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Roaming\WildTangent >

< [2012.08.05 13:41:31 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{9040C9C7-2D49-4EF5-A53A-F42DEEFFC7F1} >

< [2012.08.05 13:39:23 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{5BAF4CBD-3A94-4B73-831F-4B2A60BA81B4} >

< [2012.08.04 07:54:33 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{BBE27A26-1A57-4F5E-B7E7-8A58017FD4A6} >

< [2012.08.03 21:57:02 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{8C142544-9FFC-4449-AA65-5C4B2E36B399} >

< [2012.08.03 18:54:56 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\Microsoft Games >

< [2012.08.02 20:47:38 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{5DDBE5D1-26E0-46E8-B176-D815C44A4F6F} >

< [2012.08.02 20:47:38 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{3541B706-7CB2-436B-8006-66D8DF2A153D} >

< [2012.08.01 08:53:32 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{9B6D1DAA-CBAB-4F24-AE3B-1FACCE8D4C2A} >

< [2012.08.01 08:52:24 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{C5C0D6F3-32C0-4AFF-B901-A01890BE0D3A} >

< [2012.07.31 22:18:21 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{5C2D9CAB-7276-4747-B247-A530592386E8} >

< [2012.07.31 20:14:48 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{52562437-6B8C-40BE-AEC2-91D32C354948} >

< [2012.07.31 20:02:58 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{C8FCDBD3-39AA-4785-9694-2BCA332D2A17} >

< [2012.07.31 12:20:30 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{D0CD6401-20EF-47DC-8CDD-16B518020CBA} >

< [2012.07.30 21:10:02 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{D00C72CF-9162-4396-9AF5-882AA75A4E9B} >

< [2012.07.30 21:08:22 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{81AADDF1-368E-408E-90B6-E49C545922FA} >

< [2012.07.29 22:36:49 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{C7DBFDBD-962C-4FFA-A682-A6E03A888710} >

< [2012.07.29 18:57:31 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{D3507E2D-5224-4D0E-AE5E-81D5B5C3923D} >

< [2012.07.29 18:55:05 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{46116EA7-F488-4225-BBFD-4A5274126A97} >

< [2012.07.29 17:52:46 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{E75B59B3-96A0-4B31-9846-4C00831880BC} >

< [2012.07.28 11:04:15 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{EF6ED102-E578-46F4-9511-C1484144168D} >

< [2012.07.28 11:03:54 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{FF76FB70-BD44-4294-8F75-8D8C2E43DF11} >

< [2012.07.28 00:12:27 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ >

< [2012.07.28 00:12:15 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\Documents\VirtualDJ >

< [2012.07.28 00:12:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VirtualDJ >

< [2012.07.27 23:01:45 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{D188D6AA-2A50-4272-8C16-FD3F1CF1D7F5} >

< [2012.07.27 23:01:33 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{7A29DC6E-143F-4A73-8FE1-7461D49DE271} >

< [2012.07.27 20:33:15 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\Desktop\FB >

< [2012.07.27 12:59:35 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{E58EC932-9FAA-455E-AE63-140A2E4B4C0E} >

< [2012.07.27 11:01:07 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{4769FC44-2A87-49E2-A660-33F1B0F67767} >

< [2012.07.27 10:52:38 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{D1E8A74E-C8EA-4049-94FA-576F283E0DF3} >

< [2012.07.27 10:47:02 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{0339D831-721A-4F5A-8027-1F6E599DB3D2} >

< [2012.07.26 15:38:44 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{C116445B-CE1C-47CA-A693-08A1CF604556} >

< [2012.07.26 15:38:32 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{CFB2FB7F-627C-47D6-8633-839832D57123} >

< [2012.07.26 14:58:36 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{4A0FE9A3-B9C6-4610-822F-63A341697EFD} >

< [2012.07.26 14:52:57 | 000,000,000 | ---D | C] -- C:\Windows\de >

< [2012.07.26 14:50:01 | 000,000,000 | ---D | C] -- C:\Windows\pt-pt >

< [2012.07.26 14:49:54 | 000,000,000 | ---D | C] -- C:\Windows\ar >

< [2012.07.26 14:49:49 | 000,000,000 | ---D | C] -- C:\Windows\bg >

< [2012.07.26 14:49:44 | 000,000,000 | ---D | C] -- C:\Windows\cs >

< [2012.07.26 14:49:40 | 000,000,000 | ---D | C] -- C:\Windows\da >

< [2012.07.26 14:49:35 | 000,000,000 | ---D | C] -- C:\Windows\el >

< [2012.07.26 14:49:31 | 000,000,000 | ---D | C] -- C:\Windows\en >

< [2012.07.26 14:49:26 | 000,000,000 | ---D | C] -- C:\Windows\es >

< [2012.07.26 14:49:21 | 000,000,000 | ---D | C] -- C:\Windows\fi >

< [2012.07.26 14:49:17 | 000,000,000 | ---D | C] -- C:\Windows\fr >

< [2012.07.26 14:49:13 | 000,000,000 | ---D | C] -- C:\Windows\he >

< [2012.07.26 14:49:08 | 000,000,000 | ---D | C] -- C:\Windows\hr >

< [2012.07.26 14:49:03 | 000,000,000 | ---D | C] -- C:\Windows\hu >

< [2012.07.26 14:48:58 | 000,000,000 | ---D | C] -- C:\Windows\it >

< [2012.07.26 14:48:54 | 000,000,000 | ---D | C] -- C:\Windows\nl >

< [2012.07.26 14:48:49 | 000,000,000 | ---D | C] -- C:\Windows\no >

< [2012.07.26 14:48:44 | 000,000,000 | ---D | C] -- C:\Windows\pl >

< [2012.07.26 14:48:39 | 000,000,000 | ---D | C] -- C:\Windows\pt-br >

< [2012.07.26 14:48:35 | 000,000,000 | ---D | C] -- C:\Windows\ro >

< [2012.07.26 14:48:30 | 000,000,000 | ---D | C] -- C:\Windows\ru >

< [2012.07.26 14:48:25 | 000,000,000 | ---D | C] -- C:\Windows\sk >

< [2012.07.26 14:48:20 | 000,000,000 | ---D | C] -- C:\Windows\sl >

< [2012.07.26 14:48:16 | 000,000,000 | ---D | C] -- C:\Windows\sv >

< [2012.07.26 14:48:11 | 000,000,000 | ---D | C] -- C:\Windows\th >

< [2012.07.26 14:48:06 | 000,000,000 | ---D | C] -- C:\Windows\tr >

< [2012.07.26 14:48:02 | 000,000,000 | ---D | C] -- C:\Windows\zh-tw >

< [2012.07.26 14:47:56 | 000,000,000 | ---D | C] -- C:\Windows\ca >

< [2012.07.26 14:23:37 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{0DFA0B56-67BD-48A3-A961-08B80638516E} >

< [2012.07.26 14:21:29 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{B4FE279B-91C7-4126-B122-EBF6D74780B2} >

< [2012.07.25 20:50:31 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{111053C4-9F54-4C58-A40D-FA8D45D83A79} >

< [2012.07.25 20:47:52 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{F9C5D0A1-A4A9-4BB4-829B-A6DFC82BDBE7} >

< [2012.07.25 20:42:50 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{53C303E8-F52A-47CF-83C9-E01E5714F6AC} >

< [2012.07.25 19:37:59 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{5AFA6F49-BA58-471E-B65C-2F4BD76666FE} >

< [2012.07.25 19:37:47 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{C9FEE6EC-130F-495C-A44F-E88414C3E32D} >

< [2012.07.25 19:37:36 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{7E710058-03DA-456A-9880-6419B39C2880} >

< [2012.07.25 19:37:26 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{DF1DC2B1-8EA0-4B43-8F98-0345E32A1216} >

< [2012.07.25 19:37:15 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{CBED6339-8D06-40BE-AF6C-D021E1B0C41A} >

< [2012.07.25 19:37:03 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{DF9AA097-9373-4ACF-BCC5-9046BEC4DDDA} >

< [2012.07.25 19:36:32 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{F2E8DA6A-FCED-4239-B943-8B02C30966AA} >

< [2012.07.25 19:36:21 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{B36C2C6E-2A02-4712-8A9E-2EC5B9DCA41E} >

< [2012.07.25 19:36:10 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{FF4E3861-A98D-48EF-AD45-AD468C1AFED3} >

< [2012.07.25 19:35:59 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{D55FA49E-4F65-4064-90FE-2BD1FD03D64E} >

< [2012.07.25 19:35:46 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{368989C3-B1D4-430A-BCAB-698B72456096} >

< [2012.07.25 19:35:34 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{5D0CB388-FE9D-4C68-992A-57AFA80339EE} >

< [2012.07.25 19:35:24 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{F639FE54-15EC-4071-AAE2-60346EC62D1C} >

< [2012.07.25 19:35:12 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{34650857-0C69-47B3-9522-95215E8B0C0E} >

< [2012.07.25 19:34:59 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{02AA87A2-923A-4F91-B4F8-3BB981317672} >

< [2012.07.25 19:34:47 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{E90C61A9-8FA0-4C43-B9F6-15A0CE7F9F2F} >

< [2012.07.25 19:31:45 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{D497D35C-A262-4279-BBB8-34945675EBCE} >

< [2012.07.25 19:31:34 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{CF3DB857-CDC0-4840-84E6-30F97E90E0AB} >

< [2012.07.25 18:57:52 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{868AC950-2F0C-4437-9B2C-2EE32B30E9A4} >

< [2012.07.25 16:37:50 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{8B3D311B-34AA-4077-B865-39E2A881B78D} >

< [2012.07.25 16:30:46 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{4D1F3180-60BA-46FD-B0D0-5364C002BB14} >

< [2012.07.25 16:28:34 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{878F479D-6165-4720-BF5B-89F59F2B7105} >

< [2012.07.25 16:27:43 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{44D21341-355A-4083-85AA-1CA7D0FA2D04} >

< [2012.07.25 16:27:27 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\Tracing >

< [2012.07.25 16:24:00 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{1742E983-1BAC-45E5-A258-656704EF9AFE} >

< [2012.07.25 16:20:20 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{EAF84193-8C57-4005-8101-C3525267CC85} >

< [2012.07.25 16:20:07 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{BF25A10E-E2F4-4FD2-9706-39898E312F63} >

< [2012.07.25 16:19:08 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{5EEACB44-4E4A-43B5-A9C2-D0814436F9EE} >

< [2012.07.25 16:15:40 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{F17D2D97-034D-4528-A549-96CA4FE4039C} >

< [2012.07.25 16:14:59 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{20B03CEB-F884-445E-BFD2-338CF8787DBD} >

< [2012.07.24 21:04:35 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\Windows Live >

< [2012.07.24 21:04:35 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{44C2470E-C096-4857-A503-1DCEBD3D6109} >

< [2012.07.24 21:04:17 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\{01C4052B-A21B-4374-B8D0-9DDAA8843E3E} >

< [2012.07.24 21:03:17 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\Adobe >

< [2012.07.24 20:40:59 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\Facebook >

< [2012.07.24 16:23:09 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\InstallShare >

< [2012.07.24 16:16:44 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Roaming\DVDVideoSoftIEHelpers >

< [2012.07.24 16:16:41 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft >

< [2012.07.24 16:16:39 | 000,405,144 | ---- | C] (Newtonsoft) -- C:\Windows\SysWow64\Newtonsoft.Json.Net20.dll >

< [2012.07.24 16:15:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft >

< [2012.07.24 16:15:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft >

< [2012.07.24 16:14:59 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Roaming\DVDVideoSoft >

< [2012.07.24 16:14:44 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Roaming\Babylon >

< [2012.07.24 16:14:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon >

< [2012.07.24 11:34:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner >

< [2012.07.24 11:34:40 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner >

< [2012.07.24 11:12:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Security Client >

< [2012.07.24 11:12:50 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Security Client >

< [2012.07.23 13:32:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Ask >

< [2012.07.23 13:32:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Incredibar.com >

< [2012.07.23 13:32:02 | 000,000,000 | ---D | C] -- C:\Program Files\Web Assistant >

< [2012.07.23 13:31:55 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam >

< [2012.07.23 13:31:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Yontoo >

< [2012.07.23 13:31:53 | 000,000,000 | ---D | C] -- C:\Users\Juliana x3\AppData\Local\Wajam >

< [2012.07.23 13:31:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wajam >

< [2012.07.23 13:31:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer >

< [2012.07.22 21:33:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft.NET >

< [2012.07.22 21:27:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype >

< [2012.07.22 21:27:17 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype >

< >

< ========== Files - Modified Within 30 Days ========== >
Invalid Switch: color]

< >

< [2012.08.21 17:13:11 | 001,505,034 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI >

< [2012.08.21 17:13:11 | 000,656,266 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat >

< [2012.08.21 17:13:11 | 000,618,108 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat >

< [2012.08.21 17:13:11 | 000,131,006 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat >

< [2012.08.21 17:13:11 | 000,107,388 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat >

< [2012.08.21 17:00:01 | 000,000,396 | ---- | M] () -- C:\Windows\tasks\Acer Registration - Reminder Recall task.job >

< [2012.08.21 16:46:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job >

< [2012.08.21 16:22:05 | 000,000,948 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2970694026-3300511978-113912794-1000UA.job >

< [2012.08.21 15:46:30 | 000,000,000 | ---- | M] () -- C:\Users\Juliana x3\defogger_reenable >

< [2012.08.21 15:45:36 | 000,050,477 | ---- | M] () -- C:\Users\Juliana x3\Desktop\Defogger.exe >

< [2012.08.21 15:17:02 | 000,596,480 | ---- | M] (OldTimer Tools) -- C:\Users\Juliana x3\Desktop\OTL.exe >

< [2012.08.21 15:06:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat >

< [2012.08.21 13:22:00 | 000,000,926 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2970694026-3300511978-113912794-1000Core.job >

< [2012.08.21 13:03:35 | 000,001,113 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk >

< [2012.08.21 11:41:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job >

< [2012.08.21 11:28:15 | 000,024,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 >

< [2012.08.21 11:28:15 | 000,024,192 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 >

< [2012.08.21 11:09:05 | 000,001,931 | ---- | M] () -- C:\Users\Public\Desktop\XSManager.lnk >

< [2012.08.21 11:09:01 | 000,141,824 | ---- | M] (Wireless Data Device) -- C:\Windows\SysNative\drivers\cmntnet.sys >

< [2012.08.21 11:09:01 | 000,133,120 | ---- | M] (C-motech Co.,Ltd.) -- C:\Windows\SysNative\drivers\cm_netamd.sys >

< [2012.08.21 11:09:01 | 000,123,904 | ---- | M] (Wireless Device) -- C:\Windows\SysNative\drivers\cmnuusbser.sys >

< [2012.08.21 11:09:01 | 000,118,272 | ---- | M] (C-motech Co.,Ltd.) -- C:\Windows\SysNative\drivers\cm_seramd.sys >

< [2012.08.21 11:09:01 | 000,117,888 | ---- | M] (Mobile Connector) -- C:\Windows\SysNative\drivers\cmnsusbser.sys >

< [2012.08.21 11:09:01 | 000,112,640 | ---- | M] (C-motech Co.,Ltd.) -- C:\Windows\SysNative\drivers\cm_net32.sys >

< [2012.08.21 11:09:01 | 000,103,680 | ---- | M] (C-motech Co.,Ltd.) -- C:\Windows\SysNative\drivers\cm_ser32.sys >

< [2012.08.21 11:09:01 | 000,101,056 | ---- | M] () -- C:\Windows\SysNative\drivers\dvb_nova_12mhz_b0.inp >

< [2012.08.21 11:09:01 | 000,092,456 | ---- | M] () -- C:\Windows\SysNative\drivers\isdbt_nova_12mhz_b0.inp >

< [2012.08.21 11:09:01 | 000,079,036 | ---- | M] () -- C:\Windows\SysNative\drivers\tdmb_nova_12mhz_b0.inp >

< [2012.08.21 11:09:01 | 000,063,648 | ---- | M] (Siano) -- C:\Windows\SysNative\drivers\smsbda.sys >

< [2012.08.21 11:09:01 | 000,000,040 | ---- | M] () -- C:\Windows\SysNative\drivers\smsbda.cfg >

< [2012.08.21 10:24:41 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job >

< [2012.08.21 10:23:45 | 3058,905,088 | -HS- | M] () -- C:\hiberfil.sys >

< [2012.08.19 22:56:09 | 000,000,848 | ---- | M] () -- C:\Users\Juliana x3\Desktop\geschichte.rtf >

< [2012.08.19 16:41:45 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe.4027CD2087361494 >

< [2012.08.19 16:38:30 | 000,328,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\services.exe.492D2D3C6B629EBB >

< [2012.08.16 16:26:03 | 000,283,160 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT >

< [2012.08.15 19:47:07 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe >

< [2012.08.15 19:47:07 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl >

< [2012.08.08 22:28:05 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_User_ZuneDriver_01_09_00.Wdf >

< [2012.08.08 22:28:05 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUSB_01009.Wdf >

< [2012.08.08 22:27:43 | 000,000,931 | ---- | M] () -- C:\Users\Public\Desktop\Zune.lnk >

< [2012.08.03 19:29:31 | 000,001,414 | ---- | M] () -- C:\Users\Juliana x3\Documents\Für Charlo.rtf >

< [2012.08.03 19:19:02 | 000,000,136 | ---- | M] () -- C:\Users\Juliana x3\Desktop\Spider Solitär - Verknüpfung.lnk >

< [2012.07.28 10:55:00 | 000,138,372 | ---- | M] () -- C:\Users\Juliana x3\Documents\40.ter.wlmp >

< [2012.07.28 00:12:27 | 000,001,050 | ---- | M] () -- C:\Users\Juliana x3\Desktop\VirtualDJ Home FREE.lnk >

< [2012.07.27 23:32:29 | 000,002,848 | ---- | M] () -- C:\Users\Juliana x3\Documents\spermien.wlmp >

< [2012.07.27 20:40:19 | 000,007,168 | -H-- | M] () -- C:\Users\Juliana x3\Desktop\photothumb.db >

< [2012.07.26 19:28:38 | 000,009,187 | ---- | M] () -- C:\Users\Juliana x3\Documents\Unten und oben.wlmp >

< [2012.07.24 16:16:41 | 000,001,306 | ---- | M] () -- C:\Users\Juliana x3\Desktop\Free YouTube Download.lnk >

< [2012.07.24 16:15:12 | 000,000,765 | ---- | M] () -- C:\user.js >

< [2012.07.24 11:34:42 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk >

< [2012.07.24 11:13:02 | 000,001,912 | ---- | M] () -- C:\Windows\epplauncher.mif >

< [2012.07.24 11:12:56 | 001,526,948 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI >

< [2012.07.22 21:27:32 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk >

< >

< ========== Files Created - No Company Name ========== >
Invalid Switch: color]

< >

< [2012.08.21 15:46:30 | 000,000,000 | ---- | C] () -- C:\Users\Juliana x3\defogger_reenable >

< [2012.08.21 15:45:36 | 000,050,477 | ---- | C] () -- C:\Users\Juliana x3\Desktop\Defogger.exe >

< [2012.08.21 13:03:35 | 000,001,113 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk >

< [2012.08.20 10:43:42 | 000,001,919 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk >

< [2012.08.09 06:13:34 | 000,000,848 | ---- | C] () -- C:\Users\Juliana x3\Desktop\geschichte.rtf >

< [2012.08.08 22:28:05 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_User_ZuneDriver_01_09_00.Wdf >

< [2012.08.08 22:28:05 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_WinUSB_01009.Wdf >

< [2012.08.08 22:27:43 | 000,000,931 | ---- | C] () -- C:\Users\Public\Desktop\Zune.lnk >

< [2012.08.03 19:29:31 | 000,001,414 | ---- | C] () -- C:\Users\Juliana x3\Documents\Für Charlo.rtf >

< [2012.08.03 19:19:02 | 000,000,136 | ---- | C] () -- C:\Users\Juliana x3\Desktop\Spider Solitär - Verknüpfung.lnk >

< [2012.07.28 00:12:27 | 000,001,050 | ---- | C] () -- C:\Users\Juliana x3\Desktop\VirtualDJ Home FREE.lnk >

< [2012.07.27 23:32:29 | 000,002,848 | ---- | C] () -- C:\Users\Juliana x3\Documents\spermien.wlmp >

< [2012.07.27 20:40:18 | 000,007,168 | -H-- | C] () -- C:\Users\Juliana x3\Desktop\photothumb.db >

< [2012.07.25 17:24:50 | 000,138,372 | ---- | C] () -- C:\Users\Juliana x3\Documents\40.ter.wlmp >

< [2012.07.25 16:36:51 | 000,009,187 | ---- | C] () -- C:\Users\Juliana x3\Documents\Unten und oben.wlmp >

< [2012.07.24 20:41:04 | 000,000,948 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2970694026-3300511978-113912794-1000UA.job >

< [2012.07.24 20:41:04 | 000,000,926 | ---- | C] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2970694026-3300511978-113912794-1000Core.job >

< [2012.07.24 16:16:41 | 000,001,306 | ---- | C] () -- C:\Users\Juliana x3\Desktop\Free YouTube Download.lnk >

< [2012.07.24 11:34:42 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk >

< [2012.07.24 11:13:02 | 000,001,912 | ---- | C] () -- C:\Windows\epplauncher.mif >

< [2012.07.24 11:12:56 | 001,526,948 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI >

< [2012.07.23 13:32:11 | 000,000,765 | ---- | C] () -- C:\user.js >

< [2012.07.22 21:27:32 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk >

< [2012.05.12 17:22:50 | 000,000,267 | ---- | C] () -- C:\Windows\LaunApp.ini >

< [2012.05.12 17:11:35 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin >

< [2012.05.12 17:11:35 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin >

< [2012.05.12 17:11:33 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin >

< [2012.05.12 17:11:33 | 000,058,880 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll >

< [2012.05.12 17:11:32 | 013,212,672 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll >

< [2012.05.12 17:09:52 | 000,001,332 | ---- | C] () -- C:\Windows\WPatchProgress.ini >

< [2012.03.28 20:27:10 | 000,002,048 | -HS- | C] () -- C:\Users\Juliana x3\AppData\Local\{4069bdaa-51af-876b-cd71-6805ef685e58}\@ >

< [2012.03.28 20:13:21 | 000,000,445 | ---- | C] () -- C:\Windows\Prelaunch.ini >

< [2012.03.28 20:13:21 | 000,000,395 | ---- | C] () -- C:\Windows\WisPriority.ini >

< [2012.03.28 20:13:21 | 000,000,168 | ---- | C] () -- C:\Windows\WisLangCode.ini >

< [2012.02.02 22:08:26 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll >

< >

< < End of report > >

< End of report >


Puhhhh....

