| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Malwarebytes bricht ständig abWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
| |
14.01.2013, 09:53
| #1 |
 |  Malwarebytes bricht ständig ab Hallo, da ich seit kurzem immer wieder Probleme mit dem Browser Firefox und GoogleChrome habe, bin ich googeln gegangen und habe das Forum gefunden. Und fräse mich gerade durch die Anleitungen. Ich habe mir das Malewarebytes Programm runter geladen und auch ausgeführt. Gestern fand er 48 schädliche Einträge. :-P Bin dann wie beschrieben vorgegangen. So aber immer wenn ich auf "Ausgewähltes entfernen" gehe, bricht das Programm ab und ich bekomme die Meldung: Keine Rückmeldung. Komischer Weise hat er gestern im ersten Durchgang dann irgendwie trotzdem 45 Einträge verschoben aber die letzten drei wollen einfach nicht. Immer wieder Abbruch von Malewarbytes. Brauche echt mal Hilfe. Anbei mal ein Screenshot. Zum System: Windows Vista Home Premium, Service Pack 2. Was braucht ihr noch, um helfen zu können? Vielen Dank Kirstin |
|
14.01.2013, 14:48
| #2 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | Malwarebytes bricht ständig ab Schön und wo sind die Logs dazu?
__________________ Solche Angaben reichen nicht, bitte poste die vollständigen Angaben/Logs der Virenscanner siehe http://www.trojaner-board.de/125889-...tml#post941520 Bitte alles nach Möglichkeit hier in CODE-Tags posten. Wird so gemacht: [code] hier steht das Log [/code] Und das ganze sieht dann so aus: Code:
ATTFilter hier steht das Log
__________________ |
|
14.01.2013, 16:33
| #3 |
| | Malwarebytes bricht ständig ab Also die Logdatei von Malewarebytes sieht so aus:
__________________2013/01/13 22:19:45 +0100 KIRSTINS-PC Kirstin MESSAGE Starting protection 2013/01/13 22:19:45 +0100 KIRSTINS-PC Kirstin MESSAGE Protection started successfully 2013/01/13 22:19:45 +0100 KIRSTINS-PC Kirstin MESSAGE Starting IP protection 2013/01/13 22:19:56 +0100 KIRSTINS-PC Kirstin MESSAGE IP Protection started successfully 2013/01/13 22:20:47 +0100 KIRSTINS-PC Kirstin MESSAGE Starting database refresh 2013/01/13 22:20:47 +0100 KIRSTINS-PC Kirstin MESSAGE Stopping IP protection 2013/01/13 22:20:47 +0100 KIRSTINS-PC Kirstin MESSAGE IP Protection stopped successfully 2013/01/13 22:20:51 +0100 KIRSTINS-PC Kirstin MESSAGE Database refreshed successfully 2013/01/13 22:20:51 +0100 KIRSTINS-PC Kirstin MESSAGE Starting IP protection 2013/01/13 22:21:00 +0100 KIRSTINS-PC Kirstin MESSAGE IP Protection started successfully 2013/01/13 22:23:10 +0100 KIRSTINS-PC Kirstin MESSAGE Executing scheduled update: Daily 2013/01/13 22:23:16 +0100 KIRSTINS-PC Kirstin MESSAGE Database already up-to-date zweite Datei: 2013/01/14 07:32:18 +0100 KIRSTINS-PC (null) MESSAGE Executing scheduled update: Daily 2013/01/14 07:32:28 +0100 KIRSTINS-PC (null) MESSAGE Starting protection 2013/01/14 07:32:28 +0100 KIRSTINS-PC (null) MESSAGE Protection started successfully 2013/01/14 07:32:28 +0100 KIRSTINS-PC (null) MESSAGE Starting IP protection 2013/01/14 07:32:39 +0100 KIRSTINS-PC (null) MESSAGE Scheduled update executed successfully: database updated from version v2013.01.13.08 to version v2013.01.14.02 2013/01/14 07:32:42 +0100 KIRSTINS-PC (null) MESSAGE IP Protection started successfully 2013/01/14 07:32:42 +0100 KIRSTINS-PC (null) MESSAGE Starting database refresh 2013/01/14 07:32:42 +0100 KIRSTINS-PC (null) MESSAGE Stopping IP protection 2013/01/14 07:32:42 +0100 KIRSTINS-PC (null) MESSAGE IP Protection stopped successfully 2013/01/14 07:32:52 +0100 KIRSTINS-PC (null) MESSAGE Database refreshed successfully 2013/01/14 07:32:52 +0100 KIRSTINS-PC (null) MESSAGE Starting IP protection 2013/01/14 07:33:00 +0100 KIRSTINS-PC (null) MESSAGE IP Protection started successfully 2013/01/14 08:36:44 +0100 KIRSTINS-PC Kirstin MESSAGE Stopping IP protection 2013/01/14 08:36:54 +0100 KIRSTINS-PC Kirstin MESSAGE IP Protection stopped successfully 2013/01/14 08:37:44 +0100 KIRSTINS-PC Kirstin MESSAGE Protection stopped Hatte einmal das Malewarbytes deinstalliert und nochmal neu installiert. In der Hoffnung, dass es dann läuft. |
|
14.01.2013, 21:37
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malwarebytes bricht ständig ab
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
14.01.2013, 22:26
| #5 |
| | Malwarebytes bricht ständig ab Also er hat sogar zwei Logdateien erstellt allerdings sehen die dann so aus wie oben kopiert. Hier nochmal zwei Screenshots |
