Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Web.de (Mail delivery failed)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 29.11.2012, 11:55   #1
ne0n2005
 
Web.de (Mail delivery failed) - Standard

Web.de (Mail delivery failed)



Hallo,

ich habe so ziemlich das selbe Problem wie T-13 (siehe Beitrag. So wie es aussieht werden über meinen web.de Account ordentlich Mails über den Web.de Server verschickt.

--- The header of the original message is following. ---
Code:
ATTFilter
Received: from bpvx ([113.240.220.125]) by smtp.web.de (mrweb102) with ESMTPA
 (Nemesis) id 0Lrb3x-1TEaxt28Bp-013HK6 for <bleuchris88@gmail.com>; Thu, 29
 Nov 2012 10:49:49 +0100
Message-ID: <C0BCC0CD2F91EA7DABC04867EE8237DE@bpvx>
From: "WOW"
To: <bleuchris88@gmail.com>
Subject: =?utf-8?B?4piFPFlPWU9PPuKYhVdPV2dvbGRfXzEw?=
        =?utf-8?B?VVNEPTEwSyBQcm9taXNlIGZpdmU=?=
        =?utf-8?B?IG1pbnV0ZXMgZGVsaXZlcnkh?=
Date: Thu, 29 Nov 2012 17:49:43 +0800
MIME-Version: 1.0
Content-Type: multipart/alternative;
        boundary="----=_NextPart_000_0C09_01492F5F.12BC2080"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5512
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5512
Sender: only_a_fake@web.de
X-Provags-ID: V02:K0:QSlDQarq9Jr/2p4+Yg8Z0+ZjB5k330EvTs6BT1YmNRf
 473wEjzAa+c9JqfNhqbs2U3TWe7Aka/Ytp7Le/Q4IV0ryDs/qs
 8H9x7X2Tz88og/0U/3xZj2do5yftTTNs/h80EpPBh3bgGI2bEO
 mvNXb4CZLUupsFdphKIGTnn7+5mL42LQoG+8e/S34IWecg2LhG
 GhqaOSblmYAo4V73JZI4Q==
         
Mein MS Security Essentials findet keine Auffälligkeiten.
Das Passwort habe ich jetzt gerade schon mal geändert, jedoch hatte ich wirklich ein 0815-Passwod verwendet, welches ich für diverse Foren (auch dieses hier) benutze. Da ich die Email-Adresse auch nur für unwichtige Anmeldungen nutze, hatte ich dort das selbe PW genutzt.

Jetzt geht es mir eigentlich eher darum, ob ich aktuell einen Trojaner besitze oder nicht. Das irgendeine Datenbank der unzähligen Foren in den vergangenen 5 Jahren mal leergeräumt wurde halte ich als sehr wahrscheinlich. (jetzt bitte kein: "aber da steht dein pw ja nicht in plaintext " )


Ich habe dann mal soein OLT durchlaufen lassen, falls das hilfreich wäre.

Schonmal im Vorraus vielen Dank.

Code:
ATTFilter
OTL logfile created on: 29.11.2012 11:41:06 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = G:\DownLoad
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,92 Gb Total Physical Memory | 4,24 Gb Available Physical Memory | 71,66% Memory free
11,72 Gb Paging File | 9,86 Gb Available in Paging File | 84,17% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 59,62 Gb Total Space | 0,98 Gb Free Space | 1,65% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 65,19 Gb Free Space | 33,38% Space Free | Partition Type: NTFS
Drive E: | 1863,01 Gb Total Space | 714,78 Gb Free Space | 38,37% Space Free | Partition Type: NTFS
Drive F: | 488,28 Gb Total Space | 54,95 Gb Free Space | 11,25% Space Free | Partition Type: NTFS
Drive G: | 247,91 Gb Total Space | 28,58 Gb Free Space | 11,53% Space Free | Partition Type: NTFS
 
Computer Name: NEON-PC | User Name: neon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2012.11.29 11:38:06 | 000,602,112 | ---- | M] (OldTimer Tools) -- G:\DownLoad\OTL.exe
PRC - [2012.10.27 21:19:15 | 001,199,576 | ---- | M] (Spotify Ltd) -- C:\Users\ich\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
PRC - [2012.08.31 15:02:03 | 002,754,984 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
PRC - [2012.05.18 17:37:40 | 000,780,184 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
PRC - [2012.05.18 17:37:40 | 000,116,632 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
PRC - [2012.05.09 11:43:20 | 000,188,551 | ---- | M] (3S-Smart Software Solutions GmbH) -- C:\Program Files (x86)\3S Software\CoDeSys SP RTE\ServiceControl_RTE23.exe
PRC - [2012.02.16 17:31:22 | 000,189,248 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrB.exe
PRC - [2012.02.16 17:31:17 | 000,075,136 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.01.19 11:41:52 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
PRC - [2012.01.19 11:39:48 | 000,285,072 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
PRC - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011.12.21 15:28:00 | 000,011,776 | ---- | M] () -- C:\Program Files (x86)\HP webOS\PDK\tcprelay.exe
PRC - [2011.12.02 04:10:12 | 003,649,945 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.2\bin\postgres.exe
PRC - [2011.12.02 04:10:12 | 000,090,042 | ---- | M] (PostgreSQL Global Development Group) -- C:\Program Files (x86)\PostgreSQL\8.2\bin\pg_ctl.exe
PRC - [2011.10.01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
PRC - [2011.10.01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
PRC - [2011.09.19 17:59:06 | 000,061,440 | ---- | M] (Palm) -- C:\Program Files (x86)\HP webOS\SDK\bin\novacomd\x86\novacomd.exe
PRC - [2011.09.02 15:06:38 | 000,065,657 | ---- | M] (Motorola) -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
PRC - [2011.03.04 11:45:08 | 001,529,856 | ---- | M] (Cisco Systems, Inc.) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
PRC - [2010.11.20 03:17:56 | 000,257,536 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
PRC - [2009.08.28 19:45:56 | 000,286,720 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2012.11.16 21:42:03 | 000,221,696 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\adaaf894878905f022f824b84fcd59a8\System.ServiceProcess.ni.dll
MOD - [2012.11.16 21:42:01 | 012,082,176 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\c4eb7af61b41a2bc836352bc30f88f14\System.Web.ni.dll
MOD - [2012.11.16 21:41:56 | 000,771,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\59d00fa60a9e559f8717404a5032e6ba\System.Runtime.Remoting.ni.dll
MOD - [2012.11.13 19:51:54 | 011,522,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74fade4c3e490c62af3d60742fb078a\PresentationCore.ni.dll
MOD - [2012.11.13 19:51:48 | 003,882,496 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\dfe6e22159d3f5bf61b5bfe1da6f2758\WindowsBase.ni.dll
MOD - [2012.11.13 19:49:21 | 013,198,848 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ecbb113bbad9034fa8385c15f73fb4cf\System.Windows.Forms.ni.dll
MOD - [2012.11.13 19:49:19 | 007,070,208 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\14d2241be401f66cc1898dc5dc383b80\System.Core.ni.dll
MOD - [2012.11.13 19:49:18 | 000,982,528 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\c63fe1e324904c893d2a5d02f0783658\System.Configuration.ni.dll
MOD - [2012.11.13 19:49:17 | 005,617,664 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e10bbd79027aa4c1ca8950b78fd640d4\System.Xml.ni.dll
MOD - [2012.11.13 19:49:16 | 001,666,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\a8dfd1388afc0a50f39f9e1dc7ecd45c\System.Drawing.ni.dll
MOD - [2012.11.13 19:49:15 | 009,095,168 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\379599837ade465016dd5d96798b2766\System.ni.dll
MOD - [2012.11.13 19:49:11 | 014,416,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\dbc34d53e1fbedabecd201fe4f264961\mscorlib.ni.dll
MOD - [2012.05.18 17:37:40 | 000,780,184 | ---- | M] () -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2012.04.06 03:16:02 | 000,236,544 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2012.10.28 14:33:56 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2012.10.09 19:30:36 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.10.02 12:13:44 | 003,064,000 | ---- | M] (Skype Technologies S.A.) [Auto | Running] -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe -- (Skype C2C Service)
SRV - [2012.09.12 20:21:48 | 000,368,896 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Programme\Microsoft Security Client\NisSrv.exe -- (NisSrv)
SRV - [2012.09.12 20:21:48 | 000,022,072 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft Security Client\MsMpEng.exe -- (MsMpSvc)
SRV - [2012.08.31 15:02:03 | 002,754,984 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.06.27 11:29:24 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2012.05.18 17:37:40 | 000,116,632 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe -- (Motorola Device Manager)
SRV - [2012.05.09 11:43:20 | 000,188,551 | ---- | M] (3S-Smart Software Solutions GmbH) [Auto | Running] -- C:\Program Files (x86)\3S Software\CoDeSys SP RTE\ServiceControl_RTE23.exe -- (ServiceControl_RTE23_3S_GmbH)
SRV - [2012.02.16 17:31:22 | 000,189,248 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrB.exe -- (PnkBstrB)
SRV - [2012.02.16 17:31:17 | 000,075,136 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.02.14 16:49:12 | 000,736,104 | ---- | M] (Tunngle.net GmbH) [On_Demand | Stopped] -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe -- (TunngleService)
SRV - [2012.01.19 11:41:52 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Running] -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0)
SRV - [2012.01.19 11:41:48 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2012.01.03 14:10:42 | 000,063,928 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011.12.21 15:28:00 | 000,011,776 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\HP webOS\PDK\tcprelay.exe -- (Palm_TCP_Relay)
SRV - [2011.12.02 04:10:12 | 000,090,042 | ---- | M] (PostgreSQL Global Development Group) [Auto | Running] -- C:\Program Files (x86)\PostgreSQL\8.2\bin\pg_ctl.exe -- (pgsql-8.2)
SRV - [2011.12.01 19:05:01 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe -- (Creative ALchemy AL6 Licensing Service)
SRV - [2011.11.28 11:20:48 | 000,074,752 | ---- | M] (Apache Software Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Apache Software Foundation\Tomcat 6.0\bin\Tomcat6.exe -- (Tomcat6)
SRV - [2011.10.06 22:11:48 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe -- (Creative Audio Engine Licensing Service)
SRV - [2011.10.06 22:11:38 | 000,079,360 | ---- | M] (Creative Labs) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe -- (Sound Blaster X-Fi MB Licensing Service)
SRV - [2011.10.01 08:30:22 | 000,219,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2011.10.01 08:30:18 | 000,508,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2011.09.27 20:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV - [2011.09.19 17:59:06 | 000,061,440 | ---- | M] (Palm) [Auto | Running] -- C:\Program Files (x86)\HP webOS\SDK\bin\novacomd\x86\novacomd.exe -- (NovacomD)
SRV - [2011.09.02 15:06:38 | 000,065,657 | ---- | M] (Motorola) [Auto | Running] -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe -- (PST Service)
SRV - [2011.03.04 11:45:08 | 001,529,856 | ---- | M] (Cisco Systems, Inc.) [Auto | Running] -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe -- (CVPND)
SRV - [2011.03.01 17:29:58 | 000,130,976 | ---- | M] (Futuremark Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe -- (Futuremark SystemInfo Service)
SRV - [2010.06.25 18:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.08.28 19:45:56 | 000,286,720 | ---- | M] (Creative Technology Ltd) [Auto | Running] -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe -- (CTAudSvcService)
SRV - [2009.07.21 02:56:20 | 000,093,848 | ---- | M] (SiSoftware) [On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2011.SP4a\RpcAgentSrv.exe -- (SandraAgentSrv)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2012.10.26 18:00:50 | 000,131,416 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2012.08.30 21:03:48 | 000,128,456 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\NisDrvWFP.sys -- (NisDrv)
DRV:64bit: - [2012.05.11 06:34:12 | 000,099,384 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2012.04.06 06:22:40 | 011,174,400 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.04.06 02:10:44 | 000,343,040 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.02.23 13:32:04 | 000,095,760 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW76.sys -- (AtiHDAudioService)
DRV:64bit: - [2012.02.15 11:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.01.25 13:58:02 | 000,027,136 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Motousbnet.sys -- (Motousbnet)
DRV:64bit: - [2012.01.25 13:57:50 | 000,030,720 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motmodem.sys -- (motmodem)
DRV:64bit: - [2012.01.25 13:57:46 | 000,009,728 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgpfl.sys -- (motccgpfl)
DRV:64bit: - [2012.01.25 13:57:38 | 000,022,016 | ---- | M] (Motorola Mobility Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motccgp.sys -- (motccgp)
DRV:64bit: - [2011.11.08 12:59:12 | 000,011,776 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motusbdevice.sys -- (motusbdevice)
DRV:64bit: - [2011.10.24 17:39:54 | 000,066,328 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2011.10.06 22:23:36 | 000,031,808 | ---- | M] (FNet Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\FNETTBOH_305.SYS -- (FNETTBOH_305)
DRV:64bit: - [2011.10.06 22:10:30 | 000,015,936 | ---- | M] (FNet Co., Ltd.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\FNETURPX.SYS -- (FNETURPX)
DRV:64bit: - [2011.10.06 21:18:04 | 000,270,912 | ---- | M] (DT Soft Ltd) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.10.01 08:30:22 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2011.10.01 08:30:18 | 000,268,648 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2011.10.01 08:30:18 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2011.10.01 08:30:10 | 000,764,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2011.09.02 07:30:46 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2011.09.02 07:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.09.02 07:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.04.21 19:17:04 | 000,471,144 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.04.10 04:51:06 | 012,223,936 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011.03.10 15:44:16 | 002,725,376 | ---- | M] (C-Media Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cmudaxp.sys -- (cmudaxp)
DRV:64bit: - [2011.03.04 11:51:50 | 000,306,536 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CVPNDRVA.sys -- (CVPNDRVA)
DRV:64bit: - [2011.02.08 06:30:52 | 000,064,512 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)
DRV:64bit: - [2011.02.08 06:30:52 | 000,039,936 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)
DRV:64bit: - [2010.11.20 04:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 02:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.10.19 15:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010.10.14 18:28:16 | 000,317,440 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010.06.25 18:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2010.06.11 13:37:14 | 000,015,368 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AsrAppCharger.sys -- (AsrAppCharger)
DRV:64bit: - [2010.04.29 05:55:42 | 000,032,768 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\androidusb.sys -- (androidusb)
DRV:64bit: - [2010.02.08 07:32:00 | 000,014,992 | ---- | M] (Cisco Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\CVirtA64.sys -- (CVirtA)
DRV:64bit: - [2009.11.24 02:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.24 02:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.09.16 07:02:42 | 000,031,232 | ---- | M] (Tunngle.net) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901t.sys -- (tap0901t)
DRV:64bit: - [2009.08.13 22:10:18 | 000,073,984 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2009.07.31 03:40:32 | 000,025,600 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WRfiltv.sys -- (WRfiltv)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 01:09:50 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usb8023x.sys -- (usb_rndisx)
DRV:64bit: - [2009.07.10 13:06:50 | 000,031,744 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motoandroid.sys -- (motandroidusb)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.05.18 12:17:08 | 000,034,152 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2009.01.29 17:11:38 | 000,006,144 | ---- | M] (Motorola Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motfilt.sys -- (BTCFilterService)
DRV:64bit: - [2008.11.16 17:39:44 | 000,157,968 | ---- | M] (Deterministic Networks, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\dne64x.sys -- (DNE)
DRV:64bit: - [2007.11.02 15:52:02 | 000,008,576 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\motswch.sys -- (MotoSwitchService)
DRV - [2009.08.07 22:46:56 | 000,023,112 | ---- | M] (SiSoftware) [Kernel | On_Demand | Stopped] -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2011.SP4a\WNt500x64\sandra.sys -- (SANDRA)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2007.03.16 09:11:20 | 000,015,648 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TBPanelx64.sys -- (Cardex)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 48 11 21 80 10 9C CD 01  [binary data]
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=ASRK
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000\..\SearchScopes\{5245B0E8-C262-438f-BE22-8193FD3EA43C}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 192.168.*.*;*.local
 
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 39 8F C9 1F 71 84 CC 01  [binary data]
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=ASRK
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002\..\SearchScopes\{5245B0E8-C262-438f-BE22-8193FD3EA43C}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 192.168.*.*;*.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: ich@maltegoetz.de:1.4.3
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@gametap.com/npdd,version=1.0: F:\Shootmania Downloader\npdd.dll (Metaboli)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\ich\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\ich\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ich\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ich\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\ich\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.02.09 10:59:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.02.09 10:59:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ich\AppData\Roaming\mozilla\Extensions
[2012.10.10 18:42:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ich\AppData\Roaming\mozilla\Firefox\Profiles\idg4kh9n.default\extensions
[2012.10.10 18:42:37 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\ich\AppData\Roaming\mozilla\Firefox\Profiles\idg4kh9n.default\extensions\ich@maltegoetz.de
[2012.09.24 18:00:32 | 000,199,396 | ---- | M] () (No name found) -- C:\Users\ich\AppData\Roaming\mozilla\firefox\profiles\idg4kh9n.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2012.07.17 19:02:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.10.31 10:45:16 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.04.28 20:15:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012.01.29 17:12:48 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.01.29 15:02:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.01.29 14:50:55 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.01.29 15:02:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.29 15:02:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.01.29 15:02:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.29 15:02:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\ich\AppData\Local\Google\Chrome\Application\23.0.1271.91\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\ich\AppData\Local\Google\Chrome\Application\23.0.1271.91\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\ich\AppData\Local\Google\Chrome\Application\23.0.1271.91\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\ich\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: GWT DMP Plugin (Enabled) = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpjpnpmbddbjkfaccnmhnkdgjideieim\1.0.9738_0\WINNT_x86-msvc/npGwtDevPlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 7.0.10.8 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U1 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - Extension: Angry Birds = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Google Drive = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Turn Off the Lights = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.1.0.17_0\
CHR - Extension: YouTube = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Auf den Amazon-Wunschzettel = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.9_0\
CHR - Extension: Angry Birds Space = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmcjfbmlohmjkpbchljecehcpnpkmpog\1.6_0\
CHR - Extension: Google News = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc\3.0_0\
CHR - Extension: Grooveshark Germany unlocker = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\docdgimmdejoiemdafcgeodchlbllgac\2.3.4_0\
CHR - Extension: Grooveshark Germany unlocker = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\docdgimmdejoiemdafcgeodchlbllgac\2.3.4_0\.orig
CHR - Extension: Proxy SwitchySharp = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\1.9.49_0\
CHR - Extension: Gmail offline = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.19_0\
CHR - Extension: Google Kalender = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: Gtalk = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\enhdmanlbebkeibbfagebjpolgejfnpl\4.3_0\
CHR - Extension: Stoppuhr / Timer = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggnidjbcahhbnleinchgobfnabopeioh\3.5_0\
CHR - Extension: AdBlock = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.47_0\
CHR - Extension: Spotify Chrome Extension = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbjmlahipheaaghllkabfkpolljilkjb\1.0.3_0\
CHR - Extension: WebRC = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfmihojfcjdmpmpfbjajkfpbhgieibpi\1_0\
CHR - Extension: Dropbox = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl\3.0.2_0\
CHR - Extension: Disconnect = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo\4.1.1_0\
CHR - Extension: OpenOffice Document Reader = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpcfmmdlhndnfpagbmhbbfehenapoich\3_0\
CHR - Extension: GWT Developer Plugin = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpjpnpmbddbjkfaccnmhnkdgjideieim\1.0.11338_0\
CHR - Extension: Rechner = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdkgihpbaofhkiliohfepioflkkbapao\1.0.9_0\
CHR - Extension: YouTube Downloader = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\lecinmfhadegpcdocbpfdgffjopphmoa\11.0_0\
CHR - Extension: Google Mail-Checker = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Quick Note = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.2_0\
CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkdbaehcjcomcnnjhlmnfddpgoafpcko\1.0.6_0\
CHR - Extension: Google Docs Viewer f\u00FCr PDF/PowerPoint (von Google) = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn\3.10_0\
CHR - Extension: Google Chrome to Phone Extension = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco\2.3.1_0\
CHR - Extension: Google Mail = C:\Users\ich\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000..\Run: [ASRockXTU]  File not found
O4 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000..\Run: [Facebook Update] C:\Users\ich\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000..\Run: [Spotify] C:\Users\ich\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000..\Run: [Spotify Web Helper] C:\Users\ich\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002..\Run: [ApacheTomcatMonitor6.0_Tomcat6] C:\Program Files (x86)\Apache Software Foundation\Tomcat 6.0\bin\Tomcat6w.exe (Apache Software Foundation)
O4 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002..\Run: [ASRockXTU]  File not found
O4 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002..\Run: [chromium] C:\Users\postgres\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window File not found
O4 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002..\Run: [Spotify] C:\Users\ich\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002..\Run: [Spotify Web Helper] C:\Users\ich\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\ich\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\ich\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe (Facebook)
O4 - Startup: C:\Users\ich\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B9E65E2C-651D-4923-AD76-C2760884E295}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.02.27 22:19:48 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{9a442f9a-1833-11e1-9693-002522cc4d75}\Shell - "" = AutoRun
O33 - MountPoints2\{9a442f9a-1833-11e1-9693-002522cc4d75}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\index.html
O33 - MountPoints2\{f1d0312e-16ef-11e2-809e-002522cc4d75}\Shell - "" = AutoRun
O33 - MountPoints2\{f1d0312e-16ef-11e2-809e-002522cc4d75}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
MsConfig:64bit - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^vpngui.exe.lnk - C:\Windows\Installer\{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}\Icon09DB8A851.exe - ()
MsConfig:64bit - StartUpFolder: C:^Users^neon^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -  - File not found
MsConfig:64bit - StartUpFolder: C:^Users^neon^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk - C:\PROGRA~2\OPENOF~1.ORG\program\QUICKS~1.EXE - ()
MsConfig:64bit - StartUpReg: Adobe ARM - hkey= - key= - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated)
MsConfig:64bit - StartUpReg: AllShareAgent - hkey= - key= - C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.)
MsConfig:64bit - StartUpReg: ApacheTomcatMonitor6.0_Tomcat6 - hkey= - key= - C:\Program Files (x86)\Apache Software Foundation\Tomcat 6.0\bin\Tomcat6w.exe (Apache Software Foundation)
MsConfig:64bit - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: avgnt - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: BCSSync - hkey= - key= - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: Cmaudio8788 - hkey= - key= - C:\Windows\syswow64\RunDll32.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: Cmaudio8788GX - hkey= - key= - C:\Windows\syswow64\HsMgr.exe ()
MsConfig:64bit - StartUpReg: Cmaudio8788GX64 - hkey= - key= - C:\Windows\system\HsMgr64.exe ()
MsConfig:64bit - StartUpReg: CTSyncService - hkey= - key= - C:\Program Files (x86)\InstallShield Installation Information\{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}\AMBSPISyncService.exe (Creative Technology Ltd)
MsConfig:64bit - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig:64bit - StartUpReg: ENISysTray - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: EvtMgr6 - hkey= - key= - C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.)
MsConfig:64bit - StartUpReg: GAINWARD - hkey= - key= - C:\Program Files (x86)\EXPERTool\TBPanel.exe (Gainward Co.)
MsConfig:64bit - StartUpReg: Google Update - hkey= - key= - C:\Users\ich\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig:64bit - StartUpReg: GoogleChromeAutoLaunch_EC6DDD84F8E4F65260DA1CFCEBCA641F - hkey= - key= - C:\Users\ich\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
MsConfig:64bit - StartUpReg: iTunesHelper - hkey= - key= - C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)
MsConfig:64bit - StartUpReg: RtHDVCpl - hkey= - key= - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
MsConfig:64bit - StartUpReg: RTSysTray - hkey= - key= -  File not found
MsConfig:64bit - StartUpReg: RunDLLEntry - hkey= - key= - C:\Windows\SysNative\RunDLL32.exe (Microsoft Corporation)
MsConfig:64bit - StartUpReg: Skype - hkey= - key= - C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
MsConfig:64bit - StartUpReg: Spotify Web Helper - hkey= - key= - C:\Users\ich\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
MsConfig:64bit - StartUpReg: Steam - hkey= - key= - F:\Steam\steam.exe (Valve Corporation)
MsConfig:64bit - StartUpReg: SunJavaUpdateSched - hkey= - key= - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Sun Microsystems, Inc.)
MsConfig:64bit - StartUpReg: UpdReg - hkey= - key= - C:\Windows\Updreg.EXE (Creative Technology Ltd.)
MsConfig:64bit - StartUpReg: VolPanel - hkey= - key= - C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe (Creative Technology Ltd)
MsConfig:64bit - StartUpReg: XFastUsb - hkey= - key= - C:\Program Files (x86)\XFastUsb\XFastUsb.exe (FNet Co., Ltd.)
MsConfig:64bit - State: "startup" - Reg Error: Key error.
MsConfig:64bit - State: "bootini" - Reg Error: Key error.
 
NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
 
SafeBootMin:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootMin:64bit: Base - Driver Group
SafeBootMin:64bit: Boot Bus Extender - Driver Group
SafeBootMin:64bit: Boot file system - Driver Group
SafeBootMin:64bit: File system - Driver Group
SafeBootMin:64bit: Filter - Driver Group
SafeBootMin:64bit: HelpSvc - Service
SafeBootMin:64bit: PCI Configuration - Driver Group
SafeBootMin:64bit: PNP Filter - Driver Group
SafeBootMin:64bit: Primary disk - Driver Group
SafeBootMin:64bit: sacsvr - Service
SafeBootMin:64bit: SCSI Class - Driver Group
SafeBootMin:64bit: System Bus Extender - Driver Group
SafeBootMin:64bit: vmms - Service
SafeBootMin:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: MsMpSvc - C:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
SafeBootNet:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SafeBootNet:64bit: Base - Driver Group
SafeBootNet:64bit: Boot Bus Extender - Driver Group
SafeBootNet:64bit: Boot file system - Driver Group
SafeBootNet:64bit: File system - Driver Group
SafeBootNet:64bit: Filter - Driver Group
SafeBootNet:64bit: HelpSvc - Service
SafeBootNet:64bit: Messenger - Service
SafeBootNet:64bit: NDIS Wrapper - Driver Group
SafeBootNet:64bit: NetBIOSGroup - Driver Group
SafeBootNet:64bit: NetDDEGroup - Driver Group
SafeBootNet:64bit: Network - Driver Group
SafeBootNet:64bit: NetworkProvider - Driver Group
SafeBootNet:64bit: PCI Configuration - Driver Group
SafeBootNet:64bit: PNP Filter - Driver Group
SafeBootNet:64bit: PNP_TDI - Driver Group
SafeBootNet:64bit: Primary disk - Driver Group
SafeBootNet:64bit: rdsessmgr - Service
SafeBootNet:64bit: sacsvr - Service
SafeBootNet:64bit: SCSI Class - Driver Group
SafeBootNet:64bit: Streams Drivers - Driver Group
SafeBootNet:64bit: System Bus Extender - Driver Group
SafeBootNet:64bit: TDI - Driver Group
SafeBootNet:64bit: vmms - Service
SafeBootNet:64bit: WudfUsbccidDriver - Driver
SafeBootNet:64bit: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet:64bit: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet:64bit: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet:64bit: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet:64bit: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet:64bit: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet:64bit: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet:64bit: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet:64bit: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet:64bit: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet:64bit: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet:64bit: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet:64bit: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet:64bit: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet:64bit: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet:64bit: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet:64bit: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet:64bit: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet:64bit: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet:64bit: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet:64bit: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet:64bit: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: Hamachi2Svc - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: MsMpSvc - C:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices
 
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3E0DCA76-6D0F-D7BB-9AA3-E46E917B44C2} - Microsoft Windows Media Player
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {965992E2-D155-CE78-BE6C-7FAD6AD3C050} - Browser Customizations
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32:64bit: VIDC.FPS1 - frapsv64.dll (Beepa P/L)
Drivers32:64bit: VIDC.XFR1 - xfcodec64.dll ()
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3codecp - C:\Windows\SysWow64\l3codecp.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\Windows\SysWow64\iccvid.dll (Radius Inc.)
Drivers32: VIDC.FPS1 - C:\Windows\SysWow64\frapsvid.dll (Beepa P/L)
Drivers32: vidc.i420 - C:\Windows\SysWow64\i420vfw.dll (www.helixcommunity.org)
Drivers32: VIDC.XFR1 - C:\Windows\SysWow64\xfcodec.dll ()
Drivers32: vidc.yv12 - C:\Windows\SysWow64\yv12vfw.dll (www.helixcommunity.org)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.23 17:17:51 | 000,000,000 | ---D | C] -- C:\Users\ich\Documents\Calibre Bibliothek
[2012.11.23 17:17:51 | 000,000,000 | ---D | C] -- C:\Users\ich\AppData\Roaming\calibre
[2012.11.23 17:15:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Calibre2
[2012.11.23 17:15:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
[2012.11.18 23:12:17 | 000,000,000 | --SD | C] -- C:\Users\ich\Documents\Meine Datenquellen
[2012.11.16 18:07:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hulumuluch
[2012.11.13 15:56:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.2
[2012.11.02 22:18:43 | 000,000,000 | ---D | C] -- C:\Users\ich\AppData\Local\Painkiller Redemption
[2012.10.31 12:44:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PopCap Games
[2012.10.31 12:44:54 | 000,000,000 | ---D | C] -- C:\ProgramData\PopCapY
[2012.10.31 12:44:54 | 000,000,000 | ---D | C] -- C:\ProgramData\PopCap Games
[2012.10.31 11:03:17 | 000,000,000 | ---D | C] -- C:\Users\ich\node34_2bc
[2012.10.30 18:39:11 | 000,000,000 | ---D | C] -- C:\Users\ich\AppData\Roaming\Day 1 Studios
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.11.29 11:30:04 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.11.29 11:14:10 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1648228069-3097862834-1251921153-1000UA.job
[2012.11.29 11:09:16 | 000,013,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.11.29 11:09:16 | 000,013,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.11.29 11:06:24 | 001,622,796 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.11.29 11:06:24 | 000,700,620 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.11.29 11:06:24 | 000,655,332 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.11.29 11:06:24 | 000,149,158 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.11.29 11:06:24 | 000,121,946 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.11.29 11:02:09 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.11.29 11:02:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.11.29 11:01:56 | 469,766,143 | -HS- | M] () -- C:\hiberfil.sys
[2012.11.28 23:52:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.28 22:00:20 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1648228069-3097862834-1251921153-1000UA.job
[2012.11.28 17:14:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1648228069-3097862834-1251921153-1000Core.job
[2012.11.28 13:00:00 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1648228069-3097862834-1251921153-1000Core.job
[2012.11.27 22:34:43 | 000,046,785 | ---- | M] () -- C:\Users\ich\Desktop\Logbuch_TT.pdf
[2012.11.25 15:50:19 | 000,000,201 | ---- | M] () -- C:\Users\ich\Desktop\Dead Space.url
[2012.11.25 15:49:12 | 000,000,201 | ---- | M] () -- C:\Users\ich\Desktop\Metro 2033.url
[2012.11.25 13:55:26 | 000,074,946 | ---- | M] () -- C:\Users\ich\Documents\150234_447719185291747_1822559502_n.jpg
[2012.11.24 13:27:30 | 000,000,199 | ---- | M] () -- C:\Users\ich\Desktop\Dota 2.url
[2012.11.24 13:27:30 | 000,000,173 | ---- | M] () -- C:\Users\ich\Desktop\Dota 2 Test.url
[2012.11.24 13:10:02 | 000,062,542 | ---- | M] () -- C:\Users\ich\Desktop\tuscan.png
[2012.11.23 13:35:10 | 000,001,796 | ---- | M] () -- C:\Users\ich\Desktop\Hitman.lnk
[2012.11.23 11:27:47 | 001,169,978 | ---- | M] () -- C:\Users\ich\Desktop\Ein plotzlicher Todesfall - Joanne K. Rowling.epub
[2012.11.21 18:05:54 | 000,026,319 | ---- | M] () -- C:\Users\ich\Desktop\Moduluebersicht.class.violet
[2012.11.16 18:07:02 | 000,000,699 | ---- | M] () -- C:\Users\ich\Desktop\Call of Duty Black Ops II.lnk
[2012.11.16 18:07:02 | 000,000,699 | ---- | M] () -- C:\Users\ich\Desktop\Call of Duty Black Ops II - Zombies.lnk
[2012.11.16 18:07:02 | 000,000,699 | ---- | M] () -- C:\Users\ich\Desktop\Call of Duty Black Ops II - Multiplayer.lnk
[2012.11.13 20:40:19 | 000,374,728 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.11.13 18:27:48 | 000,032,837 | ---- | M] () -- C:\Users\ich\Desktop\pacmanBildmontage.png
[2012.11.01 17:36:56 | 000,000,200 | ---- | M] () -- C:\Users\ich\Desktop\S.T.A.L.K.E.R. Shadow of Chernobyl.url
[2012.10.31 18:56:26 | 000,000,201 | ---- | M] () -- C:\Users\ich\Desktop\Painkiller Redemption.url
[2012.10.31 12:52:03 | 000,000,796 | ---- | M] () -- C:\Users\Public\Desktop\Plants vs. Zombies.lnk
[2012.10.31 11:20:25 | 000,015,213 | ---- | M] () -- C:\Users\ich\Desktop\2012-08-29 16.38.37.jpg
[2012.10.30 21:06:12 | 000,001,109 | ---- | M] () -- C:\Users\ich\Desktop\bildBeispiel.xml
[2012.10.30 18:23:56 | 000,000,199 | ---- | M] () -- C:\Users\ich\Desktop\Left 4 Dead 2.url
[2012.10.30 17:36:05 | 000,000,201 | ---- | M] () -- C:\Users\ich\Desktop\F.E.A.R. 3.url
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.11.27 22:30:28 | 000,046,785 | ---- | C] () -- C:\Users\ich\Desktop\Logbuch_TT.pdf
[2012.11.25 15:50:19 | 000,000,201 | ---- | C] () -- C:\Users\ich\Desktop\Dead Space.url
[2012.11.25 15:49:12 | 000,000,201 | ---- | C] () -- C:\Users\ich\Desktop\Metro 2033.url
[2012.11.25 13:55:23 | 000,074,946 | ---- | C] () -- C:\Users\ich\Documents\150234_447719185291747_1822559502_n.jpg
[2012.11.24 13:27:30 | 000,000,199 | ---- | C] () -- C:\Users\ich\Desktop\Dota 2.url
[2012.11.24 13:27:30 | 000,000,173 | ---- | C] () -- C:\Users\ich\Desktop\Dota 2 Test.url
[2012.11.24 13:10:02 | 000,062,542 | ---- | C] () -- C:\Users\ich\Desktop\tuscan.png
[2012.11.23 17:18:57 | 001,169,978 | ---- | C] () -- C:\Users\ich\Desktop\Ein plotzlicher Todesfall - Joanne K. Rowling.epub
[2012.11.23 13:35:10 | 000,001,796 | ---- | C] () -- C:\Users\ich\Desktop\Hitman.lnk
[2012.11.16 18:07:02 | 000,000,699 | ---- | C] () -- C:\Users\ich\Desktop\Call of Duty Black Ops II.lnk
[2012.11.16 18:07:02 | 000,000,699 | ---- | C] () -- C:\Users\ich\Desktop\Call of Duty Black Ops II - Zombies.lnk
[2012.11.16 18:07:02 | 000,000,699 | ---- | C] () -- C:\Users\ich\Desktop\Call of Duty Black Ops II - Multiplayer.lnk
[2012.11.13 19:50:05 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.11.13 19:46:31 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.11.13 18:23:18 | 000,032,837 | ---- | C] () -- C:\Users\ich\Desktop\pacmanBildmontage.png
[2012.11.01 17:36:56 | 000,000,200 | ---- | C] () -- C:\Users\ich\Desktop\S.T.A.L.K.E.R. Shadow of Chernobyl.url
[2012.10.31 18:56:26 | 000,000,201 | ---- | C] () -- C:\Users\ich\Desktop\Painkiller Redemption.url
[2012.10.31 12:44:56 | 000,000,796 | ---- | C] () -- C:\Users\Public\Desktop\Plants vs. Zombies.lnk
[2012.10.30 20:56:07 | 000,001,109 | ---- | C] () -- C:\Users\ich\Desktop\bildBeispiel.xml
[2012.10.30 18:23:56 | 000,000,199 | ---- | C] () -- C:\Users\ich\Desktop\Left 4 Dead 2.url
[2012.10.30 17:36:05 | 000,000,201 | ---- | C] () -- C:\Users\ich\Desktop\F.E.A.R. 3.url
[2012.10.24 05:27:50 | 000,042,440 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2012.10.23 10:50:14 | 000,000,173 | ---- | C] () -- C:\Users\ich\AppData\Local\msmathematics.qat.neon
[2012.05.01 17:55:59 | 000,000,771 | ---- | C] () -- C:\Users\ich\eclipse.lnk
[2012.04.24 14:07:59 | 000,000,233 | ---- | C] () -- C:\Windows\FTRUN32.INI
[2012.03.09 05:31:26 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.03.09 05:31:26 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.03.06 00:11:15 | 000,007,617 | ---- | C] () -- C:\Users\ich\AppData\Local\Resmon.ResmonCfg
[2012.03.01 17:16:50 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\HsMgr.exe
[2012.03.01 17:16:50 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\VmixP8.dll
[2012.03.01 17:16:50 | 000,000,048 | ---- | C] () -- C:\Windows\SysWow64\cmasiop.ini
[2012.03.01 17:16:49 | 000,042,457 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfl
[2012.03.01 16:42:16 | 000,000,906 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.imi
[2012.03.01 16:42:08 | 000,004,969 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfg
[2012.03.01 16:42:08 | 000,000,560 | ---- | C] () -- C:\Windows\cmudaxp.ini
[2012.01.31 06:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.01.30 21:28:41 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2012.01.30 21:26:09 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll
[2012.01.22 20:11:09 | 050,225,240 | ---- | C] () -- C:\Users\ich\AppData\Roaming\.minecraft.rar
[2011.11.08 19:42:19 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.10.28 16:56:10 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011.10.28 13:16:10 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.10.28 13:16:09 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.10.06 22:12:24 | 000,002,265 | ---- | C] () -- C:\Windows\FF08_Render_Spk_Hp.ini
[2011.10.06 22:12:24 | 000,001,650 | ---- | C] () -- C:\Windows\FF08_Capture.ini
[2011.10.06 22:12:24 | 000,001,540 | ---- | C] () -- C:\Windows\FF08_Render.ini
[2011.10.06 22:12:15 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011.10.06 22:12:15 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011.10.06 22:06:59 | 013,356,032 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011.10.06 22:06:59 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.10.06 22:06:59 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.10.06 22:06:59 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.10.06 22:06:59 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011.10.06 21:38:00 | 011,157,504 | ---- | C] () -- C:\Users\ich\AppData\Roaming\Sandra.mdb
[2011.10.06 21:11:40 | 001,642,270 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 03:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2012.02.08 15:06:55 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\.minecraft
[2012.03.10 01:25:56 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Amazon
[2012.03.01 17:16:57 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\ASUS
[2012.11.23 17:18:47 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\calibre
[2012.10.21 20:05:12 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2011.10.08 10:40:26 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\DAEMON Tools Lite
[2012.10.30 18:39:11 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Day 1 Studios
[2011.10.06 18:06:24 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\DeviceVm
[2012.11.29 11:02:20 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Dropbox
[2012.10.23 10:43:45 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\e-academy Inc
[2012.01.30 22:20:20 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Jason Robitaille
[2012.02.22 15:03:09 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Leadertech
[2012.07.04 11:16:02 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Motorola
[2012.07.04 11:16:34 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Motorola Mobility
[2012.09.18 17:30:33 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\MyPhoneExplorer
[2012.05.25 11:21:38 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Notepad++
[2011.10.28 16:53:12 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\OpenOffice.org
[2012.10.21 16:05:28 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Origin
[2012.02.29 20:28:12 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\pdfforge
[2012.05.25 13:38:01 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\postgresql
[2011.11.27 15:14:13 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\PunkBuster
[2012.04.26 14:21:47 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\runic games
[2011.10.08 19:16:33 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Samsung
[2012.10.21 22:36:01 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\SoftGrid Client
[2012.11.29 11:07:11 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Spotify
[2012.05.01 17:54:56 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Subversion
[2012.10.23 14:33:45 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\TeamViewer
[2011.11.24 22:16:42 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\TP
[2012.02.23 00:35:24 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Tunngle
[2011.11.18 20:58:30 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Ubisoft
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %SYSTEMDRIVE%\*. >
[2012.08.04 10:45:40 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2012.01.17 22:02:40 | 000,000,000 | ---D | M] -- C:\AllShare
[2012.02.21 19:47:37 | 000,000,000 | ---D | M] -- C:\AMD
[2012.04.28 20:21:50 | 000,000,000 | ---D | M] -- C:\apache-maven-2.2.1
[2009.07.14 06:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2011.10.06 04:13:11 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2011.10.08 19:16:36 | 000,000,000 | ---D | M] -- C:\Download
[2012.04.02 17:55:39 | 000,000,000 | ---D | M] -- C:\Fraps
[2012.09.19 14:55:32 | 000,000,000 | ---D | M] -- C:\Google Nexus 7 ToolKit
[2011.10.06 22:06:35 | 000,000,000 | ---D | M] -- C:\Intel
[2012.06.27 17:15:10 | 000,000,000 | ---D | M] -- C:\lm.dat
[2012.09.11 17:11:55 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2009.07.14 04:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2012.10.23 10:47:20 | 000,000,000 | R--D | M] -- C:\Program Files
[2012.11.23 17:15:49 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2012.10.31 12:44:54 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2011.10.06 04:13:11 | 000,000,000 | -HSD | M] -- C:\Programme
[2011.10.06 04:13:12 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.11.29 11:43:09 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2012.11.29 11:02:06 | 000,000,000 | ---D | M] -- C:\Temp
[2012.05.25 11:22:46 | 000,000,000 | R--D | M] -- C:\Users
[2012.11.18 22:20:59 | 000,000,000 | ---D | M] -- C:\Windows
[2012.07.20 16:31:35 | 000,000,000 | ---D | M] -- C:\Wugs_NexusRootToolkit.v1.5.2
 
< %ALLUSERSPROFILE%\Application Data\*. >
 
< %ALLUSERSPROFILE%\Application Data\*.exe /s >
 
< %APPDATA%\*. >
[2012.02.08 15:06:55 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\.minecraft
[2011.10.21 22:12:45 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Adobe
[2012.03.10 01:25:56 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Amazon
[2011.10.06 20:55:13 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Apple Computer
[2012.03.01 17:16:57 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\ASUS
[2011.11.08 19:42:24 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\ATI
[2012.11.23 17:18:47 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\calibre
[2012.10.21 20:05:12 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Command & Conquer 3 Tiberium Wars
[2011.10.08 10:40:26 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\DAEMON Tools Lite
[2012.10.30 18:39:11 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Day 1 Studios
[2011.10.06 18:06:24 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\DeviceVm
[2012.11.29 11:02:20 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Dropbox
[2012.03.06 15:37:06 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\dvdcss
[2012.10.23 10:43:45 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\e-academy Inc
[2011.10.06 04:13:19 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Identities
[2011.10.06 22:09:11 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\InstallShield
[2012.01.30 22:20:20 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Jason Robitaille
[2012.02.22 15:03:09 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Leadertech
[2012.02.22 15:18:22 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Logishrd
[2012.02.22 15:12:09 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Logitech
[2011.10.06 22:11:04 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Macromedia
[2009.07.14 19:18:34 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Media Center Programs
[2012.11.18 23:12:17 | 000,000,000 | --SD | M] -- C:\Users\ich\AppData\Roaming\Microsoft
[2012.07.04 11:16:02 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Motorola
[2012.07.04 11:16:34 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Motorola Mobility
[2012.11.02 17:24:20 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Mozilla
[2012.09.18 17:30:33 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\MyPhoneExplorer
[2012.05.25 11:21:38 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Notepad++
[2011.10.09 16:52:01 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\NVIDIA
[2011.10.28 16:53:12 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\OpenOffice.org
[2012.10.21 16:05:28 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Origin
[2012.02.29 20:28:12 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\pdfforge
[2012.05.25 13:38:01 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\postgresql
[2011.11.27 15:14:13 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\PunkBuster
[2012.04.26 14:21:47 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\runic games
[2011.10.08 19:16:33 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Samsung
[2012.10.21 16:21:02 | 000,000,000 | RH-D | M] -- C:\Users\ich\AppData\Roaming\SecuROM
[2012.10.10 22:28:21 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Skype
[2012.10.21 22:36:01 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\SoftGrid Client
[2012.11.29 11:07:11 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Spotify
[2012.05.01 17:54:56 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Subversion
[2012.10.23 14:33:45 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\TeamViewer
[2012.05.29 14:54:56 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\TortoiseSVN
[2011.11.24 22:16:42 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\TP
[2012.02.23 00:35:24 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Tunngle
[2011.11.18 20:58:30 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Ubisoft
[2012.03.09 00:00:27 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\vlc
[2011.10.06 20:44:55 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\WinRAR
[2012.11.29 11:40:57 | 000,000,000 | ---D | M] -- C:\Users\ich\AppData\Roaming\Xfire
 
< %APPDATA%\*.exe /s >
[2012.01.20 22:53:31 | 001,259,046 | ---- | M] () -- C:\Users\ich\AppData\Roaming\.minecraft\texturepacks\mcpatcher-2.3.1.exe
[2012.05.24 19:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\ich\AppData\Roaming\Dropbox\bin\Dropbox.exe
[2012.04.04 06:45:36 | 000,872,040 | ---- | M] (Dropbox, Inc.) -- C:\Users\ich\AppData\Roaming\Dropbox\bin\DropboxUpdateHelper.exe
[2012.05.24 19:39:56 | 000,177,280 | ---- | M] (Dropbox, Inc.) -- C:\Users\ich\AppData\Roaming\Dropbox\bin\Uninstall.exe
[2012.02.22 15:12:04 | 000,053,248 | R--- | M] (Acresso Software Inc.) -- C:\Users\ich\AppData\Roaming\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
[2012.10.23 10:43:45 | 000,009,662 | R--- | M] () -- C:\Users\ich\AppData\Roaming\Microsoft\Installer\{9268B41D-6045-4F5F-A14E-3F8E51CD2666}\_853F67D554F05449430E7E.exe
[2012.10.27 17:49:32 | 000,009,662 | R--- | M] () -- C:\Users\ich\AppData\Roaming\Microsoft\Installer\{AA57D6F1-6360-4397-B2D9-B21C69863D97}\_112D608FD02CD87FDC7735.exe
[2012.10.27 17:49:32 | 000,009,662 | R--- | M] () -- C:\Users\ich\AppData\Roaming\Microsoft\Installer\{AA57D6F1-6360-4397-B2D9-B21C69863D97}\_5E3F868D52D5DFAB8E1F0B.exe
[2012.10.27 17:49:32 | 000,009,662 | R--- | M] () -- C:\Users\ich\AppData\Roaming\Microsoft\Installer\{AA57D6F1-6360-4397-B2D9-B21C69863D97}\_853F67D554F05449430E7E.exe
[2011.11.23 17:38:29 | 003,123,272 | R--- | M] () -- C:\Users\ich\AppData\Roaming\PunkBuster\pbsetup\pbsvc.exe
[2012.02.22 21:23:36 | 037,411,800 | ---- | M] (Samsung Electronics Co., Ltd.                                ) -- C:\Users\ich\AppData\Roaming\Samsung\AllShare\AllShare_2.1.0.12013_8.exe
[2012.08.13 17:35:21 | 037,277,456 | ---- | M] (Samsung Electronics Co., Ltd.                                ) -- C:\Users\ich\AppData\Roaming\Samsung\AllShare\AllShare_2.1.0.12031_10.exe
[2012.10.27 21:19:21 | 007,880,664 | ---- | M] (Spotify Ltd) -- C:\Users\ich\AppData\Roaming\Spotify\spotify.exe
[2012.10.27 21:19:15 | 000,117,208 | ---- | M] (Spotify Ltd) -- C:\Users\ich\AppData\Roaming\Spotify\SpotifyLauncher.exe
[2012.10.27 21:19:15 | 001,199,576 | ---- | M] (Spotify Ltd) -- C:\Users\ich\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
 
< %SYSTEMROOT%\system32\drivers\*.sys /lockedfiles >
 
< %SYSTEMROOT%\System32\config\*.sav >
 
< %SYSTEMROOT%\*. /mp /s >
 
< %SYSTEMROOT%\system32\*.dll /lockedfiles >
[2 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 356 bytes -> C:\Users\ich\Desktop\2012-08-29 16.38.37.jpg:com.dropbox.attributes

< End of report >
         

Alt 29.11.2012, 12:55   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Web.de (Mail delivery failed) - Standard

Web.de (Mail delivery failed)



Hallo und

Zitat:
64bit- Professional Service Pack 1
Wieso hast du eine Professional Edition? Ist das rein zufällig ein Büro-/Firmen-PC? Oder ein Uni-Rechner?
__________________

__________________

Alt 29.11.2012, 13:37   #3
ne0n2005
 
Web.de (Mail delivery failed) - Standard

Web.de (Mail delivery failed)



Hallo,

bei der Win7 Version handelt es sich in der Tat um eine Studentenversion, da meine Hochschule im Besitz ein Dreamspark Lizenz (jedoch leider ohne das Officeparket) ist.