Hat wieder was nicht geklappt .
Manno !!!

Weiter:
OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 21.08.2012 17:13:33 - Run 2
OTL by OldTimer - Version 3.2.58.1     Folder = C:\Users\Juliana x3\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,80 Gb Total Physical Memory | 1,94 Gb Available Physical Memory | 51,18% Memory free
7,60 Gb Paging File | 5,67 Gb Available in Paging File | 74,67% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 281,88 Gb Total Space | 209,19 Gb Free Space | 74,21% Space Free | Partition Type: NTFS
 
Computer Name: ENTE | User Name: Juliana x3 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01A52568-C9AE-4DF4-8AE5-9B5DA85AC63E}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{05840215-1F94-419C-9779-A237845998CA}" = lport=445 | protocol=6 | dir=in | app=system | 
"{077FE741-0A0A-47CE-B45E-E3C456CD3878}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{19D837B8-8D2F-416F-BC5C-8BA5715591EB}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{1A910C22-3DBE-44EF-961A-089B1D57D775}" = lport=137 | protocol=17 | dir=in | app=system | 
"{1CF27144-A517-4C0D-86F7-F410F979B1AD}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{2BFB08AC-1663-4D39-ABF8-C1EF01E1FFD0}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{2EC17F93-FB8A-413A-9F9B-E17B9DD8519B}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{37AD4E64-B62F-4BE3-BE4C-ED9CFBDD1DA0}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{3BA8D2B4-A955-49C4-9D38-349CA88E5266}" = rport=445 | protocol=6 | dir=out | app=system | 
"{3D0697F3-D385-45ED-9692-7A85EDE75C69}" = lport=139 | protocol=6 | dir=in | app=system | 
"{42396FB2-FEFA-489C-856A-BFD192EB8D96}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{493CDEFF-F86E-4715-B44B-0124CE133986}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{59C650EB-E474-477E-865B-C865885EAFD5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{5C5E5DC6-A978-4A73-A205-FA5DEF9BF918}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{68E2F72A-C961-4C23-83BF-98B68884EC50}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{84E8CD8A-7553-44D8-85BD-3612A57BF9A1}" = rport=139 | protocol=6 | dir=out | app=system | 
"{8DFB98E6-B41B-46B8-9149-BE312B830606}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{98F0CBE8-74CF-45D6-A532-0C93589BD983}" = rport=137 | protocol=17 | dir=out | app=system | 
"{99487055-4689-41C2-8C9B-4E20B12B977D}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{9D1245AC-488C-481B-932C-3E62F03CD2BA}" = rport=138 | protocol=17 | dir=out | app=system | 
"{B2C75436-43C6-4D6C-9FA8-F2B78BAA5ECB}" = lport=138 | protocol=17 | dir=in | app=system | 
"{B356E083-BBB5-4A9E-BDA1-4B2F277CA737}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{233F2BF9-215D-4CDC-922F-7ECA36B4CB26}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{3D43F265-F24C-4A06-9CDE-0E386DC728AA}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe | 
"{4197D7EC-84AC-49B5-8B92-CD20B6CEC7CA}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{5020857F-B7FE-47D3-82BF-42FADD9C8D24}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{6FDFA1FC-99BB-4756-A5B7-10D482F14456}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{731527E8-CA2A-4006-9C5A-D5291C7AC17F}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe | 
"{7A29C431-923B-4C5B-8179-22ADA47B9BF1}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe | 
"{7DD79926-9E55-4966-9312-256F80052B19}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{829CA92B-31C8-4368-B33E-E6207BD28928}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{87EDD5FE-493D-4C21-8E18-ABF1DD308CB2}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{88335650-917D-44F0-9ADF-B9366D035716}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{915F16E2-045D-4FBC-91D3-847050484C91}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe | 
"{9CDBCD9B-4F16-4984-890B-85462A51F663}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{A1916AE5-486E-40A6-AC8F-DA33D22FC0DD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{A34B3D70-4073-4F61-82A2-F99E2493BF83}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{A7C79450-8031-429B-B0E6-00056C33E842}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{A8423244-8951-4442-B39C-E7684935EFBD}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe | 
"{B5744B50-032A-478D-A79E-1C8C8CCD18EE}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe | 
"{B6F662C5-ADD8-4DAC-9F3A-B29CB2C3AADD}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{B7DB6BA0-8F1B-4143-B8FD-373A00CA8C1E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{BDBD9999-1F5E-4B4D-BEE4-3CA83967E2D4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{BE5A1C9D-161D-4A5C-B7A5-368AC7DCD4E9}" = protocol=6 | dir=out | app=system | 
"{C212B01E-BC82-4F0A-8FF5-8136AFB991DD}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{C99353B0-370E-4B03-8DC5-C0B01D981202}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{CEEEBABD-6B89-4BEF-A164-76521D1E9D43}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{D4EF476F-775C-4D97-B9C7-B861139059E2}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{D62EDB0A-73BE-4C07-BDCB-C062E8BE90B3}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe | 
"{EAA11006-2FEF-458F-BB4C-FB63EC599A66}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{F6ACB714-0DE0-41DF-800D-993ADC505A7E}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe | 
"{FA062C64-B7C3-4133-9014-68B76E0FB233}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{FD8A4B9C-6471-4ACC-BB8D-818346679D9B}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk20\mvp\videoplayer.exe | 
"{FE544D94-C9AD-4461-836A-1456E63134CD}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk20\mvp\musicplayer.exe | 
"{FE8D6EF8-FC04-4EBF-927D-352BCF032A6D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{07EEE598-5F21-4B57-B40B-46592625B3D9}" = Zune Language Pack (PTB)
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{09536BA1-E498-4CC3-B834-D884A67D7E34}" = Intel® Trusted Connect Service Client
"{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}" = MyWinLocker
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1553D712-B35F-4A82-BC72-D6B11A94BE3E}" = Windows Live Remote Service Resources
"{1685AE50-97ED-485B-80F6-145071EE14B0}" = Windows Live Remote Service Resources
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{22AB5CFD-B3DB-414E-9F99-4D024CCF1DA6}" = Windows Live Remote Client Resources
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Atheros Bluetooth Suite (64)
"{2426E29F-9E8C-4C0B-97FC-0DB690C1ED98}" = Windows Live Remote Client Resources
"{2A9DFFD8-4E09-4B91-B957-454805B0D7C4}" = Zune Language Pack (CHS)
"{2C1A6191-9804-4FDC-AB01-6F9183C91A13}" = Windows Live Remote Client Resources
"{2F304EF4-0C31-47F4-8557-0641AAE4197C}" = Windows Live Remote Client Resources
"{336D0C35-8A85-403a-B9D2-65C292C39087}_is1" = Web Assistant 2.0.0.455
"{34384A2A-2CA2-4446-AB0E-1F360BA2AAC5}" = Windows Live Remote Service Resources
"{350FD0E7-175A-4F86-84EF-05B77FCD7161}" = Windows Live Remote Service Resources
"{3589A659-F732-4E65-A89A-5438C332E59D}" = Zune Language Pack (ELL)
"{36674AE9-6D3D-48D6-BC7B-209F556D65EE}" = Acer Instant Update Service
"{3921492E-82D2-4180-8124-E347AD2F2DB4}" = Windows Live Remote Client Resources
"{456FB9B5-AFBC-4761-BBDC-BA6BAFBB818F}" = Windows Live Remote Client Resources
"{480F28F0-8BCE-404A-A52E-0DBB7D1CE2EF}" = Windows Live Remote Service Resources
"{4C2E49C0-9276-4324-841D-774CCCE5DB48}" = Windows Live Remote Client Resources
"{5141AA6E-5FAC-4473-BFFB-BEE69DDC7F2B}" = Windows Live Remote Service Resources
"{5151E2DB-0748-4FD1-86A2-72E2F94F8BE7}" = Windows Live Remote Service Resources
"{51C839E1-2BE4-4E77-A1BA-CCEA5DAFA741}" = Zune Language Pack (KOR)
"{57C51D56-B287-4C11-9192-EC3C46EF76A4}" = Zune Language Pack (RUS)
"{57F2BD1C-14A3-4785-8E48-2075B96EB2DF}" = Windows Live Remote Service Resources
"{5C93E291-A1CC-4E51-85C6-E194209FCDB4}" = Zune Language Pack (PTG)
"{5DEFD397-4012-46C3-B6DA-E8013E660772}" = Zune Language Pack (NOR)
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5F44A3A1-5D24-4708-8776-66B42B174C64}" = Windows Live Remote Client Resources
"{5FCD6EFE-C2E7-4D77-8212-4BA223D8DF8E}" = Windows Live Remote Client Resources
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{61407251-7F7D-4303-810D-226A04D5CFF3}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{6740BCB0-5863-47F4-80F4-44F394DE4FE2}" = Zune Language Pack (NLD)
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6B33492E-FBBC-4EC3-8738-09E16E395A10}" = Zune Language Pack (ESP)
"{6C9D3F1D-DBBE-46F9-96A0-726CC72935AF}" = Windows Live Remote Service Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6EB931CD-A7DA-4A44-B74A-89C8EB50086F}" = Zune Language Pack (SVE)
"{702A632F-99CE-4E2D-B8F2-BF980E9CF62F}" = Windows Live Remote Client Resources
"{76BA306B-2AA0-47C0-AB6B-F313AB56C136}" = Zune Language Pack (MSL)
"{7AEC844D-448A-455E-A34E-E1032196BBCD}" = Windows Live Remote Service Resources
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{850B8072-2EA7-4EDC-B930-7FE569495E76}" = Windows Live Remote Client Resources
"{889DF117-14D1-44EE-9F31-C5FB5D47F68B}" = Yontoo 1.10.02
"{8960A0A1-BB5A-479E-92CF-65AB9D684B43}" = Zune Language Pack (PLK)
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{8B112338-2B08-4851-AF84-E7CAD74CEB32}" = Zune Language Pack (DAN)
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{92ECE3F9-591E-4C12-8A62-B9FCE38BF646}" = Zune Language Pack (IND)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{97A295A7-8840-4B35-BB61-27A8F4512CA3}" = Windows Live Remote Service Resources
"{9B75648B-6C30-4A0D-9DE6-0D09D20AF5A5}" = Zune
"{9D046B26-7978-47CD-91E6-AC3C1DFBC3D0}" = Microsoft Security Client
"{9E9C960F-7F47-46D5-A95D-950B354DE2B8}" = Windows Live Remote Service Resources
"{A060182D-CDBE-4AD6-B9B4-860B435D6CBD}" = Windows Live Remote Client Resources
"{A508D5A2-3AC1-4594-A718-A663D6D3CF11}" = Windows Live Remote Service Resources
"{A5A53EA8-A11E-49F0-BDF5-AE536426A31A}" = Zune Language Pack (CHT)
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{A8F2E50B-86E2-4D96-9BD2-9758BCC6F9B3}" = Zune Language Pack (CSY)
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B4870774-5F3A-46D9-9DFE-06FB5599E26B}" = Zune Language Pack (FIN)
"{B680A663-1A15-47A5-A07C-7DF9A97558B7}" = Windows Live Remote Client Resources
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}" = Zune Language Pack (DEU)
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C5D37FFA-7483-410B-982B-91E93FD3B7DA}" = Zune Language Pack (ITA)
"{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}" = Zune Language Pack (FRA)
"{C6BE19C6-B102-4038-B2A6-1C313872DBB4}" = Zune Language Pack (HUN)
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CFF3C688-2198-4BC3-A399-598226949C39}" = Windows Live Remote Client Resources
"{D1C1556C-7FF3-48A3-A5D6-7126F0FAFB66}" = Windows Live Remote Client Resources
"{D3E4F422-7E0F-49C7-8B00-F42490D7A385}" = Windows Live Remote Service Resources
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D8A781C9-3892-4E2E-9320-480CF896CFBB}" = Zune Language Pack (JPN)
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{ED421F97-E1C3-4E78-9F54-A53888215D58}" = Windows Live Remote Client Resources
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F2CB8C3C-9C9E-4FAB-9067-655601C5F748}" = Windows Mobile Device Updater Component
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F6CB2C5F-B2C1-4DF1-BF44-39D0DC06FE6F}" = Windows Live Remote Service Resources
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"CCleaner" = CCleaner
"Creative VF0640" = Creative Live! Cam Socialize (VF0640) (1.00.05.00)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Zune" = Zune
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00884F14-05BD-4D8E-90E5-1ABF78948CA4}" = Windows Live Mesh
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{0557BBDA-69D3-4FA4-A93C-A5300F7034B4}" = Windows Live Writer
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{0654EA5D-308A-4196-882B-5C09744A5D81}" = Windows Live Photo Common
"{06B05153-97E4-427E-B1A8-E098F6C5E52F}" = Windows Live Essentials
"{073F306D-9851-4969-B828-7B6444D07D55}" = Windows Live Photo Common
"{09922FFE-D153-44AE-8B60-EA3CB8088F93}" = Windows Live UX Platform Language Pack
"{09B7C7EB-3140-4B5E-842F-9C79A7137139}" = Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Backup Manager V3
"{0C1931EB-8339-4837-8BEC-75029BF42734}" = Windows Live UX Platform Language Pack
"{0C975FCC-A06E-4CB6-8F54-A9B52CF37781}" = Windows Liven sähköposti
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{10186F1A-6A14-43DF-A404-F0105D09BB07}" = Windows Live Mail
"{110668B7-54C6-47C9-BAC4-1CE77F156AF5}" = Windows Live Mesh
"{11417707-1F72-4279-95A3-01E0B898BBF5}" = Windows Live Mesh
"{11778DA1-0495-4ED9-972F-F9E0B0367CD5}" = Windows Live Writer
"{1203DC60-D9BD-44F9-B372-2B8F227E6094}" = Windows Live Temel Parçalar
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{133D9D67-D475-4407-AC3C-D558087B2453}" = Windows Live Movie Maker
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17835B63-8308-427F-8CF5-D76E0D5FE457}" = Windows Live Essentials
"{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{19CBDE24-2761-49A5-816B-D2BA65D0CA8D}" = Kontrola Windows Live Mesh ActiveX za daljinske veze
"{1A72337E-D126-4BAF-AC89-E6122DB71866}" = Windows Liven valokuvavalikoima
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1D6C2068-807F-4B76-A0C2-62ED05656593}" = Windows Live Writer
"{1DA6D447-C54D-4833-84D4-3EA31CAECE9B}" = Windows Live UX Platform Language Pack
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FC83EAE-74C8-4C72-8400-2D8E40A017DE}" = Windows Live Writer
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{220C7F8C-929D-4F71-9DC7-F7A6823B38E4}" = Windows Live UX Platform Language Pack
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel(R) USB 3.0 eXtensible Host Controller Driver
"{241E7104-937A-4366-AD57-8FDDDB003939}" = Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi
"{249EE21B-8EDD-4F36-8A23-E580E9DBE80A}" = Windows Live Mail
"{24DF33E0-F924-4D0D-9B96-11F28F0D602D}" = Windows Live UX Platform Language Pack
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{25CD4B12-8CC5-433E-B723-C9CB41FA8C5A}" = Windows Live Writer
"{260E3D78-94E6-47EC-8E29-46301572BB1E}" = Control ActiveX Windows Live Mesh pentru conexiuni la distanță
"{26E3C07C-7FF7-4362-9E99-9E49E383CF16}" = Windows Live Writer Resources
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{28B9D2D8-4304-483F-AD71-51890A063A74}" = Windows Live Photo Common
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2BA5FD10-653F-4CAF-9CCD-F685082A1DC1}" = Windows Live Writer
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2D3E034E-F76B-410A-A169-55755D2637BB}" = Windows Live Mesh
"{2E50E321-4747-4EB5-9ECB-BBC6C3AC0F31}" = Windows Live Writer Resources
"{2F54E453-8C93-4B3B-936A-233C909E6CAC}" = Windows Live Messenger
"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App
"{3125D9DE-8D7A-4987-95F3-8A42389833D8}" = Windows Live Writer Resources
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{376D59B1-42D9-4FA2-B6CC-E346B6BE14F5}" = ActiveX-kontroll för fjärranslutningar för Windows Live Mesh
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{39B3184E-0BFB-40FA-ADDC-E7E2D535CDA9}" = Controle ActiveX do Windows Live Mesh para Conexões Remotas
"{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4
"{39F95B0B-A0B7-4FA7-BB6C-197DA2546468}" = Windows Live Mesh
"{3B72C1E0-26A1-40F6-8516-D50C651DFB3C}" = Windows Live Essentials
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{410DF0AA-882D-450D-9E1B-F5397ACFFA80}" = Windows Live Essentials
"{4264C020-850B-4F08-ACBE-98205D9C336C}" = Windows Live Writer
"{429DF1A0-3610-4E9E-8ACE-3C8AC1BA8FCA}" = Windows Live Photo Gallery
"{43B43577-2514-4CE0-B14A-7E85C17C0453}" = Windows Live Essentials
"{443B561F-DE1B-4DEF-ADD9-484B684653C7}" = Windows Live Messenger
"{4444F27C-B1A8-464E-9486-4C37BAB39A09}" = Фотогалерия на Windows Live
"{458F399F-62AC-4747-99F5-499BBF073D29}" = Windows Live Writer Resources
"{4664ED39-C80A-48F7-93CD-EBDCAFAB6CC5}" = Windows Live Writer Resources
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{4736B0ED-F6A1-48EC-A1B7-C053027648F1}" = Galeria fotogràfica del Windows Live
"{48294D95-EE9A-4377-8213-44FC4265FB27}" = Windows Live Messenger
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{48F597DD-D397-4CFA-91A0-4C033A0113BD}" = Windows Live Mail
"{4A04DB63-8F81-4EF4-9D09-61A2057EF419}" = Windows Live Essentials
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4B744C85-DBB1-4038-B989-4721EB22C582}" = Windows Live Messenger
"{4C378B16-46B7-4DA1-A2CE-2EE676F74680}" = Windows Live UX Platform Language Pack
"{4CF6F287-5121-483C-A5A2-07BDE19D8B4E}" = Windows Live Meshin etäyhteyksien ActiveX-komponentti
"{4D141929-141B-4605-95D6-2B8650C1C6DA}" = Windows Live UX Platform Language Pack
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{523DF2BB-3A85-4047-9898-29DC8AEB7E69}" = Windows Live UX Platform Language Pack
"{5275D81E-83AD-4DE4-BC2B-6E6BA3A33244}" = Windows Live Writer Resources
"{542DA303-FB91-4731-9F37-6E518368D3B9}" = Windows Live Messenger
"{5495E9A4-501A-4D4C-87C9-E80916CA9478}" = Windows Live UX Platform Language Pack
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{57220148-3B2B-412A-A2E0-82B9DF423696}" = Windows Live Mesh ActiveX-objekt til fjernforbindelser
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5C2F5C1B-9732-4F81-8FBF-6711627DC508}" = Windows Live Fotogalleri
"{5CF5B1A5-CBC3-42F0-8533-5A5090665862}" = Windows Live Mesh
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5D2E7BD7-4B6F-4086-BA8A-E88484750624}" = Windows Live Writer Resources
"{5DA7D148-D2D2-4C67-8444-2F0F9BD88A06}" = Windows Live Writer
"{5E1375CB-6792-4464-8715-CC3EC83D48FA}" = VirtualDJ Home FREE
"{5E627606-53B9-42D1-97E1-D03F6229E248}" = Windows Live UX Platform Language Pack
"{60C3C026-DB53-4DAB-8B97-7C1241F9A847}" = Windows Live Movie Maker
"{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}" = newsXpresso
"{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項
"{625D45F0-5DCB-48BF-8770-C240A84DAAEB}" = Windows Live Mesh
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63CF7D0C-B6E7-4EE9-8253-816B613CC437}" = Windows Live Mail
"{640798A0-A4FB-4C52-AC72-755134767F1E}" = Windows Live Movie Maker
"{64376910-1860-4CEF-8B34-AA5D205FC5F1}" = Poczta usługi Windows Live
"{644063FA-ABA3-42AC-A8AC-3EDC0706018B}" = Windows Live Mesh
"{6491AB99-A11E-41FD-A5E7-32DE8A097B8E}" = Windows Live Essentials
"{64B2D6B3-71AC-45A7-A6A1-2E07ABF58341}" = Windows Live Movie Maker
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{69C9C672-400A-43A0-B2DE-9DB38C371282}" = Windows Live Writer
"{69CAC24D-B1DC-4B97-A1BE-FE21843108FE}" = Windows Live Writer Resources
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A67578E-095B-4661-88F7-0B199CEC3371}" = Windows Live Messenger
"{6ABE832B-A5C7-44C1-B697-3E123B7B4D5B}" = Windows Live Mesh
"{6B556C37-8919-4991-AC34-93D018B9EA49}" = Windows Live Photo Common
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}" = Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz
"{6E8AFC13-F7B8-41D8-88AB-F1D0CFC56305}" = Windows Live Messenger
"{6EF2BE2C-3121-48B7-B7A6-C56046B3A588}" = Windows Live Movie Maker
"{6F37D92B-41AA-44B7-80D2-457ABDE11896}" = Windows Live Photo Common
"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" = WildTangent Games App (Acer Games)
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71527C7C-5289-4CB2-88C9-23344C0FF6C1}" = Windows Live Movie Maker
"{71A81378-79D5-40CC-9BDC-380642D1A87F}" = Windows Live Writer
"{71C95134-F6A9-45E7-B7B3-07CA6012BF2A}" = Windows Live Mesh
"{7272F232-A7E0-4B2B-A5D2-71B7C5E2379C}" = Windows Live Fotótár
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7327080F-6673-421F-BBD9-B618F357EEB3}" = Windows Live UX Platform Language Pack
"{734104DE-C2BF-412F-BB97-FCCE1EC94229}" = Windows Live Writer Resources
"{7373E17D-18E0-44A7-AC3A-6A3BFB85D3B3}" = Windows Live Movie Maker
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{76C064E2-BB99-4453-8FDA-42BC01AD0734}" = Control ActiveX del Windows Live Mesh per a connexions remotes
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78906B56-0E81-42A7-AC25-F54C946E1538}" = Windows Live Photo Common
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{78DBE8CE-61F6-4D6C-806C-A0FFF65F5E1D}" = Windows Live Messenger
"{7A9D47BA-6D50-4087-866F-0800D8B89383}" = Podstawowe programy Windows Live
"{7ADFA72D-2A9F-4DEC-80A5-2FAA27E23F0F}" = Windows Live Photo Common
"{7AF8E500-B349-4A77-8265-9854E9A47925}" = Windows Live Movie Maker
"{7BA19818-F717-4DFB-BC11-FAF17B2B8AEE}" = Pošta Windows Live
"{7C2A3479-A5A0-412B-B0E6-6D64CBB9B251}" = Windows Live Photo Common
"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159
"{7CB529B2-6C74-4878-9C3F-C29C3C3BBDC6}" = Windows Live Writer Resources
"{7D0DE76C-874E-4BDE-A204-F4240160693E}" = Windows Live Photo Common
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7D926AD2-16D6-42C2-8CA1-AB09E96040BA}" = Windows Live Writer Resources
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E90B133-FF47-48BB-91B8-36FC5A548FE9}" = Windows Live Writer Resources
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{80E8C65A-8F70-4585-88A2-ABC54BABD576}" = Windows Live Mesh
"{820D0BA3-ACD7-4FB9-A3A7-0ADF0C66A4BE}" = Windows Live Messenger
"{827D3E4A-0186-48B7-9801-7D1E9DD40C07}" = Windows Live Essentials