|
14.01.2013, 23:01
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malwarebytes bricht ständig ab Ok, die hast du aber schon gepostet Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
Note: Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread. Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards. Malwarebytes Anti-Rootkit  Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________ --> Malwarebytes bricht ständig ab |
|
16.01.2013, 08:09
| #7 |
| | HILFE: Malewarebytes Anti-Roolkit Hallo, ich habe Malewarebytes Anti-Roolkit heruntergeladen und wie beschrieben auf dem Desktop entpackt. Dann bin ich auf mbar.exe gegangen und nun bekomme ich folgende Meldung: "Registry value "Applnit_DLL" has been found, wich may be caused by rootkit activity" Note: Press "No" button if you're not sure. If the tool crashes or terminates unexpectedly during a system scan, restart the tool an press "yes" should this message appear again. Do you want to remove this value and restart the tool? Auswahl: Ja oder nein. Bin jetzt unsicher..... und hab erstmal nein gesagt. Kann ich die Meldung einfach übergehen und auf ja gehen?? Will nix falsch machen. Screenshot anbei. Geändert von Gentlegladur (16.01.2013 um 08:28 Uhr) |
|
16.01.2013, 15:57
| #8 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malwarebytes bricht ständig ab "nein" ist auch richtig Mach bitte den Scan
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.01.2013, 11:38
| #9 |
| | Malwarebytes bricht ständig ab Also, scan gestartet, 17 Maleware gefunden. Dann wie beschrieben cleanup Button gedrückt. Er hat dann restore Point kreiert, hängt jetzt aber seit gut ner 1/2Std. Im "Scheduling clean up" und nix tut sich. Oben steht immer noch der hinweis "Detected maleware objects. Uncheck items you want to keep intact.click Cleanup to start to removal." Neu starten? Warten? Alle Programme sind zu und ich habe den Rechner nicht angerührt. Schreib gerade übers Handy. Durchgehalten. Vielleicht auch das nochmal ins Tutorial schreiben, nix anfassen und einfach durchhalten, denn es verunsichert schon, wenn sich augenscheinlich irgendwie nix tut.... :-)  Hier kommt die Logfiles: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1016
www.malwarebytes.org
Database version: v2013.01.17.03
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Kirstin :: KIRSTINS-PC [administrator]
17.01.2013 10:58:29
mbar-log-2013-01-17 (10-58-29).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 31557
Time elapsed: 32 minute(s), 30 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 14
HKLM\SOFTWARE\CLASSES\INTERFACE\{23C70BCA-6E23-4A65-AD2E-1389062074F1} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{295CACB4-51F5-46FD-914E-C72BAAE1B672} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{34C1FDF7-02C1-4F23-B393-F48B16E071D1} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{54291324-7A3D-4F11-B707-3FB6A2C97BD9} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{C0585B2F-74D7-4734-88DE-6C150C5D4036} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347} (PUP.Funmoods) -> Delete on reboot.
HKLM\SOFTWARE\CLASSES\INTERFACE\{EF0588D6-1621-4A75-B8BE-F4BC34794136} (PUP.Funmoods) -> Delete on reboot.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 3
c:\Users\Kirstin\AppData\LocalLow\bbrs_002.tb (PUP.Blabbers) -> Delete on reboot.
c:\Users\Kirstin\AppData\LocalLow\bbrs_002.tb\content (PUP.Blabbers) -> Delete on reboot.
c:\Users\Kirstin\AppData\LocalLow\bbrs_002.tb\content\cache (PUP.Blabbers) -> Delete on reboot.
Files Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.01.0.1016
www.malwarebytes.org
Database version: v2013.01.17.04
Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Kirstin :: KIRSTINS-PC [administrator]
17.01.2013 14:18:07
mbar-log-2013-01-17 (14-18-07).txt
Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 31550
Time elapsed: 39 minute(s), 59 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
hxxp://ad.yieldmanager.com/st?ad_type=iframe&ad_size=800x440§ion=2922708&pub_url=${PUB_URL} Feld ist leer, nix drin. Eben wieder. |
|
17.01.2013, 16:06
| #10 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Malwarebytes bricht ständig ab Wir sind hier ja auch längst noch nicht fertig! 1. aswMBR Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop. Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!
Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes: Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button. 2. TDSS-Killer Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm! Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet, Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten. Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs. Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten! 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
17.01.2013, 23:22
| #11 |
| | Malwarebytes bricht ständig ab 2x beim Scannen mit aswMBR voller Systemabsturz. Bildschirm blau. Hab dann ohne Quick Scan, sondern mit "none" gescannt. Code:
ATTFilter aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-17 23:09:49
-----------------------------
23:09:49.611 OS Version: Windows 6.0.6002 Service Pack 2
23:09:49.611 Number of processors: 2 586 0x301
23:09:49.612 ComputerName: KIRSTINS-PC UserName: Kirstin
23:09:56.036 Initialize success
23:10:20.477 AVAST engine defs: 13011701
23:11:04.449 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\000000a9
23:11:04.461 Disk 0 Vendor: Hitachi_ PB4O Size: 476940MB BusType: 8
23:11:04.486 Disk 0 MBR read successfully
23:11:04.495 Disk 0 MBR scan
23:11:04.517 Disk 0 unknown MBR code
23:11:04.572 Disk 0 Partition 1 00 27 Hidden NTFS WinRE MSDOS5.0 10000 MB offset 2048
23:11:04.654 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 466938 MB offset 20482048
23:11:04.704 Disk 0 scanning sectors +976771072
23:11:05.349 Disk 0 scanning C:\Windows\system32\drivers
23:12:04.507 Service scanning
23:13:14.911 Modules scanning
23:13:52.862 Disk 0 trace - called modules:
23:13:52.925 ntkrnlpa.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll storport.sys ahcix86s.sys
23:13:52.937 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8748aac8]
23:13:52.949 3 CLASSPNP.SYS[89f328b3] -> nt!IofCallDriver -> [0x86a8fa60]
23:13:52.958 5 acpi.sys[8060a6bc] -> nt!IofCallDriver -> \Device\000000a9[0x867b8b88]
23:13:52.972 Scan finished successfully
23:14:25.106 Disk 0 MBR has been saved successfully to "C:\Users\Kirstin\Desktop\MBR.dat"
23:14:25.134 The log file has been saved successfully to "C:\Users\Kirstin\Desktop\aswMBR.txt"
Code:
ATTFilter 23:30:48.0576 5216 TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
23:30:50.0583 5216 ============================================================
23:30:50.0583 5216 Current date / time: 2013/01/17 23:30:50.0583
23:30:50.0584 5216 SystemInfo:
23:30:50.0584 5216
23:30:50.0584 5216 OS Version: 6.0.6002 ServicePack: 2.0
23:30:50.0584 5216 Product type: Workstation
23:30:50.0585 5216 ComputerName: KIRSTINS-PC
23:30:50.0586 5216 UserName: Kirstin
23:30:50.0586 5216 Windows directory: C:\Windows
23:30:50.0586 5216 System windows directory: C:\Windows
23:30:50.0586 5216 Processor architecture: Intel x86
23:30:50.0586 5216 Number of processors: 2
23:30:50.0586 5216 Page size: 0x1000
23:30:50.0586 5216 Boot type: Normal boot
23:30:50.0586 5216 ============================================================
23:30:54.0606 5216 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:30:54.0667 5216 Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
23:30:54.0715 5216 ============================================================
23:30:54.0715 5216 \Device\Harddisk0\DR0:
23:30:54.0729 5216 MBR partitions:
23:30:54.0729 5216 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1388800, BlocksNum 0x38FFD000
23:30:54.0729 5216 \Device\Harddisk2\DR2:
23:30:54.0731 5216 MBR partitions:
23:30:54.0731 5216 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982
23:30:54.0731 5216 ============================================================
23:30:54.0797 5216 C: <-> \Device\Harddisk0\DR0\Partition1
23:30:54.0824 5216 F: <-> \Device\Harddisk2\DR2\Partition1
23:30:54.0826 5216 ============================================================
23:30:54.0826 5216 Initialize success
23:30:54.0826 5216 ============================================================
23:31:42.0892 1908 ============================================================
23:31:42.0892 1908 Scan started
23:31:42.0892 1908 Mode: Manual; SigCheck; TDLFS;
23:31:42.0892 1908 ============================================================
23:32:03.0928 1908 ================ Scan system memory ========================
23:32:03.0928 1908 System memory - ok
23:32:03.0929 1908 ================ Scan services =============================