Es handelt sich dabei jedoch um meinen Privatrechner.
__________________

Alt 29.11.2012, 14:46   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Web.de (Mail delivery failed) - Standard

Web.de (Mail delivery failed)



Ok

Bei den letzten Fällen mit demselben Problem hat sich das nach der Passwortänderung jeweils erledigt. Bekommst du diese Mails noch oder hat das jetzt auch bei dir aufgehört nachdem du dein Passwort geändert hast?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 29.11.2012, 18:03   #5
ne0n2005
 
Web.de (Mail delivery failed) - Standard

Web.de (Mail delivery failed)



Noch habe ich keine bekommen. Ich hatte jetzt aber mal nachgeschaut und festgestellt, dass das ganze schon seit etwa 3 Wochen so vor sich geht. Und öfter auch mal 3 Tage keine Mails verschickt wurden.

Sollte es jedoch mit Änderung des Passwortes jetzt aufhören, ist das ein Zeichen dafür, dass die sich das Passwort nicht mittels Trojaner geholt haben ? Und ich mir um meine Systemsicherheit ansonsten keine sorgen machen brauche ?


Alt 29.11.2012, 20:23   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Web.de (Mail delivery failed) - Standard

Web.de (Mail delivery failed)



Es lässt sich nicht mit Gewissheit sagen wie die an dein Passwort gekommen sind. Kann sein, dass es nur zu einfach zu erraten war

1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
  • Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.


2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
--> Web.de (Mail delivery failed)

Alt 29.11.2012, 23:08   #7
ne0n2005
 
Web.de (Mail delivery failed) - Standard

Web.de (Mail delivery failed)



Soo, also beim aswMBR kam jetzt nicht viel rum, da es beim Av-Quickscan immer abgestürzt ist.


Code:
ATTFilter
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2012-11-29 23:10:40
-----------------------------
23:10:40.661    OS Version: Windows x64 6.1.7601 Service Pack 1
23:10:40.661    Number of processors: 4 586 0x2A07
23:10:40.662    ComputerName: NEON-PC  UserName: neon
23:10:40.814    Initialize success
23:10:45.230    AVAST engine defs: 12112900
23:10:47.614    Disk 0  \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
23:10:47.616    Disk 0 Vendor: WDC_WD20EARX-00PASB0 51.0AB51 Size: 1907729MB BusType: 3
23:10:47.619    Disk 1 (boot) \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-1
23:10:47.621    Disk 1 Vendor: M4-CT064M4SSD2 0002 Size: 61057MB BusType: 3
23:10:47.624    Disk 2  \Device\Harddisk2\DR2 -> \Device\Ide\IdeDeviceP1T1L0-2
23:10:47.627    Disk 2 Vendor: SAMSUNG_HD103UJ 1AA01113 Size: 953869MB BusType: 3
23:10:47.631    Disk 1 MBR read successfully
23:10:47.635    Disk 1 MBR scan
23:10:47.639    Disk 1 Windows 7 default MBR code
23:10:47.642    Disk 1 Partition 1 00     07    HPFS/NTFS NTFS        61055 MB offset 2048
23:10:47.667    Disk 1 scanning C:\Windows\system32\drivers
23:10:52.768    Service scanning
23:11:07.316    Modules scanning
23:11:07.331    Disk 1 trace - called modules:
23:11:07.337    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys 
23:11:07.342    1 nt!IofCallDriver -> \Device\Harddisk1\DR1[0xfffffa8006935060]
23:11:07.346    3 CLASSPNP.SYS[fffff8800185143f] -> nt!IofCallDriver -> [0xfffffa800672e580]
23:11:07.349    5 ACPI.sys[fffff88000f1e7a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0xfffffa800672b060]
23:11:07.352    Scan finished successfully
23:11:17.530    Disk 1 MBR has been saved successfully to "C:\Users\neon\Desktop\MBR.dat"
23:11:17.533    The log file has been saved successfully to "C:\Users\neon\Desktop\aswMBR.txt"
         
Der Avast Killer hat da schon deutlich mehr ausgespuckt:

Code:
ATTFilter
23:02:17.0573 2828  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
23:02:17.0787 2828  ============================================================
23:02:17.0787 2828  Current date / time: 2012/11/29 23:02:17.0787
23:02:17.0787 2828  SystemInfo:
23:02:17.0787 2828  
23:02:17.0787 2828  OS Version: 6.1.7601 ServicePack: 1.0
23:02:17.0787 2828  Product type: Workstation
23:02:17.0787 2828  ComputerName: NEON-PC
23:02:17.0787 2828  UserName: neon
23:02:17.0787 2828  Windows directory: C:\Windows
23:02:17.0787 2828  System windows directory: C:\Windows
23:02:17.0787 2828  Running under WOW64
23:02:17.0787 2828  Processor architecture: Intel x64
23:02:17.0787 2828  Number of processors: 4
23:02:17.0787 2828  Page size: 0x1000
23:02:17.0787 2828  Boot type: Normal boot
23:02:17.0787 2828  ============================================================
23:02:18.0282 2828  Drive \Device\Harddisk0\DR0 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:02:18.0282 2828  Drive \Device\Harddisk1\DR1 - Size: 0xEE8156000 (59.63 Gb), SectorSize: 0x200, Cylinders: 0x1E67, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:02:18.0304 2828  Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
23:02:18.0413 2828  ============================================================
23:02:18.0413 2828  \Device\Harddisk0\DR0:
23:02:18.0413 2828  MBR partitions:
23:02:18.0413 2828  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800
23:02:18.0413 2828  \Device\Harddisk1\DR1:
23:02:18.0413 2828  MBR partitions:
23:02:18.0413 2828  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x773F800
23:02:18.0413 2828  \Device\Harddisk2\DR2:
23:02:18.0413 2828  MBR partitions:
23:02:18.0413 2828  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1869E559
23:02:18.0424 2828  \Device\Harddisk2\DR2\Partition2: MBR, Type 0x7, StartLBA 0x1869E5D7, BlocksNum 0x3D08FC7E
23:02:18.0438 2828  \Device\Harddisk2\DR2\Partition3: MBR, Type 0x7, StartLBA 0x5572E294, BlocksNum 0x1EFD386C
23:02:18.0438 2828  ============================================================
23:02:18.0439 2828  C: <-> \Device\Harddisk1\DR1\Partition1
23:02:18.0457 2828  D: <-> \Device\Harddisk2\DR2\Partition1
23:02:18.0886 2828  E: <-> \Device\Harddisk0\DR0\Partition1
23:02:18.0921 2828  F: <-> \Device\Harddisk2\DR2\Partition2
23:02:18.0951 2828  G: <-> \Device\Harddisk2\DR2\Partition3
23:02:18.0951 2828  ============================================================
23:02:18.0951 2828  Initialize success
23:02:18.0951 2828  ============================================================
23:02:21.0969 6340  ============================================================
23:02:21.0969 6340  Scan started
23:02:21.0969 6340  Mode: Manual; SigCheck; TDLFS; 
23:02:21.0969 6340  ============================================================
23:02:22.0241 6340  ================ Scan system memory ========================
23:02:22.0241 6340  System memory - ok
23:02:22.0241 6340  ================ Scan services =============================
23:02:22.0271 6340  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
23:02:22.0303 6340  1394ohci - ok
23:02:22.0309 6340  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:02:22.0321 6340  ACPI - ok
23:02:22.0322 6340  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
23:02:22.0339 6340  AcpiPmi - ok
23:02:22.0344 6340  [ 62B7936F9036DD6ED36E6A7EFA805DC0 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
23:02:22.0351 6340  AdobeARMservice - ok
23:02:22.0372 6340  [ 44C00A385CA9DBC1D5CF3781F8C26AEA ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
23:02:22.0382 6340  AdobeFlashPlayerUpdateSvc - ok
23:02:22.0391 6340  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
23:02:22.0407 6340  adp94xx - ok
23:02:22.0412 6340  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
23:02:22.0423 6340  adpahci - ok
23:02:22.0427 6340  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
23:02:22.0436 6340  adpu320 - ok
23:02:22.0439 6340  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:02:22.0487 6340  AeLookupSvc - ok
23:02:22.0496 6340  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
23:02:22.0508 6340  AFD - ok
23:02:22.0512 6340  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
23:02:22.0518 6340  agp440 - ok
23:02:22.0521 6340  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
23:02:22.0532 6340  ALG - ok
23:02:22.0534 6340  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:02:22.0539 6340  aliide - ok
23:02:22.0544 6340  [ 20C8A3E435A47F0408A1EA674AFA6194 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:02:22.0566 6340  AMD External Events Utility - ok
23:02:22.0568 6340  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
23:02:22.0574 6340  amdide - ok
23:02:22.0577 6340  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
23:02:22.0587 6340  AmdK8 - ok
23:02:22.0711 6340  [ 0B45C18B0F3EE996D25BAA4E74884B83 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
23:02:22.0873 6340  amdkmdag - ok
23:02:22.0879 6340  [ 0E57258E5CC4CC7A9A9A877AFDF0CEC6 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
23:02:22.0892 6340  amdkmdap - ok
23:02:22.0894 6340  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
23:02:22.0902 6340  AmdPPM - ok
23:02:22.0906 6340  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
23:02:22.0913 6340  amdsata - ok
23:02:22.0917 6340  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
23:02:22.0926 6340  amdsbs - ok
23:02:22.0928 6340  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
23:02:22.0934 6340  amdxata - ok
23:02:22.0937 6340  [ 363571BC0C79E394E69300D1F2E3DDAE ] androidusb      C:\Windows\system32\Drivers\androidusb.sys
23:02:22.0943 6340  androidusb - ok
23:02:22.0946 6340  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
23:02:23.0003 6340  AppID - ok
23:02:23.0006 6340  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:02:23.0028 6340  AppIDSvc - ok
23:02:23.0031 6340  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
23:02:23.0053 6340  Appinfo - ok
23:02:23.0058 6340  [ 7EF47644B74EBE721CC32211D3C35E76 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:02:23.0063 6340  Apple Mobile Device - ok
23:02:23.0069 6340  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
23:02:23.0079 6340  AppMgmt - ok
23:02:23.0082 6340  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
23:02:23.0089 6340  arc - ok
23:02:23.0092 6340  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
23:02:23.0099 6340  arcsas - ok
23:02:23.0108 6340  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
23:02:23.0117 6340  aspnet_state - ok
23:02:23.0119 6340  [ 912A215CE180A6E7C923C662D7EC777D ] AsrAppCharger   C:\Windows\system32\DRIVERS\AsrAppCharger.sys
23:02:23.0141 6340  AsrAppCharger - ok
23:02:23.0143 6340  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:02:23.0164 6340  AsyncMac - ok
23:02:23.0167 6340  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
23:02:23.0173 6340  atapi - ok
23:02:23.0177 6340  [ 24464B908E143D2561E9E452FEE97309 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
23:02:23.0182 6340  AtiHDAudioService - ok
23:02:23.0192 6340  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:02:23.0223 6340  AudioEndpointBuilder - ok
23:02:23.0232 6340  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
23:02:23.0256 6340  AudioSrv - ok
23:02:23.0259 6340  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:02:23.0277 6340  AxInstSV - ok
23:02:23.0284 6340  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
23:02:23.0297 6340  b06bdrv - ok
23:02:23.0302 6340  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
23:02:23.0313 6340  b57nd60a - ok
23:02:23.0317 6340  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:02:23.0326 6340  BDESVC - ok
23:02:23.0328 6340  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:02:23.0349 6340  Beep - ok
23:02:23.0358 6340  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
23:02:23.0388 6340  BFE - ok
23:02:23.0398 6340  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
23:02:23.0429 6340  BITS - ok
23:02:23.0432 6340  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:02:23.0439 6340  blbdrive - ok
23:02:23.0447 6340  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:02:23.0459 6340  Bonjour Service - ok
23:02:23.0462 6340  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:02:23.0471 6340  bowser - ok
23:02:23.0473 6340  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:02:23.0489 6340  BrFiltLo - ok
23:02:23.0492 6340  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:02:23.0499 6340  BrFiltUp - ok
23:02:23.0503 6340  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
23:02:23.0512 6340  Browser - ok
23:02:23.0517 6340  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
23:02:23.0531 6340  Brserid - ok
23:02:23.0533 6340  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:02:23.0542 6340  BrSerWdm - ok
23:02:23.0544 6340  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:02:23.0553 6340  BrUsbMdm - ok
23:02:23.0556 6340  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
23:02:23.0563 6340  BrUsbSer - ok
23:02:23.0564 6340  [ FF7C57973EEAD140062238C5A0B7D455 ] BTCFilterService C:\Windows\system32\DRIVERS\motfilt.sys
23:02:23.0573 6340  BTCFilterService - ok
23:02:23.0576 6340  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
23:02:23.0586 6340  BthEnum - ok
23:02:23.0588 6340  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
23:02:23.0598 6340  BTHMODEM - ok
23:02:23.0601 6340  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
23:02:23.0612 6340  BthPan - ok
23:02:23.0619 6340  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
23:02:23.0633 6340  BTHPORT - ok
23:02:23.0636 6340  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
23:02:23.0658 6340  bthserv - ok
23:02:23.0662 6340  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
23:02:23.0669 6340  BTHUSB - ok
23:02:23.0672 6340  [ 2BD001601496AE87F7CB86F1FCD6F1EC ] Cardex          C:\Windows\SysWOW64\drivers\TBPANELX64.SYS
23:02:23.0682 6340  Cardex - ok
23:02:23.0686 6340  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:02:23.0708 6340  cdfs - ok
23:02:23.0711 6340  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:02:23.0719 6340  cdrom - ok
23:02:23.0723 6340  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
23:02:23.0744 6340  CertPropSvc - ok
23:02:23.0747 6340  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
23:02:23.0756 6340  circlass - ok
23:02:23.0762 6340  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
23:02:23.0774 6340  CLFS - ok
23:02:23.0791 6340  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:02:23.0797 6340  clr_optimization_v2.0.50727_32 - ok
23:02:23.0803 6340  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
23:02:23.0811 6340  clr_optimization_v2.0.50727_64 - ok
23:02:23.0818 6340  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:02:23.0832 6340  clr_optimization_v4.0.30319_32 - ok
23:02:23.0834 6340  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
23:02:23.0843 6340  clr_optimization_v4.0.30319_64 - ok
23:02:23.0846 6340  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
23:02:23.0853 6340  CmBatt - ok
23:02:23.0856 6340  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:02:23.0862 6340  cmdide - ok
23:02:23.0893 6340  [ 0367F029425CBD5506E8DB2757FF3A8F ] cmudaxp         C:\Windows\system32\drivers\cmudaxp.sys
23:02:23.0947 6340  cmudaxp - ok
23:02:23.0956 6340  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
23:02:23.0973 6340  CNG - ok
23:02:23.0976 6340  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
23:02:23.0982 6340  Compbatt - ok
23:02:23.0984 6340  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
23:02:23.0994 6340  CompositeBus - ok
23:02:23.0996 6340  COMSysApp - ok
23:02:24.0001 6340  cpuz135 - ok
23:02:24.0002 6340  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
23:02:24.0009 6340  crcdisk - ok
23:02:24.0013 6340  [ C8BD651E13895B93ED9EC5B4F1DF42BC ] Creative ALchemy AL6 Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
23:02:24.0018 6340  Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - warning
23:02:24.0018 6340  Creative ALchemy AL6 Licensing Service - detected UnsignedFile.Multi.Generic (1)
23:02:24.0021 6340  [ C0EAD9F8AB83D41FF07303C75589C2B8 ] Creative Audio Engine Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
23:02:24.0026 6340  Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - warning
23:02:24.0026 6340  Creative Audio Engine Licensing Service - detected UnsignedFile.Multi.Generic (1)
23:02:24.0031 6340  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:02:24.0042 6340  CryptSvc - ok
23:02:24.0048 6340  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
23:02:24.0063 6340  CSC - ok
23:02:24.0073 6340  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
23:02:24.0089 6340  CscService - ok
23:02:24.0094 6340  [ 7DAA33AAEE034AE62EF631A3F13A027B ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
23:02:24.0099 6340  CTAudSvcService ( UnsignedFile.Multi.Generic ) - warning
23:02:24.0099 6340  CTAudSvcService - detected UnsignedFile.Multi.Generic (1)
23:02:24.0111 6340  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
23:02:24.0124 6340  cvhsvc - ok
23:02:24.0127 6340  [ 44BDDEB03C84A1C993C992FFB5700357 ] CVirtA          C:\Windows\system32\DRIVERS\CVirtA64.sys
23:02:24.0132 6340  CVirtA - ok
23:02:24.0149 6340  [ 98C413E1A2FB6E5A4C101C25B3D0B275 ] CVPND           C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
23:02:24.0178 6340  CVPND - ok
23:02:24.0183 6340  [ 79AF0E203D089AF442A3F70ED00A37FB ] CVPNDRVA        C:\Windows\system32\Drivers\CVPNDRVA.sys
23:02:24.0191 6340  CVPNDRVA - ok
23:02:24.0199 6340  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:02:24.0227 6340  DcomLaunch - ok
23:02:24.0232 6340  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
23:02:24.0258 6340  defragsvc - ok
23:02:24.0261 6340  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:02:24.0282 6340  DfsC - ok
23:02:24.0286 6340  [ 6060106CE00F32F63F1A73160E46E9D2 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
23:02:24.0292 6340  dg_ssudbus - ok
23:02:24.0298 6340  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:02:24.0311 6340  Dhcp - ok
23:02:24.0312 6340  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
23:02:24.0334 6340  discache - ok
23:02:24.0337 6340  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
23:02:24.0343 6340  Disk - ok
23:02:24.0347 6340  [ 05CB5910B3CA6019FC3CCA815EE06FFB ] DNE             C:\Windows\system32\DRIVERS\dne64x.sys
23:02:24.0353 6340  DNE - ok
23:02:24.0357 6340  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:02:24.0367 6340  Dnscache - ok
23:02:24.0372 6340  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
23:02:24.0396 6340  dot3svc - ok
23:02:24.0399 6340  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
23:02:24.0423 6340  DPS - ok
23:02:24.0426 6340  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:02:24.0434 6340  drmkaud - ok
23:02:24.0439 6340  [ D3D64CF7B2BCEAA34A270F45A3FFFB36 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
23:02:24.0446 6340  dtsoftbus01 - ok
23:02:24.0459 6340  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:02:24.0474 6340  DXGKrnl - ok
23:02:24.0478 6340  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
23:02:24.0501 6340  EapHost - ok
23:02:24.0536 6340  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
23:02:24.0588 6340  ebdrv - ok
23:02:24.0591 6340  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
23:02:24.0599 6340  EFS - ok
23:02:24.0611 6340  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:02:24.0629 6340  ehRecvr - ok
23:02:24.0633 6340  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
23:02:24.0644 6340  ehSched - ok
23:02:24.0651 6340  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
23:02:24.0666 6340  elxstor - ok
23:02:24.0668 6340  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:02:24.0674 6340  ErrDev - ok
23:02:24.0678 6340  [ DF2F6C1E55F6E81CFC7F688380D85816 ] EtronHub3       C:\Windows\system32\Drivers\EtronHub3.sys
23:02:24.0684 6340  EtronHub3 - ok
23:02:24.0687 6340  [ E093ABFB67A4B9D94F80611A7D0A8BB9 ] EtronXHCI       C:\Windows\system32\Drivers\EtronXHCI.sys
23:02:24.0693 6340  EtronXHCI - ok
23:02:24.0701 6340  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
23:02:24.0728 6340  EventSystem - ok
23:02:24.0732 6340  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
23:02:24.0756 6340  exfat - ok
23:02:24.0759 6340  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:02:24.0784 6340  fastfat - ok
23:02:24.0793 6340  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
23:02:24.0811 6340  Fax - ok
23:02:24.0813 6340  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
23:02:24.0821 6340  fdc - ok
23:02:24.0823 6340  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
23:02:24.0844 6340  fdPHost - ok
23:02:24.0847 6340  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
23:02:24.0869 6340  FDResPub - ok
23:02:24.0872 6340  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:02:24.0878 6340  FileInfo - ok
23:02:24.0881 6340  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:02:24.0902 6340  Filetrace - ok
23:02:24.0904 6340  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
23:02:24.0912 6340  flpydisk - ok
23:02:24.0917 6340  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:02:24.0926 6340  FltMgr - ok
23:02:24.0928 6340  [ FE95AE537B41A7E2F4CFE353064DC4AF ] FNETTBOH_305    C:\Windows\system32\drivers\FNETTBOH_305.SYS
23:02:24.0939 6340  FNETTBOH_305 - ok
23:02:24.0942 6340  [ 7C3C4B4C951EC1BDFD4F769D05E2CC68 ] FNETURPX        C:\Windows\system32\drivers\FNETURPX.SYS
23:02:24.0952 6340  FNETURPX - ok
23:02:24.0966 6340  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
23:02:24.0988 6340  FontCache - ok
23:02:24.0991 6340  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
23:02:24.0996 6340  FontCache3.0.0.0 - ok
23:02:24.0998 6340  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:02:25.0004 6340  FsDepends - ok
23:02:25.0007 6340  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:02:25.0013 6340  Fs_Rec - ok
23:02:25.0016 6340  [ 79B4CDE2B69ED8BA4011859780A66A4D ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe
23:02:25.0043 6340  Futuremark SystemInfo Service - ok
23:02:25.0047 6340  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:02:25.0058 6340  fvevol - ok
23:02:25.0062 6340  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
23:02:25.0068 6340  gagp30kx - ok
23:02:25.0072 6340  [ E403AACF8C7BB11375122D2464560311 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:02:25.0076 6340  GEARAspiWDM - ok
23:02:25.0086 6340  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
23:02:25.0117 6340  gpsvc - ok
23:02:25.0122 6340  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:02:25.0128 6340  gupdate - ok
23:02:25.0132 6340  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
23:02:25.0137 6340  gupdatem - ok
23:02:25.0139 6340  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
23:02:25.0144 6340  hamachi - ok
23:02:25.0171 6340  [ 21D24138B736983F6E23823E092E9428 ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
23:02:25.0214 6340  Hamachi2Svc - ok
23:02:25.0217 6340  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:02:25.0227 6340  hcw85cir - ok
23:02:25.0232 6340  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:02:25.0246 6340  HdAudAddService - ok
23:02:25.0248 6340  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
23:02:25.0258 6340  HDAudBus - ok
23:02:25.0261 6340  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
23:02:25.0268 6340  HidBatt - ok
23:02:25.0272 6340  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
23:02:25.0282 6340  HidBth - ok
23:02:25.0283 6340  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
23:02:25.0293 6340  HidIr - ok
23:02:25.0296 6340  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
23:02:25.0318 6340  hidserv - ok
23:02:25.0322 6340  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:02:25.0329 6340  HidUsb - ok
23:02:25.0332 6340  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:02:25.0354 6340  hkmsvc - ok
23:02:25.0359 6340  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:02:25.0371 6340  HomeGroupListener - ok
23:02:25.0376 6340  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:02:25.0386 6340  HomeGroupProvider - ok
23:02:25.0388 6340  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:02:25.0396 6340  HpSAMD - ok
23:02:25.0407 6340  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:02:25.0439 6340  HTTP - ok
23:02:25.0442 6340  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:02:25.0447 6340  hwpolicy - ok
23:02:25.0451 6340  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
23:02:25.0458 6340  i8042prt - ok
23:02:25.0464 6340  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:02:25.0477 6340  iaStorV - ok
23:02:25.0489 6340  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
23:02:25.0509 6340  idsvc - ok
23:02:25.0676 6340  [ 174BCAC474DE13B2650E444CF124828E ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
23:02:25.0882 6340  igfx - ok
23:02:25.0886 6340  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
23:02:25.0893 6340  iirsp - ok
23:02:25.0903 6340  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
23:02:25.0936 6340  IKEEXT - ok
23:02:25.0966 6340  [ A0C2C3D4C03C4FB896CFC53873784178 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
23:02:26.0013 6340  IntcAzAudAddService - ok
23:02:26.0019 6340  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
23:02:26.0029 6340  IntcDAud - ok
23:02:26.0032 6340  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
23:02:26.0038 6340  intelide - ok
23:02:26.0041 6340  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:02:26.0049 6340  intelppm - ok
23:02:26.0053 6340  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:02:26.0076 6340  IPBusEnum - ok
23:02:26.0079 6340  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:02:26.0101 6340  IpFilterDriver - ok
23:02:26.0107 6340  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:02:26.0121 6340  iphlpsvc - ok
23:02:26.0123 6340  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
23:02:26.0131 6340  IPMIDRV - ok
23:02:26.0134 6340  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:02:26.0157 6340  IPNAT - ok
23:02:26.0169 6340  [ 755E4BA6DCE627A2683BB7640553C8D6 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
23:02:26.0188 6340  iPod Service - ok
23:02:26.0191 6340  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:02:26.0207 6340  IRENUM - ok
23:02:26.0208 6340  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:02:26.0214 6340  isapnp - ok
23:02:26.0219 6340  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
23:02:26.0229 6340  iScsiPrt - ok
23:02:26.0232 6340  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
23:02:26.0238 6340  kbdclass - ok
23:02:26.0241 6340  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
23:02:26.0248 6340  kbdhid - ok
23:02:26.0251 6340  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
23:02:26.0257 6340  KeyIso - ok
23:02:26.0261 6340  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:02:26.0267 6340  KSecDD - ok
23:02:26.0271 6340  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:02:26.0278 6340  KSecPkg - ok
23:02:26.0281 6340  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
23:02:26.0302 6340  ksthunk - ok
23:02:26.0308 6340  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:02:26.0334 6340  KtmRm - ok
23:02:26.0341 6340  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
23:02:26.0364 6340  LanmanServer - ok
23:02:26.0368 6340  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:02:26.0391 6340  LanmanWorkstation - ok
23:02:26.0397 6340  [ 7772DFAB22611050B79504E671B06E6E ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
23:02:26.0409 6340  LBTServ - ok
23:02:26.0412 6340  [ FA529FB35694C24BF98A9EF67C1CD9D0 ] LGBusEnum       C:\Windows\system32\drivers\LGBusEnum.sys
23:02:26.0417 6340  LGBusEnum - ok
23:02:26.0419 6340  [ 1AF3A5A9BC310C88F2EFCEBD08D381AB ] LGSHidFilt      C:\Windows\system32\DRIVERS\LGSHidFilt.Sys
23:02:26.0424 6340  LGSHidFilt - ok
23:02:26.0427 6340  [ 94B29CE153765E768F004FB3440BE2B0 ] LGVirHid        C:\Windows\system32\drivers\LGVirHid.sys
23:02:26.0431 6340  LGVirHid - ok
23:02:26.0434 6340  [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
23:02:26.0441 6340  LHidFilt - ok
23:02:26.0443 6340  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:02:26.0464 6340  lltdio - ok
23:02:26.0471 6340  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:02:26.0497 6340  lltdsvc - ok
23:02:26.0499 6340  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:02:26.0521 6340  lmhosts - ok
23:02:26.0524 6340  [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
23:02:26.0531 6340  LMouFilt - ok
23:02:26.0532 6340  LMS - ok
23:02:26.0537 6340  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
23:02:26.0544 6340  LSI_FC - ok
23:02:26.0547 6340  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
23:02:26.0554 6340  LSI_SAS - ok
23:02:26.0557 6340  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:02:26.0564 6340  LSI_SAS2 - ok
23:02:26.0567 6340  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:02:26.0576 6340  LSI_SCSI - ok
23:02:26.0578 6340  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
23:02:26.0601 6340  luafv - ok
23:02:26.0603 6340  [ 29C733E1DE824670DC9315CFC9BDBCD3 ] LUsbFilt        C:\Windows\system32\Drivers\LUsbFilt.Sys
23:02:26.0609 6340  LUsbFilt - ok
23:02:26.0613 6340  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:02:26.0622 6340  Mcx2Svc - ok
23:02:26.0624 6340  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
23:02:26.0631 6340  megasas - ok
23:02:26.0636 6340  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
23:02:26.0646 6340  MegaSR - ok
23:02:26.0648 6340  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
23:02:26.0653 6340  MEIx64 - ok
23:02:26.0659 6340  Microsoft SharePoint Workspace Audit Service - ok
23:02:26.0662 6340  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
23:02:26.0684 6340  MMCSS - ok
23:02:26.0687 6340  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
23:02:26.0708 6340  Modem - ok
23:02:26.0711 6340  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:02:26.0721 6340  monitor - ok
23:02:26.0722 6340  [ D69F1E9A944A5F46A494AF901ED41118 ] motandroidusb   C:\Windows\system32\Drivers\motoandroid.sys
23:02:26.0731 6340  motandroidusb - ok
23:02:26.0733 6340  [ 85198FB1E5CC4A9DB03443A385EA0AD2 ] motccgp         C:\Windows\system32\DRIVERS\motccgp.sys
23:02:26.0741 6340  motccgp - ok
23:02:26.0743 6340  [ 577399C75CF85AC68E7830EB150F45EF ] motccgpfl       C:\Windows\system32\DRIVERS\motccgpfl.sys
23:02:26.0749 6340  motccgpfl - ok
23:02:26.0752 6340  MotDev - ok
23:02:26.0754 6340  [ 0EF6B989AF403C1C1B6EBCBD2A280612 ] motmodem        C:\Windows\system32\DRIVERS\motmodem.sys
23:02:26.0763 6340  motmodem - ok
23:02:26.0767 6340  [ 5DDCE3FC5A54A4A58EE693046EBFAEF3 ] Motorola Device Manager C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
23:02:26.0773 6340  Motorola Device Manager - ok
23:02:26.0776 6340  [ EBD05F60CAFC5BBA2602B8D7101082D3 ] MotoSwitchService C:\Windows\system32\DRIVERS\motswch.sys
23:02:26.0782 6340  MotoSwitchService - ok
23:02:26.0784 6340  [ 7E1BD35249F4D5A745144B3C77F9FB85 ] Motousbnet      C:\Windows\system32\DRIVERS\Motousbnet.sys
23:02:26.0792 6340  Motousbnet - ok
23:02:26.0794 6340  [ D075B1D964A314D240F5498773EE89DF ] motusbdevice    C:\Windows\system32\DRIVERS\motusbdevice.sys
23:02:26.0802 6340  motusbdevice - ok
23:02:26.0804 6340  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
23:02:26.0811 6340  mouclass - ok
23:02:26.0813 6340  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:02:26.0821 6340  mouhid - ok
23:02:26.0823 6340  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:02:26.0831 6340  mountmgr - ok
23:02:26.0836 6340  [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
23:02:26.0846 6340  MpFilter - ok
23:02:26.0849 6340  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:02:26.0858 6340  mpio - ok
23:02:26.0861 6340  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:02:26.0883 6340  mpsdrv - ok
23:02:26.0894 6340  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:02:26.0927 6340  MpsSvc - ok
23:02:26.0931 6340  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:02:26.0943 6340  MRxDAV - ok
23:02:26.0947 6340  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:02:26.0957 6340  mrxsmb - ok
23:02:26.0962 6340  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:02:26.0973 6340  mrxsmb10 - ok
23:02:26.0977 6340  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:02:26.0984 6340  mrxsmb20 - ok
23:02:26.0987 6340  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
23:02:26.0993 6340  msahci - ok
23:02:26.0997 6340  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:02:27.0006 6340  msdsm - ok
23:02:27.0009 6340  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
23:02:27.0019 6340  MSDTC - ok
23:02:27.0023 6340  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:02:27.0044 6340  Msfs - ok
23:02:27.0047 6340  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:02:27.0068 6340  mshidkmdf - ok
23:02:27.0071 6340  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:02:27.0076 6340  msisadrv - ok
23:02:27.0081 6340  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:02:27.0104 6340  MSiSCSI - ok
23:02:27.0105 6340  msiserver - ok
23:02:27.0108 6340  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:02:27.0130 6340  MSKSSRV - ok
23:02:27.0133 6340  [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc         C:\Program Files\Microsoft Security Client\MsMpEng.exe
23:02:27.0139 6340  MsMpSvc - ok
23:02:27.0142 6340  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:02:27.0163 6340  MSPCLOCK - ok
23:02:27.0165 6340  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:02:27.0188 6340  MSPQM - ok
23:02:27.0194 6340  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:02:27.0207 6340  MsRPC - ok
23:02:27.0209 6340  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
23:02:27.0215 6340  mssmbios - ok
23:02:27.0218 6340  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:02:27.0239 6340  MSTEE - ok
23:02:27.0242 6340  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
23:02:27.0249 6340  MTConfig - ok
23:02:27.0252 6340  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
23:02:27.0258 6340  Mup - ok
23:02:27.0265 6340  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
23:02:27.0293 6340  napagent - ok
23:02:27.0298 6340  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:02:27.0313 6340  NativeWifiP - ok
23:02:27.0324 6340  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:02:27.0344 6340  NDIS - ok
23:02:27.0347 6340  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:02:27.0369 6340  NdisCap - ok
23:02:27.0372 6340  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:02:27.0394 6340  NdisTapi - ok
23:02:27.0397 6340  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:02:27.0418 6340  Ndisuio - ok
23:02:27.0422 6340  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:02:27.0447 6340  NdisWan - ok
23:02:27.0449 6340  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:02:27.0472 6340  NDProxy - ok
23:02:27.0474 6340  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:02:27.0495 6340  NetBIOS - ok
23:02:27.0500 6340  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:02:27.0525 6340  NetBT - ok
23:02:27.0528 6340  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
23:02:27.0534 6340  Netlogon - ok
23:02:27.0540 6340  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
23:02:27.0568 6340  Netman - ok
23:02:27.0572 6340  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:02:27.0580 6340  NetMsmqActivator - ok
23:02:27.0584 6340  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:02:27.0590 6340  NetPipeActivator - ok
23:02:27.0598 6340  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
23:02:27.0627 6340  netprofm - ok
23:02:27.0630 6340  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:02:27.0635 6340  NetTcpActivator - ok
23:02:27.0638 6340  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
23:02:27.0644 6340  NetTcpPortSharing - ok
23:02:27.0647 6340  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
23:02:27.0654 6340  nfrd960 - ok
23:02:27.0657 6340  [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
23:02:27.0665 6340  NisDrv - ok
23:02:27.0670 6340  [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv          C:\Program Files\Microsoft Security Client\NisSrv.exe
23:02:27.0682 6340  NisSrv - ok
23:02:27.0685 6340  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:02:27.0697 6340  NlaSvc - ok
23:02:27.0700 6340  [ F467AD6F8951E7260D4A7F915CCE16A3 ] NovacomD        C:\Program Files (x86)\HP webOS\SDK\bin\novacomd\x86\novacomd.exe
23:02:27.0704 6340  NovacomD ( UnsignedFile.Multi.Generic ) - warning
23:02:27.0704 6340  NovacomD - detected UnsignedFile.Multi.Generic (1)
23:02:27.0707 6340  [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF             C:\Windows\system32\drivers\npf.sys
23:02:27.0712 6340  NPF - ok
23:02:27.0714 6340  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:02:27.0735 6340  Npfs - ok
23:02:27.0738 6340  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
23:02:27.0760 6340  nsi - ok
23:02:27.0763 6340  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:02:27.0785 6340  nsiproxy - ok
23:02:27.0803 6340  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:02:27.0833 6340  Ntfs - ok
23:02:27.0835 6340  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
23:02:27.0857 6340  Null - ok
23:02:27.0859 6340  nvlddmkm - ok
23:02:27.0863 6340  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:02:27.0870 6340  nvraid - ok
23:02:27.0875 6340  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:02:27.0884 6340  nvstor - ok
23:02:27.0887 6340  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:02:27.0894 6340  nv_agp - ok
23:02:27.0898 6340  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
23:02:27.0905 6340  ohci1394 - ok
23:02:27.0909 6340  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:02:27.0917 6340  ose - ok
23:02:27.0970 6340  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
23:02:28.0060 6340  osppsvc - ok
23:02:28.0069 6340  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:02:28.0082 6340  p2pimsvc - ok
23:02:28.0089 6340  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
23:02:28.0104 6340  p2psvc - ok
23:02:28.0107 6340  [ E74F5A59FBE1605567D779D8D878D048 ] Palm_TCP_Relay  C:\Program Files (x86)\HP webOS\PDK\tcprelay.exe
23:02:28.0109 6340  Palm_TCP_Relay ( UnsignedFile.Multi.Generic ) - warning
23:02:28.0109 6340  Palm_TCP_Relay - detected UnsignedFile.Multi.Generic (1)
23:02:28.0112 6340  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
23:02:28.0120 6340  Parport - ok
23:02:28.0124 6340  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:02:28.0130 6340  partmgr - ok
23:02:28.0135 6340  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:02:28.0148 6340  PcaSvc - ok
23:02:28.0152 6340  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
23:02:28.0159 6340  pci - ok
23:02:28.0162 6340  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
23:02:28.0168 6340  pciide - ok
23:02:28.0173 6340  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
23:02:28.0182 6340  pcmcia - ok
23:02:28.0185 6340  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
23:02:28.0192 6340  pcw - ok
23:02:28.0199 6340  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:02:28.0229 6340  PEAUTH - ok
23:02:28.0248 6340  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
23:02:28.0278 6340  PeerDistSvc - ok
23:02:28.0298 6340  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
23:02:28.0305 6340  PerfHost - ok
23:02:28.0314 6340  [ F8EA2B75AFD674C748D2FB910AFF89D3 ] pgsql-8.2       C:\Program Files (x86)\PostgreSQL\8.2\bin\pg_ctl.exe
23:02:28.0318 6340  pgsql-8.2 ( UnsignedFile.Multi.Generic ) - warning
23:02:28.0318 6340  pgsql-8.2 - detected UnsignedFile.Multi.Generic (1)
23:02:28.0335 6340  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
23:02:28.0382 6340  pla - ok
23:02:28.0388 6340  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:02:28.0402 6340  PlugPlay - ok
23:02:28.0404 6340  PnkBstrA - ok
23:02:28.0407 6340  PnkBstrB - ok
23:02:28.0409 6340  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:02:28.0417 6340  PNRPAutoReg - ok
23:02:28.0423 6340  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:02:28.0432 6340  PNRPsvc - ok
23:02:28.0439 6340  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:02:28.0468 6340  PolicyAgent - ok
23:02:28.0473 6340  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
23:02:28.0498 6340  Power - ok
23:02:28.0502 6340  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:02:28.0524 6340  PptpMiniport - ok
23:02:28.0527 6340  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
23:02:28.0535 6340  Processor - ok
23:02:28.0540 6340  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
23:02:28.0550 6340  ProfSvc - ok
23:02:28.0553 6340  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:02:28.0559 6340  ProtectedStorage - ok
23:02:28.0563 6340  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:02:28.0585 6340  Psched - ok
23:02:28.0589 6340  [ EA735BF6DF13A857A83C99BF27A422AD ] PST Service     C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
23:02:28.0592 6340  PST Service ( UnsignedFile.Multi.Generic ) - warning
23:02:28.0592 6340  PST Service - detected UnsignedFile.Multi.Generic (1)
23:02:28.0610 6340  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
23:02:28.0642 6340  ql2300 - ok
23:02:28.0645 6340  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
23:02:28.0653 6340  ql40xx - ok
23:02:28.0658 6340  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
23:02:28.0672 6340  QWAVE - ok
23:02:28.0675 6340  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:02:28.0685 6340  QWAVEdrv - ok
23:02:28.0688 6340  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:02:28.0709 6340  RasAcd - ok
23:02:28.0713 6340  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:02:28.0734 6340  RasAgileVpn - ok
23:02:28.0738 6340  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
23:02:28.0762 6340  RasAuto - ok
23:02:28.0764 6340  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:02:28.0788 6340  Rasl2tp - ok
23:02:28.0793 6340  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
23:02:28.0819 6340  RasMan - ok
23:02:28.0823 6340  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:02:28.0845 6340  RasPppoe - ok
23:02:28.0848 6340  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:02:28.0884 6340  RasSstp - ok
23:02:28.0889 6340  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:02:28.0914 6340  rdbss - ok
23:02:28.0917 6340  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
23:02:28.0927 6340  rdpbus - ok
23:02:28.0928 6340  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:02:28.0950 6340  RDPCDD - ok
23:02:28.0955 6340  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
23:02:28.0965 6340  RDPDR - ok
23:02:28.0969 6340  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:02:28.0990 6340  RDPENCDD - ok
23:02:28.0993 6340  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:02:29.0014 6340  RDPREFMP - ok
23:02:29.0018 6340  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:02:29.0028 6340  RDPWD - ok
23:02:29.0033 6340  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:02:29.0042 6340  rdyboost - ok
23:02:29.0045 6340  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:02:29.0069 6340  RemoteAccess - ok
23:02:29.0073 6340  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:02:29.0097 6340  RemoteRegistry - ok
23:02:29.0102 6340  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
23:02:29.0113 6340  RFCOMM - ok
23:02:29.0117 6340  [ B60F58F175DE20A6739194E85B035178 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
23:02:29.0124 6340  rpcapd - ok
23:02:29.0127 6340  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:02:29.0149 6340  RpcEptMapper - ok
23:02:29.0152 6340  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
23:02:29.0159 6340  RpcLocator - ok
23:02:29.0167 6340  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
23:02:29.0192 6340  RpcSs - ok
23:02:29.0194 6340  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:02:29.0217 6340  rspndr - ok
23:02:29.0224 6340  [ F4C374B1C46DE294B573BB43723AC3F6 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
23:02:29.0233 6340  RTL8167 - ok
23:02:29.0235 6340  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
23:02:29.0243 6340  s3cap - ok
23:02:29.0245 6340  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
23:02:29.0252 6340  SamSs - ok
23:02:29.0257 6340  [ 9D19E17449C8E8759D6872F662104321 ] SamsungAllShareV2.0 C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
23:02:29.0263 6340  SamsungAllShareV2.0 - ok
23:02:29.0267 6340  [ 5EFBBFCC6ADAC121C8E2FE76641ED329 ] SANDRA          C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP4a\WNt500x64\Sandra.sys
23:02:29.0278 6340  SANDRA - ok
23:02:29.0280 6340  [ 2A7EA1B0BFAAD9E2EC03F1D9DD9A4319 ] SandraAgentSrv  C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP4a\RpcAgentSrv.exe
23:02:29.0299 6340  SandraAgentSrv ( UnsignedFile.Multi.Generic ) - warning
23:02:29.0299 6340  SandraAgentSrv - detected UnsignedFile.Multi.Generic (1)
23:02:29.0302 6340  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:02:29.0310 6340  sbp2port - ok
23:02:29.0314 6340  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:02:29.0339 6340  SCardSvr - ok
23:02:29.0342 6340  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:02:29.0364 6340  scfilter - ok
23:02:29.0379 6340  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
23:02:29.0418 6340  Schedule - ok
23:02:29.0420 6340  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:02:29.0442 6340  SCPolicySvc - ok
23:02:29.0445 6340  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:02:29.0457 6340  SDRSVC - ok
23:02:29.0459 6340  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:02:29.0482 6340  secdrv - ok
23:02:29.0484 6340  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
23:02:29.0507 6340  seclogon - ok
23:02:29.0509 6340  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
23:02:29.0533 6340  SENS - ok
23:02:29.0535 6340  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:02:29.0545 6340  SensrSvc - ok
23:02:29.0547 6340  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
23:02:29.0555 6340  Serenum - ok
23:02:29.0559 6340  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
23:02:29.0568 6340  Serial - ok
23:02:29.0570 6340  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
23:02:29.0578 6340  sermouse - ok
23:02:29.0583 6340  [ 7046B16E9B188D09C41F5B59BDF7493D ] ServiceControl_RTE23_3S_GmbH C:\Program Files (x86)\3S Software\CoDeSys SP RTE\ServiceControl_RTE23.exe
23:02:29.0587 6340  ServiceControl_RTE23_3S_GmbH ( UnsignedFile.Multi.Generic ) - warning
23:02:29.0587 6340  ServiceControl_RTE23_3S_GmbH - detected UnsignedFile.Multi.Generic (1)
23:02:29.0594 6340  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
23:02:29.0617 6340  SessionEnv - ok
23:02:29.0619 6340  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
23:02:29.0628 6340  sffdisk - ok
23:02:29.0630 6340  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:02:29.0639 6340  sffp_mmc - ok
23:02:29.0642 6340  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
23:02:29.0650 6340  sffp_sd - ok
23:02:29.0653 6340  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
23:02:29.0659 6340  sfloppy - ok
23:02:29.0670 6340  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
23:02:29.0683 6340  Sftfs - ok
23:02:29.0690 6340  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
23:02:29.0704 6340  sftlist - ok
23:02:29.0709 6340  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
23:02:29.0717 6340  Sftplay - ok
23:02:29.0719 6340  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
23:02:29.0724 6340  Sftredir - ok
23:02:29.0727 6340  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
23:02:29.0732 6340  Sftvol - ok
23:02:29.0735 6340  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
23:02:29.0743 6340  sftvsa - ok
23:02:29.0750 6340  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:02:29.0779 6340  SharedAccess - ok
23:02:29.0785 6340  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:02:29.0813 6340  ShellHWDetection - ok
23:02:29.0815 6340  [ 1435BF57B18B3FD2C28060EF4374E704 ] SimpleSlideShowServer C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe
23:02:29.0820 6340  SimpleSlideShowServer - ok
23:02:29.0823 6340  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:02:29.0830 6340  SiSRaid2 - ok
23:02:29.0833 6340  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
23:02:29.0840 6340  SiSRaid4 - ok
23:02:29.0874 6340  [ 388AE59FE75F1B959DFA0900923C61BB ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
23:02:29.0927 6340  Skype C2C Service - ok
23:02:29.0930 6340  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
23:02:29.0938 6340  SkypeUpdate - ok
23:02:29.0942 6340  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:02:29.0965 6340  Smb - ok
23:02:29.0969 6340  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:02:29.0979 6340  SNMPTRAP - ok
23:02:29.0982 6340  [ FFC5F7ED77AA59AA0A6B70F3D7A22A93 ] Sound Blaster X-Fi MB Licensing Service C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe
23:02:30.0037 6340  Sound Blaster X-Fi MB Licensing Service ( UnsignedFile.Multi.Generic ) - warning
23:02:30.0037 6340  Sound Blaster X-Fi MB Licensing Service - detected UnsignedFile.Multi.Generic (1)
23:02:30.0039 6340  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:02:30.0045 6340  spldr - ok
23:02:30.0053 6340  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
23:02:30.0068 6340  Spooler - ok
23:02:30.0113 6340  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
23:02:30.0191 6340  sppsvc - ok
23:02:30.0195 6340  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:02:30.0219 6340  sppuinotify - ok
23:02:30.0225 6340  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:02:30.0239 6340  srv - ok
23:02:30.0245 6340  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:02:30.0256 6340  srv2 - ok
23:02:30.0261 6340  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:02:30.0270 6340  srvnet - ok
23:02:30.0275 6340  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:02:30.0300 6340  SSDPSRV - ok
23:02:30.0304 6340  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:02:30.0326 6340  SstpSvc - ok
23:02:30.0329 6340  Steam Client Service - ok
23:02:30.0331 6340  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
23:02:30.0338 6340  stexstor - ok
23:02:30.0346 6340  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
23:02:30.0366 6340  stisvc - ok
23:02:30.0369 6340  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
23:02:30.0374 6340  storflt - ok
23:02:30.0376 6340  [ C40841817EF57D491F22EB103DA587CC ] StorSvc         C:\Windows\system32\storsvc.dll
23:02:30.0385 6340  StorSvc - ok
23:02:30.0388 6340  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
23:02:30.0394 6340  storvsc - ok
23:02:30.0396 6340  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
23:02:30.0401 6340  swenum - ok
23:02:30.0410 6340  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
23:02:30.0440 6340  swprv - ok
23:02:30.0461 6340  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
23:02:30.0499 6340  SysMain - ok
23:02:30.0503 6340  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:02:30.0515 6340  TabletInputService - ok
23:02:30.0518 6340  [ B08740047145B9BCE15BF75CA0F9718A ] tap0901t        C:\Windows\system32\DRIVERS\tap0901t.sys
23:02:30.0524 6340  tap0901t ( UnsignedFile.Multi.Generic ) - warning
23:02:30.0524 6340  tap0901t - detected UnsignedFile.Multi.Generic (1)
23:02:30.0530 6340  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:02:30.0556 6340  TapiSrv - ok
23:02:30.0558 6340  TBPanel - ok
23:02:30.0561 6340  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
23:02:30.0584 6340  TBS - ok
23:02:30.0601 6340  [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:02:30.0633 6340  Tcpip - ok
23:02:30.0649 6340  [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:02:30.0673 6340  TCPIP6 - ok
23:02:30.0676 6340  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:02:30.0684 6340  tcpipreg - ok
23:02:30.0686 6340  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:02:30.0695 6340  TDPIPE - ok
23:02:30.0696 6340  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:02:30.0704 6340  TDTCP - ok
23:02:30.0708 6340  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:02:30.0731 6340  tdx - ok
23:02:30.0764 6340  [ 5E53CF8AD0FD33B35000C113656AB37B ] TeamViewer7     C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
23:02:30.0794 6340  TeamViewer7 - ok
23:02:30.0798 6340  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
23:02:30.0804 6340  TermDD - ok
23:02:30.0814 6340  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
23:02:30.0845 6340  TermService - ok
23:02:30.0849 6340  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
23:02:30.0859 6340  Themes - ok
23:02:30.0863 6340  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
23:02:30.0884 6340  THREADORDER - ok
23:02:30.0888 6340  [ D1FF64383632D3BF0C14E309759C2403 ] Tomcat6         C:\Program Files (x86)\Apache Software Foundation\Tomcat 6.0\bin\Tomcat6.exe
23:02:30.0906 6340  Tomcat6 ( UnsignedFile.Multi.Generic ) - warning
23:02:30.0906 6340  Tomcat6 - detected UnsignedFile.Multi.Generic (1)
23:02:30.0944 6340  TRIXX - ok
23:02:30.0966 6340  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
23:02:30.0996 6340  TrkWks - ok
23:02:31.0001 6340  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:02:31.0024 6340  TrustedInstaller - ok
23:02:31.0030 6340  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:02:31.0051 6340  tssecsrv - ok
23:02:31.0055 6340  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:02:31.0063 6340  TsUsbFlt - ok
23:02:31.0066 6340  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:02:31.0089 6340  tunnel - ok
23:02:31.0100 6340  [ 7A34128510EEB13CF8583531C8FB081C ] TunngleService  C:\Program Files (x86)\Tunngle\TnglCtrl.exe
23:02:31.0563 6340  TunngleService ( UnsignedFile.Multi.Generic ) - warning
23:02:31.0563 6340  TunngleService - detected UnsignedFile.Multi.Generic (1)
23:02:31.0566 6340  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
23:02:31.0574 6340  uagp35 - ok
23:02:31.0579 6340  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:02:31.0606 6340  udfs - ok
23:02:31.0610 6340  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:02:31.0619 6340  UI0Detect - ok
23:02:31.0621 6340  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:02:31.0629 6340  uliagpkx - ok
23:02:31.0631 6340  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
23:02:31.0639 6340  umbus - ok
23:02:31.0641 6340  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
23:02:31.0649 6340  UmPass - ok
23:02:31.0654 6340  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
23:02:31.0665 6340  UmRdpService - ok
23:02:31.0666 6340  UNS - ok
23:02:31.0674 6340  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
23:02:31.0701 6340  upnphost - ok
23:02:31.0705 6340  [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
23:02:31.0711 6340  USBAAPL64 - ok
23:02:31.0715 6340  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
23:02:31.0725 6340  usbaudio - ok
23:02:31.0729 6340  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:02:31.0738 6340  usbccgp - ok
23:02:31.0740 6340  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:02:31.0750 6340  usbcir - ok
23:02:31.0754 6340  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
23:02:31.0761 6340  usbehci - ok
23:02:31.0766 6340  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:02:31.0779 6340  usbhub - ok
23:02:31.0781 6340  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
23:02:31.0788 6340  usbohci - ok
23:02:31.0790 6340  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
23:02:31.0799 6340  usbprint - ok
23:02:31.0803 6340  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:02:31.0811 6340  USBSTOR - ok
23:02:31.0814 6340  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
23:02:31.0820 6340  usbuhci - ok
23:02:31.0823 6340  [ 70D05EE263568A742D14E1876DF80532 ] usb_rndisx      C:\Windows\system32\DRIVERS\usb8023x.sys
23:02:31.0830 6340  usb_rndisx - ok
23:02:31.0833 6340  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
23:02:31.0855 6340  UxSms - ok
23:02:31.0858 6340  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
23:02:31.0865 6340  VaultSvc - ok
23:02:31.0870 6340  [ 72EC34F9999A5A48CFD43F5E6BD779E4 ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys
23:02:31.0878 6340  VBoxDrv - ok
23:02:31.0881 6340  [ A2FE818D7F930C51ADA37C04DBCB015D ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys
23:02:31.0888 6340  VBoxNetAdp - ok
23:02:31.0891 6340  [ CD37A9264C404E48BCE162D37B117B45 ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys
23:02:31.0898 6340  VBoxNetFlt - ok
23:02:31.0901 6340  [ F649B3D30C6F40B04BDCCD0D11A43481 ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys
23:02:31.0908 6340  VBoxUSBMon - ok
23:02:31.0910 6340  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:02:31.0916 6340  vdrvroot - ok
23:02:31.0925 6340  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
23:02:31.0954 6340  vds - ok
23:02:31.0956 6340  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:02:31.0965 6340  vga - ok
23:02:31.0968 6340  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:02:31.0990 6340  VgaSave - ok
23:02:31.0995 6340  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
23:02:32.0005 6340  vhdmp - ok
23:02:32.0006 6340  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
23:02:32.0013 6340  viaide - ok
23:02:32.0018 6340  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
23:02:32.0026 6340  vmbus - ok
23:02:32.0029 6340  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
23:02:32.0035 6340  VMBusHID - ok
23:02:32.0039 6340  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:02:32.0045 6340  volmgr - ok
23:02:32.0051 6340  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:02:32.0064 6340  volmgrx - ok
23:02:32.0069 6340  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:02:32.0079 6340  volsnap - ok
23:02:32.0084 6340  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
23:02:32.0093 6340  vsmraid - ok
23:02:32.0113 6340  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
23:02:32.0161 6340  VSS - ok
23:02:32.0164 6340  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
23:02:32.0173 6340  vwifibus - ok
23:02:32.0180 6340  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
23:02:32.0208 6340  W32Time - ok
23:02:32.0211 6340  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
23:02:32.0219 6340  WacomPen - ok
23:02:32.0221 6340  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:02:32.0244 6340  WANARP - ok
23:02:32.0246 6340  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:02:32.0268 6340  Wanarpv6 - ok
23:02:32.0286 6340  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
23:02:32.0316 6340  wbengine - ok
23:02:32.0321 6340  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:02:32.0335 6340  WbioSrvc - ok
23:02:32.0341 6340  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:02:32.0358 6340  wcncsvc - ok
23:02:32.0360 6340  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:02:32.0368 6340  WcsPlugInService - ok
23:02:32.0370 6340  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
23:02:32.0376 6340  Wd - ok
23:02:32.0386 6340  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:02:32.0405 6340  Wdf01000 - ok
23:02:32.0408 6340  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:02:32.0433 6340  WdiServiceHost - ok
23:02:32.0435 6340  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:02:32.0446 6340  WdiSystemHost - ok
23:02:32.0451 6340  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
23:02:32.0466 6340  WebClient - ok
23:02:32.0471 6340  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:02:32.0498 6340  Wecsvc - ok
23:02:32.0501 6340  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:02:32.0524 6340  wercplsupport - ok
23:02:32.0528 6340  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:02:32.0551 6340  WerSvc - ok
23:02:32.0554 6340  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:02:32.0575 6340  WfpLwf - ok
23:02:32.0578 6340  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:02:32.0584 6340  WIMMount - ok
23:02:32.0585 6340  WinDefend - ok
23:02:32.0589 6340  WinHttpAutoProxySvc - ok
23:02:32.0598 6340  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:02:32.0624 6340  Winmgmt - ok
23:02:32.0650 6340  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
23:02:32.0703 6340  WinRM - ok
23:02:32.0708 6340  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
23:02:32.0718 6340  WinUsb - ok
23:02:32.0731 6340  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:02:32.0754 6340  Wlansvc - ok
23:02:32.0756 6340  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
23:02:32.0764 6340  WmiAcpi - ok
23:02:32.0770 6340  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:02:32.0781 6340  wmiApSrv - ok
23:02:32.0783 6340  WMPNetworkSvc - ok
23:02:32.0785 6340  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:02:32.0794 6340  WPCSvc - ok
23:02:32.0798 6340  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:02:32.0811 6340  WPDBusEnum - ok
23:02:32.0814 6340  [ 754C8BF43F0DD4B54865F174A62761E9 ] WRfiltv         C:\Windows\system32\drivers\WRfiltv.sys
23:02:32.0820 6340  WRfiltv - ok
23:02:32.0823 6340  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:02:32.0844 6340  ws2ifsl - ok
23:02:32.0848 6340  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
23:02:32.0859 6340  wscsvc - ok
23:02:32.0861 6340  WSearch - ok
23:02:32.0889 6340  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
23:02:32.0935 6340  wuauserv - ok
23:02:32.0938 6340  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:02:32.0946 6340  WudfPf - ok
23:02:32.0951 6340  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:02:32.0960 6340  WUDFRd - ok
23:02:32.0964 6340  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:02:32.0973 6340  wudfsvc - ok
23:02:32.0978 6340  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:02:32.0991 6340  WwanSvc - ok
23:02:32.0995 6340  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
23:02:33.0003 6340  xusb21 - ok
23:02:33.0011 6340  ================ Scan global ===============================
23:02:33.0014 6340  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
23:02:33.0019 6340  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
23:02:33.0025 6340  [ F46BBAAC1C4980F4D0DD463F190A42D3 ] C:\Windows\system32\winsrv.dll
23:02:33.0028 6340  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
23:02:33.0034 6340  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
23:02:33.0038 6340  [Global] - ok
23:02:33.0038 6340  ================ Scan MBR ==================================
23:02:33.0039 6340  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
23:02:33.0135 6340  \Device\Harddisk0\DR0 - ok
23:02:33.0138 6340  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
23:02:33.0154 6340  \Device\Harddisk1\DR1 - ok
23:02:33.0156 6340  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
23:02:33.0361 6340  \Device\Harddisk2\DR2 - ok
23:02:33.0361 6340  ================ Scan VBR ==================================
23:02:33.0364 6340  [ 4A8A31793207ADE0F4E3D2A611EBD582 ] \Device\Harddisk0\DR0\Partition1
23:02:33.0365 6340  \Device\Harddisk0\DR0\Partition1 - ok
23:02:33.0368 6340  [ E1702320DFA8411346D5FB264C4D0B3F ] \Device\Harddisk1\DR1\Partition1
23:02:33.0369 6340  \Device\Harddisk1\DR1\Partition1 - ok
23:02:33.0373 6340  [ 00571121EE08604E54F1139D58373C1E ] \Device\Harddisk2\DR2\Partition1
23:02:33.0374 6340  \Device\Harddisk2\DR2\Partition1 - ok
23:02:33.0376 6340  [ E385006E0BB2F0BA294685AA63FBAC8D ] \Device\Harddisk2\DR2\Partition2
23:02:33.0393 6340  \Device\Harddisk2\DR2\Partition2 - ok
23:02:33.0395 6340  [ 33DF9218403A41F2F334FB1A057F904D ] \Device\Harddisk2\DR2\Partition3
23:02:33.0396 6340  \Device\Harddisk2\DR2\Partition3 - ok
23:02:33.0398 6340  ============================================================
23:02:33.0398 6340  Scan finished
23:02:33.0398 6340  ============================================================
23:02:33.0406 6328  Detected object count: 13
23:02:33.0406 6328  Actual detected object count: 13
23:02:39.0893 6328  Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:02:39.0893 6328  Creative ALchemy AL6 Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:02:39.0893 6328  Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:02:39.0893 6328  Creative Audio Engine Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:02:39.0894 6328  CTAudSvcService ( UnsignedFile.Multi.Generic ) - skipped by user
23:02:39.0894 6328  CTAudSvcService ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:02:39.0894 6328  NovacomD ( UnsignedFile.Multi.Generic ) - skipped by user
23:02:39.0894 6328  NovacomD ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:02:39.0895 6328  Palm_TCP_Relay ( UnsignedFile.Multi.Generic ) - skipped by user
23:02:39.0895 6328  Palm_TCP_Relay ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:02:39.0895 6328  pgsql-8.2 ( UnsignedFile.Multi.Generic ) - skipped by user
23:02:39.0895 6328  pgsql-8.2 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:02:39.0897 6328  PST Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:02:39.0897 6328  PST Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:02:39.0898 6328  SandraAgentSrv ( UnsignedFile.Multi.Generic ) - skipped by user
23:02:39.0898 6328  SandraAgentSrv ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:02:39.0898 6328  ServiceControl_RTE23_3S_GmbH ( UnsignedFile.Multi.Generic ) - skipped by user
23:02:39.0898 6328  ServiceControl_RTE23_3S_GmbH ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:02:39.0899 6328  Sound Blaster X-Fi MB Licensing Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:02:39.0899 6328  Sound Blaster X-Fi MB Licensing Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:02:39.0899 6328  tap0901t ( UnsignedFile.Multi.Generic ) - skipped by user
23:02:39.0899 6328  tap0901t ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:02:39.0900 6328  Tomcat6 ( UnsignedFile.Multi.Generic ) - skipped by user
23:02:39.0900 6328  Tomcat6 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:02:39.0902 6328  TunngleService ( UnsignedFile.Multi.Generic ) - skipped by user
23:02:39.0902 6328  TunngleService ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 30.11.2012, 09:42   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Web.de (Mail delivery failed) - Standard