"{82803FF3-563F-414F-A403-8D4C167D4120}" = Windows Live Mail
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83AA2913-C123-4146-85BD-AD8F93971D39}" = BabylonObjectInstaller
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84267681-BF16-40B6-9564-27BC57D7D71C}" = Windows Live Photo Common
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{85373DA7-834E-4850-8AF5-1D99F7526857}" = Windows Live Photo Common
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{861B1145-7762-4794-B40C-3FF0A389DFE6}" = Windows Live Photo Gallery
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{885F1BCD-C344-4758-85BD-09640CF449A5}" = Windows Live Photo Gallery
"{8909CFA8-97BF-4077-AC0F-6925243FFE08}" = Windows Liven asennustyökalu
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8CF5D47D-27B7-49D6-A14F-10550B92749D}" = Windows Live UX Platform Language Pack
"{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}" = Fooz Kids Platform
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{924B4D82-1B97-48EB-8F1E-55C4353C22DB}" = Windows Live Mail
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{97F77D62-5110-4FA3-A2D3-410B92D31199}" = Windows Live Fotogaléria
"{99BE7F5D-AB52-4404-9E03-4240FFAA7DE9}" = Windows Live Mesh
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center
"{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}" = פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DA3F03B-2CEE-4344-838E-117861E61FAF}" = Windows Live Mail
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0382E3C-7384-429A-9BFA-AF5888E5A193}" = Acer Crystal Eye Webcam
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A101F637-2E56-42C0-8E08-F1E9086BFAF3}" = Windows Live Movie Maker
"{A199DB88-E22D-4CE7-90AC-B8BE396D7BF4}" = Windows Live Movie Maker
"{A2EDAEEB-C981-46D5-8163-CF8F5F640EEE}" = ตัวควบคุม ActiveX ใน Windows Live Mesh สำหรับการเชื่อมต่อระยะไกล (ไทย)
"{A3389C72-1782-4BB4-BBAA-33345DE52E3F}" = Windows Live Messenger
"{A3AD65CC-B2CE-49da-AE4E-CC2ECF4EC0F8}" =  clear.fi SDK - MVP 2
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel(R) Manageability Engine Firmware Recovery Agent
"{A7056D45-C63A-4FE4-A69D-FB54EF9B21BB}" = Windows Live Messenger
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB0B2113-5B96-4B95-8AD1-44613384911F}" = Windows Live Mesh
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AB78C965-5C67-409B-8433-D7B5BDB12073}" = Windows Live Writer Resources
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{ABE2F2AA-7ADC-4717-9573-BF3F83C696AC}" = Windows Live Mail
"{AC76BA86-7AD7-FFFF-7B44-AA0000000001}" = Adobe Reader X (10.1.0) MUI
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{AD001A69-88CC-4766-B2DB-3C1DFAB9AC72}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{B04A0E2F-1E4C-4E61-B18E-3B2BD6779CA7}" = Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych
"{B0AD205F-60D0-4084-AFB8-34D9A706D9A8}" = Windows Live Essentials
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B2E90616-C50D-4B89-A40D-92377AC669E5}" = Windows Live Messenger
"{B33B61FE-701F-425F-98AB-2B85725CBF68}" = Windows Live Photo Common
"{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}" = ActiveX контрола на Windows Live Mesh за отдалечени връзки
"{B3BE54A4-8DFE-4593-8E66-56AB7133B812}" = Windows Live Writer
"{B5AD89F2-03D3-4206-8487-018298007DD0}" = clear.fi Photo
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B6190387-0036-4BEB-8D74-A0AFC5F14706}" = Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7B67AA5-12DA-4F01-918D-B1BF66779D8A}" = Windows Live Writer Resources
"{B9E70C7A-9F85-4A39-A4A3-BFA3C3BF7613}" = Dolby Advanced Audio v2
"{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger
"{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}" = Элемент управления Windows Live Mesh ActiveX для удаленных подключений
"{BD0C3887-64E6-41D8-9A38-BC6F34369352}" = Windows Live Messenger
"{BD4EBDB5-EB14-4120-BB04-BE0A26C7FB3E}" = Windows Live Photo Common
"{BD695C2F-3EA0-4DA4-92D5-154072468721}" = Windows Live Fotoğraf Galerisi
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{BF35168D-F6F9-4202-BA87-86B5E3C9BF7A}" = Windows Live Mesh
"{BFC47A0B-D487-4DF0-889E-D6D392DF31E0}" = Windows Live Messenger
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C01FCACE-CC3D-49A2-ADC2-583A49857C58}" = Windows Live Essentials
"{C08D5964-C42F-48EE-A893-2396F9562A7C}" = Windows Live Mesh
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C1C9D199-B4DD-4895-92DD-9A726A2FE341}" = Windows Live Writer
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C28D96C0-6A90-459E-A077-A6706F4EC0FC}" = Bing Bar
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}" = Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C454280F-3C3E-4929-B60E-9E6CED5717E7}" = Windows Live Mail
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C8421D85-CA0E-4E93-A9A9-B826C4FB88EA}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C95A5A77-622F-45CA-9540-84468FCB18B1}" = Windows Live Messenger
"{C9E1343D-E21E-4508-A1BE-04A089EC137D}" = Windows Live Messenger
"{CA227A9D-09BE-4BFB-9764-48FED2DA5454}" = Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave
"{CB3F59BB-7858-41A1-A7EA-4B8A6FC7D431}" = Galeria fotografii usługi Windows Live
"{CB66242D-12B1-4494-82D2-6F53A7E024A3}" = Galerie foto Windows Live
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CBFD061C-4B27-4A89-ADD8-210316EEFA11}" = Windows Live Messenger
"{CD442136-9115-4236-9C14-278F6A9DCB3F}" = Windows Live Movie Maker
"{CD7CB1E6-267A-408F-877D-B532AD2C882E}" = Windows Live Photo Common
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{CF671BFE-6BA3-44E7-98C1-500D9C51D947}" = Windows Live Photo Gallery
"{D07B1FDA-876B-4914-9E9A-309732B6D44F}" = Windows Live Mail
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D31169F2-CD71-4337-B783-3E53F29F4CAD}" = Windows Live Mail
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6CBB3B2-F510-483D-AE0D-1CF3F43CF1EE}" = Windows Live Writer Resources
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DA29F644-2420-4448-8128-1331BE588999}" = Windows Live Writer
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DAF7BB88-6392-40aa-A714-8392C4BDBD2C}" =  clear.fi SDK- Movie 2
"{DB1208F4-B2FE-44E9-BFE6-8824DBD7891B}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DCAB6BA7-6533-44BF-9235-E5BF33B7431C}" = Windows Live Writer
"{DDC1E1BD-7615-4186-89E1-F5F43F9B6491}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{DF71ABBB-B834-41C0-BB58-80B0545D754C}" = Windows Live UX Platform Language Pack
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18B30AA-6E2D-480C-B918-AF61009F4010}" = عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E5377D46-83C5-445A-A1F1-830336B42A10}" = Windows Live Galerija fotografija
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E55E0C35-AC3C-4683-BA2F-834348577B80}" = Windows Live Writer
"{E59969EA-3B5B-4B24-8B94-43842A7FBFE9}" = Fotogalerija Windows Live
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E5DD4723-FE0B-436E-A815-DC23CF902A0B}" = Windows Live UX Platform Language Pack
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E8524B28-3BBB-4763-AC83-0E83FE31C350}" = Windows Live Writer
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{E9AD2143-26D5-4201-BED1-19DCC03B407D}" = Windows Live Messenger
"{E9AF1707-3F3A-49E2-8345-4F2D629D0876}" = clear.fi Media
"{E9D98402-21AB-4E9F-BF6B-47AF36EF7E97}" = Windows Live Writer Resources
"{EA777812-4905-4C08-8F6E-13BDCC734609}" = Windows Live UX Platform Language Pack
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F0F5D89A-197C-495B-827E-3E98B811CD2E}" = Windows Live Photo Common
"{F0F9505B-3ACF-4158-9311-D0285136AA00}" = Windows Live Essentials
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2979AAA-FDD7-4CB3-93BC-5C24D965D679}" = Windows Live Messenger
"{F35DC85A-E96B-496B-ABE7-F04192824856}" = Windows Live Messenger
"{F4BEA6C1-AAC3-4810-AAEA-588E26E0F237}" = Windows Live UX Platform Language Pack
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{F77EF646-19EB-11E1-9A9E-984BE15F174E}" = Evernote v. 4.5.2
"{F783464C-C7C6-4E9B-AC40-BC90E5414BAF}" = Windows Live Messenger
"{F7A46527-DF1F-4B0F-9637-98547E189442}" = Windows Live Galeria de Fotos
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F80E5450-3EF3-4270-B26C-6AC53BEC5E76}" = Windows Live Movie Maker
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA6CF94F-DACF-4FE7-959D-55C421B91B17}" = Windows Live Mail
"{FB3D07AE-73D0-47A9-AC12-6F50BF8B6202}" = Windows Live Movie Maker
"{FB79FDB7-4DE1-453D-99FE-9A880F57380E}" = Windows Live Fotogalerie
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) OpenCL CPU Runtime
"{FCDB0EF3-673C-FDCE-6498-750F51391660}" = Fooz Kids
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FE62C88B-425B-4BDE-8B70-CD5AE3B83176}" = Windows Live Essentials
"{FEEF7F78-5876-438B-B554-C4CC426A4302}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"{FF737490-5A2D-4269-9D82-97DB2F7C0B09}" = Windows Live Movie Maker
"{FFFA0584-8E3D-4195-8283-CCA3AD73C746}" = Windows Live Messenger
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"BrowserCompanion" = BrowserCompanion
"FoozKids" = Fooz Kids
"Free YouTube Download_is1" = Free YouTube Download version 3.1.31.706
"Identity Card" = Identity Card
"incredibar" = Incredibar Toolbar  on IE
"InstallShield_{0B61BBD5-DA3C-409A-8730-0C3DC3B0F270}" = Acer Backup Manager
"InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"InstallShield_{613C0AC5-3A67-4B94-8B13-9176AD83F5BF}" = newsXpresso
"InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}" = Acer Crystal Eye Webcam
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"Kobo" = Kobo
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.62.0.1300
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PhotoScape" = PhotoScape
"Wajam" = Wajam
"WildTangent acer Master Uninstall" = Acer Games
"WinLiveSuite" = Windows Live Essentials
"WTA-0e5637bb-0522-4673-83e5-3e2c6395870e" = Plants vs. Zombies - Game of the Year
"WTA-2b519ea9-e83e-435d-b966-6af0d87dc1fb" = Insaniquarium Deluxe
"WTA-2cbc4393-a6f0-4232-9893-c86e618ea6d4" = Bejeweled 3
"WTA-3b8869c6-ec76-4f87-8299-677c30ab7280" = FATE
"WTA-3c54857d-fbb2-46d6-aae3-95bf6ecd9ec3" = Agatha Christie - Death on the Nile
"WTA-442da359-9d6b-4253-a47a-72191175a780" = Final Drive: Nitro
"WTA-4b83e57e-cd70-45d0-9cd3-39345001915e" = Slingo Deluxe
"WTA-5826c229-9fa2-42dc-a156-c41af1a89da3" = Penguins!
"WTA-6dcf733b-5996-47f7-a09e-1f51941dd1b4" = Tales of Lagoona
"WTA-835ef07a-2c0c-4287-9b99-537da2c2cc36" = Virtual Villagers 4 - The Tree of Life
"WTA-928a51ba-4cc3-4fd9-b23f-b06376135473" = John Deere Drive Green
"WTA-943cce60-a416-4291-9043-f2bd0ab757bd" = Zuma Deluxe
"WTA-9933fd37-12c7-4172-8cb8-101ac882357f" = Chuzzle Deluxe
"WTA-a5df69b7-f186-43c2-a34e-b40c8dc4a4d7" = Jewel Quest Mysteries: The Seventh Gate Collector's Edition
"WTA-b97f537a-178c-4ccd-b4c3-ad63727c22dc" = Jewel Match 3
"WTA-bb5f22a9-97c3-4d4f-a55e-6e4ff200fa50" = Torchlight
"WTA-bbedcc72-44d5-4bba-a0fc-0dbeb32e5902" = Polar Bowler
"WTA-caceb8b9-4e17-4548-955a-07ece479dd72" = Wedding Dash
"XSManager" = XSManager
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 13.08.2012 16:19:16 | Computer Name = Ente | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: XSManager.exe, Version: 0.0.0.0, 
Zeitstempel: 0x4f0d9818  Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, 
Zeitstempel: 0x00000000  Ausnahmecode: 0xc0000005  Fehleroffset: 0x666f7250  ID des fehlerhaften
 Prozesses: 0x1378  Startzeit der fehlerhaften Anwendung: 0x01cd798af9b40548  Pfad der
 fehlerhaften Anwendung: C:\Program Files (x86)\XSManager\XSManager.exe  Pfad des 
fehlerhaften Moduls: unknown  Berichtskennung: 277ce4bb-e584-11e1-bc68-00a0c6000000
 
Error - 16.08.2012 10:30:40 | Computer Name = Ente | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 14.0.1.4577 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1054    Startzeit:
 01cd7bbb3b2d5748    Endzeit: 30    Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID:
 e5f75da0-e7ae-11e1-9c5b-206a8a82a573  
 
Error - 16.08.2012 10:33:31 | Computer Name = Ente | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 14.0.1.4577 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1520    Startzeit:
 01cd7bbbb902cc38    Endzeit: 50    Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID:
 56f806de-e7af-11e1-9c5b-206a8a82a573  
 
Error - 16.08.2012 10:38:11 | Computer Name = Ente | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 14.0.1.4577 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 1584    Startzeit:
 01cd7bbc30126d4e    Endzeit: 50    Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID:
 fe2c51c4-e7af-11e1-9c5b-206a8a82a573  
 
Error - 16.08.2012 10:42:41 | Computer Name = Ente | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 14.0.1.4577 kann nicht mehr unter Windows
 ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
 um nach weiteren Informationen zum Problem zu suchen.    Prozess-ID: 123c    Startzeit:
 01cd7bbd087e5f26    Endzeit: 40    Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

Berichts-ID:
 9f340226-e7b0-11e1-9d45-206a8a82a573  
 
Error - 16.08.2012 13:22:05 | Computer Name = Ente | Source = Google Update | ID = 20
Description = 
 
Error - 16.08.2012 16:22:06 | Computer Name = Ente | Source = Google Update | ID = 20
Description = 
 
Error - 17.08.2012 03:45:49 | Computer Name = Ente | Source = Google Update | ID = 20
Description = 
 
Error - 17.08.2012 10:22:05 | Computer Name = Ente | Source = Google Update | ID = 20
Description = 
 
Error - 17.08.2012 16:22:20 | Computer Name = Ente | Source = Google Update | ID = 20
Description = 
 
Error - 18.08.2012 13:22:05 | Computer Name = Ente | Source = Google Update | ID = 20
Description = 
 
[ Media Center Events ]
Error - 17.08.2012 03:47:29 | Computer Name = Ente | Source = MCUpdate | ID = 0
Description = 09:47:06 - Fehler beim Herstellen der Internetverbindung.  09:47:06 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 17.08.2012 08:43:00 | Computer Name = Ente | Source = MCUpdate | ID = 0
Description = 14:43:00 - Fehler beim Herstellen der Internetverbindung.  14:43:00 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 17.08.2012 08:43:10 | Computer Name = Ente | Source = MCUpdate | ID = 0
Description = 14:43:05 - Fehler beim Herstellen der Internetverbindung.  14:43:05 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 17.08.2012 09:43:42 | Computer Name = Ente | Source = MCUpdate | ID = 0
Description = 15:43:42 - Fehler beim Herstellen der Internetverbindung.  15:43:42 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 17.08.2012 09:43:48 | Computer Name = Ente | Source = MCUpdate | ID = 0
Description = 15:43:47 - Fehler beim Herstellen der Internetverbindung.  15:43:47 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 17.08.2012 10:43:53 | Computer Name = Ente | Source = MCUpdate | ID = 0
Description = 16:43:53 - Fehler beim Herstellen der Internetverbindung.  16:43:53 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 17.08.2012 10:43:59 | Computer Name = Ente | Source = MCUpdate | ID = 0
Description = 16:43:58 - Fehler beim Herstellen der Internetverbindung.  16:43:58 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 18.08.2012 12:46:45 | Computer Name = Ente | Source = MCUpdate | ID = 0
Description = 18:46:45 - Fehler beim Herstellen der Internetverbindung.  18:46:45 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 18.08.2012 12:46:59 | Computer Name = Ente | Source = MCUpdate | ID = 0
Description = 18:46:51 - Fehler beim Herstellen der Internetverbindung.  18:46:51 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 20.08.2012 04:49:37 | Computer Name = Ente | Source = MCUpdate | ID = 0
Description = 10:49:01 - Broadband-2.enc konnte nicht abgerufen werden (Fehler: 
BITS 0x80070424)  
 
[ System Events ]
Error - 19.08.2012 10:37:47 | Computer Name = Ente | Source = Service Control Manager | ID = 7003
Description = Der Dienst "IPsec-Richtlinien-Agent" ist von folgendem Dienst abhängig:
 BFE. Dieser Dienst ist eventuell nicht installiert.
 
