Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: PC Performer lässt sich nicht löschen

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 12.11.2012, 20:52   #1
sacet
 
PC Performer lässt sich nicht löschen - Standard

PC Performer lässt sich nicht löschen



Hey Leute,

ich wollte mir gestern ein Programm runterladen, welches eine Musikdatei in eine andere (CD in .mp3) konvertiert. Nach dem download (SOFTONIC!!) öffnete sich plötzlich PC Performer und hat einen Scan durchgeführt. Ich hab das Programm sofort geschlossen und versucht es per Systemsteuerung -> Programme und Funktionen zu löschen. Jedoch kommt die Nachricht "Messages file "C:\Program Files (x86)\PC Performer\unins000.msg" is missing. Please correct the problem or obtain a new copy of the program." Genauso wollte ich Browser Defender 3.0 löschen, aber es kam dieselbe Nachricht (unins. missing..). Hab danach einen Quick-Scan mit Malwarebytes durchgeführt und es hat paar Infektionen gefunden. Nach dem Neustart öffnet sich wieder PC Performer. Hatte aber nichts im Autostart davon gefunden. Hab das Programm nochmal runtergeladen, wodurch ich den Virus(?) bekommen habe, dennoch die gleiche Nachricht. Hab dann einen Vollscan durchgeführt, aber nichts gefunden.

PC ist gefühlt langsamer geworden. Hab nun keine Ahnung ob es ein Virus ist, aber dieses automatische Öffnen beim Neustart nervt.

Hoffe, Ihr könnte mir helfen.
Vielen Dank.

MfG

Alt 12.11.2012, 23:31   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC Performer lässt sich nicht löschen - Standard

PC Performer lässt sich nicht löschen



Hallo und

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Zitat:
Hab danach einen Quick-Scan mit Malwarebytes durchgeführt und es hat paar Infektionen gefunden
Bitte beachten => http://www.trojaner-board.de/125889-...tml#post941520
__________________

__________________

Alt 13.11.2012, 13:14   #3
sacet
 
PC Performer lässt sich nicht löschen - Standard

PC Performer lässt sich nicht löschen



Beim ersten Mal:

Code:
ATTFilter
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.11.11.03

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 8.0.6001.19328
BozKurT :: BOZKURT-PC [Administrator]

11.11.2012 13:51:34
mbam-log-2012-11-11 (13-51-34).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 208936
Laufzeit: 6 Minute(n), 49 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 1
C:\ProgramData\IBUpdaterService (PUP.InstallBrain) -> Keine Aktion durchgeführt.

Infizierte Dateien: 1
C:\ProgramData\IBUpdaterService\repository.xml (PUP.InstallBrain) -> Keine Aktion durchgeführt.

(Ende)
         

Beim zweitel Mal:

Code:
ATTFilter
Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Datenbank Version: v2012.11.12.02

Windows Vista Service Pack 2 x64 NTFS
Internet Explorer 8.0.6001.19328
BozKurT :: BOZKURT-PC [Administrator]

12.11.2012 13:23:53
mbam-log-2012-11-12 (13-23-53).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 207829
Laufzeit: 5 Minute(n), 35 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 9
HKCR\CLSID\{11111111-1111-1111-1111-110011501160} (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\TypeLib\{44444444-4444-4444-4444-440044504460} (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\Interface\{55555555-5555-5555-5555-550055505560} (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCR\CrossriderApp0005060.BHO.1 (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011501160} (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160} (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160} (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Savings Sidekick (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\215 APPS (PUP.CrossFire.SA) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 1
HKCU\Software\InstalledBrowserExtensions\215 Apps|5060 (PUP.CrossFire.SA) -> Daten: Savings Sidekick -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 1
C:\Program Files (x86)\Savings Sidekick (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 10
C:\Program Files (x86)\Savings Sidekick\Savings Sidekick.dll (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\BozKurT\Desktop\PCPerformer_Softonic_Setup.exe (PUP.BundleInstaller.IB) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Savings Sidekick\Savings SidekickInstaller.log (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Savings Sidekick\ButtonUtil.dll (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Savings Sidekick\Savings Sidekick-bg.exe (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Savings Sidekick\Savings Sidekick.exe (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Savings Sidekick\Savings Sidekick.ico (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Savings Sidekick\Savings Sidekick.ini (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Program Files (x86)\Savings Sidekick\Uninstall.exe (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\BozKurT\AppData\Local\Savings Sidekick\Chrome\Savings Sidekick.crx (PUP.CrossRider.SSK) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         
__________________

Alt 13.11.2012, 16:17   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC Performer lässt sich nicht löschen - Standard

PC Performer lässt sich nicht löschen



Code:
ATTFilter
C:\Users\BozKurT\Desktop\PCPerformer_Softonic_Setup.exe
         
Vermüllte Software von Softonic scheint gerade stark in Mode zu sein!

Finger weg von Softonic!!

Softonic ist eine Toolbar- und Adwareschleuder! Finger weg! Software lädt man sich mit oberster Priorität direkt vom Hersteller oder von Filepony aber nicht von solchen Toolbarklitschen wie Softonic!


1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.


2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 14.11.2012, 15:03   #5
sacet
 
PC Performer lässt sich nicht löschen - Standard

PC Performer lässt sich nicht löschen



1. aswMBR

Code:
ATTFilter
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-14 13:59:18
-----------------------------
13:59:18.701    OS Version: Windows x64 6.0.6002 Service Pack 2
13:59:18.701    Number of processors: 4 586 0x1707
13:59:18.716    ComputerName: BOZKURT-PC  UserName: BozKurT
13:59:23.117    Initialize success
14:02:14.081    AVAST engine defs: 12111400
14:02:28.745    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005d
14:02:28.745    Disk 0 Vendor: WDC_WD10 01.0 Size: 953869MB BusType: 3
14:02:28.761    Disk 0 MBR read successfully
14:02:28.761    Disk 0 MBR scan
14:02:28.761    Disk 0 unknown MBR code
14:02:28.776    Disk 0 Partition 1 00     27 Hidden NTFS WinRE NTFS        18432 MB offset 2048
14:02:28.807    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       467357 MB offset 37750784
14:02:28.854    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       468077 MB offset 994897953
14:02:28.917    Disk 0 scanning C:\Windows\system32\drivers
14:02:52.551    Service scanning
14:03:34.109    Modules scanning
14:03:34.109    Disk 0 trace - called modules:
14:03:34.125    ntoskrnl.exe CLASSPNP.SYS disk.sys PCTCore64.sys acpi.sys storport.sys hal.dll nvstor64.sys 
14:03:34.125    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004ded060]
14:03:34.125    3 CLASSPNP.SYS[fffffa6001208c33] -> nt!IofCallDriver -> [0xfffffa8004d5e040]
14:03:34.140    5 PCTCore64.sys[fffffa6000ae9894] -> nt!IofCallDriver -> [0xfffffa8004cb3c20]
14:03:34.140    7 acpi.sys[fffffa6000947fde] -> nt!IofCallDriver -> \Device\0000005d[0xfffffa8004c0c2f0]
14:03:36.090    AVAST engine scan C:\Windows
14:04:27.055    AVAST engine scan C:\Windows\system32
14:11:02.004    AVAST engine scan C:\Windows\system32\drivers
14:11:24.842    AVAST engine scan C:\Users\BozKurT
14:51:14.871    AVAST engine scan C:\ProgramData
14:54:39.397    Scan finished successfully
14:58:06.066    Disk 0 MBR has been saved successfully to "C:\Users\BozKurT\Desktop\MBR.dat"
14:58:06.144    The log file has been saved successfully to "C:\Users\BozKurT\Desktop\aswMBR.txt"
         