23:32:04.0373 1908 [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
23:32:04.0685 1908 ACDaemon - ok
23:32:05.0704 1908 [ 82B296AE1892FE3DBEE00C9CF92F8AC7 ] ACPI C:\Windows\system32\drivers\acpi.sys
23:32:05.0971 1908 ACPI - ok
23:32:06.0227 1908 [ 86E6273AC7BA2977FBCFEFFB2C09481B ] AcrSch2Svc C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
23:32:06.0312 1908 AcrSch2Svc - ok
23:32:06.0426 1908 [ F84C9DEE4698DF3C1D76801B7B1B55D7 ] Adobe LM Service C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
23:32:06.0512 1908 Adobe LM Service ( UnsignedFile.Multi.Generic ) - warning
23:32:06.0512 1908 Adobe LM Service - detected UnsignedFile.Multi.Generic (1)
23:32:06.0750 1908 [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
23:32:06.0830 1908 AdobeARMservice - ok
23:32:07.0221 1908 [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:32:07.0343 1908 AdobeFlashPlayerUpdateSvc - ok
23:32:07.0545 1908 [ FC9D93D13127E3252466D4A33039B54B ] AdobeVersionCue C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe
23:32:07.0637 1908 AdobeVersionCue ( UnsignedFile.Multi.Generic ) - warning
23:32:07.0638 1908 AdobeVersionCue - detected UnsignedFile.Multi.Generic (1)
23:32:07.0958 1908 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:32:08.0517 1908 adp94xx - ok
23:32:08.0689 1908 [ 60505E0041F7751BDBB80F88BF45C2CE ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:32:08.0761 1908 adpahci - ok
23:32:08.0837 1908 [ 8A42779B02AEC986EAB64ECFC98F8BD7 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
23:32:08.0911 1908 adpu160m - ok
23:32:08.0952 1908 [ 241C9E37F8CE45EF51C3DE27515CA4E5 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:32:09.0006 1908 adpu320 - ok
23:32:09.0075 1908 [ 9D1FDA9E086BA64E3C93C9DE32461BCF ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:32:09.0196 1908 AeLookupSvc - ok
23:32:09.0245 1908 [ FE3EA6E9AFC1A78E6EDCA121E006AFB7 ] Afc C:\Windows\system32\drivers\Afc.sys
23:32:09.0271 1908 Afc - ok
23:32:09.0419 1908 [ 53696AD8FFC5FAC51949A525FF65A689 ] afcdp C:\Windows\system32\DRIVERS\afcdp.sys
23:32:09.0480 1908 afcdp - ok
23:32:10.0268 1908 [ AF44F7E027037628F1FAC3C13CDE73E6 ] afcdpsrv C:\Program Files\Common Files\Acronis\CDP\afcdpsrv.exe
23:32:11.0851 1908 afcdpsrv - ok
23:32:12.0008 1908 [ 3911B972B55FEA0478476B2E777B29FA ] AFD C:\Windows\system32\drivers\afd.sys
23:32:12.0089 1908 AFD - ok
23:32:12.0209 1908 [ EFBC44FBD75E4F80BD927AEBF6E7EADE ] AgereModemAudio C:\Windows\system32\agrsmsvc.exe
23:32:12.0368 1908 AgereModemAudio - ok
23:32:12.0608 1908 [ 38325C6AA8EAE011897D61CE48EC6435 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
23:32:12.0926 1908 AgereSoftModem - ok
23:32:13.0047 1908 [ 13F9E33747E6B41A3FF305C37DB0D360 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:32:13.0095 1908 agp440 - ok
23:32:13.0191 1908 [ 03081E98C515CB838434D252F407F6E8 ] ahcix86s C:\Windows\system32\DRIVERS\ahcix86s.sys
23:32:13.0232 1908 ahcix86s - ok
23:32:13.0314 1908 [ AE1FDF7BF7BB6C6A70F67699D880592A ] aic78xx C:\Windows\system32\drivers\djsvs.sys
23:32:13.0369 1908 aic78xx - ok
23:32:14.0829 1908 [ B9B98E08EC127900025F42462D3D0A66 ] Akamai c:\program files\common files\akamai/netsession_win_ce5ba24.dll
23:32:14.0830 1908 Suspicious file (Hidden): c:\program files\common files\akamai/netsession_win_ce5ba24.dll. md5: B9B98E08EC127900025F42462D3D0A66
23:32:14.0864 1908 Akamai ( HiddenFile.Multi.Generic ) - warning
23:32:14.0864 1908 Akamai - detected HiddenFile.Multi.Generic (1)
23:32:14.0945 1908 [ A1545B731579895D8CC44FC0481C1192 ] ALG C:\Windows\System32\alg.exe
23:32:15.0060 1908 ALG - ok
23:32:15.0117 1908 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91 ] aliide C:\Windows\system32\drivers\aliide.sys
23:32:15.0141 1908 aliide - ok
23:32:15.0221 1908 [ C47344BC706E5F0B9DCE369516661578 ] amdagp C:\Windows\system32\drivers\amdagp.sys
23:32:15.0247 1908 amdagp - ok
23:32:15.0280 1908 [ 9B78A39A4C173FDBC1321E0DD659B34C ] amdide C:\Windows\system32\drivers\amdide.sys
23:32:15.0324 1908 amdide - ok
23:32:15.0361 1908 [ 18F29B49AD23ECEE3D2A826C725C8D48 ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
23:32:15.0555 1908 AmdK7 - ok
23:32:15.0604 1908 [ 93AE7F7DD54AB986A6F1A1B37BE7442D ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
23:32:15.0767 1908 AmdK8 - ok
23:32:16.0748 1908 [ 64895A6443D147C1ABA523589B485E02 ] amdkmdag C:\Windows\system32\DRIVERS\atipmdag.sys