Error - 19.08.2012 10:40:26 | Computer Name = Ente | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?19.?08.?2012 um 16:37:57 unerwartet heruntergefahren.
 
Error - 19.08.2012 10:40:43 | Computer Name = Ente | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:   %%1060
 
Error - 19.08.2012 10:40:51 | Computer Name = Ente | Source = Service Control Manager | ID = 7003
Description = Der Dienst "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" ist 
von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.
 
Error - 19.08.2012 10:40:56 | Computer Name = Ente | Source = Service Control Manager | ID = 7003
Description = Der Dienst "IPsec-Richtlinien-Agent" ist von folgendem Dienst abhängig:
 BFE. Dieser Dienst ist eventuell nicht installiert.
 
Error - 19.08.2012 10:43:22 | Computer Name = Ente | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?19.?08.?2012 um 16:41:04 unerwartet heruntergefahren.
 
Error - 19.08.2012 10:43:40 | Computer Name = Ente | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Computerbrowser" wurde mit folgendem Fehler beendet:   %%1060
 
Error - 19.08.2012 10:43:57 | Computer Name = Ente | Source = Service Control Manager | ID = 7003
Description = Der Dienst "IKE- und AuthIP IPsec-Schlüsselerstellungsmodule" ist 
von folgendem Dienst abhängig: BFE. Dieser Dienst ist eventuell nicht installiert.
 
Error - 19.08.2012 10:44:06 | Computer Name = Ente | Source = Service Control Manager | ID = 7003
Description = Der Dienst "IPsec-Richtlinien-Agent" ist von folgendem Dienst abhängig:
 BFE. Dieser Dienst ist eventuell nicht installiert.
 
Error - 19.08.2012 10:46:45 | Computer Name = Ente | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?19.?08.?2012 um 16:45:00 unerwartet heruntergefahren.
 
 
< End of report >
--- --- ---



DAS WARS !!!

Alt 22.08.2012, 21:12   #5
markusg
/// Malware-holic
 
Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen? - Standard

Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen?


hi
Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.
Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2


WICHTIG - Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.


Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 23.08.2012, 17:38   #6
muschelkram
 
Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen? - Standard

Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen?


Ok, markusg !

Dann werde ich Deinen Anweisungen mal versuchen zu folgen.
Auch wenn Du offlne bist... ich hab ja Zeit bis Montag !
Schönes Wochenende !!!

Gruß
muschelkram

Geschafft !!!

Hier die combofix logfile :


Combofix Logfile:
Code:
ATTFilter
ComboFix 12-08-22.03 - Juliana x3 22.08.2012  19:38:36.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.3890.2524 [GMT 2:00]
ausgeführt von:: c:\users\Juliana x3\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\BrowserCompanion
c:\program files (x86)\BrowserCompanion\blabbers-ch.crx
c:\program files (x86)\BrowserCompanion\blabbers-ff-full.xpi
c:\program files (x86)\BrowserCompanion\jsloader.dll
c:\program files (x86)\BrowserCompanion\logo.ico
c:\program files (x86)\BrowserCompanion\tdataprotocol.dll
c:\program files (x86)\BrowserCompanion\terms.lnk.url
c:\program files (x86)\BrowserCompanion\toolbar.dll
c:\program files (x86)\BrowserCompanion\uninstall.exe
c:\program files (x86)\BrowserCompanion\updatebhoWin32.dll
c:\program files (x86)\BrowserCompanion\updater.ini
c:\program files (x86)\BrowserCompanion\widgetserv.exe
c:\program files (x86)\Incredibar.com
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\inCRedibar.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarApp.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarEng.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarsrv.exe
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\inCRedibartlbr.dll
c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
c:\program files\Web Assistant\ExTEnsion32.dll
c:\windows\assembly\GAC_64\Desktop.ini
c:\windows\SysWow64\DEBUG.log
.
.
(((((((((((((((((((((((   Dateien erstellt von 2012-07-22 bis 2012-08-22  ))))))))))))))))))))))))))))))
.
.
2012-08-22 17:49 . 2012-08-22 17:49	--------	d-----w-	c:\users\Default\AppData\Local\temp
2012-08-21 11:04 . 2012-08-21 11:04	--------	d-----w-	c:\users\Juliana x3\AppData\Roaming\Malwarebytes
2012-08-21 11:03 . 2012-08-21 11:03	--------	d-----w-	c:\programdata\Malwarebytes
2012-08-21 11:03 . 2012-08-21 11:03	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2012-08-21 11:03 . 2012-07-03 11:46	24904	----a-w-	c:\windows\system32\drivers\mbam.sys
2012-08-21 08:54 . 2012-08-21 08:54	--------	d-----w-	c:\users\Juliana x3\AppData\Local\Diagnostics
2012-08-21 08:26 . 2012-08-03 02:27	62134624	----a-w-	c:\windows\system32\MRT.exe
2012-08-20 08:50 . 2012-08-21 18:22	--------	d-----w-	C:\209b4ba434fb60ca06
2012-08-20 08:48 . 2012-08-20 08:48	--------	d-----w-	c:\users\Juliana x3\AppData\Local\ElevatedDiagnostics
2012-08-19 19:00 . 2012-08-21 18:22	--------	d-sh--r-	c:\users\Juliana x3\M-10-6897-8685-3464
2012-08-19 14:41 . 2012-08-19 14:41	328704	----a-w-	c:\windows\system32\services.exe.4027CD2087361494
2012-08-19 14:38 . 2012-08-19 14:38	328704	----a-w-	c:\windows\system32\services.exe.492D2D3C6B629EBB
2012-08-16 21:42 . 2012-08-16 22:05	--------	d-----w-	c:\users\Juliana x3\Dies das
2012-08-16 14:44 . 2012-08-21 08:25	--------	d-----w-	c:\users\Juliana x3\AppData\Local\Google
2012-08-15 18:27 . 2012-07-06 20:07	552960	----a-w-	c:\windows\system32\drivers\bthport.sys
2012-08-15 16:30 . 2012-05-05 08:36	503808	----a-w-	c:\windows\system32\srcore.dll
2012-08-15 16:30 . 2012-05-05 07:46	43008	----a-w-	c:\windows\SysWow64\srclient.dll
2012-08-15 16:30 . 2012-07-04 22:16	73216	----a-w-	c:\windows\system32\netapi32.dll
2012-08-15 16:30 . 2012-07-04 22:13	59392	----a-w-	c:\windows\system32\browcli.dll
2012-08-15 16:30 . 2012-07-04 22:13	136704	----a-w-	c:\windows\system32\browser.dll
2012-08-15 16:30 . 2012-07-04 21:14	41984	----a-w-	c:\windows\SysWow64\browcli.dll
2012-08-15 16:30 . 2012-02-11 06:43	751104	----a-w-	c:\windows\system32\win32spl.dll
2012-08-15 16:30 . 2012-02-11 06:36	559104	----a-w-	c:\windows\system32\spoolsv.exe
2012-08-15 16:30 . 2012-02-11 06:36	67072	----a-w-	c:\windows\splwow64.exe
2012-08-15 16:30 . 2012-02-11 05:43	492032	----a-w-	c:\windows\SysWow64\win32spl.dll
2012-08-15 16:30 . 2012-07-18 18:15	3148800	----a-w-	c:\windows\system32\win32k.sys
2012-08-15 16:30 . 2012-05-14 05:26	956928	----a-w-	c:\windows\system32\localspl.dll
2012-08-08 20:30 . 2012-08-08 20:30	--------	d-----r-	c:\users\Juliana x3\Podcasts
2012-08-08 20:28 . 2012-08-08 20:28	--------	d-----w-	c:\users\Juliana x3\AppData\Local\Cyberlink
2012-08-08 20:28 . 2012-08-08 20:28	--------	d-----w-	c:\windows\system32\ms-MY
2012-08-08 20:27 . 2012-08-08 20:27	--------	d-----w-	c:\windows\system32\drivers\UMDF\en-US
2012-08-08 20:27 . 2012-08-08 20:29	--------	d-----w-	c:\program files\Zune
2012-08-05 16:39 . 2012-08-14 08:11	1236816	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-08-05 14:04 . 2012-08-05 14:04	--------	d-----w-	c:\users\Juliana x3\AppData\Roaming\WildTangent
2012-08-03 16:54 . 2012-08-03 17:16	--------	d-----w-	c:\users\Juliana x3\AppData\Local\Microsoft Games
2012-07-27 22:12 . 2012-07-27 22:12	--------	d-----w-	c:\program files (x86)\VirtualDJ
2012-07-26 12:52 . 2012-07-26 12:52	--------	d-----w-	c:\windows\de
2012-07-26 12:50 . 2012-07-26 12:50	--------	d-----w-	c:\windows\pt-pt
2012-07-26 12:49 . 2012-07-26 12:49	--------	d-----w-	c:\windows\ar
2012-07-26 12:49 . 2012-07-26 12:49	--------	d-----w-	c:\windows\bg
2012-07-26 12:49 . 2012-07-26 12:49	--------	d-----w-	c:\windows\cs
2012-07-26 12:49 . 2012-07-26 12:49	--------	d-----w-	c:\windows\da
2012-07-26 12:49 . 2012-07-26 12:49	--------	d-----w-	c:\windows\el
2012-07-26 12:49 . 2012-07-26 12:49	--------	d-----w-	c:\windows\en
2012-07-26 12:49 . 2012-07-26 12:49	--------	d-----w-	c:\windows\es
2012-07-26 12:49 . 2012-07-26 12:49	--------	d-----w-	c:\windows\fi
2012-07-26 12:49 . 2012-07-26 12:49	--------	d-----w-	c:\windows\fr
2012-07-26 12:49 . 2012-07-26 12:49	--------	d-----w-	c:\windows\he
2012-07-26 12:49 . 2012-07-26 12:49	--------	d-----w-	c:\windows\hr
2012-07-26 12:49 . 2012-07-26 12:49	--------	d-----w-	c:\windows\hu
2012-07-26 12:47 . 2012-07-26 12:47	--------	d-----w-	c:\windows\ca
2012-07-26 12:32 . 2012-07-26 12:32	15712	----a-w-	c:\program files (x86)\Common Files\Windows Live\.cache\ab6002fd1cd6b2a02\MeshBetaRemover.exe
2012-07-26 12:32 . 2012-07-26 12:32	89944	----a-w-	c:\program files (x86)\Common Files\Windows Live\.cache\aaed69601cd6b2a01\DSETUP.dll
2012-07-26 12:32 . 2012-07-26 12:32	537432	----a-w-	c:\program files (x86)\Common Files\Windows Live\.cache\aaed69601cd6b2a01\DXSETUP.exe
2012-07-26 12:32 . 2012-07-26 12:32	1801048	----a-w-	c:\program files (x86)\Common Files\Windows Live\.cache\aaed69601cd6b2a01\dsetup32.dll
2012-07-25 14:27 . 2012-08-21 14:44	--------	d-----w-	c:\users\Juliana x3\Tracing
2012-07-24 19:04 . 2012-08-09 21:59	--------	d-----w-	c:\users\Juliana x3\AppData\Local\Windows Live
2012-07-24 19:03 . 2012-08-03 16:39	--------	d-----w-	c:\users\Juliana x3\AppData\Local\Adobe
2012-07-24 18:40 . 2012-08-21 18:22	--------	d-----w-	c:\users\Juliana x3\AppData\Local\Facebook
2012-07-24 14:23 . 2012-07-24 14:23	--------	d-----w-	c:\users\Juliana x3\AppData\Local\InstallShare
2012-07-24 14:16 . 2012-06-22 14:32	405144	----a-w-	c:\windows\SysWow64\Newtonsoft.Json.Net20.dll
2012-07-24 14:15 . 2012-07-24 14:16	--------	d-----w-	c:\program files (x86)\Common Files\DVDVideoSoft
2012-07-24 14:15 . 2012-07-24 14:15	--------	d-----w-	c:\program files (x86)\DVDVideoSoft
2012-07-24 14:14 . 2012-07-24 14:17	--------	d-----w-	c:\users\Juliana x3\AppData\Roaming\DVDVideoSoft
2012-07-24 14:14 . 2012-07-24 14:14	--------	d-----w-	c:\users\Juliana x3\AppData\Roaming\Babylon
2012-07-24 14:14 . 2012-07-24 14:14	--------	d-----w-	c:\programdata\Babylon
2012-07-24 14:13 . 2012-07-24 14:13	25703064	----a-w-	c:\users\Juliana x3\AppData\Roaming\Microsoft\Windows\Templates\FreeYouTubeDownloader.exe
2012-07-24 10:07 . 2012-08-15 17:22	2300696	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2012-07-24 10:07 . 2012-08-15 17:21	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2012-07-24 09:34 . 2012-07-24 09:34	--------	d-----w-	c:\program files\CCleaner
2012-07-23 20:20 . 2012-08-14 08:12	2300696	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-07-23 20:20 . 2012-08-14 08:12	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-07-23 20:20 . 2012-08-08 16:28	1236816	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-21 09:09 . 2012-07-21 17:56	141824	----a-w-	c:\windows\system32\drivers\cmntnet.sys
2012-08-21 09:09 . 2012-07-21 17:56	133120	----a-w-	c:\windows\system32\drivers\cm_netamd.sys
2012-08-21 09:09 . 2012-07-21 17:56	123904	----a-w-	c:\windows\system32\drivers\cmnuusbser.sys
2012-08-21 09:09 . 2012-07-21 17:56	118272	----a-w-	c:\windows\system32\drivers\cm_seramd.sys
2012-08-21 09:09 . 2012-07-21 17:56	63648	----a-w-	c:\windows\system32\drivers\smsbda.sys
2012-08-21 09:09 . 2012-07-21 17:56	117888	----a-w-	c:\windows\system32\drivers\cmnsusbser.sys
2012-08-21 09:09 . 2012-07-21 17:56	112640	----a-w-	c:\windows\system32\drivers\cm_net32.sys
2012-08-21 09:09 . 2012-07-21 17:56	103680	----a-w-	c:\windows\system32\drivers\cm_ser32.sys
2012-08-15 17:47 . 2012-03-28 18:36	70344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-08-15 17:47 . 2012-03-28 18:36	426184	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2012-07-21 10:34 . 2011-03-29 01:36	19736	----a-w-	c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2012-06-09 05:43 . 2012-07-22 08:59	14172672	----a-w-	c:\windows\system32\shell32.dll
2012-06-06 06:06 . 2012-07-22 08:59	2004480	----a-w-	c:\windows\system32\msxml6.dll
2012-06-06 06:06 . 2012-07-22 08:59	1881600	----a-w-	c:\windows\system32\msxml3.dll
2012-06-06 06:02 . 2012-07-22 08:55	1133568	----a-w-	c:\windows\system32\cdosys.dll
2012-06-06 05:05 . 2012-07-22 08:59	1390080	----a-w-	c:\windows\SysWow64\msxml6.dll
2012-06-06 05:05 . 2012-07-22 08:59	1236992	----a-w-	c:\windows\SysWow64\msxml3.dll
2012-06-06 05:03 . 2012-07-22 08:55	805376	----a-w-	c:\windows\SysWow64\cdosys.dll
2012-06-02 22:19 . 2012-07-21 10:35	38424	----a-w-	c:\windows\system32\wups.dll
2012-06-02 22:19 . 2012-07-21 10:36	2428952	----a-w-	c:\windows\system32\wuaueng.dll
2012-06-02 22:19 . 2012-07-21 10:36	57880	----a-w-	c:\windows\system32\wuauclt.exe
2012-06-02 22:19 . 2012-07-21 10:36	44056	----a-w-	c:\windows\system32\wups2.dll
2012-06-02 22:19 . 2012-07-21 10:35	701976	----a-w-	c:\windows\system32\wuapi.dll
2012-06-02 22:15 . 2012-07-21 10:36	2622464	----a-w-	c:\windows\system32\wucltux.dll
2012-06-02 22:15 . 2012-07-21 10:35	99840	----a-w-	c:\windows\system32\wudriver.dll
2012-06-02 13:19 . 2012-07-21 10:35	186752	----a-w-	c:\windows\system32\wuwebv.dll
2012-06-02 13:15 . 2012-07-21 10:35	36864	----a-w-	c:\windows\system32\wuapp.exe
2012-06-02 05:50 . 2012-07-22 08:58	458704	----a-w-	c:\windows\system32\drivers\cng.sys
2012-06-02 05:48 . 2012-07-22 08:58	151920	----a-w-	c:\windows\system32\drivers\ksecpkg.sys
2012-06-02 05:48 . 2012-07-22 08:58	95600	----a-w-	c:\windows\system32\drivers\ksecdd.sys
2012-06-02 05:45 . 2012-07-22 08:58	340992	----a-w-	c:\windows\system32\schannel.dll
2012-06-02 05:44 . 2012-07-22 08:58	307200	----a-w-	c:\windows\system32\ncrypt.dll
2012-06-02 04:40 . 2012-07-22 08:58	22016	----a-w-	c:\windows\SysWow64\secur32.dll
2012-06-02 04:40 . 2012-07-22 08:58	225280	----a-w-	c:\windows\SysWow64\schannel.dll
2012-06-02 04:39 . 2012-07-22 08:58	219136	----a-w-	c:\windows\SysWow64\ncrypt.dll
2012-06-02 04:34 . 2012-07-22 08:58	96768	----a-w-	c:\windows\SysWow64\sspicli.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"c:\windows\SysWOW64\V0640Ext.ax"="c:\windows\SysWOW64\V0640Ext.ax" [X]
"BackupManagerTray"="c:\program files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" [2012-01-05 296984]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-06-06 937920]
"Dolby Advanced Audio v2"="c:\dolby pcee4\pcee4.exe" [2011-06-01 506712]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-02-27 291608]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2012-03-24 1105488]
"SuiteTray"="c:\program files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" [2011-09-20 341360]
"V0640Mon.exe"="c:\windows\V0640Mon.exe" [2011-08-22 28672]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe" [2010-11-21 73216]
.
c:\users\Juliana x3\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
tbhcn.lnk - c:\users\Juliana x3\AppData\Roaming\BrowserCompanion\tbhcn.exe [2012-7-2 695448]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Security Packages	REG_MULTI_SZ   	kerberos msv1_0 schannel wdigest tspkg pku2u livessp
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2012-07-05 3048136]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]
R2 Web Assistant Updater;Web Assistant Updater;c:\program files\Web Assistant\ExtensionUpdaterService.exe [2012-06-06 185856]
R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-08-15 250056]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys [2012-03-08 36480]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [2011-06-07 191752]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys [2012-03-08 340096]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys [2012-03-08 111232]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys [2012-03-08 168064]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys [2012-03-08 68736]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys [2012-03-08 281472]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys [2012-03-08 551552]
R3 cphs;Intel(R) Content Protection HECI Service;c:\windows\SysWow64\IntelCpHeciSvc.exe [2012-04-02 276248]
R3 EgisTec Ticket Service;EgisTec Ticket Service;c:\program files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys [2012-01-11 34304]
R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys [2012-02-22 28160]
R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-07-14 113120]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]
R3 V0640Vid;Creative Live! Cam Socialize (VF0640) Driver;c:\windows\system32\DRIVERS\V0640Vid.sys [2011-09-07 319616]
R3 WMZuneComm;Zune Windows Mobile Connectivity Service;c:\program files\Zune\WMZuneComm.exe [2011-08-05 306400]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys [2012-02-27 16152]
S1 mwlPSDFilter;mwlPSDFilter;c:\windows\system32\DRIVERS\mwlPSDFilter.sys [2012-05-12 22648]
S1 mwlPSDNServ;mwlPSDNServ;c:\windows\system32\DRIVERS\mwlPSDNServ.sys [2012-05-12 20520]
S1 mwlPSDVDisk;mwlPSDVDisk;c:\windows\system32\DRIVERS\mwlPSDVDisk.sys [2012-05-12 62776]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-06-06 64952]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe [2012-03-08 107648]
S2 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\SeaPort.EXE [2011-05-12 249648]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe [2012-03-24 355920]
S2 ePowerSvc;ePower Service;c:\program files\Acer\Acer ePower Management\ePowerSvc.exe [2012-02-07 871296]
S2 GREGService;GREGService;c:\program files (x86)\Acer\Registration\GREGsvc.exe [2012-02-29 28264]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe [2012-02-02 628448]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2012-03-16 127320]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2012-03-16 162648]
S2 Live Updater Service;Live Updater Service;c:\program files\Acer\Acer Updater\UpdaterService.exe [2012-02-07 255376]
S2 NTI IScheduleSvc;NTI IScheduleSvc;c:\program files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2012-01-05 256536]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-03-16 362840]
S2 WajamUpdater;WajamUpdater;c:\program files (x86)\Wajam\Updater\WajamUpdater.exe [2012-06-04 109064]
S2 WTGService;WTGService;c:\program files (x86)\XSManager\WTGService.exe [2012-01-14 327392]
S2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;c:\program files (x86)\Atheros\Ath_WlanAgent.exe [2012-02-27 76960]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys [2012-03-08 30848]
S3 cmntnet;Wireless Data Device USB Ethernet Driver;c:\windows\system32\DRIVERS\cmntnet.sys [2012-08-21 141824]
S3 cmnuusbser;Mobile Connector USB Device for Serial Communication Device;c:\windows\system32\DRIVERS\cmnuusbser.sys [2012-08-21 123904]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys [2011-12-06 331264]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys [2012-02-27 356120]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys [2012-02-27 788760]
S3 MEIx64;Intel(R) Management Engine Interface ;c:\windows\system32\DRIVERS\HECIx64.sys [2011-11-11 60184]
S3 RSBASTOR;Realtek PCIE CardReader Driver - BA;c:\windows\system32\DRIVERS\RtsBaStor.sys [2012-02-02 292968]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2012-03-10 685160]
.
.
Inhalt des "geplante Tasks" Ordners
.
2012-08-22 c:\windows\Tasks\Acer Registration - Reminder Recall task.job
- c:\program files (x86)\Acer\Registration\GREG.exe [2012-02-29 08:19]
.
2012-08-22 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-28 17:47]
.
2012-08-21 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2970694026-3300511978-113912794-1000Core.job
- c:\users\Juliana x3\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-24 11:17]
.
2012-08-22 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2970694026-3300511978-113912794-1000UA.job
- c:\users\Juliana x3\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-24 11:17]
.
2012-08-22 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 11:41]
.
2012-08-21 c:\windows\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
- c:\program files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe [2011-11-25 11:41]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}]
2012-06-06 07:14	201728	----a-w-	c:\program files\Web Assistant\Extension64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"c:\windows\system32\V0640Ext.ax"="c:\windows\system32\V0640Ext.ax" [X]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-04-02 170264]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-04-02 398616]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-04-02 439064]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-02-22 12452456]
"RtHDVBg_Dolby"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2012-02-08 1158248]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-03-08 1021056]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2012-03-08 800896]
"Power Management"="c:\program files\Acer\Acer ePower Management\ePowerTray.exe" [2012-02-07 1829768]
"InstantUpdate"="c:\program files\Acer\Acer Instant Service\InstantUpdate\iuDaemon.exe" [2012-04-06 124520]
"Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2011-08-05 163552]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"LoadAppInit_DLLs"=0x0
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://search.babylon.com/?affID=109958&tt=190712_n_mont_3012_1&babsrc=HP_ss&mntrId=704c667500000000000000a0c6000000
uLocal Page = c:\windows\system32\blank.htm
mStart Page = hxxp://acer.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Free YouTube Download - c:\users\Juliana x3\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
TCP: DhcpNameServer = 10.74.210.210 10.74.210.211
FF - ProfilePath - c:\users\Juliana x3\AppData\Roaming\Mozilla\Firefox\Profiles\8tgq9v2f.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://search.babylon.com/?babsrc=SP_ss&mntrId=704c667500000000000000a0c6000000&tlver=1.5.29.1&instlRef=sst&babTrack&q=
FF - user.js: extentions.y2layers.installId - 4f7db66c-6eb2-45f3-8391-dfa9eb6175b0
FF - user.js: extentions.y2layers.defaultEnableAppsList - ezLooker,pagerage,buzzdock,toprelatedtopics,twittube
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: extensions.incredibar_i.newTab - false
FF - user.js: extensions.incredibar_i.tlbrSrchUrl - hxxp://mystart.Incredibar.com/?a=6R8zRb0kIv&loc=IB_TB&i=26&search=
FF - user.js: extensions.incredibar_i.id - 704c667500000000000000a0c6000000
FF - user.js: extensions.incredibar_i.instlDay - 15544
FF - user.js: extensions.incredibar_i.vrsn - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsni - 1.5.11.14
FF - user.js: extensions.incredibar_i.vrsnTs - 1.5.11.1413:32
FF - user.js: extensions.incredibar_i.prtnrId - Incredibar
FF - user.js: extensions.incredibar_i.prdct - incredibar
FF - user.js: extensions.incredibar_i.aflt - orgnl
FF - user.js: extensions.incredibar_i.smplGrp - none
FF - user.js: extensions.incredibar_i.tlbrId - base
FF - user.js: extensions.incredibar_i.instlRef - 
FF - user.js: extensions.incredibar_i.dfltLng - 
FF - user.js: extensions.incredibar_i.excTlbr - false
FF - user.js: extensions.incredibar_i.ms_url_id - 
FF - user.js: extensions.incredibar_i.upn2 - 6R8zRb0kIv
FF - user.js: extensions.incredibar_i.upn2n - 92824754516335335
FF - user.js: extensions.incredibar_i.productid - 26
FF - user.js: extensions.incredibar_i.installerproductid - 26
FF - user.js: extensions.incredibar_i.did - 10662
FF - user.js: extensions.incredibar_i.ppd - 
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=109958&tt=190712_n_mont_3012_1
FF - user.js: extensions.BabylonToolbar_i.babExt - 
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://www.google.com/search?babsrc=TB_ggl&q=
FF - user.js: extensions.BabylonToolbar.id - 704c667500000000000000a0c6000000
FF - user.js: extensions.BabylonToolbar.instlDay - 15545
FF - user.js: extensions.BabylonToolbar.vrsn - 1.5.29.1
FF - user.js: extensions.BabylonToolbar.vrsni - 1.5.29.1
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.29.116:15
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
AddRemove-BrowserCompanion - c:\program files (x86)\BrowserCompanion\uninstall.exe
AddRemove-incredibar - c:\program files (x86)\Incredibar.com\incredibar\1.5.11.14\uninstall.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_271_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_271.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2012-08-22  20:12:46
ComboFix-quarantined-files.txt  2012-08-22 18:12
.
Vor Suchlauf: 8 Verzeichnis(se), 224.267.534.336 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 224.124.006.400 Bytes frei
.
- - End Of File - - B82B515E96FCF61BB58AF4380012B754
--- --- ---