2. TDSS-Killer

Code:
ATTFilter
15:01:26.0565 5608  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
15:01:27.0359 5608  ============================================================
15:01:27.0359 5608  Current date / time: 2012/11/14 15:01:27.0359
15:01:27.0359 5608  SystemInfo:
15:01:27.0359 5608  
15:01:27.0359 5608  OS Version: 6.0.6002 ServicePack: 2.0
15:01:27.0359 5608  Product type: Workstation
15:01:27.0359 5608  ComputerName: BOZKURT-PC
15:01:27.0360 5608  UserName: BozKurT
15:01:27.0360 5608  Windows directory: C:\Windows
15:01:27.0360 5608  System windows directory: C:\Windows
15:01:27.0360 5608  Running under WOW64
15:01:27.0360 5608  Processor architecture: Intel x64
15:01:27.0360 5608  Number of processors: 4
15:01:27.0360 5608  Page size: 0x1000
15:01:27.0360 5608  Boot type: Normal boot
15:01:27.0360 5608  ============================================================
15:01:28.0700 5608  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:01:28.0820 5608  ============================================================
15:01:28.0820 5608  \Device\Harddisk0\DR0:
15:01:28.0820 5608  MBR partitions:
15:01:28.0820 5608  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2400800, BlocksNum 0x390CE800
15:01:28.0820 5608  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x3B4CF021, BlocksNum 0x392369A0
15:01:28.0820 5608  ============================================================
15:01:28.0870 5608  C: <-> \Device\Harddisk0\DR0\Partition1
15:01:28.0950 5608  D: <-> \Device\Harddisk0\DR0\Partition2
15:01:28.0950 5608  ============================================================
15:01:28.0950 5608  Initialize success
15:01:28.0950 5608  ============================================================
15:02:21.0442 5096  ============================================================
15:02:21.0442 5096  Scan started
15:02:21.0442 5096  Mode: Manual; SigCheck; TDLFS; 
15:02:21.0442 5096  ============================================================
15:02:21.0816 5096  ================ Scan system memory ========================
15:02:21.0816 5096  System memory - ok
15:02:21.0816 5096  ================ Scan services =============================
15:02:22.0050 5096  [ 517D30057C726C797764BFD70A55D82A ] Acer HomeMedia Connect Service C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
15:02:22.0268 5096  Acer HomeMedia Connect Service ( UnsignedFile.Multi.Generic ) - warning
15:02:22.0268 5096  Acer HomeMedia Connect Service - detected UnsignedFile.Multi.Generic (1)
15:02:22.0674 5096  [ 1965AAFFAB07E3FB03C77F81BEBA3547 ] ACPI            C:\Windows\system32\drivers\acpi.sys
15:02:22.0736 5096  ACPI - ok
15:02:22.0814 5096  [ 2F0683FD2DF1D92E891CACA14B45A8C1 ] adfs            C:\Windows\system32\drivers\adfs.sys
15:02:22.0892 5096  adfs - ok
15:02:23.0017 5096  [ F84C9DEE4698DF3C1D76801B7B1B55D7 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
15:02:23.0080 5096  Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
15:02:23.0080 5096  Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
15:02:23.0189 5096  [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
15:02:23.0220 5096  AdobeFlashPlayerUpdateSvc - ok
15:02:23.0267 5096  [ F14215E37CF124104575073F782111D2 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:02:23.0360 5096  adp94xx - ok
15:02:23.0407 5096  [ 7D05A75E3066861A6610F7EE04FF085C ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:02:23.0438 5096  adpahci - ok
15:02:23.0454 5096  [ 820A201FE08A0C345B3BEDBC30E1A77C ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
15:02:23.0485 5096  adpu160m - ok
15:02:23.0501 5096  [ 9B4AB6854559DC168FBB4C24FC52E794 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:02:23.0532 5096  adpu320 - ok
15:02:23.0579 5096  [ 0F421175574BFE0BF2F4D8E910A253BB ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:02:23.0735 5096  AeLookupSvc - ok
15:02:23.0782 5096  [ C4F6CE6087760AD70960C9EB130E7943 ] AFD             C:\Windows\system32\drivers\afd.sys
15:02:23.0875 5096  AFD - ok
15:02:23.0906 5096  [ F6F6793B7F17B550ECFDBD3B229173F7 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:02:23.0922 5096  agp440 - ok
15:02:23.0984 5096  [ 222CB641B4B8A1D1126F8033F9FD6A00 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
15:02:24.0031 5096  aic78xx - ok
15:02:24.0047 5096  [ 5922F4F59B7868F3D74BBBBEB7B825A3 ] ALG             C:\Windows\System32\alg.exe
15:02:24.0234 5096  ALG - ok
15:02:24.0250 5096  [ 157D0898D4B73F075CE9FA26B482DF98 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:02:24.0281 5096  aliide - ok
15:02:24.0296 5096  [ 970FA5059E61E30D25307B99903E991E ] amdide          C:\Windows\system32\drivers\amdide.sys
15:02:24.0328 5096  amdide - ok
15:02:24.0359 5096  [ CDC3632A3A5EA4DBB83E46076A3165A1 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:02:24.0452 5096  AmdK8 - ok
15:02:24.0484 5096  [ 9C37B3FD5615477CB9A0CD116CF43F5C ] Appinfo         C:\Windows\System32\appinfo.dll
15:02:24.0546 5096  Appinfo - ok
15:02:24.0624 5096  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:02:24.0671 5096  Apple Mobile Device - ok
15:02:24.0686 5096  [ BA8417D4765F3988FF921F30F630E303 ] arc             C:\Windows\system32\drivers\arc.sys
15:02:24.0733 5096  arc - ok
15:02:24.0780 5096  [ 9D41C435619733B34CC16A511E644B11 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:02:24.0796 5096  arcsas - ok
15:02:24.0842 5096  [ 22D13FF3DAFEC2A80634752B1EAA2DE6 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:02:24.0905 5096  AsyncMac - ok
15:02:24.0952 5096  [ E68D9B3A3905619732F7FE039466A623 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:02:24.0983 5096  atapi - ok
15:02:25.0030 5096  [ 79318C744693EC983D20E9337A2F8196 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:02:25.0108 5096  AudioEndpointBuilder - ok
15:02:25.0139 5096  [ 79318C744693EC983D20E9337A2F8196 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:02:25.0186 5096  AudioSrv - ok
15:02:25.0248 5096  [ FFB96C2589FFA60473EAD78B39FBDE29 ] BFE             C:\Windows\System32\bfe.dll
15:02:25.0342 5096  BFE - ok
15:02:25.0388 5096  [ 6D316F4859634071CC25C4FD4589AD2C ] BITS            C:\Windows\System32\qmgr.dll
15:02:25.0498 5096  BITS - ok
15:02:25.0544 5096  [ 79FEEB40056683F8F61398D81DDA65D2 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
15:02:25.0622 5096  blbdrive - ok
15:02:25.0732 5096  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:02:25.0778 5096  Bonjour Service - ok
15:02:25.0810 5096  [ 2348447A80920B2493A9B582A23E81E1 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:02:25.0888 5096  bowser - ok
15:02:25.0919 5096  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
15:02:25.0981 5096  BrFiltLo - ok
15:02:26.0012 5096  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
15:02:26.0075 5096  BrFiltUp - ok
15:02:26.0122 5096  [ A1B39DE453433B115B4EA69EE0343816 ] Browser         C:\Windows\System32\browser.dll
15:02:26.0200 5096  Browser - ok
15:02:26.0371 5096  [ B715096179D63B88C5948B9A7EEB1088 ] Browser Defender Update Service C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe
15:02:26.0480 5096  Browser Defender Update Service - ok
15:02:26.0512 5096  [ F0F0BA4D815BE446AA6A4583CA3BCA9B ] Brserid         C:\Windows\system32\drivers\brserid.sys
15:02:26.0683 5096  Brserid - ok
15:02:26.0699 5096  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
15:02:26.0808 5096  BrSerWdm - ok
15:02:26.0839 5096  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
15:02:26.0933 5096  BrUsbMdm - ok
15:02:26.0948 5096  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
15:02:27.0042 5096  BrUsbSer - ok
15:02:27.0089 5096  [ E0777B34E05F8A82A21856EFC900C29F ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:02:27.0167 5096  BTHMODEM - ok
15:02:27.0245 5096  [ 09E6AFFAE6C0E9158BF05C7D08D0107A ] BUNAgentSvc     C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
15:02:27.0276 5096  BUNAgentSvc ( UnsignedFile.Multi.Generic ) - warning
15:02:27.0276 5096  BUNAgentSvc - detected UnsignedFile.Multi.Generic (1)
15:02:27.0338 5096  [ 19C8E65DC74D8240C3C8BE0F8751B17E ] camdrv42        C:\Windows\system32\DRIVERS\camdrv42.sys
15:02:27.0448 5096  camdrv42 - ok
15:02:27.0448 5096  [ B4D787DB8D30793A4D4DF9FEED18F136 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:02:27.0526 5096  cdfs - ok
15:02:27.0572 5096  [ C025AA69BE3D0D25C7A2E746EF6F94FC ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:02:27.0666 5096  cdrom - ok
15:02:27.0713 5096  [ 5A268127633C7EE2A7FB87F39D748D56 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:02:27.0760 5096  CertPropSvc - ok
15:02:27.0791 5096  [ 02EA568D498BBDD4BA55BF3FCE34D456 ] circlass        C:\Windows\system32\drivers\circlass.sys
15:02:27.0869 5096  circlass - ok
15:02:27.0900 5096  [ 3DCA9A18B204939CFB24BEA53E31EB48 ] CLFS            C:\Windows\system32\CLFS.sys
15:02:27.0962 5096  CLFS - ok
15:02:28.0072 5096  [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:02:28.0134 5096  clr_optimization_v2.0.50727_32 - ok
15:02:28.0243 5096  [ CE07A466201096F021CD09D631B21540 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:02:28.0290 5096  clr_optimization_v2.0.50727_64 - ok
15:02:28.0384 5096  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:02:28.0430 5096  clr_optimization_v4.0.30319_32 - ok
15:02:28.0477 5096  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:02:28.0524 5096  clr_optimization_v4.0.30319_64 - ok
15:02:28.0555 5096  [ E5D5499A1C50A54B5161296B6AFE6192 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:02:28.0586 5096  cmdide - ok
15:02:28.0618 5096  [ 7FB8AD01DB0EABE60C8A861531A8F431 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:02:28.0664 5096  Compbatt - ok
15:02:28.0664 5096  COMSysApp - ok
15:02:28.0696 5096  [ A8585B6412253803CE8EFCBD6D6DC15C ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:02:28.0711 5096  crcdisk - ok
15:02:28.0762 5096  [ CA78B312C44E4D52E842C2C8BD48E452 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:02:28.0842 5096  CryptSvc - ok
15:02:28.0902 5096  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:02:29.0012 5096  DcomLaunch - ok
15:02:29.0062 5096  [ 8B722BA35205C71E7951CDC4CDBADE19 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:02:29.0142 5096  DfsC - ok
15:02:29.0472 5096  [ C647F468F7DE343DF8C143655C5557D4 ] DFSR            C:\Windows\system32\DFSR.exe
15:02:29.0692 5096  DFSR - ok
15:02:29.0752 5096  [ 3ED0321127CE70ACDAABBF77E157C2A7 ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
15:02:29.0799 5096  Dhcp - ok
15:02:29.0853 5096  [ B0107E40ECDB5FA692EBF832F295D905 ] disk            C:\Windows\system32\drivers\disk.sys
15:02:29.0899 5096  disk - ok
15:02:29.0912 5096  dlcd_device - ok
15:02:29.0947 5096  [ 06230F1B721494A6DF8D47FD395BB1B0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:02:30.0000 5096  Dnscache - ok
15:02:30.0011 5096  [ 1A7156DD1E850E9914E5E991E3225B94 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:02:30.0071 5096  dot3svc - ok
15:02:30.0129 5096  [ 74C02B1717740C3B8039539E23E4B53F ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
15:02:30.0193 5096  Dot4 - ok
15:02:30.0215 5096  [ 08321D1860235BF42CF2854234337AEA ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
15:02:30.0281 5096  Dot4Print - ok
15:02:30.0303 5096  [ 4ADCCF0124F2B6911D3786A5D0E779E5 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
15:02:30.0362 5096  dot4usb - ok
15:02:30.0439 5096  [ 1583B39790DB3EAEC7EDB0CB0140C708 ] DPS             C:\Windows\system32\dps.dll
15:02:30.0501 5096  DPS - ok
15:02:30.0560 5096  [ F1A78A98CFC2EE02144C6BEC945447E6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:02:30.0625 5096  drmkaud - ok
15:02:30.0740 5096  [ B8E554E502D5123BC111F99D6A2181B4 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:02:30.0842 5096  DXGKrnl - ok
15:02:30.0904 5096  [ 264CEE7B031A9D6C827F3D0CB031F2FE ] E1G60           C:\Windows\system32\DRIVERS\E1G6032E.sys
15:02:30.0967 5096  E1G60 - ok
15:02:31.0014 5096  [ C2303883FD9BE49DC36A6400643002EA ] EapHost         C:\Windows\System32\eapsvc.dll
15:02:31.0076 5096  EapHost - ok
15:02:31.0107 5096  [ 5F94962BE5A62DB6E447FF6470C4F48A ] Ecache          C:\Windows\system32\drivers\ecache.sys
15:02:31.0154 5096  Ecache - ok
15:02:31.0216 5096  [ B1F2503E23425B386DF0F3413B2596F3 ] eDataSecurity Service C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
15:02:31.0279 5096  eDataSecurity Service - ok
15:02:31.0372 5096  [ 14CE384D2E27B64C256BDA4DC39C312D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:02:31.0466 5096  ehRecvr - ok
15:02:31.0482 5096  [ B93159C1313D66FDFBBE876F5189CD52 ] ehSched         C:\Windows\ehome\ehsched.exe
15:02:31.0528 5096  ehSched - ok
15:02:31.0560 5096  [ F5EE2527D74449868E3C3227A59BCD28 ] ehstart         C:\Windows\ehome\ehstart.dll
15:02:31.0638 5096  ehstart - ok
15:02:31.0653 5096  [ C4636D6E10469404AB5308D9FD45ED07 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:02:31.0716 5096  elxstor - ok
15:02:31.0809 5096  [ A9B18B63A4FD6BAAB83326706D857FAB ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
15:02:31.0872 5096  EMDMgmt - ok
15:02:31.0934 5096  [ BC3A58E938BB277E46BF4B3003B01ABD ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:02:31.0996 5096  ErrDev - ok
15:02:32.0059 5096  [ C0FE39B8F686B7C70A666E716CC12B49 ] ETService       C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
15:02:32.0106 5096  ETService ( UnsignedFile.Multi.Generic ) - warning
15:02:32.0106 5096  ETService - detected UnsignedFile.Multi.Generic (1)
15:02:32.0152 5096  [ E12F22B73F153DECE721CD45EC05B4AF ] EventSystem     C:\Windows\system32\es.dll
15:02:32.0199 5096  EventSystem - ok
15:02:32.0246 5096  [ 486844F47B6636044A42454614ED4523 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:02:32.0293 5096  exfat - ok
15:02:32.0324 5096  [ 1A4BEE34277784619DDAF0422C0C6E23 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:02:32.0402 5096  fastfat - ok
15:02:32.0449 5096  [ 81B79B6DF71FA1D2C6D688D830616E39 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:02:32.0511 5096  fdc - ok
15:02:32.0527 5096  [ BB9267ACACD8B7533DD936C34A0CBA5E ] fdPHost         C:\Windows\system32\fdPHost.dll
15:02:32.0589 5096  fdPHost - ok
15:02:32.0605 5096  [ 300C80931EABBE1DB7591C516EFE8D0F ] FDResPub        C:\Windows\system32\fdrespub.dll
15:02:32.0698 5096  FDResPub - ok
15:02:32.0714 5096  [ 457B7D1D533E4BD62A99AED9C7BB4C59 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:02:32.0761 5096  FileInfo - ok
15:02:32.0776 5096  [ D421327FD6EFCCAF884A54C58E1B0D7F ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:02:32.0823 5096  Filetrace - ok
15:02:32.0854 5096  [ 230923EA2B80F79B0F88D90F87B87EBD ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:02:32.0901 5096  flpydisk - ok
15:02:32.0932 5096  [ E3041BC26D6930D61F42AEDB79C91720 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:02:32.0964 5096  FltMgr - ok
15:02:33.0073 5096  [ BE1C5BD1CA7ED015BC6FA1AE67E592C8 ] FontCache       C:\Windows\system32\FntCache.dll
15:02:33.0166 5096  FontCache - ok
15:02:33.0244 5096  [ BC5B0BE5AF3510B0FD8C140EE42C6D3E ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:02:33.0276 5096  FontCache3.0.0.0 - ok
15:02:33.0307 5096  [ 5779B86CD8B32519FBECB136394D946A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:02:33.0385 5096  Fs_Rec - ok
15:02:33.0416 5096  [ C8E416668D3DC2BE3D4FE4C79224997F ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:02:33.0463 5096  gagp30kx - ok
15:02:33.0525 5096  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:02:33.0556 5096  GEARAspiWDM - ok
15:02:33.0681 5096  [ A0E1B575BA8F504968CD40C0FAEB2384 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:02:33.0728 5096  gpsvc - ok
15:02:33.0853 5096  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:02:33.0884 5096  gupdate - ok
15:02:33.0915 5096  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:02:33.0931 5096  gupdatem - ok
15:02:33.0978 5096  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:02:34.0040 5096  gusvc - ok
15:02:34.0087 5096  [ DF45F8142DC6DF9D18C39B3EFFBD0409 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:02:34.0196 5096  HdAudAddService - ok
15:02:34.0274 5096  [ F942C5820205F2FB453243EDFEC82A3D ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:02:34.0383 5096  HDAudBus - ok
15:02:34.0399 5096  [ B4881C84A180E75B8C25DC1D726C375F ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:02:34.0492 5096  HidBth - ok
15:02:34.0524 5096  [ 4E77A77E2C986E8F88F996BB3E1AD829 ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:02:34.0633 5096  HidIr - ok
15:02:34.0680 5096  [ 59361D38A297755D46A540E450202B2A ] hidserv         C:\Windows\system32\hidserv.dll
15:02:34.0758 5096  hidserv - ok
15:02:34.0789 5096  [ 443BDD2D30BB4F00795C797E2CF99EDF ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:02:34.0851 5096  HidUsb - ok
15:02:34.0882 5096  [ B12F367EA39C0795FD57E31242CE1A5A ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:02:34.0960 5096  hkmsvc - ok
15:02:35.0023 5096  [ D7109A1E6BD2DFDBCBA72A6BC626A13B ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
15:02:35.0038 5096  HpCISSs - ok
15:02:35.0163 5096  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
15:02:35.0210 5096  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
15:02:35.0210 5096  hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
15:02:35.0226 5096  [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
15:02:35.0257 5096  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
15:02:35.0257 5096  hpqddsvc - detected UnsignedFile.Multi.Generic (1)
15:02:35.0304 5096  [ 098F1E4E5C9CB5B0063A959063631610 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:02:35.0428 5096  HTTP - ok
15:02:35.0460 5096  [ DA94C854CEA5FAC549D4E1F6E88349E8 ] i2omp           C:\Windows\system32\drivers\i2omp.sys
15:02:35.0475 5096  i2omp - ok
15:02:35.0522 5096  [ CBB597659A2713CE0C9CC20C88C7591F ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:02:35.0584 5096  i8042prt - ok
15:02:35.0662 5096  [ 3E3BF3627D886736D0B4E90054F929F6 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
15:02:35.0694 5096  iaStorV - ok
15:02:35.0787 5096  [ 6F95324909B502E2651442C1548AB12F ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
15:02:35.0834 5096  IDriverT ( UnsignedFile.Multi.Generic ) - warning
15:02:35.0834 5096  IDriverT - detected UnsignedFile.Multi.Generic (1)
15:02:35.0896 5096  [ 749F5F8CEDCA70F2A512945325FC489D ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:02:36.0006 5096  idsvc - ok
15:02:36.0037 5096  [ 8C3951AD2FE886EF76C7B5027C3125D3 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:02:36.0084 5096  iirsp - ok
15:02:36.0115 5096  [ 0C9EA6E654E7B0471741E343A6C671AF ] IKEEXT          C:\Windows\System32\ikeext.dll
15:02:36.0177 5096  IKEEXT - ok
15:02:36.0240 5096  [ 8C7FA71CB1EBCD3EDE8958D27B1BF0B4 ] int15           C:\Windows\SysWOW64\drivers\int15_64.sys
15:02:36.0286 5096  int15 - ok
15:02:36.0349 5096  [ 023EB98945069178C21B324B880AD787 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:02:36.0427 5096  IntcAzAudAddService - ok
15:02:36.0474 5096  [ DF797A12176F11B2D301C5B234BB200E ] intelide        C:\Windows\system32\drivers\intelide.sys
15:02:36.0505 5096  intelide - ok
15:02:36.0520 5096  [ BFD84AF32FA1BAD6231C4585CB469630 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:02:36.0583 5096  intelppm - ok
15:02:36.0614 5096  [ 5624BC1BC5EEB49C0AB76A8114F05EA3 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:02:36.0676 5096  IPBusEnum - ok
15:02:36.0708 5096  [ D8AABC341311E4780D6FCE8C73C0AD81 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:02:36.0770 5096  IpFilterDriver - ok
15:02:36.0801 5096  [ BF0DBFA9792C5C14FA00F61C75116C1B ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:02:36.0864 5096  iphlpsvc - ok
15:02:36.0879 5096  IpInIp - ok
15:02:36.0910 5096  [ 9C2EE2E6E5A7203BFAE15C299475EC67 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
15:02:36.0957 5096  IPMIDRV - ok
15:02:36.0973 5096  [ B7E6212F581EA5F6AB0C3A6CEEEB89BE ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
15:02:37.0066 5096  IPNAT - ok
15:02:37.0113 5096  [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:02:37.0238 5096  iPod Service - ok
15:02:37.0254 5096  [ 8C42CA155343A2F11D29FECA67FAA88D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:02:37.0347 5096  IRENUM - ok
15:02:37.0363 5096  [ 0672BFCEDC6FC468A2B0500D81437F4F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:02:37.0410 5096  isapnp - ok
15:02:37.0441 5096  [ E4FDF99599F27EC25D2CF6D754243520 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
15:02:37.0472 5096  iScsiPrt - ok
15:02:37.0503 5096  [ 63C766CDC609FF8206CB447A65ABBA4A ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
15:02:37.0519 5096  iteatapi - ok
15:02:37.0534 5096  Iteidelr - ok
15:02:37.0597 5096  [ 25D0DACC04EADA6DCBC0B1E46F309759 ] ITEIO.SYS       c:\Windows\System32\drivers\ITEIO.sys
15:02:37.0628 5096  ITEIO.SYS ( UnsignedFile.Multi.Generic ) - warning
15:02:37.0628 5096  ITEIO.SYS - detected UnsignedFile.Multi.Generic (1)
15:02:37.0675 5096  [ 1281FE73B17664631D12F643CBEA3F59 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
15:02:37.0690 5096  iteraid - ok
15:02:37.0706 5096  [ 423696F3BA6472DD17699209B933BC26 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:02:37.0753 5096  kbdclass - ok
15:02:37.0784 5096  [ DBDF75D51464FBC47D0104EC3D572C05 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:02:37.0862 5096  kbdhid - ok
15:02:37.0893 5096  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] KeyIso          C:\Windows\system32\lsass.exe
15:02:37.0956 5096  KeyIso - ok
15:02:38.0002 5096  [ 88956AD9FA510848AD176777A6C6C1F5 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:02:38.0049 5096  KSecDD - ok
15:02:38.0065 5096  [ 1D419CF43DB29396ECD7113D129D94EB ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:02:38.0112 5096  ksthunk - ok
15:02:38.0158 5096  [ 1FAF6926F3416D3DA05C5B265491BDAE ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:02:38.0236 5096  KtmRm - ok
15:02:38.0252 5096  [ 50C7A3CB427E9BB5ED0708A669956AB5 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:02:38.0314 5096  LanmanServer - ok
15:02:38.0361 5096  [ CAF86FC1388BE1E470F1A7B43E348ADB ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:02:38.0439 5096  LanmanWorkstation - ok
15:02:38.0470 5096  [ 793FF718477345CD5D232C50BED1E452 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
15:02:38.0502 5096  LightScribeService ( UnsignedFile.Multi.Generic ) - warning
15:02:38.0502 5096  LightScribeService - detected UnsignedFile.Multi.Generic (1)
15:02:38.0517 5096  [ 96ECE2659B6654C10A0C310AE3A6D02C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:02:38.0580 5096  lltdio - ok
15:02:38.0626 5096  [ 961CCBD0B1CCB5675D64976FAE37D092 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:02:38.0689 5096  lltdsvc - ok
15:02:38.0720 5096  [ A47F8080CACC23C91FE823AD19AA5612 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:02:38.0782 5096  lmhosts - ok
15:02:38.0798 5096  [ ACBE1AF32D3123E330A07BFBC5EC4A9B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:02:38.0829 5096  LSI_FC - ok
15:02:38.0845 5096  [ 799FFB2FC4729FA46D2157C0065B3525 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:02:38.0892 5096  LSI_SAS - ok
15:02:38.0907 5096  [ F445FF1DAAD8A226366BFAF42551226B ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:02:38.0938 5096  LSI_SCSI - ok
15:02:38.0970 5096  [ 52F87B9CC8932C2A7375C3B2A9BE5E3E ] luafv           C:\Windows\system32\drivers\luafv.sys
15:02:39.0048 5096  luafv - ok
15:02:39.0079 5096  [ A8FE8F2783B2929B56F5370A89356CE9 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
15:02:39.0126 5096  MBAMProtector - ok
15:02:39.0188 5096  [ 85B16A92B117A5A800032ECD904B86DB ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
15:02:39.0250 5096  MBAMScheduler - ok
15:02:39.0282 5096  [ 20E2469DB709FC675E655CEAA11BE312 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
15:02:39.0360 5096  MBAMService - ok
15:02:39.0438 5096  [ B891E3920F24FF1A3BEAD6CD2B42ED99 ] McAfee SiteAdvisor Service C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
15:02:39.0484 5096  McAfee SiteAdvisor Service - ok
15:02:39.0562 5096  [ 5F2E238661F79CC2D0347F0265BF0063 ] mcmscsvc        C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
15:02:39.0609 5096  mcmscsvc - ok
15:02:39.0734 5096  [ AA490BFB95998686AF46FDCD8093443B ] McNASvc         c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
15:02:39.0859 5096  McNASvc - ok
15:02:39.0921 5096  [ 573D566B19D66087E0204252BE8DBBB4 ] McODS           C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
15:02:39.0968 5096  McODS - ok
15:02:40.0030 5096  [ 5A8D1ACD2070B8261236D5484AE63721 ] McProxy         c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
15:02:40.0062 5096  McProxy - ok
15:02:40.0093 5096  [ 4E1F46A3E8EB9B3014D836C0A07F36BF ] McShield        C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
15:02:40.0140 5096  McShield - ok
15:02:40.0171 5096  [ 9C2BA4C40B94D049539AD99235715A9A ] McSysmon        C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
15:02:40.0280 5096  McSysmon - ok
15:02:40.0311 5096  [ 76A58DF02BD4EA29F189B82D0BEF17F8 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:02:40.0342 5096  Mcx2Svc - ok
15:02:40.0389 5096  [ 5C5CD6AACED32FB26C3FB34B3DCF972F ] megasas         C:\Windows\system32\drivers\megasas.sys
15:02:40.0405 5096  megasas - ok
15:02:40.0420 5096  [ 859BC2436B076C77C159ED694ACFE8F8 ] MegaSR          C:\Windows\system32\drivers\megasr.sys
15:02:40.0467 5096  MegaSR - ok
15:02:40.0498 5096  [ E9266B1BE3B2110277E5F1071F05F3D9 ] mfeavfk         C:\Windows\system32\drivers\mfeavfk.sys
15:02:40.0530 5096  mfeavfk - ok
15:02:40.0545 5096  [ 4216409C03FACEB8331708884B7C8ABB ] mfehidk         C:\Windows\system32\drivers\mfehidk.sys
15:02:40.0608 5096  mfehidk - ok
15:02:40.0623 5096  [ 87A4B421520BCDC3EB9C2E39292DD81D ] mferkdk         C:\Windows\system32\drivers\mferkdk.sys
15:02:40.0639 5096  mferkdk - ok
15:02:40.0654 5096  [ 03A7B08BEB5D607F801AB455F87A6508 ] mfesmfk         C:\Windows\system32\drivers\mfesmfk.sys
15:02:40.0670 5096  mfesmfk - ok
15:02:40.0764 5096  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
15:02:40.0795 5096  Microsoft Office Groove Audit Service - ok
15:02:40.0810 5096  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] MMCSS           C:\Windows\system32\mmcss.dll
15:02:40.0888 5096  MMCSS - ok
15:02:40.0920 5096  [ 59848D5CC74606F0EE7557983BB73C2E ] Modem           C:\Windows\system32\drivers\modem.sys
15:02:40.0966 5096  Modem - ok
15:02:40.0998 5096  [ C247CC2A57E0A0C8C6DCCF7807B3E9E5 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:02:41.0060 5096  monitor - ok
15:02:41.0076 5096  [ 9367304E5E412B120CF5F4EA14E4E4F1 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:02:41.0107 5096  mouclass - ok
15:02:41.0138 5096  [ C2C2BD5C5CE5AAF786DDD74B75D2AC69 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:02:41.0200 5096  mouhid - ok
15:02:41.0216 5096  [ 11BC9B1E8801B01F7F6ADB9EAD30019B ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
15:02:41.0247 5096  MountMgr - ok
15:02:41.0341 5096  [ 8BE15F71DE6FF33FC56DCDE7B2B9EFE8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:02:41.0388 5096  MozillaMaintenance - ok
15:02:41.0434 5096  [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
15:02:41.0481 5096  MpFilter - ok
15:02:41.0512 5096  [ E843A4295A3381347B4CD17C5DE4090A ] MPFP            C:\Windows\system32\Drivers\Mpfp.sys
15:02:41.0544 5096  MPFP - ok
15:02:41.0590 5096  [ DE51C0969EE26777D2D10C5CF70538FA ] MpfService      C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
15:02:41.0637 5096  MpfService - ok
15:02:41.0668 5096  [ F8276EB8698142884498A528DFEA8478 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:02:41.0700 5096  mpio - ok
15:02:41.0715 5096  [ C92B9ABDB65A5991E00C28F13491DBA2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:02:41.0778 5096  mpsdrv - ok
15:02:41.0824 5096  [ 897E3BAF68BA406A61682AE39C83900C ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:02:41.0934 5096  MpsSvc - ok
15:02:41.0949 5096  [ 3C200630A89EF2C0864D515B7A75802E ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
15:02:41.0965 5096  Mraid35x - ok
15:02:42.0012 5096  [ 7C1DE4AA96DC0C071611F9E7DE02A68D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:02:42.0058 5096  MRxDAV - ok
15:02:42.0090 5096  [ 1485811B320FF8C7EDAD1CAEBB1C6C2B ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:02:42.0136 5096  mrxsmb - ok
15:02:42.0152 5096  [ 3B929A60C833FC615FD97FBA82BC7632 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:02:42.0199 5096  mrxsmb10 - ok
15:02:42.0214 5096  [ C64AB3E1F53B4F5B5BB6D796B2D7BEC3 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:02:42.0246 5096  mrxsmb20 - ok
15:02:42.0277 5096  [ 1AC860612B85D8E85EE257D372E39F4D ] msahci          C:\Windows\system32\drivers\msahci.sys
15:02:42.0308 5096  msahci - ok
15:02:42.0324 5096  [ 264BBB4AAF312A485F0E44B65A6B7202 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:02:42.0355 5096  msdsm - ok
15:02:42.0370 5096  [ 7EC02CE772F068ED0BEAFA3DA341A9BC ] MSDTC           C:\Windows\System32\msdtc.exe
15:02:42.0448 5096  MSDTC - ok
15:02:42.0480 5096  [ 704F59BFC4512D2BB0146AEC31B10A7C ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:02:42.0542 5096  Msfs - ok
15:02:42.0589 5096  [ 00EBC952961664780D43DCA157E79B27 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:02:42.0604 5096  msisadrv - ok
15:02:42.0651 5096  [ 366B0C1F4478B519C181E37D43DCDA32 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:02:42.0714 5096  MSiSCSI - ok
15:02:42.0714 5096  msiserver - ok
15:02:42.0776 5096  [ 9A55CFA5F970BB407C7F639D19578A89 ] MSK80Service    C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
15:02:42.0807 5096  MSK80Service - ok
15:02:42.0838 5096  [ 0EA73E498F53B96D83DBFCA074AD4CF8 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:02:42.0916 5096  MSKSSRV - ok
15:02:42.0994 5096  [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
15:02:43.0041 5096  MsMpSvc - ok
15:02:43.0041 5096  [ 52E59B7E992A58E740AA63F57EDBAE8B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:02:43.0119 5096  MSPCLOCK - ok
15:02:43.0135 5096  [ 49084A75BAE043AE02D5B44D02991BB2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:02:43.0228 5096  MSPQM - ok
15:02:43.0244 5096  [ DC6CCF440CDEDE4293DB41C37A5060A5 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:02:43.0291 5096  MsRPC - ok
15:02:43.0306 5096  [ 855796E59DF77EA93AF46F20155BF55B ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:02:43.0353 5096  mssmbios - ok
15:02:43.0384 5096  [ 86D632D75D05D5B7C7C043FA3564AE86 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:02:43.0462 5096  MSTEE - ok
15:02:43.0478 5096  [ 0CC49F78D8ACA0877D885F149084E543 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:02:43.0509 5096  Mup - ok
15:02:43.0556 5096  [ A5B10C845E7538C60C0F5D87A57CB3F5 ] napagent        C:\Windows\system32\qagentRT.dll
15:02:43.0634 5096  napagent - ok
15:02:43.0696 5096  [ 2007B826C4ACD94AE32232B41F0842B9 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:02:43.0728 5096  NativeWifiP - ok
15:02:43.0790 5096  [ 65950E07329FCEE8E6516B17C8D0ABB6 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:02:43.0852 5096  NDIS - ok
15:02:43.0884 5096  [ 64DF698A425478E321981431AC171334 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:02:43.0962 5096  NdisTapi - ok
15:02:43.0977 5096  [ 8BAA43196D7B5BB972C9A6B2BBF61A19 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:02:44.0055 5096  Ndisuio - ok
15:02:44.0071 5096  [ F8158771905260982CE724076419EF19 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:02:44.0133 5096  NdisWan - ok
15:02:44.0164 5096  [ 9CB77ED7CB72850253E973A2D6AFDF49 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:02:44.0211 5096  NDProxy - ok