23:32:17.0713 1908 amdkmdag - ok
23:32:17.0794 1908 [ 2DB28DBC59F2AD9998B128E32BAD7491 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
23:32:17.0850 1908 amdkmdap - ok
23:32:18.0102 1908 [ 0FA2D8304ECA29CA0AB7E3EE50FD585A ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
23:32:18.0167 1908 AntiVirSchedulerService - ok
23:32:18.0369 1908 [ 5C69AAC8A59207DA9710FF2E42D6F80F ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
23:32:18.0454 1908 AntiVirService - ok
23:32:18.0639 1908 [ 255527AB98293EA390352A8C53B0042A ] AntiVirWebService C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE
23:32:18.0692 1908 AntiVirWebService - ok
23:32:18.0804 1908 [ 8D3A55F7B7BE6B374479E5195F477226 ] AnyDVD C:\Windows\system32\Drivers\AnyDVD.sys
23:32:18.0868 1908 AnyDVD - ok
23:32:18.0930 1908 [ C6D704C7F0434DC791AAC37CAC4B6E14 ] Appinfo C:\Windows\System32\appinfo.dll
23:32:19.0040 1908 Appinfo - ok
23:32:19.0298 1908 [ 20F6F19FE9E753F2780DC2FA083AD597 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
23:32:19.0444 1908 Apple Mobile Device - ok
23:32:19.0530 1908 [ 5D2888182FB46632511ACEE92FDAD522 ] arc C:\Windows\system32\drivers\arc.sys
23:32:19.0593 1908 arc - ok
23:32:19.0654 1908 [ 5E2A321BD7C8B3624E41FDEC3E244945 ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:32:19.0712 1908 arcsas - ok
23:32:19.0762 1908 [ 53B202ABEE6455406254444303E87BE1 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:32:20.0336 1908 AsyncMac - ok
23:32:20.0482 1908 [ 1F05B78AB91C9075565A9D8A4B880BC4 ] atapi C:\Windows\system32\drivers\atapi.sys
23:32:20.0654 1908 atapi - ok
23:32:21.0051 1908 [ ACDB46B1A467752A2F280C68C8461556 ] athr C:\Windows\system32\DRIVERS\athr.sys
23:32:21.0418 1908 athr - ok
23:32:21.0623 1908 [ 202F86BA4B7BDF9D0A6E81D148FEF560 ] Ati External Event Utility C:\Windows\system32\Ati2evxx.exe
23:32:21.0961 1908 Ati External Event Utility - ok
23:32:22.0089 1908 [ 5A1465AD2E7C1BC39CDA12A355329096 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
23:32:22.0148 1908 AtiPcie - ok
23:32:22.0344 1908 [ 68E2A1A0407A66CF50DA0300852424AB ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:32:22.0447 1908 AudioEndpointBuilder - ok
23:32:22.0465 1908 [ 68E2A1A0407A66CF50DA0300852424AB ] Audiosrv C:\Windows\System32\Audiosrv.dll
23:32:22.0504 1908 Audiosrv - ok
23:32:22.0602 1908 [ A5C175039B1D6D85D0E79F5855828E4D ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
23:32:22.0639 1908 avgntflt - ok
23:32:22.0762 1908 [ 37B854C7D1F477E66C5B49C7700C47CC ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
23:32:22.0817 1908 avipbb - ok
23:32:22.0865 1908 [ FFB78D74E1EA5F811341A6E7AC547A46 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
23:32:22.0880 1908 avkmgr - ok
23:32:22.0992 1908 [ 502F1C30BD50B32D00CE4DCAECC3D3C7 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
23:32:23.0101 1908 b57nd60x - ok
23:32:23.0162 1908 [ 67E506B75BD5326A3EC7B70BD014DFB6 ] Beep C:\Windows\system32\drivers\Beep.sys
23:32:23.0264 1908 Beep - ok
23:32:23.0377 1908 [ C789AF0F724FDA5852FB9A7D3A432381 ] BFE C:\Windows\System32\bfe.dll
23:32:23.0520 1908 BFE - ok
23:32:23.0803 1908 [ 93952506C6D67330367F7E7934B6A02F ] BITS C:\Windows\System32\qmgr.dll
23:32:24.0405 1908 BITS - ok
23:32:24.0468 1908 [ D4DF28447741FD3D953526E33A617397 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
23:32:24.0605 1908 blbdrive - ok
23:32:24.0894 1908 [ 1C87705CCB2F60172B0FC86B5D82F00D ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
23:32:25.0016 1908 Bonjour Service - ok
23:32:25.0112 1908 [ 35F376253F687BDE63976CCB3F2108CA ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:32:25.0153 1908 bowser - ok
23:32:25.0235 1908 [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
23:32:25.0297 1908 BrFiltLo - ok
23:32:25.0341 1908 [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
23:32:25.0435 1908 BrFiltUp - ok
23:32:25.0520 1908 [ A3629A0C4226F9E9C72FAAEEBC3AD33C ] Browser C:\Windows\System32\browser.dll
23:32:25.0801 1908 Browser - ok
23:32:25.0946 1908 [ B304E75CFF293029EDDF094246747113 ] Brserid C:\Windows\system32\drivers\brserid.sys
23:32:26.0170 1908 Brserid - ok
23:32:26.0235 1908 [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
23:32:26.0337 1908 BrSerWdm - ok
23:32:26.0376 1908 [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
23:32:26.0483 1908 BrUsbMdm - ok