Vie Vergnügen damit !
Gruß
muschelkram

Alt 28.08.2012, 16:19   #7
muschelkram
 
Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen? - Standard

Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen?


Und nun ????

Alt 30.08.2012, 13:44   #8
markusg
/// Malware-holic
 
Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen? - Standard

Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen?


download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 30.08.2012, 19:07   #9
muschelkram
 
Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen? - Standard

Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen?


Hello again !!!

Hier der Report:

19:56:42.0785 3432 TDSS rootkit removing tool 2.8.8.0 Aug 24 2012 13:27:48
19:56:42.0816 3432 ============================================================
19:56:42.0816 3432 Current date / time: 2012/08/29 19:56:42.0816
19:56:42.0816 3432 SystemInfo:
19:56:42.0816 3432
19:56:42.0816 3432 OS Version: 6.1.7601 ServicePack: 1.0
19:56:42.0816 3432 Product type: Workstation
19:56:42.0816 3432 ComputerName: ENTE
19:56:42.0816 3432 UserName: Juliana x3
19:56:42.0816 3432 Windows directory: C:\Windows
19:56:42.0816 3432 System windows directory: C:\Windows
19:56:42.0816 3432 Running under WOW64
19:56:42.0816 3432 Processor architecture: Intel x64
19:56:42.0816 3432 Number of processors: 2
19:56:42.0816 3432 Page size: 0x1000
19:56:42.0816 3432 Boot type: Normal boot
19:56:42.0816 3432 ============================================================
19:56:43.0908 3432 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:56:43.0923 3432 ============================================================
19:56:43.0923 3432 \Device\Harddisk0\DR0:
19:56:43.0923 3432 MBR partitions:
19:56:43.0923 3432 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x203A800, BlocksNum 0x32000
19:56:43.0923 3432 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x206C800, BlocksNum 0x233C1800
19:56:43.0923 3432 ============================================================
19:56:43.0955 3432 C: <-> \Device\Harddisk0\DR0\Partition2
19:56:43.0955 3432 ============================================================
19:56:43.0955 3432 Initialize success
19:56:43.0955 3432 ============================================================
19:56:55.0733 0388 ============================================================
19:56:55.0733 0388 Scan started
19:56:55.0733 0388 Mode: Manual; SigCheck; TDLFS;
19:56:55.0733 0388 ============================================================
19:56:55.0889 0388 ================ Scan system memory ========================
19:56:55.0904 0388 System memory - ok
19:56:55.0904 0388 ================ Scan services =============================
19:56:56.0107 0388 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
19:56:56.0185 0388 1394ohci - ok
19:56:56.0232 0388 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
19:56:56.0247 0388 ACPI - ok
19:56:56.0279 0388 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
19:56:56.0294 0388 AcpiPmi - ok
19:56:56.0372 0388 [ 11A52CF7B265631DEEB24C6149309EFF ] AdobeARMservice c:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
19:56:56.0403 0388 AdobeARMservice - ok
19:56:56.0544 0388 [ A9D3B95E8466BD58EEB8A1154654E162 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
19:56:56.0559 0388 AdobeFlashPlayerUpdateSvc - ok
19:56:56.0622 0388 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:56:56.0669 0388 adp94xx - ok
19:56:56.0700 0388 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:56:56.0715 0388 adpahci - ok
19:56:56.0731 0388 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:56:56.0747 0388 adpu320 - ok
19:56:56.0793 0388 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:56:56.0840 0388 AeLookupSvc - ok
19:56:56.0887 0388 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
19:56:56.0918 0388 AFD - ok
19:56:56.0934 0388 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:56:56.0949 0388 agp440 - ok
19:56:56.0965 0388 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
19:56:56.0981 0388 ALG - ok
19:56:56.0996 0388 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
19:56:57.0012 0388 aliide - ok
19:56:57.0027 0388 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
19:56:57.0043 0388 amdide - ok
19:56:57.0074 0388 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:56:57.0090 0388 AmdK8 - ok
19:56:57.0105 0388 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
19:56:57.0121 0388 AmdPPM - ok
19:56:57.0152 0388 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
19:56:57.0168 0388 amdsata - ok
19:56:57.0199 0388 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
19:56:57.0215 0388 amdsbs - ok
19:56:57.0230 0388 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
19:56:57.0246 0388 amdxata - ok
19:56:57.0277 0388 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
19:56:57.0339 0388 AppID - ok
19:56:57.0371 0388 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
19:56:57.0417 0388 AppIDSvc - ok
19:56:57.0433 0388 [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo C:\Windows\System32\appinfo.dll
19:56:57.0480 0388 Appinfo - ok
19:56:57.0542 0388 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\drivers\arc.sys
19:56:57.0558 0388 arc - ok
19:56:57.0573 0388 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:56:57.0589 0388 arcsas - ok
19:56:57.0620 0388 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:56:57.0667 0388 AsyncMac - ok
19:56:57.0683 0388 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
19:56:57.0698 0388 atapi - ok
19:56:57.0745 0388 [ 78B183A794A08978EA0A8D017054352B ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
19:56:57.0761 0388 AthBTPort - ok
19:56:57.0870 0388 [ 7E63E24E17B5233FA69E6613E84B5306 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
19:56:57.0885 0388 AtherosSvc - ok
19:56:57.0979 0388 [ 4EF8D5C1C0A02A9D1C2C465BA730EE69 ] athr C:\Windows\system32\DRIVERS\athrx.sys
19:56:58.0057 0388 athr - ok
19:56:58.0104 0388 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:56:58.0182 0388 AudioEndpointBuilder - ok
19:56:58.0197 0388 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
19:56:58.0260 0388 AudioSrv - ok
19:56:58.0322 0388 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
19:56:58.0353 0388 AxInstSV - ok
19:56:58.0385 0388 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
19:56:58.0416 0388 b06bdrv - ok
19:56:58.0463 0388 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
19:56:58.0494 0388 b57nd60a - ok
19:56:58.0556 0388 [ 87F3BCF82A63E900AF896CD930BF7E05 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
19:56:58.0587 0388 BBSvc - ok
19:56:58.0619 0388 [ 78779EE07231C658B483B1F38B5088DF ] BBUpdate C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
19:56:58.0634 0388 BBUpdate - ok
19:56:58.0650 0388 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
19:56:58.0665 0388 BDESVC - ok
19:56:58.0681 0388 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
19:56:58.0728 0388 Beep - ok
19:56:58.0775 0388 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
19:56:58.0837 0388 BFE - ok
19:56:58.0868 0388 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
19:56:58.0946 0388 BITS - ok
19:56:58.0962 0388 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
19:56:58.0977 0388 blbdrive - ok
19:56:59.0024 0388 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:56:59.0040 0388 bowser - ok
19:56:59.0055 0388 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
19:56:59.0071 0388 BrFiltLo - ok
19:56:59.0087 0388 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
19:56:59.0102 0388 BrFiltUp - ok
19:56:59.0149 0388 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
19:56:59.0211 0388 BridgeMP - ok
19:56:59.0305 0388 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
19:56:59.0336 0388 Browser - ok
19:56:59.0383 0388 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
19:56:59.0430 0388 Brserid - ok
19:56:59.0445 0388 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
19:56:59.0477 0388 BrSerWdm - ok
19:56:59.0492 0388 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
19:56:59.0508 0388 BrUsbMdm - ok
19:56:59.0523 0388 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
19:56:59.0539 0388 BrUsbSer - ok
19:56:59.0586 0388 [ 3E352B570E9CD1047A596927896D6F7C ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
19:56:59.0601 0388 BTATH_A2DP - ok
19:56:59.0617 0388 [ AF715C0F2A656BDA9D4AF470224325C7 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
19:56:59.0633 0388 btath_avdt - ok
19:56:59.0664 0388 [ D438A33D568C76C24E8D7394981F42DC ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
19:56:59.0679 0388 BTATH_BUS - ok
19:56:59.0695 0388 [ 6EFA8C93009E0BE0886C2422C7D20BC5 ] BTATH_HCRP C:\Windows\system32\DRIVERS\btath_hcrp.sys
19:56:59.0711 0388 BTATH_HCRP - ok
19:56:59.0726 0388 [ 168506D0F0C8DF588F8A7E25C58A2DE6 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
19:56:59.0742 0388 BTATH_LWFLT - ok
19:56:59.0773 0388 [ 7C8FB1D73BD279DD914CCA6ED0F4F62B ] BTATH_RCP C:\Windows\system32\DRIVERS\btath_rcp.sys
19:56:59.0789 0388 BTATH_RCP - ok
19:56:59.0835 0388 [ 4F6EA72C82C05C8C67643C9E0585108A ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
19:56:59.0851 0388 BtFilter - ok
19:56:59.0898 0388 [ CF98190A94F62E405C8CB255018B2315 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
19:56:59.0913 0388 BthEnum - ok
19:56:59.0945 0388 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
19:56:59.0960 0388 BTHMODEM - ok
19:56:59.0976 0388 [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:57:00.0007 0388 BthPan - ok
19:57:00.0038 0388 [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
19:57:00.0069 0388 BTHPORT - ok
19:57:00.0101 0388 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
19:57:00.0163 0388 bthserv - ok
19:57:00.0194 0388 [ F188B7394D81010767B6DF3178519A37 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
19:57:00.0225 0388 BTHUSB - ok
19:57:00.0241 0388 catchme - ok
19:57:00.0257 0388 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:57:00.0319 0388 cdfs - ok
19:57:00.0335 0388 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:57:00.0350 0388 cdrom - ok
19:57:00.0366 0388 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
19:57:00.0428 0388 CertPropSvc - ok
19:57:00.0444 0388 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\drivers\circlass.sys
19:57:00.0459 0388 circlass - ok
19:57:00.0491 0388 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
19:57:00.0522 0388 CLFS - ok
19:57:00.0584 0388 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:57:00.0600 0388 clr_optimization_v2.0.50727_32 - ok
19:57:00.0647 0388 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
19:57:00.0662 0388 clr_optimization_v2.0.50727_64 - ok
19:57:00.0740 0388 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:57:00.0771 0388 clr_optimization_v4.0.30319_32 - ok
19:57:00.0834 0388 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
19:57:00.0865 0388 clr_optimization_v4.0.30319_64 - ok
19:57:00.0912 0388 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:57:00.0927 0388 CmBatt - ok
19:57:00.0943 0388 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:57:00.0959 0388 cmdide - ok
19:57:01.0005 0388 [ 784CE219B4A02C20BCBC7A9A16F3E141 ] cmntnet C:\Windows\system32\DRIVERS\cmntnet.sys
19:57:01.0021 0388 cmntnet - ok
19:57:01.0052 0388 [ C0B41B0A669F1E06E85050A86320E0AF ] cmnuusbser C:\Windows\system32\DRIVERS\cmnuusbser.sys
19:57:01.0068 0388 cmnuusbser - ok
19:57:01.0099 0388 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
19:57:01.0146 0388 CNG - ok
19:57:01.0161 0388 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
19:57:01.0177 0388 Compbatt - ok
19:57:01.0193 0388 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
19:57:01.0208 0388 CompositeBus - ok
19:57:01.0224 0388 COMSysApp - ok
19:57:01.0271 0388 [ 912A03D9EDE63872F7DD1623E507694E ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
19:57:01.0317 0388 cphs - ok
19:57:01.0349 0388 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:57:01.0364 0388 crcdisk - ok
19:57:01.0411 0388 [ 4F5414602E2544A4554D95517948B705 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:57:01.0427 0388 CryptSvc - ok
19:57:01.0473 0388 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:57:01.0536 0388 DcomLaunch - ok
19:57:01.0567 0388 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
19:57:01.0629 0388 defragsvc - ok
19:57:01.0645 0388 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:57:01.0707 0388 DfsC - ok
19:57:01.0754 0388 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
19:57:01.0801 0388 Dhcp - ok
19:57:01.0817 0388 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
19:57:01.0863 0388 discache - ok
19:57:01.0895 0388 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\drivers\disk.sys
19:57:01.0910 0388 Disk - ok
19:57:01.0941 0388 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:57:01.0973 0388 Dnscache - ok
19:57:01.0988 0388 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
19:57:02.0051 0388 dot3svc - ok
19:57:02.0051 0388 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
19:57:02.0113 0388 DPS - ok
19:57:02.0144 0388 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:57:02.0160 0388 drmkaud - ok
19:57:02.0238 0388 [ C02FF01B821FBB72104132E56EC5B881 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
19:57:02.0269 0388 DsiWMIService - ok
19:57:02.0300 0388 [ A4F408AD1065C7AD2ED332C68025B435 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:57:02.0331 0388 DXGKrnl - ok
19:57:02.0347 0388 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
19:57:02.0409 0388 EapHost - ok
19:57:02.0503 0388 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\drivers\evbda.sys
19:57:02.0581 0388 ebdrv - ok
19:57:02.0597 0388 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
19:57:02.0612 0388 EFS - ok
19:57:02.0675 0388 [ 5332EC2BA1C112BD4BB1F38127848FEF ] EgisTec Ticket Service C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe
19:57:02.0690 0388 EgisTec Ticket Service - ok
19:57:02.0753 0388 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:57:02.0784 0388 ehRecvr - ok
19:57:02.0799 0388 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
19:57:02.0815 0388 ehSched - ok
19:57:02.0846 0388 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:57:02.0877 0388 elxstor - ok
19:57:02.0987 0388 [ 76B978AD795A7E71C48390B000F6023F ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
19:57:03.0033 0388 ePowerSvc - ok
19:57:03.0049 0388 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
19:57:03.0080 0388 ErrDev - ok
19:57:03.0143 0388 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
19:57:03.0205 0388 EventSystem - ok
19:57:03.0236 0388 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
19:57:03.0283 0388 exfat - ok
19:57:03.0314 0388 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:57:03.0361 0388 fastfat - ok
19:57:03.0408 0388 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
19:57:03.0439 0388 Fax - ok
19:57:03.0470 0388 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\drivers\fdc.sys
19:57:03.0486 0388 fdc - ok
19:57:03.0501 0388 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
19:57:03.0564 0388 fdPHost - ok
19:57:03.0579 0388 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
19:57:03.0642 0388 FDResPub - ok
19:57:03.0657 0388 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:57:03.0689 0388 FileInfo - ok
19:57:03.0689 0388 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:57:03.0735 0388 Filetrace - ok
19:57:03.0845 0388 [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
19:57:03.0891 0388 FLEXnet Licensing Service - ok
19:57:03.0891 0388 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
19:57:03.0923 0388 flpydisk - ok
19:57:03.0923 0388 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:57:03.0954 0388 FltMgr - ok
19:57:04.0001 0388 [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache C:\Windows\system32\FntCache.dll
19:57:04.0032 0388 FontCache - ok
19:57:04.0063 0388 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
19:57:04.0094 0388 FontCache3.0.0.0 - ok
19:57:04.0110 0388 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
19:57:04.0125 0388 FsDepends - ok
19:57:04.0141 0388 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:57:04.0157 0388 Fs_Rec - ok
19:57:04.0188 0388 [ 1F7B25B858FA27015169FE95E54108ED ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
19:57:04.0219 0388 fvevol - ok
19:57:04.0235 0388 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:57:04.0250 0388 gagp30kx - ok
19:57:04.0313 0388 [ C403C5DB49A0F9AAF4F2128EDC0106D8 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
19:57:04.0328 0388 GamesAppService - ok
19:57:04.0375 0388 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
19:57:04.0453 0388 gpsvc - ok
19:57:04.0500 0388 [ 32096F187020A54D29C95B3A1467D963 ] GREGService C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
19:57:04.0531 0388 GREGService - ok
19:57:04.0547 0388 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
19:57:04.0562 0388 hcw85cir - ok
19:57:04.0593 0388 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:57:04.0625 0388 HdAudAddService - ok
19:57:04.0656 0388 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
19:57:04.0687 0388 HDAudBus - ok
19:57:04.0687 0388 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
19:57:04.0703 0388 HidBatt - ok
19:57:04.0718 0388 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:57:04.0749 0388 HidBth - ok
19:57:04.0765 0388 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\drivers\hidir.sys
19:57:04.0796 0388 HidIr - ok
19:57:04.0812 0388 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
19:57:04.0874 0388 hidserv - ok
19:57:04.0905 0388 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:57:04.0921 0388 HidUsb - ok
19:57:04.0952 0388 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