15:02:44.0227 5096  [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:02:44.0242 5096  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:02:44.0242 5096  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:02:44.0258 5096  [ A499294F5029A7862ADC115BDA7371CE ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:02:44.0336 5096  NetBIOS - ok
15:02:44.0367 5096  [ FC2C792EBDDC8E28DF939D6A92C83D61 ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
15:02:44.0445 5096  netbt - ok
15:02:44.0461 5096  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] Netlogon        C:\Windows\system32\lsass.exe
15:02:44.0492 5096  Netlogon - ok
15:02:44.0508 5096  [ 9B63B29DEFC0F3115A559D2597BF5D75 ] Netman          C:\Windows\System32\netman.dll
15:02:44.0617 5096  Netman - ok
15:02:44.0632 5096  [ 7846D0136CC2B264926A73047BA7688A ] netprofm        C:\Windows\System32\netprofm.dll
15:02:44.0726 5096  netprofm - ok
15:02:44.0757 5096  [ 74751DDA198165947FD7454D83F49825 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:02:44.0804 5096  NetTcpPortSharing - ok
15:02:44.0820 5096  [ 4AC08BD6AF2DF42E0C3196D826C8AEA7 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:02:44.0866 5096  nfrd960 - ok
15:02:44.0898 5096  [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
15:02:44.0944 5096  NisDrv - ok
15:02:44.0976 5096  [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
15:02:45.0038 5096  NisSrv - ok
15:02:45.0069 5096  [ F145BF4C4668E7E312069F81EF847CFC ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:02:45.0147 5096  NlaSvc - ok
15:02:45.0194 5096  [ C9773EF9CBF2877725A45F07396D5DA6 ] nmwcdx64        C:\Windows\system32\drivers\ccdcmbx64.sys
15:02:45.0225 5096  nmwcdx64 - ok
15:02:45.0272 5096  [ B298874F8E0EA93F06EC40AA8D146478 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:02:45.0334 5096  Npfs - ok
15:02:45.0350 5096  [ ACB62BAA1C319B17752553DF3026EEEB ] nsi             C:\Windows\system32\nsisvc.dll
15:02:45.0428 5096  nsi - ok
15:02:45.0444 5096  [ 1523AF19EE8B030BA682F7A53537EAEB ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:02:45.0506 5096  nsiproxy - ok
15:02:45.0568 5096  [ BAC869DFB98E499BA4D9BB1FB43270E1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:02:45.0662 5096  Ntfs - ok
15:02:45.0709 5096  [ A2B6583A5652A385DFF5E4F49AD48761 ] NTIBackupSvc    C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
15:02:45.0756 5096  NTIBackupSvc ( UnsignedFile.Multi.Generic ) - warning
15:02:45.0756 5096  NTIBackupSvc - detected UnsignedFile.Multi.Generic (1)
15:02:45.0787 5096  [ 7D397449AAF52B0E7C79B64F6AD4473E ] NTIDrvr         C:\Windows\system32\Drivers\NTIDrvr.sys
15:02:45.0818 5096  NTIDrvr - ok
15:02:45.0834 5096  [ 40B87FE8A1A9A5AC9E5A91D96F212BCD ] NTISchedulerSvc C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
15:02:45.0865 5096  NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - warning
15:02:45.0865 5096  NTISchedulerSvc - detected UnsignedFile.Multi.Generic (1)
15:02:45.0880 5096  [ DD5D684975352B85B52E3FD5347C20CB ] Null            C:\Windows\system32\drivers\Null.sys
15:02:45.0958 5096  Null - ok
15:02:46.0005 5096  [ 98350606682594521D56ECCB5D01ECF7 ] NVENETFD        C:\Windows\system32\DRIVERS\nvmfdx64.sys
15:02:46.0177 5096  NVENETFD - ok
15:02:46.0208 5096  [ 6E022D5F44CD8B029CF799807BB31269 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
15:02:46.0224 5096  NVHDA - ok
15:02:46.0489 5096  [ E55CAB397F77D5208DB18A78B1B7C0D5 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:02:47.0128 5096  nvlddmkm - ok
15:02:47.0144 5096  [ 2C040B7ADA5B06F6FACADAC8514AA034 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:02:47.0191 5096  nvraid - ok
15:02:47.0222 5096  [ F7EA0FE82842D05EDA3EFDD376DBFDBA ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:02:47.0253 5096  nvstor - ok
15:02:47.0269 5096  [ 581286807B5832503FD700A3217B589F ] nvstor64        C:\Windows\system32\DRIVERS\nvstor64.sys
15:02:47.0284 5096  nvstor64 - ok
15:02:47.0331 5096  [ 43BC8151893AE6AFE42E149D663C2221 ] nvsvc           C:\Windows\system32\nvvsvc.exe
15:02:47.0347 5096  nvsvc - ok
15:02:47.0378 5096  [ 19067CA93075EF4823E3938A686F532F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:02:47.0425 5096  nv_agp - ok
15:02:47.0425 5096  NwlnkFlt - ok
15:02:47.0425 5096  NwlnkFwd - ok
15:02:47.0503 5096  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
15:02:47.0565 5096  odserv - ok
15:02:47.0612 5096  [ B5B1CE65AC15BBD11C0619E3EF7CFC28 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
15:02:47.0674 5096  ohci1394 - ok
15:02:47.0690 5096  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:02:47.0737 5096  ose - ok
15:02:47.0799 5096  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2pimsvc        C:\Windows\system32\p2psvc.dll
15:02:47.0908 5096  p2pimsvc - ok
15:02:47.0924 5096  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] p2psvc          C:\Windows\system32\p2psvc.dll
15:02:47.0971 5096  p2psvc - ok
15:02:47.0986 5096  [ AECD57F94C887F58919F307C35498EA0 ] Parport         C:\Windows\system32\drivers\parport.sys
15:02:48.0064 5096  Parport - ok
15:02:48.0096 5096  [ B43751085E2ABE389DA466BC62A4B987 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:02:48.0127 5096  partmgr - ok
15:02:48.0267 5096  [ A3333663E400B6327E0A0B98CAD20A24 ] PC Performer Manager C:\ProgramData\PC Performer Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe
15:02:48.0408 5096  PC Performer Manager - ok
15:02:48.0423 5096  [ 9AB157B374192FF276C1628FBDBA2B0E ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:02:48.0454 5096  PcaSvc - ok
15:02:48.0501 5096  [ 47AB1E0FC9D0E12BB53BA246E3A0906D ] pci             C:\Windows\system32\drivers\pci.sys
15:02:48.0517 5096  pci - ok
15:02:48.0564 5096  [ 2657F6C0B78C36D95034BE109336E382 ] pciide          C:\Windows\system32\drivers\pciide.sys
15:02:48.0579 5096  pciide - ok
15:02:48.0610 5096  [ 037661F3D7C507C9993B7010CEEE6288 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:02:48.0642 5096  pcmcia - ok
15:02:48.0688 5096  [ BF907EC8C6783E861246C8060E788334 ] PCTCore         C:\Windows\system32\drivers\PCTCore64.sys
15:02:48.0720 5096  PCTCore - ok
15:02:48.0766 5096  [ FF43E3B1687E4E2140DE6349EA5C7372 ] pctDS           C:\Windows\system32\drivers\pctDS64.sys
15:02:48.0798 5096  pctDS - ok
15:02:48.0813 5096  [ 60E9A05852AF7E9CB11237C00AEE4CCF ] pctEFA          C:\Windows\system32\drivers\pctEFA64.sys
15:02:48.0891 5096  pctEFA - ok
15:02:48.0922 5096  [ 58865916F53592A61549B04941BFD80D ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:02:49.0047 5096  PEAUTH - ok
15:02:49.0110 5096  [ 0ED8727EA0172860F47258456C06CAEA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:02:49.0203 5096  PerfHost - ok
15:02:49.0266 5096  [ E9E68C1A0F25CF4A7AC966EEA74EE89E ] pla             C:\Windows\system32\pla.dll
15:02:49.0422 5096  pla - ok
15:02:49.0453 5096  [ FE6B0F59215C9FD9F9D26539C58C8B82 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:02:49.0515 5096  PlugPlay - ok
15:02:49.0546 5096  [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
15:02:49.0578 5096  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
15:02:49.0578 5096  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
15:02:49.0609 5096  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
15:02:49.0671 5096  PNRPAutoReg - ok
15:02:49.0702 5096  [ 9AE31D2E1D15C10D91318E0EC149CEAC ] PNRPsvc         C:\Windows\system32\p2psvc.dll
15:02:49.0749 5096  PNRPsvc - ok
15:02:49.0796 5096  [ 89A5560671C2D8B4A4B51F3E1AA069D8 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:02:49.0874 5096  PolicyAgent - ok
15:02:49.0905 5096  [ 23386E9952025F5F21C368971E2E7301 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:02:49.0968 5096  PptpMiniport - ok
15:02:49.0983 5096  [ 5080E59ECEE0BC923F14018803AA7A01 ] Processor       C:\Windows\system32\drivers\processr.sys
15:02:50.0046 5096  Processor - ok
15:02:50.0077 5096  [ E058CE4FC2449D8BFA14739C83B7FF2A ] ProfSvc         C:\Windows\system32\profsvc.dll
15:02:50.0124 5096  ProfSvc - ok
15:02:50.0124 5096  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] ProtectedStorage C:\Windows\system32\lsass.exe
15:02:50.0155 5096  ProtectedStorage - ok
15:02:50.0202 5096  [ C5AB7F0809392D0DA027F4A2A81BFA31 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
15:02:50.0264 5096  PSched - ok
15:02:50.0280 5096  [ 2CFD31D41CDE75328ACAEEE2D4F4B836 ] PSDFilter       C:\Windows\system32\DRIVERS\psdfilter.sys
15:02:50.0311 5096  PSDFilter - ok
15:02:50.0326 5096  [ 51A585F999672D8BB07F22AE12B40846 ] PSDNServ        C:\Windows\system32\DRIVERS\PSDNServ.sys
15:02:50.0373 5096  PSDNServ - ok
15:02:50.0389 5096  [ DB50D3F5C31B1A848B04F7F2A6FF2709 ] psdvdisk        C:\Windows\system32\DRIVERS\PSDVdisk.sys
15:02:50.0404 5096  psdvdisk - ok
15:02:50.0451 5096  [ 0B83F4E681062F3839BE2EC1D98FD94A ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:02:50.0623 5096  ql2300 - ok
15:02:50.0670 5096  [ E1C80F8D4D1E39EF9595809C1369BF2A ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:02:50.0701 5096  ql40xx - ok
15:02:50.0716 5096  [ 90574842C3DA781E279061A3EFF91F07 ] QWAVE           C:\Windows\system32\qwave.dll
15:02:50.0763 5096  QWAVE - ok
15:02:50.0794 5096  [ E8D76EDAB77EC9C634C27B8EAC33ADC5 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:02:50.0826 5096  QWAVEdrv - ok
15:02:50.0857 5096  [ 1013B3B663A56D3DDD784F581C1BD005 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:02:50.0919 5096  RasAcd - ok
15:02:50.0935 5096  [ B2AE18F847D07F0044404DDF7CB04497 ] RasAuto         C:\Windows\System32\rasauto.dll
15:02:50.0982 5096  RasAuto - ok
15:02:51.0013 5096  [ AC7BC4D42A7E558718DFDEC599BBFC2C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:02:51.0060 5096  Rasl2tp - ok
15:02:51.0091 5096  [ 3AD83E4046C43BE510DE681588ACB8AF ] RasMan          C:\Windows\System32\rasmans.dll
15:02:51.0122 5096  RasMan - ok
15:02:51.0169 5096  [ 4517FBF8B42524AFE4EDE1DE102AAE3E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:02:51.0231 5096  RasPppoe - ok
15:02:51.0262 5096  [ C6A593B51F34C33E5474539544072527 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:02:51.0309 5096  RasSstp - ok
15:02:51.0340 5096  [ 322DB5C6B55E8D8EE8D6F358B2AAABB1 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:02:51.0387 5096  rdbss - ok
15:02:51.0403 5096  [ 603900CC05F6BE65CCBF373800AF3716 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:02:51.0465 5096  RDPCDD - ok
15:02:51.0481 5096  [ C045D1FB111C28DF0D1BE8D4BDA22C06 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
15:02:51.0574 5096  rdpdr - ok
15:02:51.0574 5096  [ CAB9421DAF3D97B33D0D055858E2C3AB ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:02:51.0637 5096  RDPENCDD - ok
15:02:51.0684 5096  [ AE4BD9E1C33D351D8E607FC81F15160C ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:02:51.0746 5096  RDPWD - ok
15:02:51.0762 5096  [ C612B9557DA73F70D41F8A6FBC8E5344 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:02:51.0824 5096  RemoteAccess - ok
15:02:51.0855 5096  [ 44B9D8EC2F3EF3A0EFB00857AF70D861 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:02:51.0918 5096  RemoteRegistry - ok
15:02:51.0949 5096  [ A035A7BF5132682F53F1E7B955690CE7 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
15:02:52.0027 5096  RichVideo ( UnsignedFile.Multi.Generic ) - warning
15:02:52.0027 5096  RichVideo - detected UnsignedFile.Multi.Generic (1)
15:02:52.0042 5096  [ F46C457840D4B7A4DAAFEE739CE04102 ] RpcLocator      C:\Windows\system32\locator.exe
15:02:52.0120 5096  RpcLocator - ok
15:02:52.0167 5096  [ CF8B9A3A5E7DC57724A89D0C3E8CF9EF ] RpcSs           C:\Windows\system32\rpcss.dll
15:02:52.0214 5096  RpcSs - ok
15:02:52.0261 5096  [ 22A9CB08B1A6707C1550C6BF099AAE73 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:02:52.0323 5096  rspndr - ok
15:02:52.0323 5096  [ 260BF9C43EE12C6898A9F5AAB0FB0E5D ] SamSs           C:\Windows\system32\lsass.exe
15:02:52.0354 5096  SamSs - ok
15:02:52.0386 5096  [ CD9C693589C60AD59BBBCFB0E524E01B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:02:52.0401 5096  sbp2port - ok
15:02:52.0448 5096  [ FD1CDCF108D5EF3366F00D18B70FB89B ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:02:52.0495 5096  SCardSvr - ok
15:02:52.0542 5096  [ 0F838C811AD295D2A4489B9993096C63 ] Schedule        C:\Windows\system32\schedsvc.dll
15:02:52.0651 5096  Schedule - ok
15:02:52.0666 5096  [ 5A268127633C7EE2A7FB87F39D748D56 ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:02:52.0729 5096  SCPolicySvc - ok
15:02:52.0744 5096  [ 4FF71B076A7760FE75EA5AE2D0EE0018 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:02:52.0822 5096  SDRSVC - ok
15:02:52.0838 5096  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:02:52.0916 5096  secdrv - ok
15:02:52.0932 5096  [ 5ACDCBC67FCF894A1815B9F96D704490 ] seclogon        C:\Windows\system32\seclogon.dll
15:02:52.0994 5096  seclogon - ok
15:02:53.0025 5096  [ 90973A64B96CD647FF81C79443618EED ] SENS            C:\Windows\System32\sens.dll
15:02:53.0103 5096  SENS - ok
15:02:53.0134 5096  [ 2449316316411D65BD2C761A6FFB2CE2 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:02:53.0212 5096  Serenum - ok
15:02:53.0228 5096  [ 4B438170BE2FC8E0BD35EE87A960F84F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
15:02:53.0306 5096  Serial - ok
15:02:53.0337 5096  [ A842F04833684BCEEA7336211BE478DF ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:02:53.0400 5096  sermouse - ok
15:02:53.0431 5096  [ A8E4A4407A09F35DCCC3771AF590B0C4 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:02:53.0493 5096  SessionEnv - ok
15:02:53.0509 5096  [ 14D4B4465193A87C127933978E8C4106 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:02:53.0571 5096  sffdisk - ok
15:02:53.0602 5096  [ 7073AEE3F82F3D598E3825962AA98AB2 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:02:53.0665 5096  sffp_mmc - ok
15:02:53.0680 5096  [ 35E59EBE4A01A0532ED67975161C7B82 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:02:53.0743 5096  sffp_sd - ok
15:02:53.0758 5096  [ 6B7838C94135768BD455CBDC23E39E5F ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:02:53.0836 5096  sfloppy - ok
15:02:53.0852 5096  [ 4C5AEE179DA7E1EE9A9CCB9DA289AF34 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:02:53.0946 5096  SharedAccess - ok
15:02:53.0977 5096  [ 56793271ECDEDD350C5ADD305603E963 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:02:54.0039 5096  ShellHWDetection - ok
15:02:54.0055 5096  [ 7A5DE502AEB719D4594C6471060A78B3 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
15:02:54.0086 5096  SiSRaid2 - ok
15:02:54.0102 5096  [ 3A2F769FAB9582BC720E11EA1DFB184D ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:02:54.0148 5096  SiSRaid4 - ok
15:02:54.0226 5096  [ A9A27A8E257B45A604FDAD4F26FE7241 ] slsvc           C:\Windows\system32\SLsvc.exe
15:02:54.0398 5096  slsvc - ok
15:02:54.0429 5096  [ FD74B4B7C2088E390A30C85A896FC3AF ] SLUINotify      C:\Windows\system32\SLUINotify.dll
15:02:54.0492 5096  SLUINotify - ok
15:02:54.0523 5096  [ 290B6F6A0EC4FCDFC90F5CB6D7020473 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:02:54.0585 5096  Smb - ok
15:02:54.0601 5096  [ F8F47F38909823B1AF28D60B96340CFF ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:02:54.0663 5096  SNMPTRAP - ok
15:02:54.0694 5096  [ 386C3C63F00A7040C7EC5E384217E89D ] spldr           C:\Windows\system32\drivers\spldr.sys
15:02:54.0741 5096  spldr - ok
15:02:54.0772 5096  [ F66FF751E7EFC816D266977939EF5DC3 ] Spooler         C:\Windows\System32\spoolsv.exe
15:02:54.0835 5096  Spooler - ok
15:02:54.0882 5096  [ 880A57FCCB571EBD063D4DD50E93E46D ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:02:54.0975 5096  srv - ok
15:02:55.0006 5096  [ A1AD14A6D7A37891FFFECA35EBBB0730 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:02:55.0069 5096  srv2 - ok
15:02:55.0116 5096  [ 4BED62F4FA4D8300973F1151F4C4D8A7 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:02:55.0162 5096  srvnet - ok
15:02:55.0194 5096  [ 192C74646EC5725AEF3F80D19FF75F6A ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:02:55.0287 5096  SSDPSRV - ok
15:02:55.0303 5096  [ 2EE3FA0308E6185BA64A9A7F2E74332B ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:02:55.0365 5096  SstpSvc - ok
15:02:55.0381 5096  Steam Client Service - ok
15:02:55.0428 5096  [ 15825C1FBFB8779992CB65087F316AF5 ] stisvc          C:\Windows\System32\wiaservc.dll
15:02:55.0506 5096  stisvc - ok
15:02:55.0537 5096  [ 8A851CA908B8B974F89C50D2E18D4F0C ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:02:55.0584 5096  swenum - ok
15:02:55.0615 5096  [ 6DE37F4DE19D4EFD9C48C43ADDBC949A ] swprv           C:\Windows\System32\swprv.dll
15:02:55.0724 5096  swprv - ok
15:02:55.0740 5096  [ 2F26A2C6FC96B29BEFF5D8ED74E6625B ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
15:02:55.0771 5096  Symc8xx - ok
15:02:55.0786 5096  [ A909667976D3BCCD1DF813FED517D837 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
15:02:55.0833 5096  Sym_hi - ok
15:02:55.0849 5096  [ 36887B56EC2D98B9C362F6AE4DE5B7B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
15:02:55.0896 5096  Sym_u3 - ok
15:02:55.0942 5096  [ 92D7A8B0F87B036F17D25885937897A6 ] SysMain         C:\Windows\system32\sysmain.dll
15:02:56.0052 5096  SysMain - ok
15:02:56.0083 5096  [ 005CE42567F9113A3BCCB3B20073B029 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:02:56.0130 5096  TabletInputService - ok
15:02:56.0176 5096  [ CC2562B4D55E0B6A4758C65407F63B79 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:02:56.0254 5096  TapiSrv - ok
15:02:56.0270 5096  [ CDBE8D7C1E201B911CDC346D06617FB5 ] TBS             C:\Windows\System32\tbssvc.dll
15:02:56.0348 5096  TBS - ok
15:02:56.0395 5096  [ AC8D5728E6AD6A7C4819D9A67008337A ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:02:56.0520 5096  Tcpip - ok
15:02:56.0566 5096  [ AC8D5728E6AD6A7C4819D9A67008337A ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
15:02:56.0644 5096  Tcpip6 - ok
15:02:56.0660 5096  [ FD8FDE859E38E40A20085EBB0C22B416 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:02:56.0738 5096  tcpipreg - ok
15:02:56.0785 5096  [ 1D8BF4AAA5FB7A2761475781DC1195BC ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:02:56.0847 5096  TDPIPE - ok
15:02:56.0863 5096  [ 7F7E00CDF609DF657F4CDA02DD1C9BB1 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:02:56.0925 5096  TDTCP - ok
15:02:56.0956 5096  [ 458919C8C42E398DC4802178D5FFEE27 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:02:57.0019 5096  tdx - ok
15:02:57.0034 5096  [ 8C19678D22649EC002EF2282EAE92F98 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:02:57.0066 5096  TermDD - ok
15:02:57.0112 5096  [ 5CDD30BC217082DAC71A9878D9BFD566 ] TermService     C:\Windows\System32\termsrv.dll
15:02:57.0206 5096  TermService - ok
15:02:57.0237 5096  [ 56793271ECDEDD350C5ADD305603E963 ] Themes          C:\Windows\system32\shsvcs.dll
15:02:57.0268 5096  Themes - ok
15:02:57.0284 5096  [ 3CBE4995E80E13CCFBC42E5DCF3AC81A ] THREADORDER     C:\Windows\system32\mmcss.dll
15:02:57.0331 5096  THREADORDER - ok
15:02:57.0362 5096  [ F4689F05AF472A651A7B1B7B02D200E7 ] TrkWks          C:\Windows\System32\trkwks.dll
15:02:57.0424 5096  TrkWks - ok
15:02:57.0471 5096  [ 66328B08EF5A9305D8EDE36B93930369 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:02:57.0534 5096  TrustedInstaller - ok
15:02:57.0565 5096  [ 9E5409CD17C8BEF193AAD498F3BC2CB8 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:02:57.0627 5096  tssecsrv - ok
15:02:57.0643 5096  [ 89EC74A9E602D16A75A4170511029B3C ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
15:02:57.0674 5096  tunmp - ok
15:02:57.0736 5096  [ 30A9B3F45AD081BFFC3BCAA9C812B609 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:02:57.0783 5096  tunnel - ok
15:02:57.0799 5096  [ FEC266EF401966311744BD0F359F7F56 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:02:57.0846 5096  uagp35 - ok
15:02:57.0877 5096  [ 00C8CE31657624A125FDB90EFD554371 ] UBHelper        C:\Windows\system32\drivers\UBHelper.sys
15:02:57.0892 5096  UBHelper - ok
15:02:57.0924 5096  [ FAF2640A2A76ED03D449E443194C4C34 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:02:58.0002 5096  udfs - ok
15:02:58.0048 5096  [ 060507C4113391394478F6953A79EEDC ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:02:58.0095 5096  UI0Detect - ok
15:02:58.0111 5096  [ 4EC9447AC3AB462647F60E547208CA00 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:02:58.0142 5096  uliagpkx - ok
15:02:58.0158 5096  [ 697F0446134CDC8F99E69306184FBBB4 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
15:02:58.0204 5096  uliahci - ok
15:02:58.0220 5096  [ 31707F09846056651EA2C37858F5DDB0 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
15:02:58.0251 5096  UlSata - ok
15:02:58.0282 5096  [ 85E5E43ED5B48C8376281BAB519271B7 ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
15:02:58.0314 5096  ulsata2 - ok
15:02:58.0329 5096  [ 46E9A994C4FED537DD951F60B86AD3F4 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:02:58.0376 5096  umbus - ok
15:02:58.0407 5096  [ 7093799FF80E9DECA0680D2E3535BE60 ] upnphost        C:\Windows\System32\upnphost.dll
15:02:58.0485 5096  upnphost - ok
15:02:58.0532 5096  [ F49988FBF59413B974B1380D6F743EBC ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
15:02:58.0579 5096  upperdev - ok
15:02:58.0626 5096  [ AF1B9474D67897D0C2CFF58E0ACEACCC ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
15:02:58.0657 5096  USBAAPL64 - ok
15:02:58.0704 5096  [ C6BA890DE6E41857FBE84175519CAE7D ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
15:02:58.0766 5096  usbaudio - ok
15:02:58.0813 5096  [ 07E3498FC60834219D2356293DA0FECC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:02:58.0875 5096  usbccgp - ok
15:02:58.0906 5096  [ 9247F7E0B65852C1F6631480984D6ED2 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:02:59.0000 5096  usbcir - ok
15:02:59.0031 5096  [ 827E44DE934A736EA31E91D353EB126F ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
15:02:59.0078 5096  usbehci - ok
15:02:59.0109 5096  [ BB35CD80A2ECECFADC73569B3D70C7D1 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:02:59.0187 5096  usbhub - ok
15:02:59.0203 5096  [ E406B003A354776D317762694956B0FC ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
15:02:59.0234 5096  usbohci - ok
15:02:59.0250 5096  [ 28B693B6D31E7B9332C1BDCEFEF228C1 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:02:59.0296 5096  usbprint - ok
15:02:59.0328 5096  [ EA0BF666868964FBE8CB10E50C97B9F1 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:02:59.0374 5096  usbscan - ok
15:02:59.0406 5096  [ F7386007FB19E7685FC7B298560AA81F ] usbser          C:\Windows\system32\DRIVERS\usbser.sys
15:02:59.0452 5096  usbser - ok
15:02:59.0484 5096  [ B854C1558FCA0C269A38663E8B59B581 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:02:59.0530 5096  USBSTOR - ok
15:02:59.0546 5096  [ B2872CBF9F47316ABD0E0C74A1ABA507 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
15:02:59.0577 5096  usbuhci - ok
15:02:59.0608 5096  [ D76E231E4850BB3F88A3D9A78DF191E3 ] UxSms           C:\Windows\System32\uxsms.dll
15:02:59.0655 5096  UxSms - ok
15:02:59.0702 5096  [ 294945381DFA7CE58CECF0A9896AF327 ] vds             C:\Windows\System32\vds.exe
15:02:59.0764 5096  vds - ok
15:02:59.0796 5096  [ 916B94BCF1E09873FFF2D5FB11767BBC ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:02:59.0858 5096  vga - ok
15:02:59.0889 5096  [ B83AB16B51FEDA65DD81B8C59D114D63 ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:02:59.0936 5096  VgaSave - ok
15:02:59.0952 5096  [ 8294B6C3FDB6C33F24E150DE647ECDAA ] viaide          C:\Windows\system32\drivers\viaide.sys
15:02:59.0983 5096  viaide - ok
15:03:00.0014 5096  [ 2B7E885ED951519A12C450D24535DFCA ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:03:00.0045 5096  volmgr - ok
15:03:00.0076 5096  [ CEC5AC15277D75D9E5DEC2E1C6EAF877 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:03:00.0108 5096  volmgrx - ok
15:03:00.0170 5096  [ 5280AADA24AB36B01A84A6424C475C8D ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:03:00.0201 5096  volsnap - ok
15:03:00.0217 5096  [ A68F455ED2673835209318DD61BFBB0E ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:03:00.0264 5096  vsmraid - ok
15:03:00.0342 5096  [ B75232DAD33BFD95BF6F0A3E6BFF51E1 ] VSS             C:\Windows\system32\vssvc.exe
15:03:00.0451 5096  VSS - ok
15:03:00.0498 5096  [ F14A7DE2EA41883E250892E1E5230A9A ] W32Time         C:\Windows\system32\w32time.dll
15:03:00.0576 5096  W32Time - ok
15:03:00.0607 5096  [ FEF8FE5923FEAD2CEE4DFABFCE3393A7 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:03:00.0685 5096  WacomPen - ok
15:03:00.0732 5096  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
15:03:00.0810 5096  Wanarp - ok
15:03:00.0825 5096  [ B8E7049622300D20BA6D8BE0C47C0CFD ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:03:00.0856 5096  Wanarpv6 - ok
15:03:00.0888 5096  [ B4E4C37D0AA6100090A53213EE2BF1C1 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:03:00.0966 5096  wcncsvc - ok
15:03:01.0012 5096  [ EA4B369560E986F19D93F45A881484AC ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:03:01.0059 5096  WcsPlugInService - ok
15:03:01.0075 5096  [ 0C17A0816F65B89E362E682AD5E7266E ] Wd              C:\Windows\system32\drivers\wd.sys
15:03:01.0106 5096  Wd - ok
15:03:01.0137 5096  [ D02E7E4567DA1E7582FBF6A91144B0DF ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:03:01.0246 5096  Wdf01000 - ok
15:03:01.0246 5096  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:03:01.0324 5096  WdiServiceHost - ok
15:03:01.0324 5096  [ C5EFDA73EBFCA8B02A094898DE0A9276 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:03:01.0371 5096  WdiSystemHost - ok
15:03:01.0402 5096  [ 3E6D05381CF35F75EBB055544A8ED9AC ] WebClient       C:\Windows\System32\webclnt.dll
15:03:01.0449 5096  WebClient - ok
15:03:01.0480 5096  [ 8D40BC587993F876658BF9FB0F7D3462 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:03:01.0558 5096  Wecsvc - ok
15:03:01.0574 5096  [ 9C980351D7E96288EA0C23AE232BD065 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:03:01.0621 5096  wercplsupport - ok
15:03:01.0636 5096  [ 66B9ECEBC46683F47EDC06333C075FEF ] WerSvc          C:\Windows\System32\WerSvc.dll
15:03:01.0714 5096  WerSvc - ok
15:03:01.0746 5096  WinDefend - ok
15:03:01.0746 5096  WinHttpAutoProxySvc - ok
15:03:01.0808 5096  [ D2E7296ED1BD26D8DB2799770C077A02 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:03:01.0886 5096  Winmgmt - ok
15:03:01.0964 5096  [ 6CBB0C68F13B9C2EC1B16F5FA5E7C869 ] WinRM           C:\Windows\system32\WsmSvc.dll
15:03:02.0104 5096  WinRM - ok
15:03:02.0167 5096  [ EC339C8115E91BAED835957E9A677F16 ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:03:02.0276 5096  Wlansvc - ok
15:03:02.0401 5096  [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:03:02.0572 5096  wlidsvc - ok
15:03:02.0588 5096  [ E18AEBAAA5A773FE11AA2C70F65320F5 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
15:03:02.0650 5096  WmiAcpi - ok
15:03:02.0682 5096  [ 21FA389E65A852698B6A1341F36EE02D ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:03:02.0744 5096  wmiApSrv - ok
15:03:02.0775 5096  WMPNetworkSvc - ok
15:03:02.0806 5096  [ CBC156C913F099E6680D1DF9307DB7A8 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:03:02.0884 5096  WPCSvc - ok
15:03:02.0916 5096  [ 490A18B4E4D53DC10879DEAA8E8B70D9 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:03:02.0978 5096  WPDBusEnum - ok
15:03:03.0025 5096  [ 5E2401B3FC1089C90E081291357371A9 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
15:03:03.0056 5096  WpdUsb - ok
15:03:03.0196 5096  [ 991E2C2CF3BC204C2BB2EE1476149E4E ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\WPF\WPFFontCache_v0400.exe
15:03:03.0306 5096  WPFFontCache_v0400 - ok
15:03:03.0337 5096  [ 8A900348370E359B6BFF6A550E4649E1 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:03:03.0399 5096  ws2ifsl - ok
15:03:03.0446 5096  [ 9EA3E6D0EF7A5C2B9181961052A4B01A ] wscsvc          C:\Windows\System32\wscsvc.dll
15:03:03.0477 5096  wscsvc - ok
15:03:03.0493 5096  WSearch - ok
15:03:03.0586 5096  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:03:03.0758 5096  wuauserv - ok
15:03:03.0805 5096  [ 501A65252617B495C0F1832F908D54D8 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:03:03.0867 5096  WUDFRd - ok
15:03:03.0883 5096  [ 6CBD51FF913C851D56ED9DC7F2A27DDE ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:03:03.0945 5096  wudfsvc - ok
15:03:03.0961 5096  ================ Scan global ===============================
15:03:03.0992 5096  [ 060DC3A7A9A2626031EB23D90151428D ] C:\Windows\system32\basesrv.dll
15:03:04.0023 5096  [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
15:03:04.0070 5096  [ AA137104CDFC81818A309CDE32ABB74A ] C:\Windows\system32\winsrv.dll
15:03:04.0117 5096  [ 934E0B7D77FF78C18D9F8891221B6DE3 ] C:\Windows\system32\services.exe
15:03:04.0117 5096  [Global] - ok
15:03:04.0117 5096  ================ Scan MBR ==================================
15:03:04.0117 5096  [ EF932EAA6EF4C94E66A7F6CEEC7EB422 ] \Device\Harddisk0\DR0
15:03:06.0379 5096  \Device\Harddisk0\DR0 - ok
15:03:06.0379 5096  ================ Scan VBR ==================================
15:03:06.0394 5096  [ 562D07A5574EB0955335B97C4F9B9FC0 ] \Device\Harddisk0\DR0\Partition1
15:03:06.0394 5096  \Device\Harddisk0\DR0\Partition1 - ok
15:03:06.0410 5096  [ F8B8C5C2497F390B51106855E4014694 ] \Device\Harddisk0\DR0\Partition2
15:03:06.0410 5096  \Device\Harddisk0\DR0\Partition2 - ok
15:03:06.0410 5096  ============================================================
15:03:06.0410 5096  Scan finished
15:03:06.0410 5096  ============================================================
15:03:06.0426 3248  Detected object count: 14
15:03:06.0426 3248  Actual detected object count: 14
15:03:42.0181 3248  Acer HomeMedia Connect Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:03:42.0181 3248  Acer HomeMedia Connect Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:03:42.0181 3248  Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
15:03:42.0181 3248  Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:03:42.0181 3248  BUNAgentSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:03:42.0181 3248  BUNAgentSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:03:42.0196 3248  ETService ( UnsignedFile.Multi.Generic ) - skipped by user
15:03:42.0196 3248  ETService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:03:42.0196 3248  hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
15:03:42.0196 3248  hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:03:42.0196 3248  hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:03:42.0196 3248  hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:03:42.0196 3248  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
15:03:42.0196 3248  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:03:42.0196 3248  ITEIO.SYS ( UnsignedFile.Multi.Generic ) - skipped by user
15:03:42.0196 3248  ITEIO.SYS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:03:42.0212 3248  LightScribeService ( UnsignedFile.Multi.Generic ) - skipped by user
15:03:42.0212 3248  LightScribeService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:03:42.0212 3248  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:03:42.0212 3248  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:03:42.0212 3248  NTIBackupSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:03:42.0212 3248  NTIBackupSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:03:42.0212 3248  NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:03:42.0212 3248  NTISchedulerSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:03:42.0212 3248  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
15:03:42.0212 3248  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:03:42.0212 3248  RichVideo ( UnsignedFile.Multi.Generic ) - skipped by user
15:03:42.0212 3248  RichVideo ( UnsignedFile.Multi.Generic ) - User select action: Skip
         