Web.de (Mail delivery failed)



adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Suche.
  • Nach Ende des Suchlaufs öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 30.11.2012, 16:37   #9
ne0n2005
 
Web.de (Mail delivery failed) - Standard

Web.de (Mail delivery failed)



So, hier einmal das Log von AdwCleaner.
War das Log von Avast Killer denn soweit unauffälig?

Übrigends nochmals vielen Dank für deine Mühen.

Code:
ATTFilter
# AdwCleaner v2.010 - Datei am 30/11/2012 um 16:35:14 erstellt
# Aktualisiert am 29/11/2012 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : neon - NEON-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\neon\Desktop\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gefunden : C:\Users\neon\AppData\Roaming\pdfforge

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v10.0 (de)

Profilname : default 
Datei : C:\Users\neon\AppData\Roaming\Mozilla\Firefox\Profiles\idg4kh9n.default\prefs.js

[OK] Die Datei ist sauber.

-\\ Google Chrome v23.0.1271.91

Datei : C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [1117 octets] - [30/11/2012 16:35:14]

########## EOF - C:\AdwCleaner[R1].txt - [1177 octets] ##########
         

Alt 30.11.2012, 21:18   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Web.de (Mail delivery failed) - Standard

Web.de (Mail delivery failed)



adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 01.12.2012, 12:43   #11
ne0n2005
 
Web.de (Mail delivery failed) - Standard

Web.de (Mail delivery failed)



adwCleaner Log vom Löschvorgang:

Code:
ATTFilter
# AdwCleaner v2.010 - Datei am 01/12/2012 um 12:29:52 erstellt
# Aktualisiert am 29/11/2012 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzer : neon - NEON-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\neon\Desktop\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Ordner Gelöscht : C:\Users\neon\AppData\Roaming\pdfforge

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v10.0 (de)

Profilname : default 
Datei : C:\Users\neon\AppData\Roaming\Mozilla\Firefox\Profiles\idg4kh9n.default\prefs.js

C:\Users\neon\AppData\Roaming\Mozilla\Firefox\Profiles\idg4kh9n.default\user.js ... Gelöscht !

[OK] Die Datei ist sauber.

-\\ Google Chrome v23.0.1271.95

Datei : C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [1246 octets] - [01/12/2012 12:29:39]
AdwCleaner[S1].txt - [1277 octets] - [01/12/2012 12:29:52]

########## EOF - C:\AdwCleaner[S1].txt - [1337 octets] ##########
         
OTL Scan OTL.txt:
OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 01.12.2012 12:34:17 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = G:\DownLoad
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,92 Gb Total Physical Memory | 3,99 Gb Available Physical Memory | 67,38% Memory free
11,83 Gb Paging File | 9,43 Gb Available in Paging File | 79,70% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 59,62 Gb Total Space | 3,06 Gb Free Space | 5,14% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 67,62 Gb Free Space | 34,62% Space Free | Partition Type: NTFS
Drive E: | 1863,01 Gb Total Space | 714,70 Gb Free Space | 38,36% Space Free | Partition Type: NTFS
Drive F: | 488,28 Gb Total Space | 55,00 Gb Free Space | 11,26% Space Free | Partition Type: NTFS
Drive G: | 247,91 Gb Total Space | 26,89 Gb Free Space | 10,85% Space Free | Partition Type: NTFS
Drive Z: | 591,06 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: NEON-PC | User Name: neon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - G:\DownLoad\OTL.exe (OldTimer Tools)
PRC - C:\Users\neon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
PRC - C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe ()
PRC - C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe ()
PRC - C:\Program Files (x86)\3S Software\CoDeSys SP RTE\ServiceControl_RTE23.exe (3S-Smart Software Solutions GmbH)
PRC - C:\Windows\SysWOW64\PnkBstrB.exe ()
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\PostgreSQL\8.2\bin\postgres.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\PostgreSQL\8.2\bin\pg_ctl.exe (PostgreSQL Global Development Group)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe (Motorola)
PRC - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\neon\AppData\Local\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\neon\AppData\Local\Google\Chrome\Application\23.0.1271.95\pdf.dll ()
MOD - C:\Users\neon\AppData\Local\Google\Chrome\Application\23.0.1271.95\libglesv2.dll ()
MOD - C:\Users\neon\AppData\Local\Google\Chrome\Application\23.0.1271.95\libegl.dll ()
MOD - C:\Users\neon\AppData\Local\Google\Chrome\Application\23.0.1271.95\avutil-51.dll ()
MOD - C:\Users\neon\AppData\Local\Google\Chrome\Application\23.0.1271.95\avcodec-54.dll ()
MOD - C:\Users\neon\AppData\Local\Google\Chrome\Application\23.0.1271.95\avformat-54.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\adaaf894878905f022f824b84fcd59a8\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Web\c4eb7af61b41a2bc836352bc30f88f14\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\59d00fa60a9e559f8717404a5032e6ba\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\a74fade4c3e490c62af3d60742fb078a\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\dfe6e22159d3f5bf61b5bfe1da6f2758\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ecbb113bbad9034fa8385c15f73fb4cf\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\14d2241be401f66cc1898dc5dc383b80\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\c63fe1e324904c893d2a5d02f0783658\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\e10bbd79027aa4c1ca8950b78fd640d4\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\a8dfd1388afc0a50f39f9e1dc7ecd45c\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\379599837ade465016dd5d96798b2766\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\dbc34d53e1fbedabecd201fe4f264961\mscorlib.ni.dll ()
MOD - C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe ()
MOD - C:\Programme\TortoiseSVN\bin\libsasl32.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.)
SRV - (NisSrv) -- C:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- C:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (TeamViewer7) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (Motorola Device Manager) -- C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe ()
SRV - (ServiceControl_RTE23_3S_GmbH) -- C:\Program Files (x86)\3S Software\CoDeSys SP RTE\ServiceControl_RTE23.exe (3S-Smart Software Solutions GmbH)
SRV - (PnkBstrB) -- C:\Windows\SysWOW64\PnkBstrB.exe ()
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (TunngleService) -- C:\Program Files (x86)\Tunngle\TnglCtrl.exe (Tunngle.net GmbH)
SRV - (SamsungAllShareV2.0) -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe (Samsung Electronics Co., Ltd.)
SRV - (SimpleSlideShowServer) -- C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe (Samsung Electronics Co., Ltd.)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (pgsql-8.2) -- C:\Program Files (x86)\PostgreSQL\8.2\bin\pg_ctl.exe (PostgreSQL Global Development Group)
SRV - (Creative ALchemy AL6 Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe (Creative Labs)
SRV - (Tomcat6) -- C:\Program Files (x86)\Apache Software Foundation\Tomcat 6.0\bin\Tomcat6.exe (Apache Software Foundation)
SRV - (Creative Audio Engine Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe (Creative Labs)
SRV - (Sound Blaster X-Fi MB Licensing Service) -- C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe (Creative Labs)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (LBTServ) -- C:\Programme\Common Files\Logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV - (PST Service) -- C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe (Motorola)
SRV - (CVPND) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (Futuremark SystemInfo Service) -- C:\Program Files (x86)\Futuremark\Futuremark SystemInfo\FMSISvc.exe (Futuremark Corporation)
SRV - (rpcapd) -- C:\Program Files (x86)\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (CTAudSvcService) -- C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Creative Technology Ltd)
SRV - (SandraAgentSrv) -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2011.SP4a\RpcAgentSrv.exe (SiSoftware)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (VBoxNetAdp) -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys (Oracle Corporation)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (Motousbnet) -- C:\Windows\SysNative\drivers\Motousbnet.sys (Motorola Mobility Inc)
DRV:64bit: - (motmodem) -- C:\Windows\SysNative\drivers\motmodem.sys (Motorola Mobility Inc)
DRV:64bit: - (motccgpfl) -- C:\Windows\SysNative\drivers\motccgpfl.sys (Motorola Mobility Inc)
DRV:64bit: - (motccgp) -- C:\Windows\SysNative\drivers\motccgp.sys (Motorola Mobility Inc)
DRV:64bit: - (motusbdevice) -- C:\Windows\SysNative\drivers\motusbdevice.sys (Motorola Inc)
DRV:64bit: - (LGSHidFilt) -- C:\Windows\SysNative\drivers\LGSHidFilt.Sys (Logitech Inc.)
DRV:64bit: - (FNETTBOH_305) -- C:\Windows\SysNative\drivers\FNETTBOH_305.SYS (FNet Co., Ltd.)
DRV:64bit: - (FNETURPX) -- C:\Windows\SysNative\drivers\FNETURPX.SYS (FNet Co., Ltd.)
DRV:64bit: - (dtsoftbus01) -- C:\Windows\SysNative\drivers\dtsoftbus01.sys (DT Soft Ltd)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (LUsbFilt) -- C:\Windows\SysNative\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek                                            )
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (cmudaxp) -- C:\Windows\SysNative\drivers\cmudaxp.sys (C-Media Inc)
DRV:64bit: - (CVPNDRVA) -- C:\Windows\SysNative\drivers\CVPNDRVA.sys ()
DRV:64bit: - (EtronXHCI) -- C:\Windows\SysNative\drivers\EtronXHCI.sys (Etron Technology Inc)
DRV:64bit: - (EtronHub3) -- C:\Windows\SysNative\drivers\EtronHub3.sys (Etron Technology Inc)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:64bit: - (AsrAppCharger) -- C:\Windows\SysNative\drivers\AsrAppCharger.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (androidusb) -- C:\Windows\SysNative\drivers\androidusb.sys (Google Inc)
DRV:64bit: - (CVirtA) -- C:\Windows\SysNative\drivers\CVirtA64.sys (Cisco Systems, Inc.)
DRV:64bit: - (LGVirHid) -- C:\Windows\SysNative\drivers\LGVirHid.sys (Logitech Inc.)
DRV:64bit: - (LGBusEnum) -- C:\Windows\SysNative\drivers\LGBusEnum.sys (Logitech Inc.)
DRV:64bit: - (tap0901t) -- C:\Windows\SysNative\drivers\tap0901t.sys (Tunngle.net)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (WRfiltv) -- C:\Windows\SysNative\drivers\WRfiltv.sys (Creative Technology Ltd.)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (usb_rndisx) -- C:\Windows\SysNative\drivers\usb8023x.sys (Microsoft Corporation)
DRV:64bit: - (motandroidusb) -- C:\Windows\SysNative\drivers\motoandroid.sys (Motorola)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (BTCFilterService) -- C:\Windows\SysNative\drivers\motfilt.sys (Motorola Inc)
DRV:64bit: - (DNE) -- C:\Windows\SysNative\drivers\dne64x.sys (Deterministic Networks, Inc.)
DRV:64bit: - (MotoSwitchService) -- C:\Windows\SysNative\drivers\motswch.sys (Motorola)
DRV - (SANDRA) -- C:\Programme\SiSoftware\SiSoftware Sandra Lite 2011.SP4a\WNt500x64\sandra.sys (SiSoftware)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (Cardex) -- C:\Windows\SysWOW64\drivers\TBPanelx64.sys (Windows (R) Server 2003 DDK provider)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 48 11 21 80 10 9C CD 01  [binary data]
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=ASRK
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000\..\SearchScopes\{5245B0E8-C262-438f-BE22-8193FD3EA43C}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 192.168.*.*;*.local
 
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 39 8F C9 1F 71 84 CC 01  [binary data]
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=ASRK
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002\..\SearchScopes\{5245B0E8-C262-438f-BE22-8193FD3EA43C}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 192.168.*.*;*.local
 
========== FireFox ==========
 
FF - prefs.js..extensions.enabledAddons: ich@maltegoetz.de:1.4.3
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.102.0: C:\Program Files (x86)\Battlelog Web Plugins\1.102.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@gametap.com/npdd,version=1.0: F:\Shootmania Downloader\npdd.dll (Metaboli)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\neon\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\neon\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\neon\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\neon\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\neon\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF - HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.02.09 10:59:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 10.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
 