19:57:04.0999 0388 hkmsvc - ok
19:57:05.0015 0388 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:57:05.0030 0388 HomeGroupListener - ok
19:57:05.0061 0388 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:57:05.0077 0388 HomeGroupProvider - ok
19:57:05.0093 0388 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
19:57:05.0108 0388 HpSAMD - ok
19:57:05.0139 0388 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:57:05.0217 0388 HTTP - ok
19:57:05.0217 0388 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
19:57:05.0233 0388 hwpolicy - ok
19:57:05.0249 0388 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:57:05.0264 0388 i8042prt - ok
19:57:05.0311 0388 [ C224331A54571C8C9162F7714400BBBD ] iaStor C:\Windows\system32\drivers\iaStor.sys
19:57:05.0342 0388 iaStor - ok
19:57:05.0358 0388 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
19:57:05.0389 0388 iaStorV - ok
19:57:05.0436 0388 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
19:57:05.0467 0388 idsvc - ok
19:57:05.0826 0388 [ 3FB253E8059A1AAC3A8B83A31D094CC5 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
19:57:06.0107 0388 igfx - ok
19:57:06.0138 0388 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:57:06.0153 0388 iirsp - ok
19:57:06.0200 0388 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
19:57:06.0278 0388 IKEEXT - ok
19:57:06.0434 0388 [ 112A84BD9A31C59826AC2979D451F0DA ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
19:57:06.0559 0388 IntcAzAudAddService - ok
19:57:06.0590 0388 [ 6C9FFFECA9FED31347D211C5D1FFBD2D ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
19:57:06.0621 0388 IntcDAud - ok
19:57:06.0653 0388 [ 832CE330DD987227B7DEA8C03F22AEFA ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
19:57:06.0684 0388 Intel(R) Capability Licensing Service Interface - ok
19:57:06.0746 0388 [ 5A8C154DE7DDEE8ADA3375CC76C4351F ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
19:57:06.0762 0388 Intel(R) ME Service - ok
19:57:06.0809 0388 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
19:57:06.0824 0388 intelide - ok
19:57:06.0855 0388 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:57:06.0871 0388 intelppm - ok
19:57:06.0902 0388 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:57:06.0965 0388 IPBusEnum - ok
19:57:06.0980 0388 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:57:07.0027 0388 IpFilterDriver - ok
19:57:07.0058 0388 [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:57:07.0121 0388 iphlpsvc - ok
19:57:07.0136 0388 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
19:57:07.0152 0388 IPMIDRV - ok
19:57:07.0183 0388 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
19:57:07.0230 0388 IPNAT - ok
19:57:07.0261 0388 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:57:07.0292 0388 IRENUM - ok
19:57:07.0308 0388 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:57:07.0323 0388 isapnp - ok
19:57:07.0339 0388 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
19:57:07.0370 0388 iScsiPrt - ok
19:57:07.0386 0388 [ 846354992EBB373F452EB9182D501B08 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
19:57:07.0401 0388 iusb3hcs - ok
19:57:07.0433 0388 [ 1D88A23853387D34D52CC8F9DDBFC56C ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
19:57:07.0464 0388 iusb3hub - ok
19:57:07.0511 0388 [ FC5EFD7C797DF19DFB999F0605A7924E ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
19:57:07.0542 0388 iusb3xhc - ok
19:57:07.0573 0388 [ 13E838EA8652F8451F29301D3B56B17B ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
19:57:07.0604 0388 jhi_service - ok
19:57:07.0635 0388 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:57:07.0651 0388 kbdclass - ok
19:57:07.0667 0388 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
19:57:07.0682 0388 kbdhid - ok
19:57:07.0698 0388 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
19:57:07.0713 0388 KeyIso - ok
19:57:07.0745 0388 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:57:07.0760 0388 KSecDD - ok
19:57:07.0776 0388 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
19:57:07.0791 0388 KSecPkg - ok
19:57:07.0791 0388 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
19:57:07.0854 0388 ksthunk - ok
19:57:07.0885 0388 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
19:57:07.0947 0388 KtmRm - ok
19:57:07.0994 0388 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
19:57:08.0041 0388 LanmanServer - ok
19:57:08.0072 0388 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:57:08.0119 0388 LanmanWorkstation - ok
19:57:08.0181 0388 [ 6BB516A31DE232DAB436FF3A117E1E80 ] Live Updater Service C:\Program Files\Acer\Acer Updater\UpdaterService.exe
19:57:08.0197 0388 Live Updater Service - ok
19:57:08.0228 0388 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:57:08.0291 0388 lltdio - ok
19:57:08.0306 0388 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:57:08.0369 0388 lltdsvc - ok
19:57:08.0384 0388 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:57:08.0447 0388 lmhosts - ok
19:57:08.0478 0388 [ BD9457699AC9C1A0FE43398043617279 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
19:57:08.0493 0388 LMS - ok
19:57:08.0525 0388 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:57:08.0540 0388 LSI_FC - ok
19:57:08.0556 0388 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:57:08.0571 0388 LSI_SAS - ok
19:57:08.0587 0388 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
19:57:08.0603 0388 LSI_SAS2 - ok
19:57:08.0618 0388 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:57:08.0634 0388 LSI_SCSI - ok
19:57:08.0634 0388 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
19:57:08.0696 0388 luafv - ok
19:57:08.0743 0388 [ 922CBAC7B992B9614CAB7122F4BF9406 ] ManyCam C:\Windows\system32\DRIVERS\mcvidrv_x64.sys
19:57:08.0759 0388 ManyCam - ok
19:57:08.0805 0388 [ 34A42DD7CF525D0D2C5232916496E4B8 ] mcaudrv_simple C:\Windows\system32\drivers\mcaudrv_x64.sys
19:57:08.0821 0388 mcaudrv_simple - ok
19:57:08.0852 0388 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:57:08.0868 0388 Mcx2Svc - ok
19:57:08.0883 0388 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\drivers\megasas.sys
19:57:08.0899 0388 megasas - ok
19:57:08.0915 0388 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
19:57:08.0946 0388 MegaSR - ok
19:57:08.0977 0388 [ 6B01B7414A105B9E51652089A03027CF ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
19:57:08.0993 0388 MEIx64 - ok
19:57:09.0024 0388 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
19:57:09.0086 0388 MMCSS - ok
19:57:09.0086 0388 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
19:57:09.0149 0388 Modem - ok
19:57:09.0164 0388 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:57:09.0180 0388 monitor - ok
19:57:09.0195 0388 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:57:09.0211 0388 mouclass - ok
19:57:09.0242 0388 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:57:09.0258 0388 mouhid - ok
19:57:09.0258 0388 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
19:57:09.0273 0388 mountmgr - ok
19:57:09.0336 0388 [ 46297FA8E30A6007F14118FC2B942FBC ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
19:57:09.0367 0388 MozillaMaintenance - ok
19:57:09.0398 0388 [ 94C66EDEDCDB6A126880472F9A704D8E ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
19:57:09.0445 0388 MpFilter - ok
19:57:09.0461 0388 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
19:57:09.0492 0388 mpio - ok
19:57:09.0492 0388 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:57:09.0554 0388 mpsdrv - ok
19:57:09.0601 0388 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:57:09.0663 0388 MpsSvc - ok
19:57:09.0695 0388 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:57:09.0710 0388 MRxDAV - ok
19:57:09.0741 0388 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:57:09.0757 0388 mrxsmb - ok
19:57:09.0773 0388 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:57:09.0804 0388 mrxsmb10 - ok
19:57:09.0819 0388 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:57:09.0835 0388 mrxsmb20 - ok
19:57:09.0851 0388 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
19:57:09.0866 0388 msahci - ok
19:57:09.0882 0388 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:57:09.0913 0388 msdsm - ok
19:57:09.0929 0388 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
19:57:09.0944 0388 MSDTC - ok
19:57:09.0960 0388 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:57:10.0007 0388 Msfs - ok
19:57:10.0038 0388 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
19:57:10.0085 0388 mshidkmdf - ok
19:57:10.0100 0388 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:57:10.0116 0388 msisadrv - ok
19:57:10.0131 0388 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:57:10.0194 0388 MSiSCSI - ok
19:57:10.0194 0388 msiserver - ok
19:57:10.0209 0388 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:57:10.0272 0388 MSKSSRV - ok
19:57:10.0365 0388 [ 59FAAF2C83C8169EA20F9E335E418907 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
19:57:10.0397 0388 MsMpSvc - ok
19:57:10.0412 0388 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:57:10.0459 0388 MSPCLOCK - ok
19:57:10.0475 0388 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:57:10.0537 0388 MSPQM - ok
19:57:10.0553 0388 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:57:10.0584 0388 MsRPC - ok
19:57:10.0599 0388 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
19:57:10.0615 0388 mssmbios - ok
19:57:10.0615 0388 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:57:10.0677 0388 MSTEE - ok
19:57:10.0677 0388 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
19:57:10.0693 0388 MTConfig - ok
19:57:10.0709 0388 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
19:57:10.0724 0388 Mup - ok
19:57:10.0755 0388 [ C009123B206C56854F4E88596035231D ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
19:57:10.0771 0388 mwlPSDFilter - ok
19:57:10.0802 0388 [ BF3739EEB9F008B1DEBAC115089A53F8 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
19:57:10.0818 0388 mwlPSDNServ - ok
19:57:10.0833 0388 [ 38DD143D95E7A01B86F219DDA9C28779 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
19:57:10.0849 0388 mwlPSDVDisk - ok
19:57:10.0896 0388 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
19:57:10.0958 0388 napagent - ok
19:57:10.0989 0388 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:57:11.0005 0388 NativeWifiP - ok
19:57:11.0083 0388 [ C38B8AE57F78915905064A9A24DC1586 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:57:11.0130 0388 NDIS - ok
19:57:11.0145 0388 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
19:57:11.0208 0388 NdisCap - ok
19:57:11.0239 0388 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:57:11.0286 0388 NdisTapi - ok
19:57:11.0301 0388 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:57:11.0348 0388 Ndisuio - ok
19:57:11.0364 0388 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:57:11.0411 0388 NdisWan - ok
19:57:11.0426 0388 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:57:11.0473 0388 NDProxy - ok
19:57:11.0473 0388 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:57:11.0535 0388 NetBIOS - ok
19:57:11.0535 0388 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
19:57:11.0598 0388 NetBT - ok
19:57:11.0598 0388 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
19:57:11.0629 0388 Netlogon - ok
19:57:11.0660 0388 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
19:57:11.0723 0388 Netman - ok
19:57:11.0738 0388 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
19:57:11.0801 0388 netprofm - ok
19:57:11.0832 0388 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:57:11.0863 0388 NetTcpPortSharing - ok
19:57:11.0894 0388 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:57:11.0910 0388 nfrd960 - ok
19:57:11.0941 0388 [ 91B4E0273D2F6C24EF845F2B41311289 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
19:57:11.0957 0388 NisDrv - ok
19:57:11.0988 0388 [ 10A43829A9E606AF3EEF25A1C1665923 ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
19:57:12.0019 0388 NisSrv - ok
19:57:12.0035 0388 [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc C:\Windows\System32\nlasvc.dll
19:57:12.0097 0388 NlaSvc - ok
19:57:12.0097 0388 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:57:12.0159 0388 Npfs - ok
19:57:12.0175 0388 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
19:57:12.0222 0388 nsi - ok
19:57:12.0237 0388 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:57:12.0284 0388 nsiproxy - ok
19:57:12.0347 0388 [ A2F74975097F52A00745F9637451FDD8 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:57:12.0409 0388 Ntfs - ok
19:57:12.0471 0388 [ D27A4546417ED7C4AEA7B3420D4F1F50 ] NTI IScheduleSvc C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe
19:57:12.0503 0388 NTI IScheduleSvc - ok
19:57:12.0518 0388 [ EE3BA1024594D5D09E314F206B94069E ] NTIDrvr C:\Windows\system32\drivers\NTIDrvr.sys
19:57:12.0534 0388 NTIDrvr - ok
19:57:12.0549 0388 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
19:57:12.0612 0388 Null - ok
19:57:12.0627 0388 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:57:12.0643 0388 nvraid - ok
19:57:12.0659 0388 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:57:12.0674 0388 nvstor - ok
19:57:12.0705 0388 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:57:12.0721 0388 nv_agp - ok
19:57:12.0737 0388 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
19:57:12.0752 0388 ohci1394 - ok
19:57:12.0783 0388 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
19:57:12.0815 0388 p2pimsvc - ok
19:57:12.0830 0388 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
19:57:12.0861 0388 p2psvc - ok
19:57:12.0893 0388 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\drivers\parport.sys
19:57:12.0908 0388 Parport - ok
19:57:12.0924 0388 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:57:12.0939 0388 partmgr - ok
19:57:12.0955 0388 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
19:57:12.0986 0388 PcaSvc - ok
19:57:13.0002 0388 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
19:57:13.0033 0388 pci - ok
19:57:13.0049 0388 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
19:57:13.0064 0388 pciide - ok
19:57:13.0080 0388 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:57:13.0095 0388 pcmcia - ok
19:57:13.0111 0388 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
19:57:13.0127 0388 pcw - ok
19:57:13.0142 0388 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:57:13.0205 0388 PEAUTH - ok
19:57:13.0314 0388 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
19:57:13.0345 0388 PerfHost - ok
19:57:13.0439 0388 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
19:57:13.0532 0388 pla - ok
19:57:13.0610 0388 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:57:13.0641 0388 PlugPlay - ok
19:57:13.0673 0388 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
19:57:13.0688 0388 PNRPAutoReg - ok
19:57:13.0704 0388 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
19:57:13.0735 0388 PNRPsvc - ok
19:57:13.0766 0388 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:57:13.0829 0388 PolicyAgent - ok
19:57:13.0844 0388 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
19:57:13.0907 0388 Power - ok
19:57:13.0953 0388 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:57:14.0000 0388 PptpMiniport - ok
19:57:14.0016 0388 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\drivers\processr.sys
19:57:14.0031 0388 Processor - ok
19:57:14.0063 0388 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:57:14.0094 0388 ProfSvc - ok
19:57:14.0094 0388 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:57:14.0125 0388 ProtectedStorage - ok
19:57:14.0141 0388 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
19:57:14.0187 0388 Psched - ok
19:57:14.0234 0388 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:57:14.0297 0388 ql2300 - ok
19:57:14.0312 0388 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:57:14.0328 0388 ql40xx - ok
19:57:14.0359 0388 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
19:57:14.0390 0388 QWAVE - ok
19:57:14.0390 0388 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:57:14.0421 0388 QWAVEdrv - ok
19:57:14.0437 0388 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:57:14.0499 0388 RasAcd - ok
19:57:14.0531 0388 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
19:57:14.0593 0388 RasAgileVpn - ok
19:57:14.0609 0388 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
19:57:14.0655 0388 RasAuto - ok
19:57:14.0687 0388 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:57:14.0733 0388 Rasl2tp - ok
19:57:14.0765 0388 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
19:57:14.0811 0388 RasMan - ok
19:57:14.0827 0388 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:57:14.0874 0388 RasPppoe - ok
19:57:14.0889 0388 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:57:14.0936 0388 RasSstp - ok
19:57:14.0952 0388 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:57:15.0014 0388 rdbss - ok
19:57:15.0030 0388 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
19:57:15.0045 0388 rdpbus - ok
19:57:15.0061 0388 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:57:15.0123 0388 RDPCDD - ok
19:57:15.0139 0388 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:57:15.0186 0388 RDPENCDD - ok
19:57:15.0201 0388 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
19:57:15.0264 0388 RDPREFMP - ok
19:57:15.0295 0388 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:57:15.0311 0388 RDPWD - ok
19:57:15.0342 0388 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
19:57:15.0357 0388 rdyboost - ok
19:57:15.0389 0388 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
19:57:15.0451 0388 RemoteAccess - ok
19:57:15.0482 0388 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:57:15.0529 0388 RemoteRegistry - ok
19:57:15.0576 0388 [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:57:15.0591 0388 RFCOMM - ok