Alt 14.11.2012, 16:42   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC Performer lässt sich nicht löschen - Standard

PC Performer lässt sich nicht löschen



Mach bitte einen CustomScan mit OTL
Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop. Falls schon vorhanden, bitte die ältere vorhandene Datei durch die neu heruntergeladene Datei ersetzen, damit du auch wirklich mit einer aktuellen Version von OTL arbeitest.
  • Starte bitte die OTL.exe.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Kopiere nun den kompletten Inhalt aus der untenstehenden Codebox in die Textbox von OTL - wenn OTL auf deutsch ist wird sie mit beschriftet

Code:
ATTFilter
msconfig
netsvcs
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%SYSTEMROOT%\system32\drivers\*.sys /lockedfiles
%SYSTEMROOT%\System32\config\*.sav
%SYSTEMROOT%\*. /mp /s
%SYSTEMROOT%\system32\*.dll /lockedfiles
CREATERESTOREPOINT
         
  • Schliesse bitte nun alle Programme. (Wichtig)
  • Klicke nun bitte auf den Quick Scan Button.
  • Klick auf .
  • Kopiere nun den Inhalt aus OTL.txt hier in Deinen Thread
__________________
--> PC Performer lässt sich nicht löschen

Alt 15.11.2012, 10:28   #7
sacet
 
PC Performer lässt sich nicht löschen - Standard

PC Performer lässt sich nicht löschen



Code:
ATTFilter
OTL logfile created on: 15.11.2012 10:08:54 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\BozKurT\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19328)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 1,93 Gb Available Physical Memory | 48,18% Memory free
8,19 Gb Paging File | 5,59 Gb Available in Paging File | 68,24% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456,40 Gb Total Space | 315,46 Gb Free Space | 69,12% Space Free | Partition Type: NTFS
Drive D: | 457,11 Gb Total Space | 289,02 Gb Free Space | 63,23% Space Free | Partition Type: NTFS
Unable to calculate disk information.
 