[2012.02.09 10:59:41 | 000,000,000 | ---D | M] (No name found) -- C:\Users\neon\AppData\Roaming\mozilla\Extensions
[2012.10.10 18:42:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\neon\AppData\Roaming\mozilla\Firefox\Profiles\idg4kh9n.default\extensions
[2012.10.10 18:42:37 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\neon\AppData\Roaming\mozilla\Firefox\Profiles\idg4kh9n.default\extensions\ich@maltegoetz.de
[2012.09.24 18:00:32 | 000,199,396 | ---- | M] () (No name found) -- C:\Users\neon\AppData\Roaming\mozilla\firefox\profiles\idg4kh9n.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2012.07.17 19:02:44 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.10.31 10:45:16 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.04.28 20:15:59 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}
[2012.01.29 17:12:48 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.01.29 15:02:49 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.01.29 14:50:55 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.01.29 15:02:49 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.01.29 15:02:49 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.01.29 15:02:49 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.01.29 15:02:49 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\neon\AppData\Local\Google\Chrome\Application\23.0.1271.95\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\neon\AppData\Local\Google\Chrome\Application\23.0.1271.95\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\neon\AppData\Local\Google\Chrome\Application\23.0.1271.95\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\neon\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: GWT DMP Plugin (Enabled) = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpjpnpmbddbjkfaccnmhnkdgjideieim\1.0.9738_0\WINNT_x86-msvc/npGwtDevPlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 7.0.10.8 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 7 U1 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: ESN Launch Mozilla Plugin (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll
CHR - plugin: ESN Sonar API (Enabled) = C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - Extension: Angry Birds = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\
CHR - Extension: Google Drive = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Turn Off the Lights = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.1.0.17_0\
CHR - Extension: YouTube = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Auf den Amazon-Wunschzettel = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.9_0\
CHR - Extension: Angry Birds Space = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmcjfbmlohmjkpbchljecehcpnpkmpog\1.6_0\
CHR - Extension: Google News = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\dllkocilcinkggkchnjgegijklcililc\3.0_0\
CHR - Extension: Grooveshark Germany unlocker = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\docdgimmdejoiemdafcgeodchlbllgac\2.3.4_0\
CHR - Extension: Grooveshark Germany unlocker = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\docdgimmdejoiemdafcgeodchlbllgac\2.3.4_0\.orig
CHR - Extension: Proxy SwitchySharp = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpplabbmogkhghncfbfdeeokoefdjegm\1.9.49_0\
CHR - Extension: Gmail offline = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk\1.19_0\
CHR - Extension: Google Kalender = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn\4.5.3_0\
CHR - Extension: Gtalk = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\enhdmanlbebkeibbfagebjpolgejfnpl\4.3_0\
CHR - Extension: Stoppuhr / Timer = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggnidjbcahhbnleinchgobfnabopeioh\3.5_0\
CHR - Extension: AdBlock = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.5.48_0\
CHR - Extension: Spotify Chrome Extension = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbjmlahipheaaghllkabfkpolljilkjb\1.0.3_0\
CHR - Extension: WebRC = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfmihojfcjdmpmpfbjajkfpbhgieibpi\1_0\
CHR - Extension: Dropbox = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl\3.0.2_0\
CHR - Extension: Disconnect = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeoacafpbcihiomhlakheieifhpjdfeo\4.1.1_0\
CHR - Extension: OpenOffice Document Reader = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpcfmmdlhndnfpagbmhbbfehenapoich\3_0\
CHR - Extension: GWT Developer Plugin = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpjpnpmbddbjkfaccnmhnkdgjideieim\1.0.11338_0\
CHR - Extension: Rechner = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdkgihpbaofhkiliohfepioflkkbapao\1.0.9_0\
CHR - Extension: YouTube Downloader = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\lecinmfhadegpcdocbpfdgffjopphmoa\11.0_0\
CHR - Extension: Google Mail-Checker = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff\4.4.0_0\
CHR - Extension: Quick Note = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mijlebbfndhelmdpmllgcfadlkankhok\1.4.2_0\
CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkdbaehcjcomcnnjhlmnfddpgoafpcko\1.0.6_0\
CHR - Extension: Google Docs Viewer f\u00FCr PDF/PowerPoint (von Google) = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn\3.10_0\
CHR - Extension: Google Chrome to Phone Extension = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\oadboiipflhobonjjffjbfekfjcgkhco\2.3.1_0\
CHR - Extension: Google Mail = C:\Users\neon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~4\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O3 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe (Logitech Inc.)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [AllShareAgent] C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [AMD AVT] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKLM..\Run: [googletalk] C:\Program Files (x86)\Google\Google Talk\googletalk.exe (Google)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000..\Run: [ASRockXTU]  File not found
O4 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
O4 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000..\Run: [Spotify] C:\Users\neon\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000..\Run: [Spotify Web Helper] C:\Users\neon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002..\Run: [ApacheTomcatMonitor6.0_Tomcat6] C:\Program Files (x86)\Apache Software Foundation\Tomcat 6.0\bin\Tomcat6w.exe (Apache Software Foundation)
O4 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002..\Run: [ASRockXTU]  File not found
O4 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002..\Run: [chromium] C:\Users\postgres\AppData\Local\Google\Chrome\Application\chrome.exe --no-startup-window File not found
O4 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google)
O4 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002..\Run: [Spotify] C:\Users\neon\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd)
O4 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002..\Run: [Spotify Web Helper] C:\Users\neon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\neon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\neon\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\neon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk = C:\Users\neon\AppData\Local\Facebook\Messenger\2.1.4651.0\FacebookMessenger.exe (Facebook)
O4 - Startup: C:\Users\neon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Xfire.lnk = C:\Program Files (x86)\Xfire\Xfire.exe (Xfire Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1648228069-3097862834-1251921153-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~4\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~4\Office14\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 10.5.1)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_05-windows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_01-windows-i586.cab (Java Plug-in 10.5.1)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B9E65E2C-651D-4923-AD76-C2760884E295}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\Logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~4\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.02.27 22:19:48 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2008.04.14 13:00:00 | 000,000,112 | R--- | M] () - Z:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{93226554-f052-11e0-a30a-002522cc4d75}\Shell - "" = AutoRun
O33 - MountPoints2\{93226554-f052-11e0-a30a-002522cc4d75}\Shell\AutoRun\command - "" = Z:\SETUP.EXE -- [2008.04.14 13:00:00 | 002,584,576 | R--- | M] (Microsoft Corporation)
O33 - MountPoints2\{9a442f9a-1833-11e1-9693-002522cc4d75}\Shell - "" = AutoRun
O33 - MountPoints2\{9a442f9a-1833-11e1-9693-002522cc4d75}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\index.html
O33 - MountPoints2\{f1d0312e-16ef-11e2-809e-002522cc4d75}\Shell - "" = AutoRun
O33 - MountPoints2\{f1d0312e-16ef-11e2-809e-002522cc4d75}\Shell\AutoRun\command - "" = I:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2012.11.29 23:00:23 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.11.23 17:17:51 | 000,000,000 | ---D | C] -- C:\Users\neon\Documents\Calibre Bibliothek
[2012.11.23 17:17:51 | 000,000,000 | ---D | C] -- C:\Users\neon\AppData\Roaming\calibre
[2012.11.23 17:15:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Calibre2
[2012.11.23 17:15:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management
[2012.11.18 23:12:17 | 000,000,000 | --SD | C] -- C:\Users\neon\Documents\Meine Datenquellen
[2012.11.16 18:07:00 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\hulumuluch
[2012.11.16 14:39:19 | 000,226,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcore6.dll
[2012.11.16 14:39:19 | 000,193,536 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\dhcpcore6.dll
[2012.11.16 14:39:19 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dhcpcsvc6.dll
[2012.11.16 14:39:17 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netcorehc.dll
[2012.11.16 14:39:17 | 000,216,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2012.11.16 14:39:17 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netcorehc.dll
[2012.11.16 14:39:17 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ncsi.dll
[2012.11.16 14:39:16 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\netevent.dll
[2012.11.16 14:39:16 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netevent.dll
[2012.11.16 14:39:10 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\synceng.dll
[2012.11.16 14:39:10 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\synceng.dll
[2012.11.13 19:50:03 | 000,054,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfLdr.sys
[2012.11.13 19:50:03 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wdfres.dll
[2012.11.13 19:46:48 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.11.13 19:46:48 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.11.13 19:46:47 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.11.13 19:46:47 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.11.13 19:46:47 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.11.13 19:46:47 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.11.13 19:46:47 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.11.13 19:46:47 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.11.13 19:46:46 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.11.13 19:46:46 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.11.13 19:46:46 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.11.13 19:46:46 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2012.11.13 19:46:45 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.11.13 19:46:45 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.11.13 19:46:45 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2012.11.13 19:46:32 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFPlatform.dll
[2012.11.13 19:46:31 | 000,744,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFx.dll
[2012.11.13 19:46:31 | 000,229,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFHost.exe
[2012.11.13 19:46:31 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WUDFCoinstaller.dll
[2012.11.13 15:56:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.2
[2012.11.02 22:18:43 | 000,000,000 | ---D | C] -- C:\Users\neon\AppData\Local\Painkiller Redemption
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2012.12.01 12:31:11 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.01 12:31:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.01 12:31:01 | 469,766,143 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.01 12:30:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.01 12:14:10 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1648228069-3097862834-1251921153-1000UA.job
[2012.12.01 12:10:20 | 000,013,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.01 12:10:20 | 000,013,584 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.01 12:09:05 | 001,622,796 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.12.01 12:09:05 | 000,700,620 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.12.01 12:09:05 | 000,655,332 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.12.01 12:09:05 | 000,149,158 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.12.01 12:09:05 | 000,121,946 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.12.01 12:03:08 | 000,373,952 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.11.30 23:52:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.11.30 22:00:20 | 000,000,924 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1648228069-3097862834-1251921153-1000UA.job
[2012.11.30 17:14:00 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1648228069-3097862834-1251921153-1000Core.job
[2012.11.30 16:34:22 | 000,533,705 | ---- | M] () -- C:\Users\neon\Desktop\adwcleaner.exe
[2012.11.30 13:44:33 | 000,000,902 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1648228069-3097862834-1251921153-1000Core.job
[2012.11.29 23:11:17 | 000,000,512 | ---- | M] () -- C:\Users\neon\Desktop\MBR.dat
[2012.11.27 22:34:43 | 000,046,785 | ---- | M] () -- C:\Users\neon\Desktop\Logbuch_TT.pdf
[2012.11.25 15:50:19 | 000,000,201 | ---- | M] () -- C:\Users\neon\Desktop\Dead Space.url
[2012.11.25 15:49:12 | 000,000,201 | ---- | M] () -- C:\Users\neon\Desktop\Metro 2033.url
[2012.11.25 13:55:26 | 000,074,946 | ---- | M] () -- C:\Users\neon\Documents\150234_447719185291747_1822559502_n.jpg
[2012.11.24 13:27:30 | 000,000,199 | ---- | M] () -- C:\Users\neon\Desktop\Dota 2.url
[2012.11.24 13:10:02 | 000,062,542 | ---- | M] () -- C:\Users\neon\Desktop\tuscan.png
[2012.11.23 13:35:10 | 000,001,796 | ---- | M] () -- C:\Users\neon\Desktop\Hitman.lnk
[2012.11.23 11:27:47 | 001,169,978 | ---- | M] () -- C:\Users\neon\Desktop\Ein plotzlicher Todesfall - Joanne K. Rowling.epub
[2012.11.21 18:05:54 | 000,026,319 | ---- | M] () -- C:\Users\neon\Desktop\Moduluebersicht.class.violet
[2012.11.16 18:07:02 | 000,000,699 | ---- | M] () -- C:\Users\neon\Desktop\Call of Duty Black Ops II.lnk
[2012.11.16 18:07:02 | 000,000,699 | ---- | M] () -- C:\Users\neon\Desktop\Call of Duty Black Ops II - Zombies.lnk
[2012.11.16 18:07:02 | 000,000,699 | ---- | M] () -- C:\Users\neon\Desktop\Call of Duty Black Ops II - Multiplayer.lnk
[2012.11.13 18:27:48 | 000,032,837 | ---- | M] () -- C:\Users\neon\Desktop\pacmanBildmontage.png
[2012.11.01 17:36:56 | 000,000,200 | ---- | M] () -- C:\Users\neon\Desktop\S.T.A.L.K.E.R. Shadow of Chernobyl.url
[2 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2012.12.01 12:28:33 | 000,533,705 | ---- | C] () -- C:\Users\neon\Desktop\adwcleaner.exe
[2012.11.29 22:56:48 | 000,000,512 | ---- | C] () -- C:\Users\neon\Desktop\MBR.dat
[2012.11.27 22:30:28 | 000,046,785 | ---- | C] () -- C:\Users\neon\Desktop\Logbuch_TT.pdf
[2012.11.25 15:50:19 | 000,000,201 | ---- | C] () -- C:\Users\neon\Desktop\Dead Space.url
[2012.11.25 15:49:12 | 000,000,201 | ---- | C] () -- C:\Users\neon\Desktop\Metro 2033.url
[2012.11.25 13:55:23 | 000,074,946 | ---- | C] () -- C:\Users\neon\Documents\150234_447719185291747_1822559502_n.jpg
[2012.11.24 13:27:30 | 000,000,199 | ---- | C] () -- C:\Users\neon\Desktop\Dota 2.url
[2012.11.24 13:10:02 | 000,062,542 | ---- | C] () -- C:\Users\neon\Desktop\tuscan.png
[2012.11.23 17:18:57 | 001,169,978 | ---- | C] () -- C:\Users\neon\Desktop\Ein plotzlicher Todesfall - Joanne K. Rowling.epub
[2012.11.23 13:35:10 | 000,001,796 | ---- | C] () -- C:\Users\neon\Desktop\Hitman.lnk
[2012.11.16 18:07:02 | 000,000,699 | ---- | C] () -- C:\Users\neon\Desktop\Call of Duty Black Ops II.lnk
[2012.11.16 18:07:02 | 000,000,699 | ---- | C] () -- C:\Users\neon\Desktop\Call of Duty Black Ops II - Zombies.lnk
[2012.11.16 18:07:02 | 000,000,699 | ---- | C] () -- C:\Users\neon\Desktop\Call of Duty Black Ops II - Multiplayer.lnk
[2012.11.13 19:50:05 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
[2012.11.13 19:46:31 | 000,000,003 | ---- | C] () -- C:\Windows\SysNative\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
[2012.11.13 18:23:18 | 000,032,837 | ---- | C] () -- C:\Users\neon\Desktop\pacmanBildmontage.png
[2012.11.01 17:36:56 | 000,000,200 | ---- | C] () -- C:\Users\neon\Desktop\S.T.A.L.K.E.R. Shadow of Chernobyl.url
[2012.10.24 05:27:50 | 000,042,440 | ---- | C] () -- C:\Windows\SysWow64\xfcodec.dll
[2012.10.23 10:50:14 | 000,000,173 | ---- | C] () -- C:\Users\neon\AppData\Local\msmathematics.qat.neon
[2012.05.01 17:55:59 | 000,000,771 | ---- | C] () -- C:\Users\neon\eclipse.lnk
[2012.04.24 14:07:59 | 000,000,233 | ---- | C] () -- C:\Windows\FTRUN32.INI
[2012.03.09 05:31:26 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.03.09 05:31:26 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.03.06 00:11:15 | 000,007,617 | ---- | C] () -- C:\Users\neon\AppData\Local\Resmon.ResmonCfg
[2012.03.01 17:16:50 | 000,200,704 | ---- | C] () -- C:\Windows\SysWow64\HsMgr.exe
[2012.03.01 17:16:50 | 000,143,360 | ---- | C] () -- C:\Windows\SysWow64\VmixP8.dll
[2012.03.01 17:16:50 | 000,000,048 | ---- | C] () -- C:\Windows\SysWow64\cmasiop.ini
[2012.03.01 17:16:49 | 000,042,457 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfl
[2012.03.01 16:42:16 | 000,000,906 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.imi
[2012.03.01 16:42:08 | 000,004,969 | ---- | C] () -- C:\Windows\Cmicnfgp.ini.cfg
[2012.03.01 16:42:08 | 000,000,560 | ---- | C] () -- C:\Windows\cmudaxp.ini
[2012.01.31 06:00:24 | 000,016,896 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2012.01.30 21:28:41 | 000,032,256 | ---- | C] () -- C:\Windows\SysWow64\AVSredirect.dll
[2012.01.30 21:26:09 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll
[2012.01.22 20:11:09 | 050,225,240 | ---- | C] () -- C:\Users\neon\AppData\Roaming\.minecraft.rar
[2011.11.08 19:42:19 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2011.10.28 16:56:10 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2011.10.28 13:16:10 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.10.28 13:16:09 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.10.06 22:12:24 | 000,002,265 | ---- | C] () -- C:\Windows\FF08_Render_Spk_Hp.ini
[2011.10.06 22:12:24 | 000,001,650 | ---- | C] () -- C:\Windows\FF08_Capture.ini
[2011.10.06 22:12:24 | 000,001,540 | ---- | C] () -- C:\Windows\FF08_Render.ini
[2011.10.06 22:12:15 | 000,176,128 | ---- | C] () -- C:\Windows\SysWow64\APOMngr.DLL
[2011.10.06 22:12:15 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\CmdRtr.DLL
[2011.10.06 22:06:59 | 013,356,032 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011.10.06 22:06:59 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.10.06 22:06:59 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.10.06 22:06:59 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.10.06 22:06:59 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011.10.06 21:38:00 | 011,157,504 | ---- | C] () -- C:\Users\neon\AppData\Roaming\Sandra.mdb
[2011.10.06 21:11:40 | 001,642,270 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.09.28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat
[2011.09.13 00:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 03:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 356 bytes -> C:\Users\neon\Desktop\2012-08-29 16.38.37.jpg:com.dropbox.attributes

< End of report >
         
--- --- ---

[/Code]

Alt 01.12.2012, 12:43   #12
ne0n2005
 
Web.de (Mail delivery failed) - Standard

Web.de (Mail delivery failed)



OTL Scan Extras.txt:
OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 01.12.2012 12:34:17 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = G:\DownLoad
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
5,92 Gb Total Physical Memory | 3,99 Gb Available Physical Memory | 67,38% Memory free
11,83 Gb Paging File | 9,43 Gb Available in Paging File | 79,70% Paging File free
Paging file location(s): c:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 59,62 Gb Total Space | 3,06 Gb Free Space | 5,14% Space Free | Partition Type: NTFS
Drive D: | 195,31 Gb Total Space | 67,62 Gb Free Space | 34,62% Space Free | Partition Type: NTFS
Drive E: | 1863,01 Gb Total Space | 714,70 Gb Free Space | 38,36% Space Free | Partition Type: NTFS
Drive F: | 488,28 Gb Total Space | 55,00 Gb Free Space | 11,26% Space Free | Partition Type: NTFS
Drive G: | 247,91 Gb Total Space | 26,89 Gb Free Space | 10,85% Space Free | Partition Type: NTFS
Drive Z: | 591,06 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: CDFS
 