19:57:15.0623 0388 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
19:57:15.0669 0388 RpcEptMapper - ok
19:57:15.0701 0388 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
19:57:15.0716 0388 RpcLocator - ok
19:57:15.0747 0388 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\system32\rpcss.dll
19:57:15.0810 0388 RpcSs - ok
19:57:15.0841 0388 [ 7D9A999CCBB82020321BCCFEB9BB3C91 ] RSBASTOR C:\Windows\system32\DRIVERS\RtsBaStor.sys
19:57:15.0857 0388 RSBASTOR - ok
19:57:15.0857 0388 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:57:15.0919 0388 rspndr - ok
19:57:15.0966 0388 [ C5CD940EFFADE1F6246730BCA14E9FE6 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
19:57:15.0997 0388 RTL8167 - ok
19:57:15.0997 0388 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
19:57:16.0013 0388 SamSs - ok
19:57:16.0044 0388 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:57:16.0059 0388 sbp2port - ok
19:57:16.0075 0388 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:57:16.0137 0388 SCardSvr - ok
19:57:16.0153 0388 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
19:57:16.0200 0388 scfilter - ok
19:57:16.0231 0388 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
19:57:16.0309 0388 Schedule - ok
19:57:16.0340 0388 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
19:57:16.0387 0388 SCPolicySvc - ok
19:57:16.0403 0388 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:57:16.0418 0388 SDRSVC - ok
19:57:16.0449 0388 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:57:16.0496 0388 secdrv - ok
19:57:16.0512 0388 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
19:57:16.0559 0388 seclogon - ok
19:57:16.0605 0388 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
19:57:16.0683 0388 SENS - ok
19:57:16.0715 0388 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
19:57:16.0730 0388 SensrSvc - ok
19:57:16.0746 0388 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\drivers\serenum.sys
19:57:16.0761 0388 Serenum - ok
19:57:16.0793 0388 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\drivers\serial.sys
19:57:16.0808 0388 Serial - ok
19:57:16.0824 0388 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:57:16.0839 0388 sermouse - ok
19:57:16.0886 0388 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
19:57:16.0933 0388 SessionEnv - ok
19:57:16.0949 0388 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:57:16.0980 0388 sffdisk - ok
19:57:16.0980 0388 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:57:17.0011 0388 sffp_mmc - ok
19:57:17.0027 0388 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:57:17.0042 0388 sffp_sd - ok
19:57:17.0058 0388 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:57:17.0073 0388 sfloppy - ok
19:57:17.0105 0388 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:57:17.0167 0388 SharedAccess - ok
19:57:17.0198 0388 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:57:17.0245 0388 ShellHWDetection - ok
19:57:17.0276 0388 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
19:57:17.0292 0388 SiSRaid2 - ok
19:57:17.0307 0388 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:57:17.0323 0388 SiSRaid4 - ok
19:57:17.0463 0388 [ 753D254205E0A62100A050BD8B458D06 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
19:57:17.0557 0388 Skype C2C Service - ok
19:57:17.0604 0388 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
19:57:17.0619 0388 SkypeUpdate - ok
19:57:17.0651 0388 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:57:17.0713 0388 Smb - ok
19:57:17.0744 0388 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:57:17.0775 0388 SNMPTRAP - ok
19:57:17.0791 0388 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
19:57:17.0807 0388 spldr - ok
19:57:17.0853 0388 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
19:57:17.0869 0388 Spooler - ok
19:57:17.0963 0388 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
19:57:18.0087 0388 sppsvc - ok
19:57:18.0103 0388 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
19:57:18.0150 0388 sppuinotify - ok
19:57:18.0197 0388 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
19:57:18.0212 0388 srv - ok
19:57:18.0228 0388 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:57:18.0243 0388 srv2 - ok
19:57:18.0259 0388 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:57:18.0275 0388 srvnet - ok
19:57:18.0306 0388 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:57:18.0368 0388 SSDPSRV - ok
19:57:18.0399 0388 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:57:18.0446 0388 SstpSvc - ok
19:57:18.0477 0388 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\drivers\stexstor.sys
19:57:18.0493 0388 stexstor - ok
19:57:18.0540 0388 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
19:57:18.0571 0388 stisvc - ok
19:57:18.0587 0388 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
19:57:18.0602 0388 swenum - ok
19:57:18.0633 0388 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
19:57:18.0696 0388 swprv - ok
19:57:18.0743 0388 [ 0A535B4F638D5BBCF3EE6C997BF33892 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
19:57:18.0774 0388 SynTP - ok
19:57:18.0836 0388 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
19:57:18.0883 0388 SysMain - ok
19:57:18.0899 0388 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:57:18.0930 0388 TabletInputService - ok
19:57:18.0945 0388 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:57:19.0008 0388 TapiSrv - ok
19:57:19.0023 0388 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
19:57:19.0070 0388 TBS - ok
19:57:19.0148 0388 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:57:19.0211 0388 Tcpip - ok
19:57:19.0289 0388 [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
19:57:19.0351 0388 TCPIP6 - ok
19:57:19.0382 0388 [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:57:19.0429 0388 tcpipreg - ok
19:57:19.0460 0388 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:57:19.0476 0388 TDPIPE - ok
19:57:19.0491 0388 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:57:19.0507 0388 TDTCP - ok
19:57:19.0523 0388 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:57:19.0569 0388 tdx - ok
19:57:19.0585 0388 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
19:57:19.0601 0388 TermDD - ok
19:57:19.0632 0388 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
19:57:19.0694 0388 TermService - ok
19:57:19.0710 0388 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
19:57:19.0741 0388 Themes - ok
19:57:19.0757 0388 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
19:57:19.0803 0388 THREADORDER - ok
19:57:19.0819 0388 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
19:57:19.0881 0388 TrkWks - ok
19:57:19.0944 0388 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:57:20.0006 0388 TrustedInstaller - ok
19:57:20.0022 0388 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:57:20.0069 0388 tssecsrv - ok
19:57:20.0100 0388 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
19:57:20.0115 0388 TsUsbFlt - ok
19:57:20.0131 0388 [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
19:57:20.0147 0388 TsUsbGD - ok
19:57:20.0162 0388 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:57:20.0225 0388 tunnel - ok
19:57:20.0240 0388 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:57:20.0256 0388 uagp35 - ok
19:57:20.0271 0388 [ A17D5E1A6DF4EAB0A480F2C490DE4C9D ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
19:57:20.0287 0388 UBHelper - ok
19:57:20.0303 0388 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:57:20.0365 0388 udfs - ok
19:57:20.0412 0388 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:57:20.0427 0388 UI0Detect - ok
19:57:20.0459 0388 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:57:20.0474 0388 uliagpkx - ok
19:57:20.0490 0388 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:57:20.0505 0388 umbus - ok
19:57:20.0521 0388 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\drivers\umpass.sys
19:57:20.0537 0388 UmPass - ok
19:57:20.0599 0388 [ F76057596EF65049869098677AB72C30 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
19:57:20.0630 0388 UNS - ok
19:57:20.0646 0388 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
19:57:20.0708 0388 upnphost - ok
19:57:20.0755 0388 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:57:20.0786 0388 usbaudio - ok
19:57:20.0786 0388 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:57:20.0802 0388 usbccgp - ok
19:57:20.0817 0388 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:57:20.0849 0388 usbcir - ok
19:57:20.0849 0388 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\drivers\usbehci.sys
19:57:20.0864 0388 usbehci - ok
19:57:20.0895 0388 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\drivers\usbhub.sys
19:57:20.0911 0388 usbhub - ok
19:57:20.0942 0388 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:57:20.0958 0388 usbohci - ok
19:57:20.0958 0388 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:57:20.0989 0388 usbprint - ok
19:57:21.0020 0388 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:57:21.0036 0388 usbscan - ok
19:57:21.0051 0388 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:57:21.0067 0388 USBSTOR - ok
19:57:21.0083 0388 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
19:57:21.0098 0388 usbuhci - ok
19:57:21.0114 0388 [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
19:57:21.0145 0388 usbvideo - ok
19:57:21.0176 0388 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
19:57:21.0223 0388 UxSms - ok
19:57:21.0270 0388 [ 5A4ECE62C12C78B9F07644FDA9BB5D33 ] V0640Vid C:\Windows\system32\DRIVERS\V0640Vid.sys
19:57:21.0285 0388 V0640Vid - ok
19:57:21.0301 0388 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
19:57:21.0317 0388 VaultSvc - ok
19:57:21.0332 0388 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
19:57:21.0348 0388 vdrvroot - ok
19:57:21.0379 0388 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
19:57:21.0441 0388 vds - ok
19:57:21.0473 0388 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:57:21.0488 0388 vga - ok
19:57:21.0488 0388 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
19:57:21.0551 0388 VgaSave - ok
19:57:21.0566 0388 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
19:57:21.0582 0388 vhdmp - ok
19:57:21.0597 0388 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
19:57:21.0613 0388 viaide - ok
19:57:21.0629 0388 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:57:21.0644 0388 volmgr - ok
19:57:21.0660 0388 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:57:21.0675 0388 volmgrx - ok
19:57:21.0722 0388 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:57:21.0738 0388 volsnap - ok
19:57:21.0785 0388 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:57:21.0816 0388 vsmraid - ok
19:57:21.0863 0388 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
19:57:21.0941 0388 VSS - ok
19:57:21.0956 0388 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
19:57:21.0972 0388 vwifibus - ok
19:57:21.0987 0388 [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
19:57:22.0003 0388 vwififlt - ok
19:57:22.0034 0388 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
19:57:22.0097 0388 W32Time - ok
19:57:22.0112 0388 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:57:22.0128 0388 WacomPen - ok
19:57:22.0206 0388 [ 4AA2CC5979AFF984227364F2C23B04F3 ] WajamUpdater C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe
19:57:22.0221 0388 WajamUpdater ( UnsignedFile.Multi.Generic ) - warning
19:57:22.0221 0388 WajamUpdater - detected UnsignedFile.Multi.Generic (1)
19:57:22.0237 0388 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
19:57:22.0299 0388 WANARP - ok
19:57:22.0299 0388 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:57:22.0362 0388 Wanarpv6 - ok
19:57:22.0409 0388 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
19:57:22.0440 0388 wbengine - ok
19:57:22.0471 0388 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
19:57:22.0502 0388 WbioSrvc - ok
19:57:22.0518 0388 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:57:22.0549 0388 wcncsvc - ok
19:57:22.0565 0388 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:57:22.0580 0388 WcsPlugInService - ok
19:57:22.0596 0388 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\drivers\wd.sys
19:57:22.0611 0388 Wd - ok
19:57:22.0643 0388 [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:57:22.0674 0388 Wdf01000 - ok
19:57:22.0689 0388 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:57:22.0721 0388 WdiServiceHost - ok
19:57:22.0736 0388 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:57:22.0767 0388 WdiSystemHost - ok
19:57:22.0783 0388 [ F53CA9D2A8E69281AF8E6009B14326A3 ] Web Assistant Updater C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
19:57:22.0799 0388 Web Assistant Updater ( UnsignedFile.Multi.Generic ) - warning
19:57:22.0799 0388 Web Assistant Updater - detected UnsignedFile.Multi.Generic (1)
19:57:22.0814 0388 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
19:57:22.0845 0388 WebClient - ok
19:57:22.0877 0388 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:57:22.0939 0388 Wecsvc - ok
19:57:22.0955 0388 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:57:23.0017 0388 wercplsupport - ok
19:57:23.0048 0388 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
19:57:23.0095 0388 WerSvc - ok
19:57:23.0126 0388 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
19:57:23.0173 0388 WfpLwf - ok
19:57:23.0204 0388 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
19:57:23.0220 0388 WIMMount - ok
19:57:23.0251 0388 WinDefend - ok
19:57:23.0251 0388 WinHttpAutoProxySvc - ok
19:57:23.0313 0388 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:57:23.0407 0388 Winmgmt - ok
19:57:23.0469 0388 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
19:57:23.0563 0388 WinRM - ok
19:57:23.0610 0388 [ FE88B288356E7B47B74B13372ADD906D ] WinUSB C:\Windows\system32\DRIVERS\WinUSB.sys
19:57:23.0641 0388 WinUSB - ok
19:57:23.0672 0388 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
19:57:23.0703 0388 Wlansvc - ok
19:57:23.0766 0388 [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
19:57:23.0797 0388 wlcrasvc - ok
19:57:23.0891 0388 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
19:57:23.0969 0388 wlidsvc - ok
19:57:23.0984 0388 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
19:57:24.0000 0388 WmiAcpi - ok
19:57:24.0031 0388 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:57:24.0047 0388 wmiApSrv - ok
19:57:24.0093 0388 WMPNetworkSvc - ok
19:57:24.0171 0388 [ 83B6CA03C846FCD47F9883D77D1EB27B ] WMZuneComm C:\Program Files\Zune\WMZuneComm.exe
19:57:24.0203 0388 WMZuneComm - ok
19:57:24.0249 0388 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:57:24.0265 0388 WPCSvc - ok
19:57:24.0281 0388 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:57:24.0296 0388 WPDBusEnum - ok
19:57:24.0327 0388 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:57:24.0390 0388 ws2ifsl - ok
19:57:24.0405 0388 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
19:57:24.0437 0388 wscsvc - ok
19:57:24.0437 0388 WSearch - ok
19:57:24.0515 0388 [ 08B4C9640B24A1E060A55488CCD3EFD4 ] WTGService C:\Program Files (x86)\XSManager\WTGService.exe
19:57:24.0546 0388 WTGService - ok
19:57:24.0624 0388 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
19:57:24.0702 0388 wuauserv - ok
19:57:24.0717 0388 [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
19:57:24.0780 0388 WudfPf - ok
19:57:24.0811 0388 [ CF8D590BE3373029D57AF80914190682 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:57:24.0858 0388 WUDFRd - ok
19:57:24.0873 0388 [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:57:24.0936 0388 wudfsvc - ok
19:57:24.0951 0388 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
19:57:24.0983 0388 WwanSvc - ok
19:57:25.0014 0388 [ 342A8A4B8C85AD532451A5F1401D24CC ] ZAtheros Wlan Agent C:\Program Files (x86)\Atheros\Ath_WlanAgent.exe
19:57:25.0014 0388 ZAtheros Wlan Agent - ok
19:57:25.0232 0388 [ 67B787C34FB2888D01B130AE007042D8 ] ZuneNetworkSvc C:\Program Files\Zune\ZuneNss.exe
19:57:25.0451 0388 ZuneNetworkSvc - ok
19:57:25.0497 0388 [ 4D89FC1C20CF655739EFAC5DA81A67BC ] ZuneWlanCfgSvc C:\Program Files\Zune\ZuneWlanCfgSvc.exe
19:57:25.0544 0388 ZuneWlanCfgSvc - ok
19:57:25.0560 0388 ================ Scan global ===============================
19:57:25.0575 0388 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
19:57:25.0607 0388 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
19:57:25.0622 0388 [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
19:57:25.0653 0388 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
19:57:25.0685 0388 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
19:57:25.0700 0388 [Global] - ok
19:57:25.0700 0388 ================ Scan MBR ==================================
19:57:25.0716 0388 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:57:26.0309 0388 \Device\Harddisk0\DR0 - ok
19:57:26.0309 0388 ================ Scan VBR ==================================
19:57:26.0324 0388 [ CD2469EFC11C6133EFBBF248E35DC767 ] \Device\Harddisk0\DR0\Partition1
19:57:26.0324 0388 \Device\Harddisk0\DR0\Partition1 - ok
19:57:26.0371 0388 [ 9BB8399544E0904E12C7695CFDF0CF1D ] \Device\Harddisk0\DR0\Partition2
19:57:26.0371 0388 \Device\Harddisk0\DR0\Partition2 - ok
19:57:26.0371 0388 ============================================================
19:57:26.0371 0388 Scan finished
19:57:26.0371 0388 ============================================================
19:57:26.0387 4464 Detected object count: 2
19:57:26.0387 4464 Actual detected object count: 2
19:57:35.0559 4464 WajamUpdater ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:35.0559 4464 WajamUpdater ( UnsignedFile.Multi.Generic ) - User select action: Skip
19:57:35.0559 4464 Web Assistant Updater ( UnsignedFile.Multi.Generic ) - skipped by user
19:57:35.0559 4464 Web Assistant Updater ( UnsignedFile.Multi.Generic ) - User select action: Skip