Computer Name: BOZKURT-PC | User Name: BozKurT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.11.15 10:07:02 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\BozKurT\Downloads\OTL(1).exe
PRC - [2012.11.02 20:00:42 | 002,400,800 | ---- | M] () -- C:\ProgramData\PC Performer Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe
PRC - [2012.10.28 14:26:30 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\firefox.exe
PRC - [2012.10.28 14:26:16 | 000,016,864 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\plugin-container.exe
PRC - [2012.10.09 22:01:14 | 001,807,800 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
PRC - [2012.09.29 18:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
PRC - [2012.08.14 12:58:58 | 000,646,800 | ---- | M] (McAfee, Inc.) -- c:\PROGRA~2\mcafee\SITEAD~1\saui.exe
PRC - [2011.04.12 09:44:38 | 000,247,760 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe
PRC - [2011.04.12 09:44:36 | 000,337,872 | ---- | M] (Threat Expert Ltd.) -- C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe
PRC - [2011.02.23 21:19:22 | 000,371,200 | ---- | M] (shbox.de) -- C:\Program Files (x86)\FreePDF_XP\fpassist.exe
PRC - [2009.03.23 23:03:18 | 000,606,736 | ---- | M] (McAfee, Inc.) -- C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe
PRC - [2009.03.19 10:42:02 | 000,884,360 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe
PRC - [2009.01.09 11:31:16 | 002,482,848 | ---- | M] (McAfee, Inc.) -- c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe
PRC - [2009.01.09 09:22:10 | 000,026,640 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee\MSK\MskSrver.exe
PRC - [2009.01.09 08:06:52 | 000,359,952 | ---- | M] (McAfee, Inc.) -- c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe
PRC - [2009.01.08 20:30:26 | 000,797,864 | ---- | M] (McAfee, Inc.) -- C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe
PRC - [2009.01.08 20:30:26 | 000,645,328 | ---- | M] (McAfee, Inc.) -- C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe
PRC - [2008.07.29 17:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
PRC - [2008.07.29 17:52:56 | 000,454,704 | ---- | M] (Egis inc.) -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMSNLoader32.exe
PRC - [2008.05.20 17:50:50 | 000,269,448 | ---- | M] (CyberLink) -- C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
PRC - [2008.01.21 03:50:17 | 000,151,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\schtasks.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.11.02 20:00:42 | 002,400,800 | ---- | M] () -- C:\ProgramData\PC Performer Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe
MOD - [2012.11.02 19:59:20 | 002,139,168 | ---- | M] () -- c:\ProgramData\PC Performer Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.dll
MOD - [2012.10.28 14:26:16 | 002,295,264 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\mozjs.dll
MOD - [2012.10.09 22:01:13 | 009,814,968 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll
MOD - [2011.11.01 23:26:32 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011.11.01 23:26:12 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2008.04.28 09:49:20 | 000,003,072 | ---- | M] () -- C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2007.01.16 23:35:02 | 000,566,768 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\dlcdcoms.exe -- (dlcd_device)
SRV - [2012.11.02 20:00:42 | 002,400,800 | ---- | M] () [Auto | Running] -- C:\ProgramData\PC Performer Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.exe -- (PC Performer Manager)
SRV - [2012.10.28 14:26:30 | 000,115,168 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.10.09 22:01:14 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.09.29 18:54:26 | 000,676,936 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2012.09.29 18:54:26 | 000,399,432 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2012.09.12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012.09.12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.06.15 11:26:32 | 000,103,472 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe -- (McAfee SiteAdvisor Service)
SRV - [2012.02.04 23:16:19 | 000,419,624 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2011.04.12 09:44:36 | 000,337,872 | ---- | M] (Threat Expert Ltd.) [Auto | Running] -- C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe -- (Browser Defender Update Service)
SRV - [2011.03.28 20:11:06 | 002,292,096 | ---- | M] (Microsoft Corp.) [Auto | Running] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009.04.01 13:21:30 | 000,696,848 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Programme\McAfee\VirusScan\mcods.exe -- (McODS)
SRV - [2009.03.30 05:42:14 | 000,066,368 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.03.25 09:59:30 | 000,153,920 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Programme\McAfee\VirusScan\Mcshield.exe -- (McShield)
SRV - [2009.03.23 23:03:18 | 000,606,736 | ---- | M] (McAfee, Inc.) [On_Demand | Running] -- C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe -- (McSysmon)
SRV - [2009.03.19 10:42:02 | 000,884,360 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe -- (MpfService)
SRV - [2009.01.09 11:31:16 | 002,482,848 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe -- (McNASvc)
SRV - [2009.01.09 09:22:10 | 000,026,640 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files (x86)\McAfee\MSK\MskSrver.exe -- (MSK80Service)
SRV - [2009.01.09 08:06:52 | 000,359,952 | ---- | M] (McAfee, Inc.) [Auto | Running] -- c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe -- (McProxy)
SRV - [2009.01.08 20:30:26 | 000,797,864 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe -- (mcmscsvc)
SRV - [2008.08.19 14:27:22 | 000,024,576 | ---- | M] () [Auto | Running] -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe -- (ETService)
SRV - [2008.07.29 17:53:00 | 000,500,784 | ---- | M] (Egis Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe -- (eDataSecurity Service)
SRV - [2008.05.20 17:50:50 | 000,269,448 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe -- (Acer HomeMedia Connect Service)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.09.29 18:54:26 | 000,025,928 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2012.08.30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.07.09 12:42:54 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.02.29 14:52:46 | 000,016,384 | ---- | M] (Microsoft Corporation) [Recognizer | System | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.03.10 09:07:24 | 000,282,440 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PCTCore64.sys -- (PCTCore)
DRV:64bit: - [2010.07.16 13:53:32 | 000,816,016 | ---- | M] (PC Tools) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\pctEFA64.sys -- (pctEFA)
DRV:64bit: - [2010.06.29 09:35:34 | 000,452,872 | ---- | M] (PC Tools) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pctDS64.sys -- (pctDS)
DRV:64bit: - [2009.10.01 01:51:42 | 000,046,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\wpdusb.sys -- (WpdUsb)
DRV:64bit: - [2009.04.11 06:39:37 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser.sys -- (usbser)
DRV:64bit: - [2009.03.25 10:06:22 | 000,307,400 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)
DRV:64bit: - [2009.03.25 10:06:22 | 000,102,600 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)
DRV:64bit: - [2009.03.25 10:06:22 | 000,049,480 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfesmfk.sys -- (mfesmfk)
DRV:64bit: - [2009.03.25 09:59:38 | 000,040,904 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mferkdk.sys -- (mferkdk)
DRV:64bit: - [2008.10.23 13:08:54 | 000,176,144 | ---- | M] (McAfee, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\Mpfp.sys -- (MPFP)
DRV:64bit: - [2008.08.05 05:29:26 | 000,056,352 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2008.07.29 17:53:50 | 000,060,976 | ---- | M] (Egis Incorporated) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\PSDVdisk.sys -- (psdvdisk)
DRV:64bit: - [2008.07.29 17:53:50 | 000,021,040 | ---- | M] (Egis Incorporated) [Kernel | Auto | Running] -- C:\Windows\SysNative\DRIVERS\PSDNServ.sys -- (PSDNServ)
DRV:64bit: - [2008.07.29 17:53:48 | 000,022,064 | ---- | M] (Egis Incorporated) [File_System | Boot | Running] -- C:\Windows\SysNative\DRIVERS\psdfilter.sys -- (PSDFilter)
DRV:64bit: - [2008.06.27 06:51:10 | 000,088,632 | ---- | M] (Adobe Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\adfs.sys -- (adfs)
DRV:64bit: - [2008.05.02 09:58:50 | 000,008,704 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2008.05.02 09:58:48 | 000,018,432 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcdx64)
DRV:64bit: - [2008.02.25 15:29:24 | 000,013,144 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ITEIO.sys -- (ITEIO.SYS)
DRV:64bit: - [2008.01.31 01:48:32 | 000,016,384 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2008.01.31 01:48:16 | 000,016,384 | ---- | M] (NewTech Infosystems Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2007.04.23 14:44:12 | 001,533,952 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\DRIVERS\camdrv42.sys -- (camdrv42)
DRV - [2008.08.19 14:23:00 | 000,017,952 | ---- | M] (Acer, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysWOW64\drivers\int15_64.sys -- (int15)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
 
 
 
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.claro-search.com/?affID=114506&tt=4512_8&babsrc=HP_clro&mntrId=860a142b0000000000000021974c2d90
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.claro-search.com/?affID=114506&tt=4512_8&babsrc=HP_clro&mntrId=860a142b0000000000000021974c2d90
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.claro-search.com/?q={searchTerms}&affID=114506&tt=4512_8&babsrc=SP_clro&mntrId=860a142b0000000000000021974c2d90
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=SPC2&o=15000&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=PV&apn_dtid=YYYYYYYYDE&apn_uid=85396978-02C6-4A68-872D-01726847A8DD&apn_sauid=67FAE059-6309-46A6-9C51-F1E2ACB5FAB1
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7GGLL_de
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;*.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.5.0
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {5B52016C-D097-4aec-BE61-9F129D8FDDBA}:2.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:3.0.0.311
FF - prefs.js..network.proxy.http: "localhost"
FF - prefs.js..network.proxy.http_port: 9666
FF - prefs.js..network.proxy.socks: "localhost"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "localhost"
FF - prefs.js..network.proxy.ssl_port: 9666
FF - prefs.js..network.proxy.type: 0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009.10.31 18:07:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\PC Tools Security\BDT\Firefox\ [2011.04.17 13:06:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{EB132DB0-A4CA-11DF-9732-0E29E0D72085}: C:\Program Files (x86)\Object\facetheme
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012.08.23 17:53:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\components [2012.10.28 14:26:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\plugins [2012.11.09 21:57:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009.10.31 18:07:06 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{EB132DB0-A4CA-11DF-9732-0E29E0D72085}: C:\Program Files (x86)\Object\facetheme
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{dfefbe51-ca52-484b-adf0-6b158b05262d}: C:\ProgramData\PC Performer Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\FirefoxExtension [2012.11.11 13:26:25 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\components [2012.10.28 14:26:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\plugins [2012.11.09 21:57:55 | 000,000,000 | ---D | M]
 
[2009.11.16 19:33:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BozKurT\AppData\Roaming\mozilla\Extensions
[2009.11.16 19:33:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BozKurT\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2012.11.12 13:12:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BozKurT\AppData\Roaming\mozilla\Firefox\Profiles\bah1vfjy.default\extensions
[2009.08.28 19:07:11 | 000,000,000 | ---D | M] ("UltraSurf Firefox Tool") -- C:\Users\BozKurT\AppData\Roaming\mozilla\Firefox\Profiles\bah1vfjy.default\extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA}
[2012.11.12 13:09:18 | 000,000,000 | ---D | M] ("Savings Sidekick") -- C:\Users\BozKurT\AppData\Roaming\mozilla\Firefox\Profiles\bah1vfjy.default\extensions\crossriderapp5060@crossrider.com
[2012.11.12 13:09:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BozKurT\AppData\Roaming\mozilla\Firefox\Profiles\bah1vfjy.default\extensions\crossriderapp5060@crossrider.com\chrome\content\extensionCode
[2011.07.29 12:42:16 | 000,002,396 | ---- | M] () -- C:\Users\BozKurT\AppData\Roaming\mozilla\firefox\profiles\bah1vfjy.default\searchplugins\askcom.xml
[2010.12.25 22:55:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.05.15 15:08:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.25 10:59:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.11 21:57:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.12.23 22:43:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2012.08.23 17:53:45 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2010.11.12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
 
O1 HOSTS File: ([2006.09.18 22:37:24 | 000,000,761 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\MSKAPB~1.DLL ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\Programme\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2:64bit: - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\ActiveToolBand.dll (Egis)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7529.1424\swg64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\mskapbho.dll ()
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.)
O3 - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3:64bit: - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4:64bit: - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Programme\Acer\Empowering Technology\SysMonitor.exe ()
O4:64bit: - HKLM..\Run: [eDataSecurity Loader] C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSloader.exe (Egis Incorporated)
O4:64bit: - HKLM..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe boot File not found
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\BozKurT\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\BozKurT\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6F21192C-801A-4D88-85E3-3960D83C1647}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~3\pcperf~1\24897~1.175\{61d8b~1\pcpmngr.dll) - c:\ProgramData\PC Performer Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\BozKurT\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\BozKurT\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
 
 
SafeBootMin:64bit: AppMgmt - Service
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: AppMgmt - Service
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: mcmscsvc - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SafeBootMin: MCODS - C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootMin: MsMpSvc - C:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - Service
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: WudfPf - Driver
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: AppMgmt - Service
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: mcmscsvc - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SafeBootNet: MCODS - C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SafeBootNet: MpfService - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SafeBootNet: MsMpSvc - C:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: WudfPf - Driver
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - 
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 11.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - 
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\system32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\Windows\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\system32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Macromedia Shockwave Flash
ActiveX: {D5005030-010B-41D1-07B3-63CCF8A9E4B3} - Java (Sun)
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: {FAB81162-41D7-22A6-A67B-3052AB752D8D} - Internet Explorer
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.mkdmp3enc - C:\PROGRA~2\ACERAR~1\ACERVI~1\Kernel\Burner\MKDMP3Enc.ACM File not found
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: vidc.DIVX - C:\Windows\SysWow64\DivX.dll (DivX, Inc.)
Drivers32: vidc.i420 - i420vfw.dll File not found
Drivers32: vidc.yv12 - yv12vfw.dll File not found
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.13 13:51:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Barons
[2012.11.13 13:49:12 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2012.11.12 20:35:18 | 000,000,000 | ---D | C] -- C:\Users\BozKurT\AppData\Local\{75D5AD27-FC92-4063-A18F-FE1A2BD7E256}
[2012.11.12 13:09:18 | 000,000,000 | ---D | C] -- C:\Users\BozKurT\AppData\Local\Savings Sidekick
[2012.11.11 13:26:32 | 000,000,000 | ---D | C] -- C:\Users\BozKurT\AppData\Roaming\PerformerSoft
[2012.11.11 13:26:31 | 000,019,000 | ---- | C] (PerformerSoft LLC) -- C:\Windows\SysNative\roboot64.exe
[2012.11.11 13:26:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer
[2012.11.11 13:26:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Performer
[2012.11.11 13:26:23 | 000,000,000 | ---D | C] -- C:\Users\BozKurT\AppData\Roaming\Babylon
[2012.11.11 13:26:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2012.11.11 13:26:17 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Performer Manager
[2012.11.11 13:26:10 | 000,000,000 | ---D | C] -- C:\Users\BozKurT\AppData\Roaming\EAC
[2012.11.11 13:26:10 | 000,000,000 | ---D | C] -- C:\Users\BozKurT\AppData\Roaming\AccurateRip
[2012.11.11 13:26:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy
[2012.11.11 13:03:00 | 000,000,000 | ---D | C] -- C:\TOEFL
[2012.11.11 12:27:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDex
[2012.11.11 12:27:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDex
[2012.11.09 21:58:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.10.28 14:25:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8
[2012.10.27 00:14:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.27 00:14:43 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.10.27 00:14:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.15 10:17:55 | 001,486,574 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.15 10:17:55 | 000,643,256 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.15 10:17:55 | 000,608,462 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.15 10:17:55 | 000,134,094 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.15 10:17:55 | 000,109,942 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.15 10:01:15 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.15 10:00:06 | 000,101,323 | ---- | M] () -- C:\Windows\SysNative\Config.MPF
[2012.11.15 09:59:36 | 000,070,161 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.11.15 09:59:36 | 000,070,161 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.11.15 09:59:28 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2012.11.15 09:59:19 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.15 09:59:17 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.15 09:59:16 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.15 09:59:08 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.14 22:27:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.14 22:23:45 | 000,002,655 | ---- | M] () -- C:\Users\BozKurT\Desktop\Microsoft Office Word 2007.lnk
[2012.11.14 19:29:08 | 000,321,378 | ---- | M] () -- C:\Windows\SULO.xml
[2012.11.14 17:04:11 | 000,000,075 | ---- | M] () -- C:\Windows\userList.xml
[2012.11.14 15:02:17 | 000,000,280 | ---- | M] () -- C:\Windows\tasks\PC Performer_DEFAULT.job
[2012.11.14 14:58:06 | 000,000,512 | ---- | M] () -- C:\Users\BozKurT\Desktop\MBR.dat
[2012.11.14 13:26:09 | 000,000,288 | ---- | M] () -- C:\Windows\tasks\PC Performer_UPDATES.job
[2012.11.14 13:08:16 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{02699C6C-8FF1-48F0-B164-29AFEDC7D129}.job
[2012.11.13 17:04:12 | 000,321,548 | ---- | M] () -- C:\Windows\Suleyman.xml
[2012.11.13 13:52:33 | 000,001,863 | ---- | M] () -- C:\Users\Public\Desktop\Toefl.lnk
[2012.11.13 13:49:12 | 147,368,448 | ---- | M] () -- C:\Toefl.msi
[2012.10.28 20:24:46 | 002,594,369 | ---- | M] () -- C:\Users\BozKurT\Desktop\CIMG2548.JPG
[2012.10.28 20:24:40 | 002,682,765 | ---- | M] () -- C:\Users\BozKurT\Desktop\CIMG2549.JPG
 
========== Files Created - No Company Name ==========
 
[2012.11.14 19:29:08 | 000,321,378 | ---- | C] () -- C:\Windows\SULO.xml
[2012.11.14 14:58:06 | 000,000,512 | ---- | C] () -- C:\Users\BozKurT\Desktop\MBR.dat
[2012.11.13 17:04:12 | 000,321,548 | ---- | C] () -- C:\Windows\Suleyman.xml
[2012.11.13 13:55:26 | 000,000,075 | ---- | C] () -- C:\Windows\userList.xml
[2012.11.13 13:52:33 | 000,001,875 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toefl.lnk
[2012.11.13 13:52:33 | 000,001,863 | ---- | C] () -- C:\Users\Public\Desktop\Toefl.lnk
[2012.11.13 13:50:00 | 147,368,448 | ---- | C] () -- C:\Toefl.msi
[2012.11.11 13:26:38 | 000,000,288 | ---- | C] () -- C:\Windows\tasks\PC Performer_UPDATES.job
[2012.11.11 13:26:38 | 000,000,280 | ---- | C] () -- C:\Windows\tasks\PC Performer_DEFAULT.job
[2012.10.28 20:24:12 | 002,682,765 | ---- | C] () -- C:\Users\BozKurT\Desktop\CIMG2549.JPG
[2012.10.28 20:24:12 | 002,594,369 | ---- | C] () -- C:\Users\BozKurT\Desktop\CIMG2548.JPG
[2012.07.21 19:00:39 | 004,503,728 | ---- | C] () -- C:\ProgramData\0tbpw.pad
[2012.02.05 14:49:49 | 000,001,235 | ---- | C] () -- C:\Users\BozKurT\Free YouTube to MP3 Converter.lnk
[2011.10.04 17:40:21 | 000,000,043 | ---- | C] () -- C:\Windows\gswin32.ini
[2011.08.10 15:19:08 | 000,107,520 | -HS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll
[2011.07.03 09:15:17 | 000,000,732 | ---- | C] () -- C:\Users\BozKurT\AppData\Local\d3d9caps64.dat
[2011.04.17 13:06:42 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2011.04.17 09:27:54 | 000,013,126 | -HS- | C] () -- C:\Users\BozKurT\AppData\Local\5d1e4t7jkc1e052e11b1pvh
[2011.04.17 09:27:54 | 000,013,126 | -HS- | C] () -- C:\ProgramData\5d1e4t7jkc1e052e11b1pvh
[2011.02.10 15:31:33 | 001,516,920 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.01.12 20:56:49 | 000,001,356 | ---- | C] () -- C:\Users\BozKurT\AppData\Local\d3d9caps.dat
[2010.10.23 20:48:16 | 000,070,161 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010.10.23 20:48:16 | 000,070,161 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010.02.18 22:41:54 | 000,000,600 | ---- | C] () -- C:\Users\BozKurT\PUTTY.RND
[2009.04.02 22:42:33 | 000,000,011 | ---- | C] () -- C:\ProgramData\.tv5
[2009.03.19 13:28:41 | 000,167,936 | ---- | C] () -- C:\Users\BozKurT\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006.11.02 16:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.08 18:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.04.11 08:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008.01.21 03:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2008.10.31 20:05:47 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Acer GameZone Console
[2012.10.27 00:22:45 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Ameki
[2012.11.11 12:26:14 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Audacity
[2012.11.11 13:26:23 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Babylon
[2011.06.29 07:15:42 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Daopu
[2012.09.20 18:10:14 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\DVDVideoSoft
[2011.08.26 12:22:41 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.10.11 18:32:06 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\EA
[2012.11.11 13:26:14 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\EAC
[2012.05.01 16:26:45 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Epson
[2009.08.12 20:03:24 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\eSobi
[2011.08.13 00:21:29 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Eztycu
[2012.06.24 17:38:39 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\FileZilla
[2011.10.04 17:37:33 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\FreePDF
[2010.11.23 15:32:17 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\GetRightToGo
[2010.12.29 22:23:11 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Gify
[2012.10.27 00:24:00 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Iqwoy
[2009.11.16 19:34:09 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\LimeWire
[2012.06.23 13:38:11 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\OpenCandy
[2012.11.11 13:26:32 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\PerformerSoft
[2011.01.12 20:55:57 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Siri
[2009.08.27 18:57:58 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\StreamTorrent
[2009.04.02 23:01:20 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\TwonkyMedia
[2012.10.18 12:08:00 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\UseNeXT
[2008.10.31 20:05:47 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Acer GameZone Console
[2008.10.31 20:05:47 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Acer GameZone Console
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2009.03.18 12:57:35 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN
[2010.06.27 16:50:40 | 000,000,000 | ---D | M] -- C:\2e62187dcbb202b728464787d57ca8
[2009.04.29 20:35:32 | 000,000,000 | ---D | M] -- C:\ACER
[2009.03.18 12:56:36 | 000,000,000 | ---D | M] -- C:\ACERSW
[2010.06.25 11:23:21 | 000,000,000 | ---D | M] -- C:\bc404cac2a095de0d1768adc38
[2008.10.31 20:18:22 | 000,000,000 | ---D | M] -- C:\Book
[2009.08.01 00:49:18 | 000,000,000 | -HSD | M] -- C:\Boot
[2006.11.02 16:42:17 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2009.03.18 12:50:42 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2010.11.26 17:35:56 | 000,000,000 | ---D | M] -- C:\games
[2008.10.31 19:34:51 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2009.08.12 21:09:21 | 000,000,000 | ---D | M] -- C:\NarutoPage
[2010.02.08 15:04:43 | 000,000,000 | ---D | M] -- C:\Netgear
[2008.01.21 04:04:13 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.10.09 16:23:42 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.11.13 13:51:13 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2012.11.12 13:10:49 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2009.03.18 12:50:42 | 000,000,000 | -HSD | M] -- C:\Programme
[2012.11.15 10:11:44 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.11.11 13:03:01 | 000,000,000 | ---D | M] -- C:\TOEFL
[2009.03.18 12:54:01 | 000,000,000 | R--D | M] -- C:\Users
[2012.11.15 09:59:46 | 000,000,000 | ---D | M] -- C:\Windows
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.11.11 13:26:15 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\AccurateRip
[2008.10.31 20:05:47 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Acer GameZone Console
[2012.11.07 21:08:22 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Adobe
[2012.10.27 00:22:45 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Ameki
[2010.06.23 22:51:07 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Apple Computer
[2012.11.11 12:26:14 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Audacity
[2012.11.11 13:26:23 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Babylon
[2009.07.05 18:22:58 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\CyberLink
[2011.06.29 07:15:42 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Daopu
[2010.08.26 12:37:57 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\DivX
[2012.10.17 14:19:36 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\dvdcss
[2012.09.20 18:10:14 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\DVDVideoSoft
[2011.08.26 12:22:41 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\DVDVideoSoftIEHelpers
[2009.10.11 18:32:06 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\EA
[2012.11.11 13:26:14 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\EAC
[2012.05.01 16:26:45 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Epson
[2009.08.12 20:03:24 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\eSobi
[2011.08.13 00:21:29 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Eztycu
[2012.06.24 17:38:39 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\FileZilla
[2011.10.04 17:37:33 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\FreePDF
[2010.11.23 15:32:17 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\GetRightToGo
[2010.12.29 22:23:11 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Gify
[2009.03.18 13:51:36 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Google
[2009.11.01 12:25:27 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\HP
[2009.03.18 12:56:58 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Identities
[2012.10.27 00:24:00 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Iqwoy
[2009.11.16 19:34:09 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\LimeWire
[2009.03.18 12:58:27 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Macromedia
[2011.04.17 17:12:57 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Malwarebytes
[2006.11.02 16:07:25 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Media Center Programs
[2012.06.09 14:49:31 | 000,000,000 | --SD | M] -- C:\Users\BozKurT\AppData\Roaming\Microsoft
[2009.03.24 13:52:52 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Mozilla
[2012.06.23 13:38:11 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\OpenCandy
[2012.11.11 13:26:32 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\PerformerSoft
[2011.01.12 20:55:57 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Siri
[2009.08.27 18:57:58 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\StreamTorrent
[2009.11.25 20:40:29 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\TVU networks
[2009.04.02 23:01:20 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\TwonkyMedia
[2012.10.18 12:08:00 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\UseNeXT
[2009.03.27 15:22:19 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\vlc
[2009.03.20 19:14:29 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\WinRAR
 