23:32:26.0507 1908 [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
23:32:26.0658 1908 BrUsbSer - ok
23:32:26.0721 1908 [ AD07C1EC6665B8B35741AB91200C6B68 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
23:32:26.0910 1908 BTHMODEM - ok
23:32:27.0003 1908 [ 7ADD03E75BEB9E6DD102C3081D29840A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:32:27.0101 1908 cdfs - ok
23:32:27.0185 1908 [ 6B4BFFB9BECD728097024276430DB314 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:32:27.0251 1908 cdrom - ok
23:32:27.0383 1908 [ 312EC3E37A0A1F2006534913E37B4423 ] CertPropSvc C:\Windows\System32\certprop.dll
23:32:27.0447 1908 CertPropSvc - ok
23:32:27.0498 1908 [ E5D4133F37219DBCFE102BC61072589D ] circlass C:\Windows\system32\drivers\circlass.sys
23:32:27.0542 1908 circlass - ok
23:32:27.0700 1908 [ D7659D3B5B92C31E84E53C1431F35132 ] CLFS C:\Windows\system32\CLFS.sys
23:32:27.0778 1908 CLFS - ok
23:32:27.0993 1908 [ 2B272D0A6E5071829B516FFDC7F841CA ] CLHNService C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
23:32:28.0049 1908 CLHNService - ok
23:32:28.0173 1908 [ 8EE772032E2FE80A924F3B8DD5082194 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:32:28.0303 1908 clr_optimization_v2.0.50727_32 - ok
23:32:28.0579 1908 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:32:28.0787 1908 clr_optimization_v4.0.30319_32 - ok
23:32:28.0913 1908 [ 99AFC3795B58CC478FBBBCDC658FCB56 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:32:29.0032 1908 CmBatt - ok
23:32:29.0067 1908 [ 0CA25E686A4928484E9FDABD168AB629 ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:32:29.0118 1908 cmdide - ok
23:32:29.0230 1908 [ 6AFEF0B60FA25DE07C0968983EE4F60A ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:32:29.0255 1908 Compbatt - ok
23:32:29.0262 1908 COMSysApp - ok
23:32:29.0301 1908 [ 741E9DFF4F42D2D8477D0FC1DC0DF871 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:32:29.0327 1908 crcdisk - ok
23:32:29.0396 1908 [ 1F07BECDCA750766A96CDA811BA86410 ] Crusoe C:\Windows\system32\drivers\crusoe.sys
23:32:29.0499 1908 Crusoe - ok
23:32:29.0598 1908 [ F1E8C34892336D33EDDCDFE44E474F64 ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:32:29.0789 1908 CryptSvc - ok
23:32:29.0991 1908 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:32:30.0336 1908 DcomLaunch - ok
23:32:30.0382 1908 [ 622C41A07CA7E6DD91770F50D532CB6C ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:32:30.0449 1908 DfsC - ok
23:32:30.0867 1908 [ 2CC3DCFB533A1035B13DCAB6160AB38B ] DFSR C:\Windows\system32\DFSR.exe
23:32:32.0096 1908 DFSR - ok
23:32:32.0247 1908 [ 6CC6C4B9D7B906A151AA094CA087B9F0 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
23:32:32.0302 1908 dg_ssudbus - ok
23:32:32.0505 1908 [ 9028559C132146FB75EB7ACF384B086A ] Dhcp C:\Windows\System32\dhcpcsvc.dll
23:32:32.0632 1908 Dhcp - ok
23:32:32.0734 1908 [ 5D4AEFC3386920236A548271F8F1AF6A ] disk C:\Windows\system32\drivers\disk.sys
23:32:32.0784 1908 disk - ok
23:32:32.0890 1908 [ 73BAF270D24FE726B9CD7F80BB17A23D ] DKbFltr C:\Windows\system32\DRIVERS\DKbFltr.sys
23:32:32.0923 1908 DKbFltr - ok
23:32:33.0032 1908 [ 57D762F6F5974AF0DA2BE88A3349BAAA ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:32:33.0104 1908 Dnscache - ok
23:32:33.0210 1908 [ 324FD74686B1EF5E7C19A8AF49E748F6 ] dot3svc C:\Windows\System32\dot3svc.dll
23:32:33.0361 1908 dot3svc - ok
23:32:33.0725 1908 [ 4F59C172C094E1A1D46463A8DC061CBD ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
23:32:33.0913 1908 Dot4 - ok
23:32:33.0953 1908 [ 80BF3BA09F6F2523C8F6B7CC6DBF7BD5 ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
23:32:34.0075 1908 Dot4Print - ok
23:32:34.0139 1908 [ C55004CA6B419B6695970DFE849B122F ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
23:32:34.0249 1908 dot4usb - ok
23:32:34.0380 1908 [ A622E888F8AA2F6B49E9BC466F0E5DEF ] DPS C:\Windows\system32\dps.dll
23:32:34.0446 1908 DPS - ok
23:32:34.0533 1908 [ 97FEF831AB90BEE128C9AF390E243F80 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:32:34.0624 1908 drmkaud - ok
23:32:35.0015 1908 [ C68AC676B0EF30CFBB1080ADCE49EB1F ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:32:35.0179 1908 DXGKrnl - ok
23:32:35.0290 1908 [ 5425F74AC0C1DBD96A1E04F17D63F94C ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
23:32:35.0392 1908 E1G60 - ok
23:32:35.0520 1908 [ C0B95E40D85CD807D614E264248A45B9 ] EapHost C:\Windows\System32\eapsvc.dll