Computer Name: NEON-PC | User Name: neon | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{8AE973A8-743C-4775-906E-5ED4DCCFD55F}" = lport=54010 | protocol=6 | dir=in | name=samsung allshare slideshow service | 
"{A5DD8C8B-AC30-4D3F-87FC-D2D57AC48EAD}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2011.sp4a\rpcagentsrv.exe | 
"{AF964F62-8263-480B-B549-B6DFA006A89D}" = lport=rpc | protocol=6 | dir=in | app=c:\program files\sisoftware\sisoftware sandra lite 2011.sp4a\wnt500x64\rpcsandrasrv.exe | 
"{E9EFC88D-0CA2-47F4-873A-FC157C93EE9F}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{009ED420-B5FF-4496-B3B6-5C76ED5D3574}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe | 
"{0247B09D-B5CF-46E7-B5AB-798F6653FE60}" = protocol=17 | dir=in | app=f:\diablo iii\diablo iii.exe | 
"{04759099-441B-48FD-AA14-BAEE2F332E53}" = protocol=6 | dir=in | app=f:\steam\steamapps\tobiasxxxl\counter-strike source\hl2.exe | 
"{05F1C79B-A16A-4FA5-A30F-33C7F2EA17BF}" = protocol=17 | dir=in | app=c:\users\neon\appdata\local\google\google talk plugin\googletalkplugin.exe | 
"{06AE00A6-7766-4272-8F70-2B2257062019}" = protocol=17 | dir=in | app=c:\diablo iii\diablo iii.exe | 
"{087F47FB-3792-4910-93A6-6694EAD72CF7}" = protocol=17 | dir=in | app=f:\assasins creed 4\acrsp.exe | 
"{08C091CA-43C7-46A1-986F-BB714381C7B8}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | 
"{08E634B5-0FCC-4265-8647-77673FB66AED}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{0A95822C-BD48-4CCB-B22E-398BE6CA4B76}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{0C0D65E8-65E2-464C-99AE-B0F7091E1508}" = protocol=17 | dir=in | app=c:\program files (x86)\google\google talk\googletalk.exe | 
"{0DABA467-E162-4C0E-9544-16C4940909CA}" = protocol=6 | dir=in | app=f:\steam\steam.exe | 
"{0DBA7D69-A05B-4EF1-9C42-D4575D7A35C0}" = protocol=6 | dir=in | app=c:\users\neon\appdata\roaming\spotify\spotify.exe | 
"{103431EB-9FC8-4804-93DA-A474EFE0D6F4}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\dota 2 beta\dota.exe | 
"{11685473-79EB-432D-9F96-258B36F94AAA}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{13CF147E-7947-44B0-9CD7-7A3E89AB6C13}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{14055EBB-D8F9-4AFE-8DDC-0038E1AFB6A4}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\painkiller redemption\bin\redemption.exe | 
"{14F73C78-E001-46FB-A70A-E1E8E34DEEF4}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\dota 2 beta\dota.exe | 
"{1599CAC5-99F8-47ED-94FB-CC44E8D0343D}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | 
"{15CE38A2-06A1-4573-9163-8A2E57A44306}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\painkiller redemption\bin\redemptioneditor.exe | 
"{15D18DFA-05A0-4C17-8117-67D473690E93}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\painkiller redemption\bin\redemptioneditor.exe | 
"{167E130A-13CE-4DA5-AC66-458E3B2179C3}" = protocol=17 | dir=in | app=c:\users\neon\appdata\roaming\dropbox\bin\dropbox.exe | 
"{16C1DA6E-C041-42E4-831F-395268F13C11}" = protocol=6 | dir=in | app=c:\windows\syswow64\gateway.exe | 
"{17947160-1210-4CFA-8014-845F6242ABFB}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\dead space\dead space.exe | 
"{180ACBB4-AEC8-46AF-B7E0-C3E0D33E824C}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | 
"{19308FE9-F183-4A76-826B-2FEE73210489}" = protocol=6 | dir=in | app=f:\diablo iii\diablo iii.exe | 
"{1936E1DD-1DC9-46B4-8E79-32B1C60EFEE0}" = protocol=6 | dir=in | app=f:\anno 2070\initengine.exe | 
"{19CEE1A3-90CB-4D36-8CE2-88CA8C9172FF}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.649\agent.exe | 
"{19D2642D-0FC5-4325-AB65-0FDF33802CE8}" = protocol=17 | dir=in | app=f:\tom clancy's splinter cell conviction\src\system\conviction_game.exe | 
"{1C359B33-8C03-453C-B53D-6CF70E5013BB}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe | 
"{1CFB7C1F-CAFD-4FD5-A9CC-9038E4FC5B0E}" = protocol=6 | dir=in | app=c:\users\neon\appdata\roaming\dropbox\bin\dropbox.exe | 
"{1DD6A41F-83E6-4E67-96A6-E47D072891ED}" = dir=out | app=%programfiles% (x86)\rockstar games\social club\renderer.exe | 
"{1E9C0609-5E59-4B9E-B056-927C2880AF11}" = protocol=6 | dir=in | app=f:\anno 2070\anno5.exe | 
"{1ECD1181-965C-407E-B6E1-B653901F77CF}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\tom clancy's splinter cell conviction\src\system\conviction_game.exe | 
"{1F65CA4F-6818-4123-84D9-E36127D74CED}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{204AF049-FAD2-4C94-B249-C2C5EC9ECA93}" = protocol=1 | dir=in | name=sisoftware deployment agent service (icmp-in) | 
"{208636BD-4C0A-4D1F-9EB2-1577169827FA}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\metro 2033\metro2033.exe | 
"{20BE8294-9BEC-4865-A4B1-1DB656D1B3B5}" = protocol=6 | dir=in | app=f:\world of warcraft\launcher.exe | 
"{22E6C43F-4B76-4A93-BE1D-9ABDB5499E2E}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe | 
"{235408D9-9B70-4DCE-8515-E7839357AD0A}" = protocol=17 | dir=in | app=f:\steam\steam.exe | 
"{253A9548-89CC-45D5-8D55-C25EF30F08AE}" = protocol=17 | dir=in | app=f:\anno 2070\initengine.exe | 
"{27BD6F18-E4D1-4CB4-912A-57723EBB2906}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshareagent.exe | 
"{2DFD62A3-01EA-4D53-A34B-F1B0DF99EC76}" = protocol=6 | dir=in | app=c:\windows\syswow64\gatewaydde.exe | 
"{330B721A-A6F9-4CB8-A9C9-10857C669524}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe | 
"{34A22D4F-4440-4F8B-8D94-CDD66017D9B0}" = protocol=6 | dir=in | app=f:\assasins creed 4\assassinscreedrevelations.exe | 
"{36006B96-A971-4C54-8E0B-D0F191FA70C0}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe | 
"{3644DA4D-5B35-48D6-BC90-942A7D041CAE}" = protocol=6 | dir=in | app=e:\diablo iii\diablo iii.exe | 
"{3828F599-414A-4534-841F-F75B002BECAF}" = protocol=6 | dir=in | app=f:\world of warcraft\launcher.patch.exe | 
"{3AF47058-BB91-4ABE-B659-246475BE956C}" = protocol=17 | dir=in | app=f:\anno 2070\anno5.exe | 
"{3C879B59-2B2C-4E57-B533-A1EF59ECF5D4}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\dota 2 test\dota.exe | 
"{41F13BD1-92C8-4815-89BC-FFDE6F358C3E}" = protocol=6 | dir=in | app=f:\steam\steamapps\tobiasxxxl\counter-strike\hl.exe | 
"{4376198F-3479-4470-8767-18CA50C10352}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\dead space\support\ea help\electronic_arts_technical_support.htm | 
"{44C7EB12-3503-495A-ACB2-2459473E723A}" = protocol=1 | dir=in | name=sisoftware sandra agent service (icmp-in) | 
"{482E87D5-F063-47C7-8A41-4F4CFE1AEDEA}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\defensegridtheawakening\defensegrid.exe | 
"{488D8E1A-6A91-4C1F-B0C6-1E474CB59CB4}" = protocol=17 | dir=in | app=f:\maxpayne3\playmaxpayne3.exe | 
"{4A62E13E-49EF-4AC9-8BFA-5C2D5D90AA04}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\fear2\fear2.exe | 
"{4B53E29D-72D2-4DF7-B6C2-E7B455DD3C82}" = dir=out | app=f:\lfs\keygenz28.exe | 
"{4C5A15CE-4235-40EA-8123-DE1B71434082}" = protocol=17 | dir=in | app=c:\windows\syswow64\gatewaydde.exe | 
"{4F1E84AA-32F0-4B4B-94B7-C9A82102F8EE}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | 
"{524F4115-5496-4C9F-8F5B-F0659577AA7D}" = protocol=6 | dir=in | app=f:\battlefield 3\battlefield 3\bf3.exe | 
"{539E76F2-1B2B-4D60-BBEC-F290949CEC74}" = protocol=17 | dir=in | app=f:\l.a. noire\lanlauncher.exe | 
"{53E36C19-11FA-4B6A-A8A0-FE6A92668814}" = protocol=17 | dir=in | app=f:\assasins creed 4\acrmp.exe | 
"{570C892C-CC29-45FA-8C65-9BD655E01F18}" = protocol=6 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe | 
"{57B93391-1CD5-4E6F-A05E-5701276C38ED}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.649\agent.exe | 
"{58B98AA2-A3BB-4048-84C4-159A7BF5514C}" = protocol=17 | dir=in | app=f:\anno 2070\autopatcher.exe | 
"{58DA13E0-47A6-4436-82E2-2C476D10DC36}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\stalker shadow of chernobyl\bin\xr_3da.exe | 
"{5971B30B-5DDA-4C38-A720-393133180FB4}" = dir=out | app=f:\l.a. noire\lanoire.exe | 
"{5B2FFE76-0838-4F71-BE28-56DECBD26B59}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe | 
"{5BAB8909-ABD2-43AF-9582-ABC483C82CAF}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{5C222F2D-08E0-42FF-9519-69FABC9CCD5E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{5C428308-78B5-4C47-A485-9220B648E2C6}" = dir=in | app=f:\crysis 2\bin32\crysis2launcher.exe | 
"{5C732F24-9A66-4873-ACC7-EBF07653D705}" = protocol=17 | dir=in | app=f:\battlefield 3\battlefield 3\bf3.exe | 
"{5D2C224E-3779-4078-9956-9D46CFDF56AA}" = protocol=6 | dir=in | app=c:\program files (x86)\google\google talk\googletalk.exe | 
"{6105E376-105E-4BE9-A5E7-A921BD13A58D}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | 
"{61C79A4D-2F6F-42EB-8B9D-C18214997CAF}" = protocol=6 | dir=in | app=f:\tom clancy's splinter cell conviction\src\system\gu.exe | 
"{6334F3A6-A5BC-4E26-9095-E524004499CE}" = protocol=17 | dir=in | app=f:\world of warcraft\launcher.patch.exe | 
"{6704CAD3-B7C9-4B23-9790-53E81375AA62}" = dir=out | app=f:\l.a. noire\lanlauncher.exe | 
"{675E91F5-F03A-4D34-8FF0-48D1AA9A3E8D}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\splinter cell\system\splintercell.exe | 
"{6AEB3F7C-2F22-4841-A95D-CC2D420C10CF}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe | 
"{6B88455C-4446-4D25-BF3A-A642BE19A906}" = protocol=17 | dir=in | app=c:\users\neon\appdata\roaming\spotify\spotify.exe | 
"{6EB47C17-D19A-47E5-8678-10BBF13D0F20}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tnglctrl.exe | 
"{71379639-E7B6-4F14-B34D-FFEE6F2278DE}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{71E81792-6CE7-4BB6-B148-0EE09EA9DE39}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\orcs must die!\build\release\orcsmustdie.exe | 
"{7891349D-6681-4703-9596-5AA2E44D98DE}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshare.exe | 
"{7A1394FE-B430-4C85-A018-68A86CD6D7E6}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\defensegridtheawakening\defensegrid.exe | 
"{7EA1822E-296D-4E1B-9063-96572F3E37B6}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\painkiller redemption\bin\redemption.exe | 
"{80AB3CCC-91B7-4601-B40D-07D2000EC337}" = dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\allsharedms.exe | 
"{811BFD9C-EDC4-48ED-A2B0-1B5D7274B3F0}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{8199D3CC-0D8D-4C53-B8CB-479AC4657726}" = protocol=17 | dir=in | app=f:\games for windows\microsoft games\microsoft flight\flight.exe | 
"{81C6609B-8F40-4989-B943-96215A487E68}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1267\agent.exe | 
"{82ACC955-7FCE-4508-AF7F-DC80A6A14336}" = protocol=6 | dir=in | app=f:\anno 2070\autopatcher.exe | 
"{83634089-E67F-4624-9AA8-2D55EAFDF29E}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\left 4 dead 2\left4dead2.exe | 
"{880AD506-F3E6-476E-AD9E-530B41066EE8}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{8A57FE31-1B2F-4639-98D4-40119BD4604E}" = protocol=6 | dir=in | app=f:\assasins creed 4\acrsp.exe | 
"{8F33F22B-30BB-4922-B549-459730F0A1AB}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{8FE278B3-A4BF-4087-BF56-ADB434F59BED}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\dead space\support\ea help\electronic_arts_technical_support.htm | 
"{92470FB1-4715-4345-97DD-48D5F2BC45A5}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\fear2\fear2.exe | 
"{93FFE5FD-DC35-4953-9C60-569125C779A1}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{950C7FFF-035B-418D-B6F4-10512CC025E3}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.1363\agent.exe | 
"{9913948A-B44E-4CFA-9163-2408E6694299}" = dir=in | app=f:\command & conquer 3\retailexe\1.0\cnc3game.dat | 
"{9975A40B-4B82-42B0-B70C-5222B26934C1}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\dead space\dead space.exe | 
"{997CFE0E-1865-4C4B-A5F3-E7CBBA93A804}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\counter-strike global offensive\csgo.exe | 
"{9C014FC1-DE86-4B06-AE6E-8121B7627184}" = dir=out | app=f:\crysis 2\bin32\crysis2launcher.exe | 
"{9E8F67EE-5BC8-40F8-8463-2507DBF4EDE1}" = protocol=17 | dir=in | app=f:\steam\steamapps\tobiasxxxl\counter-strike source\hl2.exe | 
"{A0C4F467-F092-465D-838F-D169AA454F35}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\dota 2 test\dota.exe | 
"{A2A83926-3F6D-4DBC-A282-10EE0E8F14BB}" = dir=in | app=f:\crysis 2\bin32\crysis2launcher.exe | 
"{A5ECDCEC-5EEC-4937-91B5-AE1217784E46}" = protocol=17 | dir=in | app=f:\assasins creed 4\assassinscreedrevelations.exe | 
"{A6792081-24F4-49FA-829B-A181B8392FF2}" = protocol=6 | dir=in | app=f:\l.a. noire\lanlauncher.exe | 
"{A8E4EE15-40BC-4056-8C6B-82CCF77FBA93}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\splinter cell\system\splintercell.exe | 
"{AA177E6E-7997-434F-A6A3-603E3CE6BD43}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{AA511CC4-91BC-4163-B039-A4FD845EBFAC}" = protocol=6 | dir=in | app=f:\games for windows\microsoft games\microsoft flight\flight.exe | 
"{AB768944-6ED6-416B-9EDA-E7C9DF933F24}" = protocol=17 | dir=in | app=f:\diablo iii beta\diablo iii.exe | 
"{ABB5EB8E-D085-4F26-BF0F-4922831B8956}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe | 
"{B3E276B5-EB22-446D-BA34-D955E3C8C24A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.976\agent.exe | 
"{B58BB127-BDF2-4782-B905-8AD34824BDD5}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\orcs must die!\build\release\orcsmustdie.exe | 
"{B62C6F48-D84A-4217-8D6D-6F4CC913CF33}" = protocol=6 | dir=in | app=c:\programdata\battle.net\agent\agent.868\agent.exe | 
"{B946CB5F-CCD9-4586-83F8-6745874DE08D}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.954\agent.exe | 
"{BE58A6BE-4086-4618-8A3C-AFE15EA2C87B}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\tom clancy's splinter cell conviction\src\system\conviction_game.exe | 
"{BEAA303C-2F2B-4588-BDEB-39A1DF053C3E}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 
"{C0CAFC2D-F99E-4C75-893D-C3772DF6062C}" = protocol=17 | dir=in | app=c:\program files (x86)\tunngle\tunngle.exe | 
"{C3888A52-B2F5-418D-A645-D15F8A9BCA09}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe | 
"{C4D36588-6C98-4A4C-BFA0-ADE25513C4EB}" = protocol=17 | dir=in | app=c:\windows\syswow64\gateway.exe | 
"{C771978B-C7CB-4783-B981-8A1D65B23378}" = protocol=6 | dir=in | app=f:\assasins creed 4\acrmp.exe | 
"{C77A03D0-03B5-4085-A156-FBBB42C41084}" = protocol=6 | dir=in | app=f:\tom clancy's splinter cell conviction\src\system\conviction_game.exe | 
"{CB81A58B-EEA3-44FC-88A5-871C6193FB08}" = protocol=17 | dir=in | app=f:\world of warcraft\launcher.exe | 
"{D3BC614A-31D5-407B-AF2A-3FEDC1F7B273}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{D4F9AC8B-FF07-4E74-BD6C-C9AB7C8551CC}" = protocol=6 | dir=in | app=c:\diablo iii\diablo iii.exe | 
"{D587E6EF-FE1D-4EB8-B80F-7BD864C3E307}" = protocol=6 | dir=in | app=f:\diablo iii beta\diablo iii.exe | 
"{D6A5D8F4-57A5-4120-A76D-DB6445AF24B5}" = protocol=17 | dir=in | app=f:\steam\steamapps\tobiasxxxl\source sdk base 2007\hl2.exe | 
"{D6B5D33D-2D1C-4503-ACEF-CF353BC9BB12}" = protocol=6 | dir=in | app=f:\maxpayne3\playmaxpayne3.exe | 
"{D9A8E1E7-F312-4D80-8C63-3186C7F4BB0B}" = protocol=6 | dir=in | app=f:\steam\steamapps\tobiasxxxl\source sdk base 2007\hl2.exe | 
"{DBCAB217-6E91-497F-8211-AA785CD67998}" = protocol=6 | dir=in | app=c:\users\neon\appdata\local\google\google talk plugin\googletalkplugin.exe | 
"{DD6951B1-5929-4EF9-A281-30AADF93144A}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.1040\agent.exe | 
"{DEE5D4F5-A5C3-4D8D-B380-43EEB9302F54}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{E09685D6-3D1E-4993-9CE1-5560782F14CF}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\orcs must die 2\build\release\orcsmustdie2.exe | 
"{E156A044-6BE0-4661-A374-8E88D6E7D0C7}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\stalker shadow of chernobyl\bin\xr_3da.exe | 
"{E1B8E1E6-831A-4503-872C-B1F9DF8F7AE8}" = protocol=17 | dir=in | app=c:\programdata\battle.net\agent\agent.998\agent.exe | 
"{E5157BD3-50DA-4879-9B35-FF6929D42B1A}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\f.e.a.r. 3\f.e.a.r. 3.exe | 
"{E6961677-D452-4CF5-BB7D-90D721FE7378}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{E9790A7F-CD69-441E-A4CB-686E8CDB5B0D}" = protocol=17 | dir=in | app=f:\tom clancy's splinter cell conviction\src\system\gu.exe | 
"{EC6E96FF-1E78-4EDD-8B49-A6E1010E05AC}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\counter-strike global offensive\csgo.exe | 
"{ED5F9FFD-8EB8-480E-A483-6427D3AE43CD}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 
"{F0EBE973-97B8-452E-86E1-A3020C254A6E}" = protocol=17 | dir=in | app=f:\steam\steamapps\common\f.e.a.r. 3\f.e.a.r. 3.exe | 
"{F512DCCF-12C9-48B9-A081-A14F39CB893E}" = protocol=6 | dir=in | app=f:\steam\steamapps\common\metro 2033\metro2033.exe | 
"{F557D20D-0C59-4DD4-BF02-CE16B1DCD732}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{FABF190E-299E-4864-BB54-284A574A7931}" = protocol=17 | dir=in | app=e:\diablo iii\diablo iii.exe | 
"{FB9513AF-B308-4EDA-BE58-42AB2E57EF96}" = protocol=17 | dir=in | app=f:\steam\steamapps\tobiasxxxl\counter-strike\hl.exe | 
"TCP Query User{09B50C7D-AB5F-4884-ACA2-ACB2DCAAE148}G:\download\eclipse\eclipse.exe" = protocol=6 | dir=in | app=g:\download\eclipse\eclipse.exe | 
"TCP Query User{0CA8BBD1-C777-4D9E-A7BD-0D430FBDFE23}F:\max payne 3\maxpayne3.exe" = protocol=6 | dir=in | app=f:\max payne 3\maxpayne3.exe | 
"TCP Query User{0ECDDA52-6CFA-45AF-9B39-3FA00B25AF4B}C:\program files (x86)\motorola\rsd lite\sdl.exe" = protocol=6 | dir=in | app=c:\program files (x86)\motorola\rsd lite\sdl.exe | 
"TCP Query User{14719586-FC78-44F3-9956-97D9DCC3D459}C:\program files (x86)\java\jdk1.6.0_31\jre\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jdk1.6.0_31\jre\bin\java.exe | 
"TCP Query User{247B7451-A8DB-4B18-A1BE-73293CF15E99}F:\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe" = protocol=6 | dir=in | app=f:\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe | 
"TCP Query User{3102ECCB-B389-4D9A-9E2F-AE47E59287ED}F:\alarmstufe rot\cncnet.exe" = protocol=6 | dir=in | app=f:\alarmstufe rot\cncnet.exe | 
"TCP Query User{34FAB3A2-AB71-4819-8EF6-3E113926E7BE}F:\world of warcraft\wow-4.2.1.2730-enus-tools-downloader.exe" = protocol=6 | dir=in | app=f:\world of warcraft\wow-4.2.1.2730-enus-tools-downloader.exe | 
"TCP Query User{37CDF546-016B-49C8-9712-475B0173105B}C:\users\neon\eclipse\eclipse.exe" = protocol=6 | dir=in | app=c:\users\neon\eclipse\eclipse.exe | 
"TCP Query User{409E0DB2-92C6-472F-AB76-D7C4C0A23270}F:\world of warcraft\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=6 | dir=in | app=f:\world of warcraft\wow-4.2.1.2736-enus-tools-downloader.exe | 
"TCP Query User{4A3B14C1-DC03-4B25-9EB7-9EDDB7E7D779}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"TCP Query User{58072949-013F-4649-81A8-B9B1DD648C7F}F:\alarmstufe rot\ra95.exe" = protocol=6 | dir=in | app=f:\alarmstufe rot\ra95.exe | 
"TCP Query User{5B730D71-33E6-4DE8-A172-DF22B8342BB7}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"TCP Query User{5FF62CBE-A512-4758-A181-3D94EEF09558}C:\users\neon\appdata\local\temp\electronicarts_patcher_000.exe" = protocol=6 | dir=in | app=c:\users\neon\appdata\local\temp\electronicarts_patcher_000.exe | 
"TCP Query User{68AE1FA1-1F0F-48C4-9084-12D60057D09F}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=c:\program files (x86)\myphoneexplorer\myphoneexplorer.exe | 
"TCP Query User{6D067030-750B-4DDC-A3EA-96BB613306C5}F:\kingdoms of amalur reckoning\reckoning.exe" = protocol=6 | dir=in | app=f:\kingdoms of amalur reckoning\reckoning.exe | 
"TCP Query User{74A4C582-8C56-49FA-A945-2FD6105DCB15}F:\need for speed the run\need for speed the run.exe" = protocol=6 | dir=in | app=f:\need for speed the run\need for speed the run.exe | 
"TCP Query User{75242D62-08E4-49FB-B94D-08219995F48E}C:\program files (x86)\java\jdk1.7.0_01\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jdk1.7.0_01\jre\bin\javaw.exe | 
"TCP Query User{7AD83630-CB41-4900-A2CC-9841E36AE8C0}D:\virtualbox\virtualbox.exe" = protocol=6 | dir=in | app=d:\virtualbox\virtualbox.exe | 
"TCP Query User{83038BF5-ADD0-446E-935F-DC63E8E1FF1A}F:\maniaplanet\maniaplanet.exe" = protocol=6 | dir=in | app=f:\maniaplanet\maniaplanet.exe | 
"TCP Query User{8EC496CC-F1DA-4A51-B43A-DC2EF4674799}F:\command & conquer 3\retailexe\1.9\cnc3game.dat" = protocol=6 | dir=in | app=f:\command & conquer 3\retailexe\1.9\cnc3game.dat | 
"TCP Query User{8F449908-3784-4671-BBB7-D56BF570962C}G:\download\diablo-iii-setup-dede.exe" = protocol=6 | dir=in | app=g:\download\diablo-iii-setup-dede.exe | 
"TCP Query User{90853825-C43A-4D81-B90B-F514F0DF9EC8}F:\call of duty black ops ii\t6sp.exe" = protocol=6 | dir=in | app=f:\call of duty black ops ii\t6sp.exe | 
"TCP Query User{977F0C1E-AF26-4E7C-90F2-A90987EDC7B1}F:\tom clancy's splinter cell conviction\src\system\uplaybrowser.exe" = protocol=6 | dir=in | app=f:\tom clancy's splinter cell conviction\src\system\uplaybrowser.exe | 
"TCP Query User{A43A6A62-167F-439B-B16B-E916171F6ABB}F:\maxpayne3\maxpayne3.exe" = protocol=6 | dir=in | app=f:\maxpayne3\maxpayne3.exe | 
"TCP Query User{AE94C106-AECE-4884-A89E-8F64EA203F0B}F:\world of warcraft\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=6 | dir=in | app=f:\world of warcraft\wow-4.2.1.2727-enus-tools-downloader.exe | 
"TCP Query User{B1292C30-9C6C-4C3B-A2D5-BFC28DD01A0C}F:\shift 2 unleashed\shift2u.exe" = protocol=6 | dir=in | app=f:\shift 2 unleashed\shift2u.exe | 
"TCP Query User{B9973A9C-EF81-4B3D-A659-176370E69623}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe | 
"TCP Query User{BD49C9AB-568A-4BF7-A408-2316660CDED0}C:\users\neon\appdata\local\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\users\neon\appdata\local\google\chrome\application\chrome.exe | 
"TCP Query User{C348CAA4-5965-40CD-B245-B58E2B35D97E}C:\users\neon\appdata\local\temp\temp1_netscan.zip\64-bit\netscan.exe" = protocol=6 | dir=in | app=c:\users\neon\appdata\local\temp\temp1_netscan.zip\64-bit\netscan.exe | 
"TCP Query User{C3C17D05-1BEC-43D1-B3F7-3494E5485D8E}F:\world of warcraft\backgrounddownloader.exe" = protocol=6 | dir=in | app=f:\world of warcraft\backgrounddownloader.exe | 
"TCP Query User{E1070A5E-ED70-407A-8A20-64D93D7443FA}C:\users\neon\appdata\local\temp\keygen.exe" = protocol=6 | dir=in | app=c:\users\neon\appdata\local\temp\keygen.exe | 
"TCP Query User{E214C2D3-4B51-41BE-9CD1-94F53CF9DE08}C:\program files (x86)\xfire\xfire.exe" = protocol=6 | dir=in | app=c:\program files (x86)\xfire\xfire.exe | 
"TCP Query User{EE4B8576-D7BD-49DE-ADC4-9F6B3F16062F}F:\crysis 2\bin32\crysis2.exe" = protocol=6 | dir=in | app=f:\crysis 2\bin32\crysis2.exe | 
"UDP Query User{01489795-77B0-4B16-98B5-D51DC43E39EF}F:\maniaplanet\maniaplanet.exe" = protocol=17 | dir=in | app=f:\maniaplanet\maniaplanet.exe | 
"UDP Query User{093BC979-E05D-49B5-B45C-134B68AF31A0}C:\program files (x86)\motorola\rsd lite\sdl.exe" = protocol=17 | dir=in | app=c:\program files (x86)\motorola\rsd lite\sdl.exe | 
"UDP Query User{0DD7B87B-7C4C-499E-9D7F-70F8A94A09C8}C:\users\neon\eclipse\eclipse.exe" = protocol=17 | dir=in | app=c:\users\neon\eclipse\eclipse.exe | 
"UDP Query User{185D02D7-7747-49FA-8A5F-6CCF752B6F18}F:\need for speed the run\need for speed the run.exe" = protocol=17 | dir=in | app=f:\need for speed the run\need for speed the run.exe | 
"UDP Query User{23DF4D77-F74A-467D-A3AF-10930E2A4707}F:\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe" = protocol=17 | dir=in | app=f:\world of warcraft\temp\wow-4.3-5.0.15890-enus-downloader.exe | 
"UDP Query User{32969EF9-68A5-4F3A-90E9-2300FD16BF6A}C:\program files (x86)\java\jdk1.6.0_31\jre\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jdk1.6.0_31\jre\bin\java.exe | 
"UDP Query User{3AB1F832-0F99-47A8-9CA9-26D0ED05DCE6}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe | 
"UDP Query User{3ACDA4FE-0B86-4340-A829-928B94019D5F}D:\virtualbox\virtualbox.exe" = protocol=17 | dir=in | app=d:\virtualbox\virtualbox.exe | 
"UDP Query User{4BBD3102-640C-4660-B0C1-EA82C3AA5323}C:\users\neon\appdata\local\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\users\neon\appdata\local\google\chrome\application\chrome.exe | 
"UDP Query User{54498979-3DDE-4D80-8D70-DF88023EEBF8}F:\kingdoms of amalur reckoning\reckoning.exe" = protocol=17 | dir=in | app=f:\kingdoms of amalur reckoning\reckoning.exe | 
"UDP Query User{587B68B7-A1EA-4F93-B65A-F73FE509DD7F}F:\command & conquer 3\retailexe\1.9\cnc3game.dat" = protocol=17 | dir=in | app=f:\command & conquer 3\retailexe\1.9\cnc3game.dat | 
"UDP Query User{68D22D75-9BD7-40FC-B1DD-C119F07BED6F}F:\alarmstufe rot\cncnet.exe" = protocol=17 | dir=in | app=f:\alarmstufe rot\cncnet.exe | 
"UDP Query User{78381322-F2E2-47DE-AD30-D5CF808BFF1D}C:\program files (x86)\java\jdk1.7.0_01\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jdk1.7.0_01\jre\bin\javaw.exe | 
"UDP Query User{84169190-73E8-4AF4-8331-712045F2E089}C:\program files (x86)\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe | 
"UDP Query User{84D69C8B-1F84-4AFA-A9DA-B8EFD4492B39}C:\users\neon\appdata\local\temp\electronicarts_patcher_000.exe" = protocol=17 | dir=in | app=c:\users\neon\appdata\local\temp\electronicarts_patcher_000.exe | 
"UDP Query User{8D71A127-35CA-4E85-A332-AE1FA9AA67B8}F:\maxpayne3\maxpayne3.exe" = protocol=17 | dir=in | app=f:\maxpayne3\maxpayne3.exe | 
"UDP Query User{976AED2D-C3C1-4D6A-BDFE-24B195C33AB9}F:\call of duty black ops ii\t6sp.exe" = protocol=17 | dir=in | app=f:\call of duty black ops ii\t6sp.exe | 
"UDP Query User{992A7CE3-A1E6-4F41-841A-F75BDAFD4F0B}F:\crysis 2\bin32\crysis2.exe" = protocol=17 | dir=in | app=f:\crysis 2\bin32\crysis2.exe | 
"UDP Query User{99BB3FCE-15D2-4CCD-8747-3C189936D3C4}F:\world of warcraft\wow-4.2.1.2727-enus-tools-downloader.exe" = protocol=17 | dir=in | app=f:\world of warcraft\wow-4.2.1.2727-enus-tools-downloader.exe | 
"UDP Query User{9BD7B238-718D-4590-BCD4-FA42B20135CB}C:\program files (x86)\xfire\xfire.exe" = protocol=17 | dir=in | app=c:\program files (x86)\xfire\xfire.exe | 
"UDP Query User{9D8B971D-74EA-4192-A15D-4F782B9DE772}F:\world of warcraft\wow-4.2.1.2736-enus-tools-downloader.exe" = protocol=17 | dir=in | app=f:\world of warcraft\wow-4.2.1.2736-enus-tools-downloader.exe | 
"UDP Query User{A6285A73-BBA7-4EFF-907C-94CD0925139E}F:\tom clancy's splinter cell conviction\src\system\uplaybrowser.exe" = protocol=17 | dir=in | app=f:\tom clancy's splinter cell conviction\src\system\uplaybrowser.exe | 
"UDP Query User{AACF0E9A-FF84-453D-BDC4-2BCFEB1E4FEC}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=c:\program files (x86)\myphoneexplorer\myphoneexplorer.exe | 
"UDP Query User{AE1AB3C0-EC7C-4E31-A49F-C465F40E36B1}C:\users\neon\appdata\local\temp\temp1_netscan.zip\64-bit\netscan.exe" = protocol=17 | dir=in | app=c:\users\neon\appdata\local\temp\temp1_netscan.zip\64-bit\netscan.exe | 
"UDP Query User{B16858A9-27BD-49AA-9398-4F950C105C88}F:\world of warcraft\backgrounddownloader.exe" = protocol=17 | dir=in | app=f:\world of warcraft\backgrounddownloader.exe | 
"UDP Query User{B935E778-2EBD-4317-B45F-D57D73B706A6}G:\download\diablo-iii-setup-dede.exe" = protocol=17 | dir=in | app=g:\download\diablo-iii-setup-dede.exe | 
"UDP Query User{B9EF4F2C-24A8-4504-A734-F8252FFAB193}F:\alarmstufe rot\ra95.exe" = protocol=17 | dir=in | app=f:\alarmstufe rot\ra95.exe | 
"UDP Query User{BA0AB49D-8455-4C7F-A918-14451E212743}F:\shift 2 unleashed\shift2u.exe" = protocol=17 | dir=in | app=f:\shift 2 unleashed\shift2u.exe | 
"UDP Query User{C6C13450-5D39-4F74-BE10-83A832036000}F:\world of warcraft\wow-4.2.1.2730-enus-tools-downloader.exe" = protocol=17 | dir=in | app=f:\world of warcraft\wow-4.2.1.2730-enus-tools-downloader.exe | 
"UDP Query User{CAFB7A85-A114-47AF-9EF0-A22D54DD32CE}C:\program files (x86)\java\jre7\bin\java.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\java.exe | 
"UDP Query User{D4D0992B-7695-4445-A673-4CC4F0024B12}G:\download\eclipse\eclipse.exe" = protocol=17 | dir=in | app=g:\download\eclipse\eclipse.exe | 
"UDP Query User{E85CA296-C67E-43A2-A4BC-67D4CC2D2F90}F:\max payne 3\maxpayne3.exe" = protocol=17 | dir=in | app=f:\max payne 3\maxpayne3.exe | 
"UDP Query User{ECC26DFA-B39E-4E8C-A200-41E7E0218EE8}C:\users\neon\appdata\local\temp\keygen.exe" = protocol=17 | dir=in | app=c:\users\neon\appdata\local\temp\keygen.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416030FF}" = Java(TM) 6 Update 30 (64-bit)
"{2E8D6204-D656-8355-1ED3-2988AC52EB0F}" = ccc-utility64
"{3987279A-3504-2916-D063-741B910F0747}" = AMD Accelerated Video Transcoding
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4BDE7544-0A08-4AD9-8A8F-4B7944471C36}" = iTunes
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5831C6D6-309D-DBB5-14F7-FEE57086CEE7}" = AMD Catalyst Install Manager
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FDC06BF-3D3D-4367-8FFB-4FAFCB61972D}" = Cisco Systems VPN Client 5.0.07.0440
"{63CE6C32-1EB3-4C51-89FC-9FD96A661A9C}" = AMD Media Foundation Decoders
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{867DE0DC-A93F-41EA-9654-A212514FA946}" = Oracle VM VirtualBox 4.2.4
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B8AD779A-82DA-4365-A7D0-AD3DCFC55CFF}" = Apple Mobile Device Support
"{BA9A297F-0198-4EE8-90CB-F5036C180E1D}" = Novacomd
"{C3113E55-7BCB-4de3-8EBF-60E6CE6B2296}_is1" = SiSoftware Sandra Lite 2011.SP4a
"{C78D3032-9DFD-41D0-9DE9-58EAE750CBA4}" = Microsoft Security Client
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D2D22BEE-B7F1-49D0-9ED6-86D0B2CEDFAD}" = TortoiseSVN 1.7.6.22632 (64 bit)
"{DC911ADF-7B60-40F2-A112-FB1EB6402D07}" = Microsoft Security Client DE-DE Language Pack
"{E57B7E0A-8BE5-42E2-BE60-C07ED680A063}" = Microsoft Mathematics (64-bit)
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{F809FFB5-6F9B-AFDE-6048-5D9E95A85505}" = AMD Drag and Drop Transcoding
"{FD9C13F5-1BF8-4C63-89D2-FE955C9DABD8}" = Motorola Mobile Drivers Installation 5.6.0
"332CCC08910F1AE2E4D90D25DEDE87E3EF797832" = Windows Driver Package - Palm (WinUSB) Palm Devices  (10/09/2009 1.0.1)
"Apache Tomcat 6.0 Tomcat6" = Apache Tomcat 6.0 Tomcat6 (remove only)
"ASRock App Charger_is1" = ASRock App Charger v1.0.4
"C-Media Oxygen HD Audio Driver" = ASUS Xonar DX Audio Driver
"Logitech Gaming Software" = Logitech Gaming Software 8.20
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft Security Client" = Microsoft Security Essentials
"nbi-nb-base-7.1.1.0.0" = NetBeans IDE 7.1.1
"Recuva" = Recuva
"sp6" = Logitech SetPoint 6.32
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}" = PDFCreator
"{03D4C700-2BFE-43E0-A0B4-9512B43C5B9F}" = Catalyst Control Center - Branding
"{0429B343-D023-4524-89BC-0478E0D9E3C3}" = Sound Blaster World of Warcraft Headset
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{0F00C986-561C-4536-B62B-0EDE3475312A}" = WinFACT 8
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{14ECAABB-C8B9-4A09-92F7-CDF1A45B6DDE}" = Google Drive
"{17D26CDD-B87C-412B-92F0-2D5DD4313522}" = Facebook Messenger 2.1.4651.0
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{19D614EB-D62A-AEE7-2391-E74126601D59}" = CCC Help Italian
"{1A2DDF67-3FA4-451C-8BF1-21CA4E546AEF}" = Motorola Device Software Update
"{1AA94747-3BF6-4237-9E1A-7B3067738FE1}" = Max Payne 3
"{1C373820-B9C8-0F7F-8F84-FC1B76A85F27}" = CCC Help Portuguese
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F701DBD-1660-4108-B10A-FB435EA63BF0}" = PostgreSQL 8.2
"{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk" = Google Talk (remove only)
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java(TM) 7 Update 5
"{28DB8373-C1BB-444F-A427-A55585A12ED7}" = Motorola Device Manager
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2D35BC33-7D08-D529-DF91-8A15FBF2600E}" = CCC Help Polish
"{32A3A4F4-B792-11D6-A78A-00B0D0170010}" = Java(TM) SE Development Kit 7 Update 1
"{33286280-8617-11E1-8FF6-B8AC6F97B88E}" = Google Earth Plug-in
"{337788D1-43D1-9A0F-9787-DD00DB512D41}" = Catalyst Control Center Localization All
"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{4286716B-1287-48E7-9078-3DC8248DBA96}" = OpenOffice.org 3.3
"{43D16DA8-BF42-3C62-89D3-3AD47829DC2E}" = Google Talk Plugin
"{4725833D-4325-5C34-57D4-1FE23E5AE578}" = CCC Help Chinese Standard
"{4999B2F1-3E74-409A-B8B5-E94448AA9EA6}" = SPEEDLINK Strike 2 Gamepad
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4B271648-43CB-DD31-FF24-E7B06D3EE72A}" = Catalyst Control Center InstallProxy
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{4D5308D2-DC8E-4658-A37C-351000008100}" = Microsoft Flight
"{4DC37F33-7AEC-A4CB-56B1-69A402828763}" = CCC Help Japanese
"{5710DAC2-8F2A-503C-CFC2-A973ADE0EA4C}" = CCC Help Czech
"{5C763682-4C40-86DA-9C46-31924D7D2C34}" = CCC Help Thai
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{5ED80B30-4DAE-4D73-9D62-AD89F661AF46}" = RSDLite
"{6033673D-2530-4587-8AD0-EB059FC263F9}" = Crysis® 2
"{60E5022D-FA4B-C6A2-1E80-B46EC39096F3}" = CCC Help Chinese Traditional
"{60F34FDF-267C-408F-290E-EC90D841C8CB}" = CCC Help German
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{66B79AE1-C6E2-B958-689C-D0812DE86BAB}" = CCC Help Greek
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6B39BE0F-0F5E-A8FA-33E4-8481AE39D96C}" = CCC Help Russian
"{6D8DDB4A-C263-40DE-BA16-AFDAD159D59A}" = Tom Clancy's Splinter Cell Conviction
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™
"{77DCDCE3-2DED-62F3-8154-05E745472D07}" = Acrobat.com
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7BE15435-2D3E-4B58-867F-9C75BED0208C}" = QuickTime
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{7FB413C8-3CAD-49F7-A67C-6EFEB4B04050}" = LogMeIn Hamachi
"{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E19F2AF-7145-51DE-E395-7729A9374973}" = Catalyst Control Center Graphics Previews Common
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUS_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUS_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUS_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0054-0407-0000-0000000FF1CE}" = Microsoft Office Visio MUI (German) 2010
"{90140000-0054-0407-0000-0000000FF1CE}_Office14.VISIOR_{1FEAC070-BB09-4055-9BD0-48CF52023F92}" = Microsoft Office 2010 Language Pack Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUS_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUS_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{91140000-0057-0000-0000-0000000FF1CE}" = Microsoft Office Visio 2010
"{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{01D8AE4B-A04D-47E5-81BF-E3F98B81B8C3}" = Microsoft Visio 2010 Service Pack 1 (SP1)
"{91CB5B8B-4EC8-DBA1-A88D-99FD480567B0}" = CCC Help English
"{924FBAC4-60D2-7981-3C3E-979DF9CBB346}" = CCC Help Finnish
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DC939DC-B7A4-D0E2-C582-A442DF1B3EBE}" = CCC Help Spanish
"{A1BD938B-F006-6E6D-70B2-47E1DD56F7DE}" = CCC Help Swedish
"{A804B134-F03D-4EFD-9BC0-DCD257AA1B22}" = Hitman Blood Money
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AA57D6F1-6360-4397-B2D9-B21C69863D97}" = Secure Download Manager
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.3) - Deutsch
"{B0C30E93-D3D9-4F04-A2AC-54749B573275}" = Command & Conquer 3
"{B0DC2DA9-2AF9-422A-88E0-1B84E0F65DB5}" = Speed-Link SL-6535 USB Pad
"{B48E264C-C8CD-4617-B0BE-46E977BAD694}" = ANNO 2070
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1" = SUPER © v2011.build.49 (July 1st, 2011) Version v2011.build.49
"{BABF7852-C2DD-6A8A-9956-101720C715C7}" = CCC Help Turkish
"{BB7C2A56-9706-43B8-5A8C-210AF5816106}" = CCC Help French
"{BEE64C14-BEF1-4610-8A68-A16EAA47B882}" = Futuremark SystemInfo
"{C40C3C3D-97CF-44B5-836C-766E374464B3}" = 3DMark Vantage
"{CFC2CB60-5654-05A7-4D30-C661800A3A92}" = CCC Help Korean
"{D04CE005-D1D2-80F3-84C8-B3524FCD39C3}" = CCC Help Norwegian
"{D544AE4C-4152-225B-A897-6756C8986B14}" = Catalyst Control Center
"{D81E9069-3CCC-4405-3751-71E4AFEACC52}" = CCC Help Hungarian
"{D9D5A07A-F299-4741-BFE6-302324CC0BD7}" = calibre
"{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"{E8C37E27-5205-4C8A-BECB-B00533045AAE}" = SHIFT 2 UNLEASHED™
"{E93FF166-DF14-2537-8FB4-96BB5810A96C}" = CCC Help Danish
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3D9AC82-30F4-4BB9-B9AB-8697637568C1}" = Sound Blaster X-Fi MB
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{FA9827E1-8A8E-C176-4923-0840A67ED4DE}" = CCC Help Dutch
"5513-1208-7298-9440" = JDownloader 0.9
"7-Zip" = 7-Zip 9.20
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Alarmstufe Rot_is1" = Alarmstufe Rot 3.03p2
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.9
"ArgoUML" = ArgoUML 0.34
"ASRock eXtreme Tuner_is1" = ASRock eXtreme Tuner v0.1.78
"Battlelog Web Plugins" = Battlelog Web Plugins
"Call of Duty Modern Warfare 3 (c) Activision_is1" = Call of Duty Modern Warfare 3 (c) Activision version 1
"Call of Duty: Black Ops II_is1" = Call of Duty: Black Ops II
"DAEMON Tools Lite" = DAEMON Tools Lite
"Downloader" = Downloader
"EditiX-Free XML Editor free-2008-sp2" = EditiX-Free XML Editor free-2008-sp2
"ESN Sonar-0.70.4" = ESN Sonar
"Fraps" = Fraps
"GFWL_{4D5308D2-DC8E-4658-A37C-351000008100}" = Microsoft Flight
"Hdd Speed Test Tool_is1" = Hdd Speed Test Tool v. 1.0.14 (RC 1)
"InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller
"Kingdoms of Amalur Reckoning_is1" = Kingdoms of Amalur Reckoning
"LogMeIn Hamachi" = LogMeIn Hamachi
"MagniDriver" = marvell 91xx driver
"ManiaPlanet_is1" = ManiaPlanet
"Mozilla Firefox 10.0 (x86 de)" = Mozilla Firefox 10.0 (x86 de)
"MPE" = MyPhoneExplorer
"MySSID_is1" = EXPERTool 7.21
"nbi-nb-base-7.0.1.0.0" = NetBeans IDE 7.0.1
"Notepad++" = Notepad++
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"Office14.VISIOR" = Microsoft Visio Professional 2010
"OpenAL" = OpenAL
"Origin" = Origin
"pgJDBC 9.0-801-1" = pgJDBC 9.0-801
"Plants vs. Zombies" = Plants vs. Zombies
"PunkBusterSvc" = PunkBuster Services
"Rockstar Games Social Club" = Rockstar Games Social Club
"Sapphire TRIXX" = Sapphire TRIXX
"Steam App 10" = Counter-Strike
"Steam App 102600" = Orcs Must Die!
"Steam App 13560" = Tom Clancy's Splinter Cell
"Steam App 17470" = Dead Space
"Steam App 18500" = Defense Grid: The Awakening
"Steam App 201790" = Orcs Must Die! 2
"Steam App 205790" = Dota 2 Test
"Steam App 21100" = F.E.A.R. 3
"Steam App 218" = Source SDK Base 2007
"Steam App 240" = Counter-Strike: Source
"Steam App 33220" = Tom Clancy's Splinter Cell: Conviction
"Steam App 43110" = Metro 2033
"Steam App 4500" = S.T.A.L.K.E.R.: Shadow of Chernobyl
"Steam App 550" = Left 4 Dead 2
"Steam App 570" = Dota 2
"Steam App 65560" = Painkiller: Redemption
"Steam App 730" = Counter-Strike: Global Offensive Beta
"SysInfo" = Creative Systeminformationen
"TeamViewer 7" = TeamViewer 7
"Tunngle beta_is1" = Tunngle beta
"VLC media player" = VLC media player 1.1.11
"WinPcapInst" = WinPcap 4.1.2
"WinRAR archiver" = WinRAR
"Wireshark" = Wireshark 1.8.1 (64-bit)
"World of Warcraft" = World of Warcraft
"XFastUsb" = XFastUsb
"Xfire" = Xfire (remove only)
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1648228069-3097862834-1251921153-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Spotify" = Spotify
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1648228069-3097862834-1251921153-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Spotify" = Spotify
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 25.08.2012 13:17:39 | Computer Name = neon-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4009
 