< %APPDATA%\*.exe /s >
[2009.09.29 19:29:09 | 000,006,144 | ---- | M] (Electronic Arts Canada) -- C:\Users\BozKurT\AppData\Roaming\EA\EASW\GameFace\DetectOpenGLConsole.exe
[2009.09.29 19:29:08 | 000,005,120 | ---- | M] (Electronic Arts Canada) -- C:\Users\BozKurT\AppData\Roaming\EA\EASW\GameFace\DownloadSourcePhotoConsole.exe
[2009.10.11 18:32:08 | 000,030,208 | ---- | M] (Electronic Arts Canada) -- C:\Users\BozKurT\AppData\Roaming\EA\EASW\GameFace\FileDownloadConsole.exe
[2009.09.30 18:15:50 | 000,013,312 | ---- | M] (Electronic Arts Canada) -- C:\Users\BozKurT\AppData\Roaming\EA\EASW\GameFace\PhotoFaceConsole.exe
[2009.09.29 19:29:04 | 000,009,216 | ---- | M] (Electronic Arts Canada) -- C:\Users\BozKurT\AppData\Roaming\EA\EASW\GameFace\UploadPhotofitConsole.exe
[2009.11.16 19:33:22 | 000,163,840 | ---- | M] (Mozilla Foundation) -- C:\Users\BozKurT\AppData\Roaming\LimeWire\browser\xulrunner\crashreporter.exe
[2009.11.16 19:33:24 | 000,196,608 | ---- | M] (Mozilla Foundation) -- C:\Users\BozKurT\AppData\Roaming\LimeWire\browser\xulrunner\updater.exe
[2009.11.16 19:33:24 | 000,014,848 | ---- | M] () -- C:\Users\BozKurT\AppData\Roaming\LimeWire\browser\xulrunner\xpcshell.exe
[2009.11.16 19:33:24 | 000,077,824 | ---- | M] (Mozilla Foundation) -- C:\Users\BozKurT\AppData\Roaming\LimeWire\browser\xulrunner\xpicleanup.exe
[2009.11.16 19:33:24 | 000,266,240 | ---- | M] (Mozilla Foundation) -- C:\Users\BozKurT\AppData\Roaming\LimeWire\browser\xulrunner\xpidl.exe
[2009.11.16 19:33:24 | 000,018,432 | ---- | M] () -- C:\Users\BozKurT\AppData\Roaming\LimeWire\browser\xulrunner\xpt_dump.exe
[2009.11.16 19:33:24 | 000,014,336 | ---- | M] () -- C:\Users\BozKurT\AppData\Roaming\LimeWire\browser\xulrunner\xpt_link.exe
[2009.11.16 19:33:25 | 000,073,728 | ---- | M] (Mozilla Foundation) -- C:\Users\BozKurT\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner-stub.exe
[2009.11.16 19:33:25 | 000,102,400 | ---- | M] (Mozilla Foundation) -- C:\Users\BozKurT\AppData\Roaming\LimeWire\browser\xulrunner\xulrunner.exe
[2010.11.06 00:16:34 | 002,790,864 | ---- | M] (Adobe Systems, Inc.) -- C:\Users\BozKurT\AppData\Roaming\Macromedia\Flash Player\www.macromedia.com\bin\fpupdatepl\fpupdatepl.exe
[2012.06.23 13:38:22 | 005,152,544 | ---- | M] () -- C:\Users\BozKurT\AppData\Roaming\OpenCandy\82DA78CAACB04E7DBE7C05220327D39F\TuneUpUtilities2012_de-DE_1002175-p1v1.exe
 
< %SYSTEMROOT%\system32\drivers\*.sys /lockedfiles >
 
< %SYSTEMROOT%\System32\config\*.sav >
 
< %SYSTEMROOT%\*. /mp /s >
 
< %SYSTEMROOT%\system32\*.dll /lockedfiles >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:4F636E25

< End of report >
         

Alt 15.11.2012, 17:26   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC Performer lässt sich nicht löschen - Standard

PC Performer lässt sich nicht löschen



Beende alle evtl. geöffneten Programme, auch Virenscanner deaktivieren (!), starte OTL und kopiere folgenden Text in die "Custom Scan/Fixes" Box (unten in OTL): (das ":OTL" muss mitkopiert werden!!!)

Code:
ATTFilter
:OTL
[2012.07.21 19:00:39 | 004,503,728 | ---- | C] () -- C:\ProgramData\0tbpw.pad
[2012.10.27 00:24:00 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Iqwoy
[2011.08.13 00:21:29 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Eztycu
[2012.10.27 00:24:00 | 000,000,000 | ---D | M] -- C:\Users\BozKurT\AppData\Roaming\Iqwoy
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:DFC5A2B2
@Alternate Data Stream - 100 bytes -> C:\ProgramData\TEMP:4F636E25
:Files
ipconfig /flushdns /c
:Commands
[purity]
[emptytemp]
[resethosts]
         
Klick dann oben links auf den Button Fix!
Das Logfile müsste geöffnet werden, wenn Du nach dem Fixen auf ok klickst, poste das bitte. Evtl. wird der Rechner neu gestartet.

Die mit diesem Script gefixten Einträge, Dateien und Ordner werden zur Sicherheit nicht vollständig gelöscht, es wird eine Sicherheitskopie auf der Systempartition im Ordner "_OTL" erstellt.

Hinweis: Das obige Script ist nur für diesen einen User in dieser Situtation erstellt worden. Es ist auf keinen anderen Rechner portierbar und darf nicht anderweitig verwandt werden, da es das System nachhaltig schädigen kann!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 15.11.2012, 23:02   #9
sacet
 
PC Performer lässt sich nicht löschen - Standard

PC Performer lässt sich nicht löschen



Hab den Code eingegeben und auf Fix geklickt.
Programm bleibt bei
Code:
ATTFilter
[emptytemp]
[resethosts]
         
hängen. Es lädt, aber es kommt keine Rückmeldung.

-------------------------------------------------------

Hat sich doch etwas getan.
Neustart und dieses Script:

Code:
ATTFilter
All processes killed
========== OTL ==========
C:\ProgramData\0tbpw.pad moved successfully.
C:\Users\BozKurT\AppData\Roaming\Iqwoy folder moved successfully.
C:\Users\BozKurT\AppData\Roaming\Eztycu folder moved successfully.
Folder C:\Users\BozKurT\AppData\Roaming\Iqwoy\ not found.
ADS C:\ProgramData\TEMP:430C6D84 deleted successfully.
ADS C:\ProgramData\TEMP:DFC5A2B2 deleted successfully.
ADS C:\ProgramData\TEMP:4F636E25 deleted successfully.
========== FILES ==========
< ipconfig /flushdns /c >
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
C:\Users\BozKurT\Downloads\cmd.bat deleted successfully.
C:\Users\BozKurT\Downloads\cmd.txt deleted successfully.
========== COMMANDS ==========
 
[EMPTYTEMP]
 
User: All Users
 
User: BozKurT
->Temp folder emptied: 73439795 bytes
->Temporary Internet Files folder emptied: 2668292 bytes
->Java cache emptied: 32338174 bytes
->FireFox cache emptied: 58149293 bytes
->Flash cache emptied: 2800925 bytes
 
User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
 
User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
 
User: Public
 
%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 170251 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 53212 bytes
RecycleBin emptied: 0 bytes
 
Total Files Cleaned = 162,00 mb
 
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.
HOSTS file reset successfully
 
OTL by OldTimer - Version 3.2.69.0 log created on 11152012_225220

Files\Folders moved on Reboot...
C:\Users\BozKurT\AppData\Local\Mozilla\Firefox\Profiles\bah1vfjy.default\startupCache\startupCache.4.little moved successfully.
C:\Users\BozKurT\AppData\Local\Mozilla\Firefox\Profiles\bah1vfjy.default\Cache\_CACHE_001_ moved successfully.
C:\Users\BozKurT\AppData\Local\Mozilla\Firefox\Profiles\bah1vfjy.default\Cache\_CACHE_002_ moved successfully.
C:\Users\BozKurT\AppData\Local\Mozilla\Firefox\Profiles\bah1vfjy.default\Cache\_CACHE_003_ moved successfully.
C:\Users\BozKurT\AppData\Local\Mozilla\Firefox\Profiles\bah1vfjy.default\Cache\_CACHE_MAP_ moved successfully.
C:\Users\BozKurT\AppData\Local\Mozilla\Firefox\Profiles\bah1vfjy.default\urlclassifier3.sqlite moved successfully.
File\Folder C:\Windows\temp\mcafee_TqFToQeNUwHN3aC not found!
File\Folder C:\Windows\temp\mcafee_ZU8at1VDhp3TcWe not found!
File\Folder C:\Windows\temp\mcmsc_5qFYqu06jlIeZyy not found!
File\Folder C:\Windows\temp\mcmsc_Odb78ryVvsed243 not found!
File\Folder C:\Windows\temp\sqlite_cZGFoBnCJj3no6h not found!
File\Folder C:\Windows\temp\sqlite_S1zSX3gDFz4FBsZ not found!
File\Folder C:\Windows\temp\sqlite_UgFis78XNnWFbvo not found!
File\Folder C:\Windows\temp\sqlite_YndnMcYLBZQDuAF not found!
File move failed. C:\Windows\System32\drivers\etc\Hosts scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
         
PC Performer öffnet sich immer noch, leider.

Geändert von sacet (15.11.2012 um 23:14 Uhr)

Alt 16.11.2012, 09:34   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC Performer lässt sich nicht löschen - Standard

PC Performer lässt sich nicht löschen



adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 16.11.2012, 10:00   #11
sacet
 
PC Performer lässt sich nicht löschen - Standard

PC Performer lässt sich nicht löschen



adwCleaner:

Code:
ATTFilter
# AdwCleaner v2.007 - Datei am 16/11/2012 um 10:00:10 erstellt
# Aktualisiert am 06/11/2012 von Xplode
# Betriebssystem : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# Benutzer : BozKurT - BOZKURT-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\BozKurT\Downloads\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****

Gefunden : PC Performer Manager

***** [Dateien / Ordner] *****

Datei Gefunden : C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\searchplugins\Askcom.xml
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\ProgramData\pc performer manager
Ordner Gefunden : C:\Users\BozKurT\AppData\Local\Savings Sidekick
Ordner Gefunden : C:\Users\BozKurT\AppData\Roaming\Babylon
Ordner Gefunden : C:\Users\BozKurT\AppData\Roaming\OpenCandy

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Savings Sidekick
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\Cr_Installer
Schlüssel Gefunden : HKCU\Software\DataMngr
Schlüssel Gefunden : HKCU\Software\DataMngr_Toolbar
Schlüssel Gefunden : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\facetheme
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Savings Sidekick
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schlüssel Gefunden : HKLM\Software\Babylon
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\Software\DataMngr
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220022502260}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Schlüssel Gefunden : HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gefunden : HKCU\Software\Mozilla\Firefox\Extensions [{EB132DB0-A4CA-11DF-9732-0E29E0D72085}]
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{EB132DB0-A4CA-11DF-9732-0E29E0D72085}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{9E131A93-EED7-4BEB-B015-A0ADB30B5646}]
Wert Gefunden : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{D0F4A166-B8D4-48b8-9D63-80849FE137CB}]

***** [Internet Browser] *****

-\\ Internet Explorer v8.0.6001.19328

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.claro-search.com/?affID=114506&tt=4512_8&babsrc=HP_clro&mntrId=860a142b0000000000000021974c2d90
[HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] = hxxp://www.claro-search.com/?affID=114506&tt=4512_8&babsrc=HP_clro&mntrId=860a142b0000000000000021974c2d90

-\\ Mozilla Firefox v16.0.2 (de)

Profilname : default 
Datei : C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\prefs.js

Gefunden : user_pref("avg.install.userHPSettings", "hxxp://www.claro-search.com/?affID=114506&tt=4512_8&babsrc=[...]
Gefunden : user_pref("avg.install.userSPSettings", "Claro Search");
Gefunden : user_pref("browser.search.defaultengine", "Ask.com");
Gefunden : user_pref("extensions.BabylonToolbar_i.newTab", true);
Gefunden : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.claro-search.com/?affID=114506&tt=451[...]
Gefunden : user_pref("extensions.claro.admin", false);
Gefunden : user_pref("extensions.claro.aflt", "babsst");
Gefunden : user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}");
Gefunden : user_pref("extensions.claro.dfltLng", "en");
Gefunden : user_pref("extensions.claro.excTlbr", false);
Gefunden : user_pref("extensions.claro.id", "860a142b0000000000000021974c2d90");
Gefunden : user_pref("extensions.claro.instlDay", "15655");
Gefunden : user_pref("extensions.claro.instlRef", "sst");
Gefunden : user_pref("extensions.claro.prdct", "claro");
Gefunden : user_pref("extensions.claro.prtnrId", "claro");
Gefunden : user_pref("extensions.claro.tlbrId", "claro");
Gefunden : user_pref("extensions.claro.tlbrSrchUrl", "");
Gefunden : user_pref("extensions.claro.vrsn", "1.8.3.10");
Gefunden : user_pref("extensions.claro.vrsni", "1.8.3.10");
Gefunden : user_pref("extensions.claro_i.smplGrp", "none");
Gefunden : user_pref("extensions.claro_i.vrsnTs", "1.8.3.1013:26:43");

*************************

AdwCleaner[R1].txt - [6161 octets] - [16/11/2012 10:00:10]

########## EOF - C:\AdwCleaner[R1].txt - [6221 octets] ##########
         

Alt 16.11.2012, 11:37   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC Performer lässt sich nicht löschen - Standard

PC Performer lässt sich nicht löschen



Versuch bitte alle im adwCleaner-Log erwähnten Einträge (wie zB Babylon oder Conduit) über die Systemsteuerung zu deinstallieren, danach ein neues Suchlog mit dem adwCleaner machen.
Reste und was sich nicht deinstallieren lassen will machen wir mit dem adwCleaner weg.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 16.11.2012, 14:15   #13
sacet
 
PC Performer lässt sich nicht löschen - Standard

PC Performer lässt sich nicht löschen



Ich finde keines der genannten Programmen in der Systemsteuerung.

Alt 16.11.2012, 15:23   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
PC Performer lässt sich nicht löschen - Standard

PC Performer lässt sich nicht löschen



adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 16.11.2012, 17:18   #15
sacet
 
PC Performer lässt sich nicht löschen - Standard

PC Performer lässt sich nicht löschen



adwCleaner:

Code:
ATTFilter
# AdwCleaner v2.007 - Datei am 16/11/2012 um 16:33:57 erstellt
# Aktualisiert am 06/11/2012 von Xplode
# Betriebssystem : Windows (TM) Vista Home Premium Service Pack 2 (64 bits)
# Benutzer : BozKurT - BOZKURT-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\BozKurT\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : PC Performer Manager

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\searchplugins\Askcom.xml
Gelöscht mit Neustart : C:\ProgramData\Babylon
Gelöscht mit Neustart : C:\ProgramData\pc performer manager
Gelöscht mit Neustart : C:\Users\BozKurT\AppData\Local\Savings Sidekick
Gelöscht mit Neustart : C:\Users\BozKurT\AppData\Roaming\Babylon
Gelöscht mit Neustart : C:\Users\BozKurT\AppData\Roaming\OpenCandy

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Savings Sidekick
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Cr_Installer
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\facetheme
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Savings Sidekick
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220022502260}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660}
Schlüssel Gelöscht : HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{EB132DB0-A4CA-11DF-9732-0E29E0D72085}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{EB132DB0-A4CA-11DF-9732-0E29E0D72085}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{9E131A93-EED7-4BEB-B015-A0ADB30B5646}]

***** [Internet Browser] *****

-\\ Internet Explorer v8.0.6001.19328

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.claro-search.com/?affID=114506&tt=4512_8&babsrc=HP_clro&mntrId=860a142b0000000000000021974c2d90 --> hxxp://www.google.com
Gelöscht : [HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page]

-\\ Mozilla Firefox v16.0.2 (de)

Profilname : default 
Datei : C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\prefs.js

C:\Users\BozKurT\AppData\Roaming\Mozilla\Firefox\Profiles\bah1vfjy.default\user.js ... Gelöscht !

Gelöscht : user_pref("avg.install.userHPSettings", "hxxp://www.claro-search.com/?affID=114506&tt=4512_8&babsrc=[...]
Gelöscht : user_pref("avg.install.userSPSettings", "Claro Search");
Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Gelöscht : user_pref("extensions.BabylonToolbar_i.newTab", true);
Gelöscht : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.claro-search.com/?affID=114506&tt=451[...]
Gelöscht : user_pref("extensions.claro.admin", false);
Gelöscht : user_pref("extensions.claro.aflt", "babsst");
Gelöscht : user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}");
Gelöscht : user_pref("extensions.claro.dfltLng", "en");
Gelöscht : user_pref("extensions.claro.excTlbr", false);
Gelöscht : user_pref("extensions.claro.id", "860a142b0000000000000021974c2d90");
Gelöscht : user_pref("extensions.claro.instlDay", "15655");
Gelöscht : user_pref("extensions.claro.instlRef", "sst");
Gelöscht : user_pref("extensions.claro.prdct", "claro");
Gelöscht : user_pref("extensions.claro.prtnrId", "claro");
Gelöscht : user_pref("extensions.claro.tlbrId", "claro");
Gelöscht : user_pref("extensions.claro.tlbrSrchUrl", "");
Gelöscht : user_pref("extensions.claro.vrsn", "1.8.3.10");
Gelöscht : user_pref("extensions.claro.vrsni", "1.8.3.10");
Gelöscht : user_pref("extensions.claro_i.smplGrp", "none");
Gelöscht : user_pref("extensions.claro_i.vrsnTs", "1.8.3.1013:26:43");

*************************

AdwCleaner[R1].txt - [6284 octets] - [16/11/2012 10:00:10]
AdwCleaner[S2].txt - [5916 octets] - [16/11/2012 16:33:57]

########## EOF - C:\AdwCleaner[S2].txt - [5976 octets] ##########
         

OTL:

Code:
ATTFilter
OTL logfile created on: 16.11.2012 17:00:33 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\BozKurT\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19328)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,05 Gb Available Physical Memory | 51,25% Memory free
8,19 Gb Paging File | 5,87 Gb Available in Paging File | 71,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456,40 Gb Total Space | 309,66 Gb Free Space | 67,85% Space Free | Partition Type: NTFS
Drive D: | 457,11 Gb Total Space | 289,02 Gb Free Space | 63,23% Space Free | Partition Type: NTFS
Unable to calculate disk information.
 