23:32:35.0607 1908 EapHost - ok
23:32:35.0737 1908 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371 ] Ecache C:\Windows\system32\drivers\ecache.sys
23:32:35.0816 1908 Ecache - ok
23:32:36.0128 1908 [ 9BE3744D295A7701EB425332014F0797 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:32:36.0293 1908 ehRecvr - ok
23:32:36.0424 1908 [ AD1870C8E5D6DD340C829E6074BF3C3F ] ehSched C:\Windows\ehome\ehsched.exe
23:32:36.0562 1908 ehSched - ok
23:32:36.0724 1908 [ C27C4EE8926E74AA72EFCAB24C5242C3 ] ehstart C:\Windows\ehome\ehstart.dll
23:32:36.0998 1908 ehstart - ok
23:32:37.0140 1908 [ D71233D7CCC2E64F8715A20428D5A33B ] ElbyCDIO C:\Windows\system32\Drivers\ElbyCDIO.sys
23:32:37.0202 1908 ElbyCDIO - ok
23:32:37.0433 1908 [ 23B62471681A124889978F6295B3F4C6 ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:32:37.0636 1908 elxstor - ok
23:32:37.0953 1908 [ 4E6B23DFC917EA39306B529B773950F4 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
23:32:38.0037 1908 EMDMgmt - ok
23:32:38.0327 1908 [ BF5A69708FDD68EA1E20E72E2AFE6996 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
23:32:38.0502 1908 ePowerSvc - ok
23:32:38.0537 1908 [ 3DB974F3935483555D7148663F726C61 ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:32:38.0607 1908 ErrDev - ok
23:32:38.0852 1908 [ 2407B8164E966755BC6A4242FC9DE31E ] esgiguard C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys
23:32:38.0867 1908 esgiguard - ok
23:32:39.0160 1908 [ 67058C46504BC12D821F38CF99B7B28F ] EventSystem C:\Windows\system32\es.dll
23:32:39.0314 1908 EventSystem - ok
23:32:39.0449 1908 [ 22B408651F9123527BCEE54B4F6C5CAE ] exfat C:\Windows\system32\drivers\exfat.sys
23:32:39.0518 1908 exfat - ok
23:32:39.0597 1908 [ 1E9B9A70D332103C52995E957DC09EF8 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:32:39.0661 1908 fastfat - ok
23:32:39.0725 1908 [ AFE1E8B9782A0DD7FB46BBD88E43F89A ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:32:39.0822 1908 fdc - ok
23:32:39.0924 1908 [ 6629B5F0E98151F4AFDD87567EA32BA3 ] fdPHost C:\Windows\system32\fdPHost.dll
23:32:40.0036 1908 fdPHost - ok
23:32:40.0086 1908 [ 89ED56DCE8E47AF40892778A5BD31FD2 ] FDResPub C:\Windows\system32\fdrespub.dll
23:32:40.0223 1908 FDResPub - ok
23:32:40.0313 1908 [ A8C0139A884861E3AAE9CFE73B208A9F ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:32:40.0427 1908 FileInfo - ok
23:32:40.0469 1908 [ 0AE429A696AECBC5970E3CF2C62635AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:32:40.0555 1908 Filetrace - ok
23:32:41.0317 1908 [ 167D24A045499EBEF438F231976158DF ] FirebirdServerMAGIXInstance C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
23:32:42.0081 1908 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
23:32:42.0082 1908 FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
23:32:42.0187 1908 [ 85B7CF99D532820495D68D747FDA9EBD ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:32:42.0329 1908 flpydisk - ok
23:32:42.0434 1908 [ 01334F9EA68E6877C4EF05D3EA8ABB05 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:32:42.0504 1908 FltMgr - ok
23:32:42.0849 1908 [ 8CE364388C8ECA59B14B539179276D44 ] FontCache C:\Windows\system32\FntCache.dll
23:32:43.0346 1908 FontCache - ok
23:32:43.0546 1908 [ C7FBDD1ED42F82BFA35167A5C9803EA3 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:32:43.0578 1908 FontCache3.0.0.0 - ok
23:32:43.0651 1908 [ B972A66758577E0BFD1DE0F91AAA27B5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:32:43.0727 1908 Fs_Rec - ok
23:32:43.0806 1908 [ 34582A6E6573D54A07ECE5FE24A126B5 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:32:43.0855 1908 gagp30kx - ok
23:32:43.0930 1908 [ 8182FF89C65E4D38B2DE4BB0FB18564E ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:32:43.0980 1908 GEARAspiWDM - ok
23:32:44.0244 1908 [ 9F5F2F0FB0A7F5AA9F16B9A7B6DAD89F ] GoogleDesktopManager-051210-111108 C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
23:32:44.0415 1908 GoogleDesktopManager-051210-111108 - ok
23:32:44.0748 1908 [ CD5D0AEEE35DFD4E986A5AA1500A6E66 ] gpsvc C:\Windows\System32\gpsvc.dll
23:32:44.0867 1908 gpsvc - ok
23:32:45.0049 1908 [ F02A533F517EB38333CB12A9E8963773 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
23:32:45.0100 1908 gupdate - ok
23:32:45.0161 1908 [ F02A533F517EB38333CB12A9E8963773 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
23:32:45.0213 1908 gupdatem - ok