Error - 25.08.2012 13:17:40 | Computer Name = neon-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 25.08.2012 13:17:40 | Computer Name = neon-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5007
 
Error - 25.08.2012 13:17:40 | Computer Name = neon-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5007
 
Error - 25.08.2012 13:17:41 | Computer Name = neon-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 25.08.2012 13:17:41 | Computer Name = neon-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 6006
 
Error - 25.08.2012 13:17:41 | Computer Name = neon-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 6006
 
Error - 25.08.2012 13:17:42 | Computer Name = neon-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 25.08.2012 13:17:42 | Computer Name = neon-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7004
 
Error - 25.08.2012 13:17:42 | Computer Name = neon-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7004
 
[ System Events ]
Error - 30.11.2012 11:22:07 | Computer Name = neon-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Palm Novacom" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 30.11.2012 14:17:33 | Computer Name = neon-PC | Source = volsnap | ID = 393252
Description = Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher
 nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
 
Error - 01.12.2012 07:03:08 | Computer Name = neon-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Palm Novacom" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 01.12.2012 07:05:14 | Computer Name = neon-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Intel(R) Management and Security Application Local Management
 Service" wurde aufgrund folgenden Fehlers nicht gestartet:   %%2
 
Error - 01.12.2012 07:05:20 | Computer Name = neon-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Intel(R) Management and Security Application Local Management
 Service" wurde aufgrund folgenden Fehlers nicht gestartet:   %%2
 
Error - 01.12.2012 07:05:20 | Computer Name = neon-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Intel(R) Management and Security Application User Notification
 Service" ist vom Dienst "Intel(R) Management and Security Application Local Management
 Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%2
 
Error - 01.12.2012 07:31:07 | Computer Name = neon-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Palm Novacom" wurde aufgrund folgenden Fehlers nicht gestartet:
   %%2
 
Error - 01.12.2012 07:33:12 | Computer Name = neon-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Intel(R) Management and Security Application Local Management
 Service" wurde aufgrund folgenden Fehlers nicht gestartet:   %%2
 
Error - 01.12.2012 07:33:16 | Computer Name = neon-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Intel(R) Management and Security Application Local Management
 Service" wurde aufgrund folgenden Fehlers nicht gestartet:   %%2
 
Error - 01.12.2012 07:33:16 | Computer Name = neon-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Intel(R) Management and Security Application User Notification
 Service" ist vom Dienst "Intel(R) Management and Security Application Local Management
 Service" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%2
 
 
< End of report >
         
--- --- ---

[/Code]

Alt 03.12.2012, 10:44   #13
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Web.de (Mail delivery failed) - Standard

Web.de (Mail delivery failed)



Edit:

Zitat:
"TCP Query User{E1070A5E-ED70-407A-8A20-64D93D7443FA}C:\users\neon\appdata\local\temp\keygen.exe" = protocol=6 | dir=in | app=c:\users\neon\appdata\local\temp\keygen.exe
Dieser Mist fällt mir ja erst jetzt auf was hast du dazu zu sagen?!
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Geändert von cosinus (03.12.2012 um 16:34 Uhr)

Alt 03.12.2012, 21:35   #14
ne0n2005
 
Web.de (Mail delivery failed) - Standard

Web.de (Mail delivery failed)



Abgesehen davon, dass ich nicht wüsste wozu ich einen Keygen hätte nutzen wollen, und es die Datei weder in dem Ordner noch in meinem Downloadordner gibt: Keine Ahnung, kenn ich nicht, klingt aber nicht gerade vertrauenerweckend

Alt 04.12.2012, 12:10   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Web.de (Mail delivery failed) - Standard

Web.de (Mail delivery failed)



Code:
ATTFilter
app=f:\lfs\keygenz28.exe |
         
Und noch einer

Siehe auch => http://www.trojaner-board.de/95393-c...-software.html

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support ohne jegliche Diskussion beenden.

Cracks/Keygens sind zu 99,9% gefährliche Schädlinge, mit denen man nicht spaßen sollte. Ausserdem sind diese illegal und wir unterstützen die Verwendung von geklauter Software nicht. Somit beschränkt sich der Support auf Anleitung zur kompletten Neuinstallation!!

Dass illegale Cracks und Keygens im Wesentlichen dazu dienen, Malware zu verbreiten ist kein Geheimnis und muss jedem klar sein!


In Zukunft Finger weg von: Softonic, Registry-Bereinigern und illegalem Zeugs Cracks/Keygens/Serials
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Web.de (Mail delivery failed)
4d36e972-e325-11ce-bfc1-08002be10318, adblock, anmeldungen, avg, bho, black, bonjour, chrome extension, downloader, error, failed, firefox, flash player, format, google, hilfreich, homepage, installation, launch, logfile, mail delivery, monitor, ms security essentials, nemesis, nexus, problem, realtek, registry, rundll, scan, security, senden, server, software, spotify web helper, trojaner, windows, youtube downloader



Ähnliche Themen: Web.de (Mail delivery failed)


  1. bis zu 50 x am Tag: mail delivery failed: Returning message to sender
    Plagegeister aller Art und deren Bekämpfung - 23.11.2015 (25)
  2. Mail delivery failed: returning message to sender
    Überwachung, Datenschutz und Spam - 16.07.2014 (3)
  3. E-Mail Programm blockiert - Mail delivery failed..
    Log-Analyse und Auswertung - 20.04.2014 (18)
  4. Mail delivery failed: returning message to sender
    Plagegeister aller Art und deren Bekämpfung - 24.11.2013 (11)
  5. E-Mail-Problem bei WEB.DE (Mail delivery failed: returning message to sender - keineantwortadresse@web.de )
    Plagegeister aller Art und deren Bekämpfung - 12.10.2013 (11)
  6. Mail delivery failed, aber nur in Windows live mail
    Plagegeister aller Art und deren Bekämpfung - 15.08.2013 (8)
  7. Mail delivery failed returning message to sender
    Plagegeister aller Art und deren Bekämpfung - 14.06.2013 (7)
  8. Mail delivery failed
    Log-Analyse und Auswertung - 09.06.2013 (7)
  9. Mail delivery failed: returning message to sender, obwohl keine mail versendet
    Plagegeister aller Art und deren Bekämpfung - 15.05.2013 (0)
  10. Mail delivery failed: returning message to sender
    Plagegeister aller Art und deren Bekämpfung - 17.03.2013 (3)
  11. Mail delivery failed-SPAM Mails. E-Mail-Acc kompromittiert?
    Plagegeister aller Art und deren Bekämpfung - 14.02.2013 (1)
  12. mail delivery failed: returning message to sender bei web.de
    Plagegeister aller Art und deren Bekämpfung - 13.12.2012 (11)
  13. Web.de (Kein Absender, Mail delivery failed)
    Plagegeister aller Art und deren Bekämpfung - 27.11.2012 (17)
  14. Mail delivery failed: returning message to sender bei web.de
    Plagegeister aller Art und deren Bekämpfung - 14.11.2012 (11)
  15. Mail Delivery Failed: Returning Message to Sender
    Alles rund um Windows - 10.10.2012 (1)
  16. Mail delivery failed Nachrichten auf meinem web.de Account
    Plagegeister aller Art und deren Bekämpfung - 09.08.2012 (19)
  17. Mail delivery failed Nachrichten ohne Ende
    Plagegeister aller Art und deren Bekämpfung - 25.07.2012 (14)

Zum Thema Web.de (Mail delivery failed) - Hallo, ich habe so ziemlich das selbe Problem wie T-13 (siehe Beitrag. So wie es aussieht werden über meinen web.de Account ordentlich Mails über den Web.de Server verschickt. --- The - Web.de (Mail delivery failed)...
Archiv
Du betrachtest: Web.de (Mail delivery failed) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.