Computer Name: BOZKURT-PC | User Name: BozKurT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\BozKurT\Downloads\OTL(1).exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - c:\PROGRA~2\mcafee\SITEAD~1\saui.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
PRC - C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.)
PRC - C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
PRC - C:\Windows\SysWOW64\conime.exe (Microsoft Corporation)
PRC - C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
PRC - c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
PRC - c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee, Inc.)
PRC - C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
PRC - c:\PROGRA~2\mcafee.com\agent\mcagent.exe (McAfee, Inc.)
PRC - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
PRC - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSMSNLoader32.exe (Egis inc.)
PRC - C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink)
 
 
========== Modules (No Company Name) ==========
 
MOD - c:\ProgramData\PC Performer Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.dll ()
MOD - C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\mozjs.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BkupTrayLOC.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (dlcd_device) -- C:\Windows\SysNative\dlcdcoms.exe ( )
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (NisSrv) -- C:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- C:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (McAfee SiteAdvisor Service) -- C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe (McAfee, Inc.)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (Browser Defender Update Service) -- C:\Program Files (x86)\PC Tools Security\BDT\BDTUpdateService.exe (Threat Expert Ltd.)
SRV - (wlidsvc) -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (McODS) -- C:\Programme\McAfee\VirusScan\mcods.exe (McAfee, Inc.)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (McShield) -- C:\Programme\McAfee\VirusScan\Mcshield.exe (McAfee, Inc.)
SRV - (McSysmon) -- C:\PROGRA~2\McAfee\VIRUSS~1\mcsysmon.exe (McAfee, Inc.)
SRV - (MpfService) -- C:\Program Files (x86)\McAfee\MPF\MPFSrv.exe (McAfee, Inc.)
SRV - (McNASvc) -- c:\PROGRA~2\COMMON~1\mcafee\mna\mcnasvc.exe (McAfee, Inc.)
SRV - (MSK80Service) -- C:\Program Files (x86)\McAfee\MSK\MskSrver.exe (McAfee, Inc.)
SRV - (McProxy) -- c:\PROGRA~2\COMMON~1\mcafee\mcproxy\mcproxy.exe (McAfee, Inc.)
SRV - (mcmscsvc) -- C:\PROGRA~2\McAfee\MSC\mcmscsvc.exe (McAfee, Inc.)
SRV - (ETService) -- C:\Programme\Acer\Empowering Technology\Service\ETService.exe ()
SRV - (eDataSecurity Service) -- C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe (Egis Incorporated)
SRV - (Acer HomeMedia Connect Service) -- C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe (CyberLink)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\DRIVERS\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\DRIVERS\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\Drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (PCTCore) -- C:\Windows\SysNative\drivers\PCTCore64.sys (PC Tools)
DRV:64bit: - (pctEFA) -- C:\Windows\SysNative\drivers\pctEFA64.sys (PC Tools)
DRV:64bit: - (pctDS) -- C:\Windows\SysNative\drivers\pctDS64.sys (PC Tools)
DRV:64bit: - (WpdUsb) -- C:\Windows\SysNative\DRIVERS\wpdusb.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\DRIVERS\usbser.sys (Microsoft Corporation)
DRV:64bit: - (mfehidk) -- C:\Windows\SysNative\drivers\mfehidk.sys (McAfee, Inc.)
DRV:64bit: - (mfeavfk) -- C:\Windows\SysNative\drivers\mfeavfk.sys (McAfee, Inc.)
DRV:64bit: - (mfesmfk) -- C:\Windows\SysNative\drivers\mfesmfk.sys (McAfee, Inc.)
DRV:64bit: - (mferkdk) -- C:\Windows\SysNative\drivers\mferkdk.sys (McAfee, Inc.)
DRV:64bit: - (MPFP) -- C:\Windows\SysNative\Drivers\Mpfp.sys (McAfee, Inc.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (psdvdisk) -- C:\Windows\SysNative\DRIVERS\PSDVdisk.sys (Egis Incorporated)
DRV:64bit: - (PSDNServ) -- C:\Windows\SysNative\DRIVERS\PSDNServ.sys (Egis Incorporated)
DRV:64bit: - (PSDFilter) -- C:\Windows\SysNative\DRIVERS\psdfilter.sys (Egis Incorporated)
DRV:64bit: - (adfs) -- C:\Windows\SysNative\drivers\adfs.sys (Adobe Systems, Inc.)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\DRIVERS\usbser_lowerfltx64.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (nmwcdx64) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (ITEIO.SYS) -- C:\Windows\SysNative\drivers\ITEIO.sys (Windows (R) Codename Longhorn DDK provider)
DRV:64bit: - (NTIDrvr) -- C:\Windows\SysNative\Drivers\NTIDrvr.sys (NewTech Infosystems, Inc.)
DRV:64bit: - (UBHelper) -- C:\Windows\SysNative\drivers\UBHelper.sys (NewTech Infosystems Corporation)
DRV:64bit: - (camdrv42) -- C:\Windows\SysNative\DRIVERS\camdrv42.sys ()
DRV - (int15) -- C:\Windows\SysWOW64\drivers\int15_64.sys (Acer, Inc.)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&s=1&o=vp64&d=1006&m=aspire_x1700
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data]
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\URLSearchHook: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\URLSearchHook: {472734EA-242A-422b-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.claro-search.com/?q={searchTerms}&affID=114506&tt=4512_8&babsrc=SP_clro&mntrId=860a142b0000000000000021974c2d90
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7GGLL_de
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;*.local
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/"
FF - prefs.js..extensions.enabledAddons: {4ED1F68A-5463-4931-9384-8FFF5ED91D92}:3.5.0
FF - prefs.js..extensions.enabledItems: smartwebprinting@hp.com:4.5
FF - prefs.js..extensions.enabledItems: {B7082FAA-CB62-4872-9106-E42DD88EDE45}:3.3.1
FF - prefs.js..extensions.enabledItems: {5B52016C-D097-4aec-BE61-9F129D8FDDBA}:2.0
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {cb84136f-9c44-433a-9048-c5cd9df1dc16}:3.0.0.311
FF - prefs.js..network.proxy.http: "localhost"
FF - prefs.js..network.proxy.http_port: 9666
FF - prefs.js..network.proxy.socks: "localhost"
FF - prefs.js..network.proxy.socks_port: 9050
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.ssl: "localhost"
FF - prefs.js..network.proxy.ssl_port: 9666
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_287.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@unity3d.com/UnityPlayer: C:\Program Files (x86)\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009.10.31 18:07:06 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{cb84136f-9c44-433a-9048-c5cd9df1dc16}: C:\Program Files (x86)\PC Tools Security\BDT\Firefox\ [2011.04.17 13:06:50 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2012.08.23 17:53:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\components [2012.10.28 14:26:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\plugins [2012.11.09 21:57:55 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2009.10.31 18:07:06 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{dfefbe51-ca52-484b-adf0-6b158b05262d}: C:\ProgramData\PC Performer Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\FirefoxExtension
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\components [2012.10.28 14:26:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 16.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\plugins [2012.11.09 21:57:55 | 000,000,000 | ---D | M]
 
[2009.11.16 19:33:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BozKurT\AppData\Roaming\mozilla\Extensions
[2009.11.16 19:33:28 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BozKurT\AppData\Roaming\mozilla\Extensions\mozswing@mozswing.org
[2012.11.12 13:12:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BozKurT\AppData\Roaming\mozilla\Firefox\Profiles\bah1vfjy.default\extensions
[2009.08.28 19:07:11 | 000,000,000 | ---D | M] ("UltraSurf Firefox Tool") -- C:\Users\BozKurT\AppData\Roaming\mozilla\Firefox\Profiles\bah1vfjy.default\extensions\{5B52016C-D097-4aec-BE61-9F129D8FDDBA}
[2012.11.12 13:09:18 | 000,000,000 | ---D | M] ("Savings Sidekick") -- C:\Users\BozKurT\AppData\Roaming\mozilla\Firefox\Profiles\bah1vfjy.default\extensions\crossriderapp5060@crossrider.com
[2012.11.12 13:09:17 | 000,000,000 | ---D | M] (No name found) -- C:\Users\BozKurT\AppData\Roaming\mozilla\Firefox\Profiles\bah1vfjy.default\extensions\crossriderapp5060@crossrider.com\chrome\content\extensionCode
[2010.12.25 22:55:32 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2010.05.15 15:08:17 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010.08.25 10:59:36 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2010.11.11 21:57:45 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
[2010.12.23 22:43:27 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2012.08.23 17:53:45 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR
[2010.11.12 18:53:06 | 000,472,808 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
 
O1 HOSTS File: ([2012.11.15 23:06:47 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:64bit: - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\MSKAPB~1.DLL ()
O2:64bit: - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\Programme\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2:64bit: - BHO: (ShowBarObj Class) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\ActiveToolBand.dll (Egis)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\5.7.7529.1424\swg64.dll (Google Inc.)
O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (McAfee Phishing Filter) - {27B4851A-3207-45A2-B947-BE8AFE6163AB} - c:\PROGRA~2\mcafee\msk\mskapbho.dll ()
O2 - BHO: (PC Tools Browser Guard BHO) - {2A0F3D1B-0909-4FF4-B272-609CCE6054E7} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (scriptproxy) - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\McAfee\VirusScan\scriptsn.dll (McAfee, Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.7529.1424\swg.dll (Google Inc.)
O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O3 - HKLM\..\Toolbar: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O3 - HKLM\..\Toolbar: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3 - HKLM\..\Toolbar: (no name) - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDStoolbar.dll (Egis Incorporated.)
O3 - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\Toolbar\ShellBrowser: (Acer eDataSecurity Management) - {5CBE3B7C-1E47-477E-A7DD-396DB0476E29} - C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll (Egis Incorporated.)
O3:64bit: - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3 - HKU\S-1-5-21-3668395413-3215351660-3596499305-1000\..\Toolbar\WebBrowser: (PC Tools Browser Guard) - {472734EA-242A-422B-ADF8-83D1E48CC825} - C:\Program Files (x86)\PC Tools Security\BDT\PCTBrowserDefender.dll (Threat Expert Ltd.)
O4:64bit: - HKLM..\Run: [Acer Empowering Technology Monitor] C:\Programme\Acer\Empowering Technology\SysMonitor.exe ()
O4:64bit: - HKLM..\Run: [eDataSecurity Loader] C:\Program Files (x86)\Acer\Empowering Technology\eDataSecurity\x64\eDSloader.exe (Egis Incorporated)
O4:64bit: - HKLM..\Run: [EmpoweringTechnology] C:\Program Files\Acer\Empowering Technology\Framework.Launcher.exe boot File not found
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [ProductReg] C:\Program Files\Acer\WR_PopUp\ProductReg.exe (Acer)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Windows\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [eRecoveryService]  File not found
O4 - HKLM..\Run: [FreePDF Assistant] C:\Program Files (x86)\FreePDF_XP\fpassist.exe (shbox.de)
O4 - HKLM..\Run: [mcagent_exe] C:\Program Files (x86)\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)
O4 - HKLM..\Run: [PCMMediaSharing] C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe ()
O4 - HKLM..\Run: [PCTools FGuard] C:\Program Files (x86)\PC Tools Security\BDT\FGuard.exe (Threat Expert Ltd.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [WindowsWelcomeCenter] C:\Windows\SysWow64\oobefldr.dll (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\BozKurT\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\BozKurT\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} hxxp://messenger.zone.msn.com/MessengerGamesContent/GameContent/de/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} hxxp://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 1.6.0_24)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6F21192C-801A-4D88-85E3-3960D83C1647}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\x64\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll (McAfee, Inc.)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (c:\progra~3\pcperf~1\24897~1.175\{61d8b~1\pcpmngr.dll) - c:\ProgramData\PC Performer Manager\2.4.897.175\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\pcpmngr.dll ()
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\BozKurT\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O24 - Desktop BackupWallPaper: C:\Users\BozKurT\AppData\Roaming\Microsoft\Windows Photo Gallery\Hintergrundbild der Windows-Fotogalerie.jpg
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.15 22:52:20 | 000,000,000 | ---D | C] -- C:\_OTL
[2012.11.13 13:51:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Barons
[2012.11.13 13:49:12 | 000,000,000 | ---D | C] -- C:\Windows\Downloaded Installations
[2012.11.12 20:35:18 | 000,000,000 | ---D | C] -- C:\Users\BozKurT\AppData\Local\{75D5AD27-FC92-4063-A18F-FE1A2BD7E256}
[2012.11.11 13:26:32 | 000,000,000 | ---D | C] -- C:\Users\BozKurT\AppData\Roaming\PerformerSoft
[2012.11.11 13:26:31 | 000,019,000 | ---- | C] (PerformerSoft LLC) -- C:\Windows\SysNative\roboot64.exe
[2012.11.11 13:26:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Performer
[2012.11.11 13:26:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Performer
[2012.11.11 13:26:17 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Performer Manager
[2012.11.11 13:26:10 | 000,000,000 | ---D | C] -- C:\Users\BozKurT\AppData\Roaming\EAC
[2012.11.11 13:26:10 | 000,000,000 | ---D | C] -- C:\Users\BozKurT\AppData\Roaming\AccurateRip
[2012.11.11 13:26:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy
[2012.11.11 13:03:00 | 000,000,000 | ---D | C] -- C:\TOEFL
[2012.11.11 12:27:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDex
[2012.11.11 12:27:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDex
[2012.11.09 21:58:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.11.09 21:57:55 | 000,821,736 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.11.09 21:57:55 | 000,246,760 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.11.09 21:57:21 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.11.09 21:57:21 | 000,095,208 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012.11.09 21:57:20 | 000,174,056 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.10.28 14:25:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8
[2012.10.27 00:14:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2012.10.27 00:14:43 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2012.10.27 00:14:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.16 17:01:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.16 16:43:29 | 001,486,574 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.16 16:43:29 | 000,643,256 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.16 16:43:29 | 000,608,462 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.16 16:43:29 | 000,134,094 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.16 16:43:29 | 000,109,942 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.16 16:36:33 | 000,101,477 | ---- | M] () -- C:\Windows\SysNative\Config.MPF
[2012.11.16 16:36:32 | 000,070,161 | ---- | M] () -- C:\ProgramData\nvModes.dat
[2012.11.16 16:36:32 | 000,070,161 | ---- | M] () -- C:\ProgramData\nvModes.001
[2012.11.16 16:36:11 | 000,000,000 | ---- | M] () -- C:\Windows\SysNative\LogConfigTemp.xml
[2012.11.16 16:36:04 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.16 16:36:04 | 000,003,216 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.16 16:36:04 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.16 16:35:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.16 16:31:35 | 000,000,280 | ---- | M] () -- C:\Windows\tasks\PC Performer_DEFAULT.job
[2012.11.16 16:30:24 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.16 13:03:11 | 003,205,460 | ---- | M] () -- C:\Windows\SysNative\drivers\Cat.DB
[2012.11.15 17:15:21 | 000,321,469 | ---- | M] () -- C:\Windows\0303.xml
[2012.11.15 16:59:08 | 000,000,075 | ---- | M] () -- C:\Windows\userList.xml
[2012.11.15 15:07:46 | 000,000,422 | -H-- | M] () -- C:\Windows\tasks\User_Feed_Synchronization-{02699C6C-8FF1-48F0-B164-29AFEDC7D129}.job
[2012.11.15 13:33:28 | 000,321,475 | ---- | M] () -- C:\Windows\sulo.xml
[2012.11.14 22:23:45 | 000,002,655 | ---- | M] () -- C:\Users\BozKurT\Desktop\Microsoft Office Word 2007.lnk
[2012.11.14 14:58:06 | 000,000,512 | ---- | M] () -- C:\Users\BozKurT\Desktop\MBR.dat
[2012.11.14 13:26:09 | 000,000,288 | ---- | M] () -- C:\Windows\tasks\PC Performer_UPDATES.job
[2012.11.13 17:04:12 | 000,321,548 | ---- | M] () -- C:\Windows\Suleyman.xml
[2012.11.13 13:52:33 | 000,001,863 | ---- | M] () -- C:\Users\Public\Desktop\Toefl.lnk
[2012.11.13 13:49:12 | 147,368,448 | ---- | M] () -- C:\Toefl.msi
[2012.11.09 21:57:10 | 000,095,208 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2012.11.09 21:57:02 | 000,246,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012.11.09 21:57:02 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012.11.09 21:57:01 | 000,174,056 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012.11.09 21:56:59 | 000,821,736 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012.11.09 21:56:59 | 000,746,984 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012.10.28 20:24:46 | 002,594,369 | ---- | M] () -- C:\Users\BozKurT\Desktop\CIMG2548.JPG
[2012.10.28 20:24:40 | 002,682,765 | ---- | M] () -- C:\Users\BozKurT\Desktop\CIMG2549.JPG
 
========== Files Created - No Company Name ==========
 
[2012.11.15 17:15:21 | 000,321,469 | ---- | C] () -- C:\Windows\0303.xml
[2012.11.14 19:29:08 | 000,321,475 | ---- | C] () -- C:\Windows\sulo.xml
[2012.11.14 14:58:06 | 000,000,512 | ---- | C] () -- C:\Users\BozKurT\Desktop\MBR.dat
[2012.11.13 17:04:12 | 000,321,548 | ---- | C] () -- C:\Windows\Suleyman.xml
[2012.11.13 13:55:26 | 000,000,075 | ---- | C] () -- C:\Windows\userList.xml
[2012.11.13 13:52:33 | 000,001,875 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toefl.lnk
[2012.11.13 13:52:33 | 000,001,863 | ---- | C] () -- C:\Users\Public\Desktop\Toefl.lnk
[2012.11.13 13:50:00 | 147,368,448 | ---- | C] () -- C:\Toefl.msi
[2012.11.11 13:26:38 | 000,000,288 | ---- | C] () -- C:\Windows\tasks\PC Performer_UPDATES.job
[2012.11.11 13:26:38 | 000,000,280 | ---- | C] () -- C:\Windows\tasks\PC Performer_DEFAULT.job
[2012.10.28 20:24:12 | 002,682,765 | ---- | C] () -- C:\Users\BozKurT\Desktop\CIMG2549.JPG
[2012.10.28 20:24:12 | 002,594,369 | ---- | C] () -- C:\Users\BozKurT\Desktop\CIMG2548.JPG
[2012.02.05 14:49:49 | 000,001,235 | ---- | C] () -- C:\Users\BozKurT\Free YouTube to MP3 Converter.lnk
[2011.10.04 17:40:21 | 000,000,043 | ---- | C] () -- C:\Windows\gswin32.ini
[2011.08.10 15:19:08 | 000,107,520 | -HS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll
[2011.07.03 09:15:17 | 000,000,732 | ---- | C] () -- C:\Users\BozKurT\AppData\Local\d3d9caps64.dat
[2011.04.17 13:06:42 | 000,767,952 | ---- | C] () -- C:\Windows\BDTSupport.dll
[2011.04.17 09:27:54 | 000,013,126 | -HS- | C] () -- C:\Users\BozKurT\AppData\Local\5d1e4t7jkc1e052e11b1pvh
[2011.04.17 09:27:54 | 000,013,126 | -HS- | C] () -- C:\ProgramData\5d1e4t7jkc1e052e11b1pvh
[2011.02.10 15:31:33 | 001,516,920 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.01.12 20:56:49 | 000,001,356 | ---- | C] () -- C:\Users\BozKurT\AppData\Local\d3d9caps.dat
[2010.10.23 20:48:16 | 000,070,161 | ---- | C] () -- C:\ProgramData\nvModes.dat
[2010.10.23 20:48:16 | 000,070,161 | ---- | C] () -- C:\ProgramData\nvModes.001
[2010.02.18 22:41:54 | 000,000,600 | ---- | C] () -- C:\Users\BozKurT\PUTTY.RND
[2009.04.02 22:42:33 | 000,000,011 | ---- | C] () -- C:\ProgramData\.tv5
[2009.03.19 13:28:41 | 000,167,936 | ---- | C] () -- C:\Users\BozKurT\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2006.11.02 16:30:40 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.08 18:59:03 | 012,899,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.04.11 08:11:14 | 000,891,392 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2008.01.21 03:50:58 | 000,513,024 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 127 bytes -> C:\ProgramData\TEMP:430C6D84
@Alternate Data Stream - 101 bytes -> C:\ProgramData\TEMP:DFC5A2B2

< End of report >
         

OTL Extras:

Code:
ATTFilter
OTL Extras logfile created on: 16.11.2012 17:00:33 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\BozKurT\Downloads
64bit-Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.19328)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
4,00 Gb Total Physical Memory | 2,05 Gb Available Physical Memory | 51,25% Memory free
8,19 Gb Paging File | 5,87 Gb Available in Paging File | 71,61% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 456,40 Gb Total Space | 309,66 Gb Free Space | 67,85% Space Free | Partition Type: NTFS
Drive D: | 457,11 Gb Total Space | 289,02 Gb Free Space | 63,23% Space Free | Partition Type: NTFS
Unable to calculate disk information.
 