Und wie gehts weiter ?

Gruß
Muschelkram

Alt 06.09.2012, 17:25   #10
markusg
/// Malware-holic
 
Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen? - Standard

Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen?


sorry war nicht gesund.
lade den CCleaner standard:
CCleaner Download - CCleaner 3.22.1800
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 06.09.2012, 18:58   #11
muschelkram
 
Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen? - Standard

Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen?


Hallo markusg !

Hoffentlich bist Du jetzt wieder gesund und hast genug Kraft, um mir Hilfestellung zu leisten ?!

Ich kann leider nicht wirklich sagen, welche Programme meine Tochter tatsächlich benötigt, und welche nicht !?

Ich weiß, sie benutzt Skype, ihre Web-Cam, Facebook und bearbeitet Fotos.
Demnach wäre alles andere unnötig!

Wenn wir ihr hier was weglöschen, was sie dann vielleicht dch nochmal braucht, kann sie sich das doch wieder neu draufladen, oder ?!

Mir stürzt hier ständig das Internet ab.
Also.

Was machen wir?
Gruß Muschelkram

Ich hab da jetzt mal einiges versucht rauszufiltern.

Ich kenn mich einfach nicht aus. Sorry.

Bitteschööön:

Acer Backup Manager NTI Corporation 28.03.2012 337MB 3.0.0.100 notwendig
Acer Crystal Eye Webcam CyberLink Corp. 12.05.2012 41,3MB 1.5.2624.00 notwendig
Acer ePower Management Acer Incorporated 12.05.2012 6.00.3010 notwendig
Acer eRecovery Management Acer Incorporated 12.05.2012 5.00.3507 notwendig
Acer Games WildTangent 28.03.2012 1.0.2.5notwendig
Acer Instant Update Service Acer Incorporated 12.05.2012 9,42MB 1.00.3004
Acer Registration Acer Incorporated 12.05.2012 1.04.3506
Acer ScreenSaver Acer Incorporated 12.05.2012 20.11.1107.1418
Acer Updater Acer Incorporated 28.03.2012 1.02.3501 notwendig
ActiveX контрола на Windows Live Mesh за отдалечени връзки Microsoft Corporation 26.07.2012 5,57MB 15.4.5722.2
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
Adobe AIR Adobe Systems Incorporated 24.07.2012 3.3.0.3670
Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 15.08.2012 6,00MB 11.3.300.271
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 15.08.2012 6,00MB 11.3.300.271
Adobe Reader X (10.1.0) MUI Adobe Systems Incorporated 28.03.2012 477MB 10.1.0
Atheros Bluetooth Suite (64) Atheros 12.05.2012 53,0MB 7.4.0.126
Atheros Driver Installation Program Atheros 12.05.2012 10.0
BabylonObjectInstaller Babylon Ltd 24.07.2012 2,10MB 2.0.0.3
Bing Bar Microsoft Corporation 12.05.2012 27,0MB 7.0.765.0
CCleaner Piriform 22.08.2012 3.22 notwendig
clear.fi Media Acer Incorporated 12.05.2012 2.00.3004
clear.fi Media Acer Incorporated 12.05.2012 2.00.3004
clear.fi Photo Acer Incorporated 12.05.2012 2.00.3004
clear.fi Photo Acer Incorporated 12.05.2012 2.00.3004
Control ActiveX de Windows Live Mesh para conexiones remotas Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
Control ActiveX del Windows Live Mesh per a connexions remotes Microsoft Corporation 26.07.2012 5,57MB 15.4.5722.2
Control ActiveX Windows Live Mesh pentru conexiuni la distanță Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
Controle ActiveX do Windows Live Mesh para Conexões Remotas Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
Controlo ActiveX do Windows Live Mesh para Ligações Remotas Microsoft Corporation 26.07.2012 5,57MB 15.4.5722.2
Contrôle ActiveX Windows Live Mesh pour connexions à distance Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
Creative Live! Cam Socialize (VF0640) (1.00.05.00) Creative Technology Ltd. 28.07.2012
CyberLink MediaEspresso CyberLink Corp. 12.05.2012 164MB 6.5.1720_38230
Dolby Advanced Audio v2 Dolby Laboratories Inc 12.05.2012 12,9MB 7.2.7000.7
Evernote v. 4.5.2 Evernote Corp. 28.03.2012 170MB 4.5.2.5866
Facebook Video Calling 1.2.0.159 Skype Limited 24.07.2012 4,76MB 1.2.159 notwendig
Fooz Kids FUHU, Inc. 28.03.2012 3.1.2
Fooz Kids Platform FUHU, Inc. 28.03.2012 2.1
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
Free YouTube Download version 3.1.31.706 DVDVideoSoft Ltd. 24.07.2012 87,1MB 3.1.31.706 notwendig
Identity Card Acer Incorporated 12.05.2012 1.00.3501 notwendig
Intel(R) Manageability Engine Firmware Recovery Agent Intel Corporation 12.05.2012 54,8MB 1.0.0.35342
Intel(R) Management Engine Components Intel Corporation 12.05.2012 8.0.4.1441
Intel(R) OpenCL CPU Runtime Intel Corporation 12.05.2012
Intel(R) Processor Graphics Intel Corporation 12.05.2012 8.15.10.2712
Intel(R) Rapid Storage Technology Intel Corporation 02.09.2012 11.0.0.1032
Intel(R) USB 3.0 eXtensible Host Controller Driver Intel Corporation 12.05.2012 1.0.4.220
Intel® Trusted Connect Service Client Intel Corporation 12.05.2012 10,6MB 1.23.605.1
Internet-TV für Windows Media Center Microsoft Corporation 05.08.2012 13,6MB 4.2.2.0 notwendig
Kobo Kobo Inc. 21.07.2012 2.1.5
Kontrola Windows Live Mesh ActiveX za daljinske veze Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
Launch Manager Acer Inc. 12.05.2012 5.1.15
Malwarebytes Anti-Malware Version 1.62.0.1300 Malwarebytes Corporation 21.08.2012 18,7MB 1.62.0.1300 notwendig
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 22.07.2012 38,8MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 22.07.2012 2,93MB 4.0.30319
Microsoft Office 2010 Microsoft Corporation 12.05.2012 6,31MB 14.0.4763.1000
Microsoft Security Essentials Microsoft Corporation 02.09.2012 4.0.1526.0
Microsoft Silverlight Microsoft Corporation 22.07.2012 40,3MB 4.1.10329.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 28.03.2012 1,69MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 12.05.2012 290KB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 21.07.2012 838KB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 28.03.2012 596KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 12.05.2012 592KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 22.07.2012 598KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 12.05.2012 13,8MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 12.05.2012 11,1MB 10.0.40219
Mozilla Firefox 14.0.1 (x86 de) Mozilla 21.07.2012 36,2MB 14.0.1 notwendig
Mozilla Maintenance Service Mozilla 21.07.2012 199KB 14.0.1
MyWinLocker Suite Egis Technology Inc. 12.05.2012 2,63MB 4.0.14.19
newsXpresso esobi Inc. 28.03.2012 7,34MB 1.0.0.40 unbekannt
NTI Media Maker 9 NTI Corporation 28.03.2012 0,96GB 9.0.2.9006 notwendig
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení Microsoft Corporation 26.07.2012 5,57MB 15.4.5722.2
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
PhotoScape 21.07.2012 notwendig
Realtek Ethernet Controller Driver Realtek 12.05.2012 7.54.309.2012
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 12.05.2012 6.0.1.6577
Realtek PCIE Card Reader Realtek Semiconductor Corp. 12.05.2012 6.1.7601.27015
Skype Click to Call Skype Technologies S.A. 27.08.2012 30,2MB 6.2.10687 notwendig
Skype™ 5.10 Skype Technologies S.A. 22.07.2012 19,4MB 5.10.116
Synaptics Pointing Device Driver Synaptics Incorporated 12.05.2012 46,4MB 16.0.2.0
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
VirtualDJ Home FREE Atomix Productions 28.07.2012 49,4MB 7.0.5 notwendig
Wajam Wajam 23.07.2012 1.42
Web Assistant 2.0.0.455 IncrediBar 23.07.2012 2,02MB
Welcome Center Acer Incorporated 12.05.2012 1.02.3507
Windows Live Essentials Microsoft Corporation 26.07.2012 15.4.3555.0308 notwendig
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
Windows Live Mesh ActiveX Control for Remote Connections Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
Windows Live Mesh ActiveX control for remote connections Microsoft Corporation 26.07.2012 5,57MB 15.4.5722.2
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
Windows Live Mesh ActiveX-objekt til fjernforbindelser Microsoft Corporation 26.07.2012 5,57MB 15.4.5722.2
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz Microsoft Corporation 26.07.2012 5,38MB 15.4.5722.2
Windows Live Meshin etäyhteyksien ActiveX-komponentti Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
XSManager XSManager 21.07.2012 3.0
Yontoo 1.10.02 Yontoo LLC 23.07.2012 1,29MB 1.10.02
Zune Microsoft Corporation 08.08.2012 04.08.2345.00 unbekannt
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις Microsoft Corporation 26.07.2012 5,57MB 15.4.5722.2
Элемент управления Windows Live Mesh ActiveX для удаленных подключений Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة Microsoft Corporation 26.07.2012 5,57MB 15.4.5722.2
ตัวควบคุม ActiveX ใน Windows Live Mesh สำหรับการเชื่อมต่อระยะไกล (ไทย) Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
適用遠端連線的 Windows Live Mesh ActiveX 控制項 Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2

Alt 07.09.2012, 18:04   #12
markusg
/// Malware-holic
 
Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen? - Standard

Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen?


hi, dann machs dir doch nicht so schwer, und frag sie :-)
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 07.09.2012, 19:11   #13
muschelkram
 
Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen? - Standard

Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen?


Hallo, hier ist Juliana, ich bin nur immer am Wochenende zu Hause.
Ich werds mir angucken, und sortieren.

Alt 11.09.2012, 14:54   #14
markusg
/// Malware-holic
 
Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen? - Standard

Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen?


gut, mach immer mit der rue, aber bevor wir nicht fertig sind, nciht so viel im netz surfen, sonst fängt er sichevtl wieder was
__________________
-Verdächtige mails bitte an uns zur Analyse weiterleiten:
markusg.trojaner-board@web.de
Weiterleiten
Anleitung:
http://markusg.trojaner-board.de
Mails bitte vorerst nach obiger Anleitung an
markusg.trojaner-board@web.de
Weiterleiten
Wenn Ihr uns unterstützen möchtet

Alt 11.09.2012, 21:16   #15
muschelkram
 
Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen? - Standard

Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen?


So hier :

Hab dann mal was gemacht..
________________________________________________________________


Acer Backup Manager NTI Corporation 28.03.2012 337MB 3.0.0.100 notwendig
Acer Crystal Eye Webcam CyberLink Corp. 12.05.2012 41,3MB 1.5.2624.00 notwendig
Acer ePower Management Acer Incorporated 12.05.2012 6.00.3010 notwendig
Acer eRecovery Management Acer Incorporated 12.05.2012 5.00.3507 notwendig
Acer Games WildTangent 28.03.2012 1.0.2.5notwendig
Acer Instant Update Service Acer Incorporated 12.05.2012 9,42MB 1.00.3004
Acer Registration Acer Incorporated 12.05.2012 1.04.3506
Acer ScreenSaver Acer Incorporated 12.05.2012 20.11.1107.1418
Acer Updater Acer Incorporated 28.03.2012 1.02.3501 notwendig
ActiveX контрола на Windows Live Mesh за отдалечени връзки Microsoft Corporation 26.07.2012 5,57MB 15.4.5722.2
ActiveX-kontroll för fjärranslutningar för Windows Live Mesh Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
Adobe AIR Adobe Systems Incorporated 24.07.2012 3.3.0.3670
Adobe Flash Player 11 ActiveX Adobe Systems Incorporated 15.08.2012 6,00MB 11.3.300.271
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 15.08.2012 6,00MB 11.3.300.271
Adobe Reader X (10.1.0) MUI Adobe Systems Incorporated 28.03.2012 477MB 10.1.0
Atheros Bluetooth Suite (64) Atheros 12.05.2012 53,0MB 7.4.0.126
Atheros Driver Installation Program Atheros 12.05.2012 10.0
BabylonObjectInstaller Babylon Ltd 24.07.2012 2,10MB 2.0.0.3 unnötig
Bing Bar Microsoft Corporation 12.05.2012 27,0MB 7.0.765.0
CCleaner Piriform 22.08.2012 3.22 notwendig
clear.fi Media Acer Incorporated 12.05.2012 2.00.3004
clear.fi Media Acer Incorporated 12.05.2012 2.00.3004
clear.fi Photo Acer Incorporated 12.05.2012 2.00.3004
clear.fi Photo Acer Incorporated 12.05.2012 2.00.3004
Control ActiveX de Windows Live Mesh para conexiones remotas Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
Control ActiveX del Windows Live Mesh per a connexions remotes Microsoft Corporation 26.07.2012 5,57MB 15.4.5722.2
Control ActiveX Windows Live Mesh pentru conexiuni la distanță Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
Controle ActiveX do Windows Live Mesh para Conexões Remotas Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
Controlo ActiveX do Windows Live Mesh para Ligações Remotas Microsoft Corporation 26.07.2012 5,57MB 15.4.5722.2
Contrôle ActiveX Windows Live Mesh pour connexions à distance Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
Creative Live! Cam Socialize (VF0640) (1.00.05.00) Creative Technology Ltd. 28.07.2012 notwendig
CyberLink MediaEspresso CyberLink Corp. 12.05.2012 164MB 6.5.1720_38230
Dolby Advanced Audio v2 Dolby Laboratories Inc 12.05.2012 12,9MB 7.2.7000.7
Evernote v. 4.5.2 Evernote Corp. 28.03.2012 170MB 4.5.2.5866
Facebook Video Calling 1.2.0.159 Skype Limited 24.07.2012 4,76MB 1.2.159 notwendig
Fooz Kids FUHU, Inc. 28.03.2012 3.1.2
Fooz Kids Platform FUHU, Inc. 28.03.2012 2.1
Formant ActiveX programu Windows Live Mesh odpowiedzialny za obsługę połączeń zdalnych Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
Free YouTube Download version 3.1.31.706 DVDVideoSoft Ltd. 24.07.2012 87,1MB 3.1.31.706 notwendig
Identity Card Acer Incorporated 12.05.2012 1.00.3501 notwendig
Intel(R) Manageability Engine Firmware Recovery Agent Intel Corporation 12.05.2012 54,8MB 1.0.0.35342
Intel(R) Management Engine Components Intel Corporation 12.05.2012 8.0.4.1441
Intel(R) OpenCL CPU Runtime Intel Corporation 12.05.2012
Intel(R) Processor Graphics Intel Corporation 12.05.2012 8.15.10.2712
Intel(R) Rapid Storage Technology Intel Corporation 02.09.2012 11.0.0.1032
Intel(R) USB 3.0 eXtensible Host Controller Driver Intel Corporation 12.05.2012 1.0.4.220
Intel® Trusted Connect Service Client Intel Corporation 12.05.2012 10,6MB 1.23.605.1
Internet-TV für Windows Media Center Microsoft Corporation 05.08.2012 13,6MB 4.2.2.0 notwendig
Kobo Kobo Inc. 21.07.2012 2.1.5
Kontrola Windows Live Mesh ActiveX za daljinske veze Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
Kontrolnik Windows Live Mesh ActiveX za oddaljene povezave Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
Launch Manager Acer Inc. 12.05.2012 5.1.15
Malwarebytes Anti-Malware Version 1.62.0.1300 Malwarebytes Corporation 21.08.2012 18,7MB 1.62.0.1300 notwendig
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 22.07.2012 38,8MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 22.07.2012 2,93MB 4.0.30319
Microsoft Office 2010 Microsoft Corporation 12.05.2012 6,31MB 14.0.4763.1000
Microsoft Security Essentials Microsoft Corporation 02.09.2012 4.0.1526.0
Microsoft Silverlight Microsoft Corporation 22.07.2012 40,3MB 4.1.10329.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 28.03.2012 1,69MB 3.1.0000
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 12.05.2012 290KB 8.0.59193
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 21.07.2012 838KB 8.0.61000
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Corporation 28.03.2012 596KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Corporation 12.05.2012 592KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 22.07.2012 598KB 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Corporation 12.05.2012 13,8MB 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 12.05.2012 11,1MB 10.0.40219
Mozilla Firefox 14.0.1 (x86 de) Mozilla 21.07.2012 36,2MB 14.0.1 notwendig
Mozilla Maintenance Service Mozilla 21.07.2012 199KB 14.0.1
MyWinLocker Suite Egis Technology Inc. 12.05.2012 2,63MB 4.0.14.19
newsXpresso esobi Inc. 28.03.2012 7,34MB 1.0.0.40 unbekannt
NTI Media Maker 9 NTI Corporation 28.03.2012 0,96GB 9.0.2.9006 notwendig
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení Microsoft Corporation 26.07.2012 5,57MB 15.4.5722.2
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
PhotoScape 21.07.2012 notwendig
Realtek Ethernet Controller Driver Realtek 12.05.2012 7.54.309.2012
Realtek High Definition Audio Driver Realtek Semiconductor Corp. 12.05.2012 6.0.1.6577
Realtek PCIE Card Reader Realtek Semiconductor Corp. 12.05.2012 6.1.7601.27015
Skype Click to Call Skype Technologies S.A. 27.08.2012 30,2MB 6.2.10687 notwendig
Skype™ 5.10 Skype Technologies S.A. 22.07.2012 19,4MB 5.10.116 notwendig
Synaptics Pointing Device Driver Synaptics Incorporated 12.05.2012 46,4MB 16.0.2.0
Uzak Bağlantılar İçin Windows Live Mesh ActiveX Denetimi Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
VirtualDJ Home FREE Atomix Productions 28.07.2012 49,4MB 7.0.5 notwendig
Wajam Wajam 23.07.2012 1.42
Web Assistant 2.0.0.455 IncrediBar 23.07.2012 2,02MB
Welcome Center Acer Incorporated 12.05.2012 1.02.3507
Windows Live Essentials Microsoft Corporation 26.07.2012 15.4.3555.0308 notwendig
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
Windows Live Mesh ActiveX Control for Remote Connections Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
Windows Live Mesh ActiveX control for remote connections Microsoft Corporation 26.07.2012 5,57MB 15.4.5722.2
Windows Live Mesh ActiveX-kontroll for eksterne tilkoblinger Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
Windows Live Mesh ActiveX-objekt til fjernforbindelser Microsoft Corporation 26.07.2012 5,57MB 15.4.5722.2
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz Microsoft Corporation 26.07.2012 5,38MB 15.4.5722.2
Windows Live Meshin etäyhteyksien ActiveX-komponentti Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
XSManager XSManager 21.07.2012 3.0
Yontoo 1.10.02 Yontoo LLC 23.07.2012 1,29MB 1.10.02
Zune Microsoft Corporation 08.08.2012 04.08.2345.00 unbekannt
Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις Microsoft Corporation 26.07.2012 5,57MB 15.4.5722.2
Элемент управления Windows Live Mesh ActiveX для удаленных подключений Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة Microsoft Corporation 26.07.2012 5,57MB 15.4.5722.2
ตัวควบคุม ActiveX ใน Windows Live Mesh สำหรับการเชื่อมต่อระยะไกล (ไทย) Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2
適用遠端連線的 Windows Live Mesh ActiveX 控制項 Microsoft Corporation 26.07.2012 5,37MB 15.4.5722.2


___________________________________________________________________________

Also, ich hab mal geguckt, was Mama schon so geschrieben hat, und ich hab da noch bisschen was hinzugefügt,aber das Ding ist, ich weiß nicht, was wichtig für den Laptop ist, manche Sachen sollte man ja nicht deinstallieren, z.B. was zum Internet gehört, sowie "Microsoft .NET Framework 4....", ich weiß nämlich noch, als ich auf einem sehr alten Laptop hatte ich es deinstalliert, nur weil ich meinen Laptop einfach mal säubern wollte, dann ging das Internet nicht mehr.., also kenn ich das Problem.. trotzdem bin ich mir nicht soo sicher, was drauf bleiben sollte..

Antwort
Seite 1 von 2 1 2

Themen zu Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen?
administrator, anti-malware, appdata, autostart, browser, dateien, enfernen, explorer, gelöscht, gen, helper, install, install.exe, laptop, logfile, malware, malwarebytes, microsoft, plötzlich, problem, programme, scan, schnell, software, speicher, uninstall.exe


« gvu trojaner (mit webcam) loswerden | oqel.exe ??? »


Ähnliche Themen: Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen?


  1. Malwarebytes Anti-Malware meldet als bösartige Website blockiert
    Plagegeister aller Art und deren Bekämpfung - 21.10.2015 (13)
  2. Malwarebytes findet potenziell unerwünschte Programme
    Plagegeister aller Art und deren Bekämpfung - 12.08.2015 (31)
  3. Malwarebytes blockiert beim Start von Firefox eine bösartige Website
    Plagegeister aller Art und deren Bekämpfung - 31.03.2015 (64)
  4. Avira findet TR.Vawtrak.A.365 und kann ihn nicht dauerhaft löschen
    Log-Analyse und Auswertung - 07.08.2014 (32)
  5. Malwarebytes findet Befall von Koobface und OpenCandy-AWL kann Dateien nicht löschen
    Log-Analyse und Auswertung - 16.04.2014 (8)
  6. Windows 8 - Malewarebytes findet bösartige Viren
    Log-Analyse und Auswertung - 29.03.2014 (1)
  7. Kaspersky findet 7 Trojaner, kann aber nur 2 verarbeiten - malwarebytes findet nichts
    Plagegeister aller Art und deren Bekämpfung - 18.12.2013 (6)
  8. wie kann ich Lollipop enfernen?
    Plagegeister aller Art und deren Bekämpfung - 01.11.2013 (2)
  9. Malwarebytes findet immer wieder trojanische Programme
    Log-Analyse und Auswertung - 31.10.2013 (7)
  10. AVG findet 32 Rootkits,kann sie aber nicht eliminieren ,Malwarebytes findet nichts
    Plagegeister aller Art und deren Bekämpfung - 16.10.2013 (5)
  11. Malwarebytes zeigt mir über 500 bösartige Objekte.
    Plagegeister aller Art und deren Bekämpfung - 19.08.2013 (17)
  12. Windows 7 (64bit) - hyperaktive timeserver.exe - Malwarebytes kann Befall nicht dauerhaft entfernen
    Log-Analyse und Auswertung - 15.08.2013 (5)
  13. Ausgangslage TR/Crypt.XPACL.Gen3. - Malware findet über 100 bösartige Programme
    Log-Analyse und Auswertung - 01.06.2013 (27)
  14. Bösartige Programme; Avira Guard gestoppt
    Log-Analyse und Auswertung - 29.05.2012 (1)
  15. nach verschlüsselungstrojaner: malwarebytes findet ständig viren, kann sie nicht richtig entfernen
    Antiviren-, Firewall- und andere Schutzprogramme - 25.05.2012 (3)
  16. Malwarebytes findet "tyrdwirh.sys" und kann diese nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 25.01.2010 (1)
  17. Antivir 7 findet msclock32.dll, kann es aber nicht dauerhaft löschen
    Log-Analyse und Auswertung - 21.03.2006 (1)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen? - So ! Ich hab eben schon mal einen langen Text zu meinem Problem verfasst und plötzlich war er weg ! Ich weiß nicht wo er ist! Also nochmal: meine 15 - Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen?...
Archiv
Du betrachtest: Malwarebytes findet bösartige Programme ! Wie kann ich sie dauerhaft enfernen? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54