Computer Name: BOZKURT-PC | User Name: BozKurT | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3668395413-3215351660-3596499305-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 8\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htafile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = 9F 9E 16 8C DC 5B C8 01  [binary data]
"VistaSp2" = F6 35 FB 8D 39 12 CA 01  [binary data]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"oobe_av" = 1
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3
"C:\Program Files (x86)\FlashFXP\FlashFXP.exe" = C:\Program Files (x86)\FlashFXP\FlashFXP.exe:*:Enabled:FlashFXP v3
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0EA9521A-ED3D-4F1A-A26F-215FDC4234C8}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | 
"{4A101931-4909-4598-B020-66C7735B8C61}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{885D92FF-33F6-451B-A8BB-A99A89857698}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{A9688549-46C8-4869-9B7A-F8BB9A277EF3}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{C4E14446-3138-4F84-AAF1-47A3A762AE2D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00474D64-1C7B-4B8D-A39A-E9ED75E69593}" = protocol=17 | dir=in | app=c:\program files (x86)\valve\steam\steamapps\stylish488\condition zero\hl.exe | 
"{0557832D-91C8-413F-9941-55696C6448AE}" = dir=in | app=c:\users\bozkurt\desktop\pcp_claro.exe | 
"{05BCD669-7C32-48BD-851E-7A9DF488282F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{0B019A50-6BDC-4501-90C0-B63C38C713BE}" = dir=out | app=c:\users\bozkurt\desktop\pcp_claro.exe | 
"{14015AE9-338D-4532-BAA9-5A8E066381EE}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{17747848-77A9-49A4-97DC-F4D4FFE8C7B8}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia connect\acer homemedia connect.exe | 
"{18D05AC2-2FFA-4893-87BB-11B6327EE1A3}" = protocol=6 | dir=in | app=c:\program files (x86)\valve\steam\steam.exe | 
"{194BF7ED-026C-4250-9A3C-EAD39F1E9AE0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{1A70900D-51D6-4CC4-943D-835296B580DE}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia\acer homemedia.exe | 
"{20C572AD-2A77-423A-BCE8-D65AA0621399}" = protocol=6 | dir=in | app=c:\windows\system32\dlcdcoms.exe | 
"{22AEAC19-7B25-4215-9DA6-4E5CB341A274}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe | 
"{23D852BF-1B67-478B-9A83-669F4F2E1BB1}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{27EAF37D-502F-4765-9861-E8334E682798}" = protocol=6 | dir=in | app=c:\program files (x86)\valve\steam\steamapps\stylish488\condition zero\hl.exe | 
"{362A493D-8664-4C0E-BD15-5A483E117D84}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{3D4FBDEB-8A99-4FBC-AF3E-E12AB24F2763}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{3EA701C1-9725-4C6F-9873-17C3228EBB08}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{456738B4-3BB4-4908-B2BB-61D7B15A2D86}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{48EE1BF2-DF85-4744-8D58-80D14E9F1D58}" = dir=in | app=c:\program files (x86)\acer arcade live\acer arcade live main page\acer arcade live.exe | 
"{5090FD8D-754A-4310-A93E-6E3406DB76D3}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\client\agentsvc.exe | 
"{553F2116-FE0A-4E3D-B9EB-7EF2ABF84454}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | 
"{586A56C2-0363-4BB5-8006-D398E39A80BF}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{5A453006-3E0E-4BD2-A8F6-74C62E7260EA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{5D0A555F-9FFA-48FA-B115-D5441A34D13F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | 
"{5E0473DD-4B16-411D-9C8D-48CD1D1D1B3D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | 
"{604799C7-A6CC-4925-9534-183E1CEEAAE0}" = dir=in | app=c:\program files (x86)\acer arcade live\acer dvdivine\acer dvdivine.exe | 
"{669BAC8A-063B-42C4-AA3F-043DFBDBEDE9}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe | 
"{6C4518BE-72C3-48CE-BF12-71D4BCCA4D31}" = protocol=17 | dir=in | app=c:\program files (x86)\valve\steam\steam.exe | 
"{6E8A63C4-29E0-45DA-85A9-C8D90E2F37F8}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | 
"{76A38D04-BCE3-455F-8CF9-B812FF0A2037}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe | 
"{7AFF19B5-35DE-492A-858A-054D63CF83C0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | 
"{7D609A58-E572-4751-B564-7886C5437416}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | 
"{803EED67-006E-41D2-9690-47025AF8EF0D}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | 
"{89D8EF40-7C4B-43FD-96E9-28D2F3AA746F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | 
"{8C173849-05FD-4F8E-BD8E-02CEAF9EA945}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{8C916A98-DF73-4374-97DF-D51C0694F474}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | 
"{9A052F3E-AF77-497C-A908-FEAF9EA66F65}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{9A22B3A4-A801-4BE1-A2BA-98DCB057C5EC}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{9C241572-98AF-49D1-BEE5-4656F0128492}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | 
"{B147995B-6C59-4E86-B409-C1EDFF994073}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia connect\kernel\dms\clmsserver.exe | 
"{B32263AA-EBEB-4CC4-9FD8-09608FD31B0F}" = dir=in | app=c:\program files (x86)\acer arcade live\acer videomagician\acer videomagician.exe | 
"{B59FAFDC-11B2-4F93-99BA-AA1FC1BFD2A7}" = dir=in | app=c:\program files (x86)\acer arcade live\acer slideshow dvd\acer slideshow dvd.exe | 
"{B7AF7615-FA0D-43E0-AB1D-3B4370FA6138}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{C1B0AB57-3966-447E-AFA5-ED1F95DF4DFD}" = protocol=17 | dir=in | app=c:\windows\system32\dlcdcoms.exe | 
"{C2007AE0-4A52-4E98-AF86-E54349FECB6F}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{C77D5E72-55FD-417C-A3C5-734919B4D6F2}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{C8A3CD3A-5E86-402F-B3DB-045728C28C57}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{D1A81DA6-A6F6-4BE1-BAF7-59C4EC24D296}" = dir=in | app=c:\program files (x86)\acer arcade live\acer homemedia trial creator\acer homemedia trial creator.exe | 
"{D4D460F0-37A7-49AC-ADFC-33458236B3D9}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | 
"{D599E5EE-6C89-4B73-9979-D5A8C31294DB}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{E06FBCE3-3A84-4651-B3D6-11086927268B}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe | 
"{E4AA1109-23EF-46A7-A23C-10A6CCF4DA8F}" = dir=in | app=c:\program files (x86)\acer arcade live\acer dv magician\acer dv magician.exe | 
"{F49B581F-F7B0-462E-8533-690A3052A735}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{3D3E663D-4E7E-4577-A560-7ECDDD45548A}" = PVSonyDll
"{44C81D1A-0520-49BB-B510-98B8DD414EA1}" = HP Photosmart C4600 All-In-One Driver Software 13.0 Rel .5
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D8B2C435-8737-431E-8784-24CD13B0B821}" = PE585QAEncoder-64
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"Shop for HP Supplies" = Shop for HP Supplies
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00405945-70C1-4B1D-9A3C-45A2883366AF}" = PS_AIO_05_C4600_Software_Min
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam(TM)
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{132888AE-EF67-41C5-BCA2-7D5D2488AB63}" = Acer HomeMedia Connect
"{13D85C14-2B85-419F-AC41-C7F21E68B25D}" = Acer eSettings Management
"{13F3917B56CD4C25848BDC69916971BB}" = DivX Converter
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{18D10072035C4515918F7E37EAFAACFC}" = AutoUpdate
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{26A24AE4-039D-4CA4-87B4-2F83216012FF}" = Java(TM) 6 Update 24
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3FC7CBBC4C1E11DCA1A752EA55D89593}" = DivX Version Checker
"{41581EF5-45A7-11DA-9D78-000129760D75}" = Acer SlideShow DVD
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4EA2F95F-A537-4d17-9E7F-6B3FF8D9BBE3}" = Microsoft Works
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5DD4FCBD-A3C1-4155-9E17-4161C70AAABA}" = Segoe UI
"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{74224F8D-4A17-4816-9EDB-7BB854DE532C}" = NVIDIA PhysX v8.04.25
"{7500B4F1-0D53-40EC-8D5B-31BE996529E2}" = Toefl
"{767CC44C-9BBC-438D-BAD3-FD4595DD148B}" = VC80CRTRedist - 8.0.50727.762
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}" = Acer ScreenSaver
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{7CDD7C4C-5224-40E4-951F-51C12FEAB8AB}" = C4600
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110111700}" = Zuma Deluxe
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11029123}" = Bricks of Egypt
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110322783}" = Big Kahuna Reef
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110411970}" = Chuzzle
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111118433}" = Mystery Case Files - Huntsville
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111199750}" = Cake Mania
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111324990}" = Kick N Rush
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111771833}" = Jewel Quest Solitaire
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111796363}" = Mystery Solitaire - Secret Island
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111872660}" = Diner Dash Flo on the Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112531267}" = Chicken Invaders 3
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112615863}" = Agatha Christie Death on the Nile
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}" = Alice Greenfingers
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113080210}" = Azada
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F1B6239-FEA0-450A-A950-B05276CE177C}" = Acer Empowering Technology
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A5633652-3795-4829-BB0B-644F0279E279}" = Acer eDataSecurity Management
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A96E97134CA649888820BCDE5E300BBD}" = H.264 Decoder
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA4BF92B-2AAF-11DA-9D78-000129760D75}" = Acer HomeMedia
"{AAC389499AEF40428987B3D30CFC76C9}" = MKV Splitter
"{AC76BA86-7AD7-1031-7B44-A81300000003}" = Adobe Reader 8.1.6 - Deutsch
"{AC76BA86-7AD7-5464-3428-800000000003}" = Spelling Dictionaries Support For Adobe Reader 8
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AEF9DC35ADDF4825B049ACBFD1C6EB37}" = AAC Decoder
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B145EC69-66F5-11D8-9D75-000129760D75}" = Acer DVDivine
"{B580C409-E16F-44FF-904D-3AE94E113BE0}" = Acer HomeMedia Trial Creator
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9B02A9E-8074-4C3F-AAE5-311528F34FED}" = NTI Photo Maker Hot Fix
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CE386A4E-D0DA-4208-8235-BCE43275C694}" = LightScribe  1.4.142.1
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{DDA223A7-627F-4173-9CA4-A9C531BCBB62}" = NTI JewelCase Maker Hot Fix
"{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}" = Counter-Strike(TM)
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E728441A-7820-4B1C-87C9-DE7BE37B2953}" = Download Navigator
"{EFB21DE7-8C19-4A88-BB28-A766E16493BC}" = Adobe Photoshop CS
"{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}" = Acer Arcade Live Main Page
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F6EFFB76-4A07-11DA-9D78-000129760D75}" = Acer DV Magician
"{F79A208D-D929-11D9-9D77-000129760D75}" = Acer VideoMagician
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FE0646A7-19D0-41B4-A2BB-2C35D644270D}" = Windows Live OneCare safety scanner
"Acer GameZone Console_is1" = Acer GameZone Console DTV 2.0.1.1
"Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"Browser Defender_is1" = Browser Defender 3.0
"DivX Plus DirectShow Filters" = DivX Plus DirectShow Filters
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EPSON BX535WD Series Netg" = Netzwerkhandbuch EPSON BX535WD Series
"EPSON BX535WD Series Useg" = Benutzerhandbuch EPSON BX535WD Series
"FileZilla Client" = FileZilla Client 3.2.7.1
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.32.918
"FreePDF_XP" = FreePDF (Remove only)
"GPL Ghostscript 9.04" = GPL Ghostscript
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{B9B02A9E-8074-4C3F-AAE5-311528F34FED}" = NTI Photo Maker Hot Fix
"InstallShield_{DDA223A7-627F-4173-9CA4-A9C531BCBB62}" = NTI JewelCase Maker Hot Fix
"IpodConverter_is1" = IpodConverter 1.1
"LAME for Audacity_is1" = LAME v3.98.2 for Audacity
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.1.1000
"Messenger Plus! Live" = Messenger Plus! Live
"Mozilla Firefox 16.0.2 (x86 de)" = Mozilla Firefox 16.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MSC" = McAfee SecurityCenter
"PC Performer_is1" = PC Performer
"UnityWebPlayer" = Unity Web Player
"UseNeXT_is1" = UseNeXT
"VLC media player" = VLC media player 0.9.8a
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"WinLiveSuite" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"YTdetect" = Yahoo! Detect
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3668395413-3215351660-3596499305-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Play65" = Play65
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 16.11.2012 09:02:53 | Computer Name = BozKurT-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 16.11.2012 09:02:53 | Computer Name = BozKurT-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 16.11.2012 09:02:53 | Computer Name = BozKurT-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 16.11.2012 09:02:53 | Computer Name = BozKurT-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 16.11.2012 09:02:53 | Computer Name = BozKurT-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 16.11.2012 09:02:53 | Computer Name = BozKurT-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 16.11.2012 09:02:53 | Computer Name = BozKurT-PC | Source = Windows Search Service | ID = 3013
Description = 
 
Error - 16.11.2012 11:32:39 | Computer Name = BozKurT-PC | Source = SideBySide | ID = 16842830
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Users\BozKurT\Downloads\SoftonicDownloader_fuer_pc-performer.exe".
 Fehler in Manifest- oder Richtliniendatei "" in Zeile .  Eine für die Anwendung erforderliche
 Komponentenversion steht in Konflikt mit einer anderen bereits aktiven Komponentenversion.
Die
 widersprüchlichen Komponenten sind:  Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_5cb72f2a088b0ed3.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6002.18305_none_1509f852f40ee5cd.manifest.
 
Error - 16.11.2012 11:37:08 | Computer Name = BozKurT-PC | Source = WinMgmt | ID = 10
Description = 
 
Error - 16.11.2012 12:00:17 | Computer Name = BozKurT-PC | Source = Application Hang | ID = 1002
Description = Programm OTL(1).exe, Version 3.2.69.0 arbeitet nicht mehr mit Windows
 zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet "Lösungen
 für Probleme" in der Systemsteuerung, um nach weiteren Informationen über das Problem
 zu suchen.  Prozess-ID: 14b0  Anfangszeit: 01cdc410d1052029  Zeitpunkt der Beendigung:
 0
 
[ OSession Events ]
Error - 14.12.2010 10:32:05 | Computer Name = BozKurT-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 90
 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error - 22.05.2012 09:38:21 | Computer Name = BozKurT-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5744
 seconds with 3240 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 12.11.2012 11:12:34 | Computer Name = BozKurT-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 12.11.2012 11:12:43 | Computer Name = BozKurT-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 12.11.2012 11:12:43 | Computer Name = BozKurT-PC | Source = DCOM | ID = 10005
Description = 
 
Error - 12.11.2012 11:12:45 | Computer Name = BozKurT-PC | Source = Service Control Manager | ID = 7001
Description = 
 
Error - 12.11.2012 11:15:23 | Computer Name = BozKurT-PC | Source = Microsoft Antimalware | ID = 2004
Description = Beim Laden der Signaturen wurde von %%860 ein Fehler festgestellt.
 Es wird versucht, einen als gültig bekannten Signatursatz wiederherzustellen.     Versuchte
 Signaturen: %%824     Fehlercode: 0x80070002     Fehlerbeschreibung: Das System kann die 
angegebene Datei nicht finden.      Signaturversion: 1.139.1833.0;1.139.1833.0     Modulversion:
 1.1.8904.0
 
Error - 13.11.2012 08:47:03 | Computer Name = BozKurT-PC | Source = cdrom | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\CdRom0 gefunden.
 
Error - 14.11.2012 09:36:14 | Computer Name = BozKurT-PC | Source = nvstor64 | ID = 262149
Description = Ein Paritätsfehler wurde auf \Device\RaidPort0 gefunden.
 
Error - 15.11.2012 17:52:20 | Computer Name = BozKurT-PC | Source = Service Control Manager | ID = 7034
Description = 
 
Error - 15.11.2012 17:52:21 | Computer Name = BozKurT-PC | Source = Service Control Manager | ID = 7031
Description = 
 
Error - 16.11.2012 04:57:24 | Computer Name = BozKurT-PC | Source = Service Control Manager | ID = 7000
Description = 
 
 
< End of report >
         


Bei Mozilla erscheint die Nachricht, dass ein anderes Programm auf meinem Computer folgendes Add-On modifizieren will: Savings Sidekick 0.85.37.

Installation erlauben oder weiter?

Antwort

Themen zu PC Performer lässt sich nicht löschen
ahnung, automatische, autostart, browser, defender, download, file, files, geschlossen, langsamer, leute, löschen, malwarebytes, messages, neustart, nicht löschen, nichts, pc performer, performer, please, plötzlich, problem, programm, programme, programme und funktionen, scan, systemsteuerung, virus



Ähnliche Themen: PC Performer lässt sich nicht löschen


  1. Windows 8 : Goodgame Empire hat sich selbst installiert, lässt sich nicht löschen
    Log-Analyse und Auswertung - 27.01.2015 (1)
  2. TR/Crypt.EPACK.20167 -- lässt sich nicht löschen -- Echtzeitscanner lässt sich nicht aktivieren
    Plagegeister aller Art und deren Bekämpfung - 14.01.2015 (29)
  3. Laptop ruckelt nur noch, Iminent lässt sich nicht löschen und Radio schaltet sich alleine an und aus und lässt sich ebenfalls nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 27.06.2014 (3)
  4. PC-Performer lässt sich nicht mehr deinstallieren
    Log-Analyse und Auswertung - 03.12.2013 (16)
  5. PC Performer lässt sich nicht mehr entfernen und macht alles langsam.
    Plagegeister aller Art und deren Bekämpfung - 19.07.2013 (15)
  6. malware lässt sich nicht löschen!
    Plagegeister aller Art und deren Bekämpfung - 14.05.2013 (19)
  7. PC Performer lässt sich nichtmehr deinstallieren
    Plagegeister aller Art und deren Bekämpfung - 04.05.2013 (1)
  8. TR/ATRAPS.Gen2 gefunden; Backdoor Agent lässt sich nicht löschen; mediashifting.com öffnet sich
    Plagegeister aller Art und deren Bekämpfung - 23.01.2012 (29)
  9. tabs öffnen sich automatisch, reg-Eintrag lässt sich mit mbam nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 29.12.2011 (13)
  10. Datei/virus lässt sich nicht löschen und lässt Explorer crashen!
    Plagegeister aller Art und deren Bekämpfung - 11.04.2010 (2)
  11. schädling lässt sich nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 14.03.2010 (0)
  12. AV 360 lässt sich nicht löschen
    Log-Analyse und Auswertung - 21.03.2009 (4)
  13. dll lässt sich nicht löschen
    Log-Analyse und Auswertung - 05.12.2008 (0)
  14. Virus lässt sich nicht löschen =(
    Plagegeister aller Art und deren Bekämpfung - 19.07.2008 (3)
  15. Zlob lässt sich nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 16.02.2007 (11)
  16. index.dat lässt sich nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 04.04.2005 (9)
  17. Trojaner lässt sich nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 14.01.2005 (1)

Zum Thema PC Performer lässt sich nicht löschen - Hey Leute, ich wollte mir gestern ein Programm runterladen, welches eine Musikdatei in eine andere (CD in .mp3) konvertiert. Nach dem download (SOFTONIC!!) öffnete sich plötzlich PC Performer und hat - PC Performer lässt sich nicht löschen...
Archiv
Du betrachtest: PC Performer lässt sich nicht löschen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.