23:32:45.0346 1908 [ 751C1D2CA2ABF4A9F5A6B8D7D45B907C ] gusvc C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
23:32:45.0452 1908 gusvc - ok
23:32:45.0616 1908 [ CB04C744BE0A61B1D648FAED182C3B59 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:32:45.0854 1908 HdAudAddService - ok
23:32:45.0961 1908 [ 062452B7FFD68C8C042A6261FE8DFF4A ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:32:46.0143 1908 HDAudBus - ok
23:32:46.0201 1908 [ 1338520E78D90154ED6BE8F84DE5FCEB ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:32:46.0361 1908 HidBth - ok
23:32:46.0463 1908 [ FF3160C3A2445128C5A6D9B076DA519E ] HidIr C:\Windows\system32\drivers\hidir.sys
23:32:46.0584 1908 HidIr - ok
23:32:46.0692 1908 [ 84067081F3318162797385E11A8F0582 ] hidserv C:\Windows\system32\hidserv.dll
23:32:46.0815 1908 hidserv - ok
23:32:46.0889 1908 [ CCA4B519B17E23A00B826C55716809CC ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:32:46.0989 1908 HidUsb - ok
23:32:47.0101 1908 [ D8AD255B37DA92434C26E4876DB7D418 ] hkmsvc C:\Windows\system32\kmsvc.dll
23:32:47.0290 1908 hkmsvc - ok
23:32:47.0378 1908 [ 16EE7B23A009E00D835CDB79574A91A6 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
23:32:47.0407 1908 HpCISSs - ok
23:32:47.0796 1908 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
23:32:47.0906 1908 hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
23:32:47.0906 1908 hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
23:32:48.0027 1908 [ 7DA3211AC63EDD90B8ECA1CA1ABFD43B ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
23:32:48.0079 1908 hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
23:32:48.0079 1908 hpqddsvc - detected UnsignedFile.Multi.Generic (1)
23:32:48.0313 1908 [ 14229263AA19C704E0D6D2E7404A8455 ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
23:32:48.0912 1908 HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
23:32:48.0912 1908 HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
23:32:49.0060 1908 [ 46D67209550973257601A533E2AC5785 ] HSFHWAZL C:\Windows\system32\DRIVERS\VSTAZL3.SYS
23:32:49.0412 1908 HSFHWAZL - ok
23:32:49.0698 1908 [ 1E7C79CBAF71AA92E0EEE924907DCB55 ] HsfXAudioService C:\Windows\system32\XAudio32.dll
23:32:50.0019 1908 HsfXAudioService - ok
23:32:50.0290 1908 [ F870AA3E254628EBEAFE754108D664DE ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:32:50.0480 1908 HTTP - ok
23:32:50.0561 1908 [ 19E6885A061011D8DABE8F64498423FA ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
23:32:50.0651 1908 hwdatacard - ok
23:32:50.0741 1908 [ C6B032D69650985468160FC9937CF5B4 ] i2omp C:\Windows\system32\drivers\i2omp.sys
23:32:50.0769 1908 i2omp - ok
23:32:50.0818 1908 [ 22D56C8184586B7A1F6FA60BE5F5A2BD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:32:50.0862 1908 i8042prt - ok
23:32:50.0933 1908 [ 54155EA1B0DF185878E0FC9EC3AC3A14 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
23:32:51.0010 1908 iaStorV - ok
23:32:51.0370 1908 [ 98477B08E61945F974ED9FDC4CB6BDAB ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:32:51.0555 1908 idsvc - ok
23:32:51.0592 1908 [ 2D077BF86E843F901D8DB709C95B49A5 ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:32:51.0618 1908 iirsp - ok
23:32:51.0760 1908 [ 9908D8A397B76CD8D31D0D383C5773C9 ] IKEEXT C:\Windows\System32\ikeext.dll
23:32:52.0258 1908 IKEEXT - ok
23:32:52.0804 1908 [ FFB0B713A54DD05193DBCD0B790B37EE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
23:32:53.0699 1908 IntcAzAudAddService - ok
23:32:53.0829 1908 [ 83AA759F3189E6370C30DE5DC5590718 ] intelide C:\Windows\system32\drivers\intelide.sys
23:32:53.0884 1908 intelide - ok
23:32:53.0952 1908 [ 224191001E78C89DFA78924C3EA595FF ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:32:54.0111 1908 intelppm - ok
23:32:54.0214 1908 [ 9AC218C6E6105477484C6FDBE7D409A4 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:32:54.0394 1908 IPBusEnum - ok
23:32:54.0439 1908 [ 62C265C38769B864CB25B4BCF62DF6C3 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:32:54.0546 1908 IpFilterDriver - ok
23:32:54.0852 1908 [ 1998BD97F950680BB55F55A7244679C2 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:32:54.0966 1908 iphlpsvc - ok
23:32:54.0997 1908 IpInIp - ok
23:32:55.0207 1908 [ B25AAF203552B7B3491139D582B39AD1 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
23:32:55.0344 1908 IPMIDRV - ok
23:32:55.0423 1908 [ 8793643A67B42CEC66490B2A0CF92D68 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
23:32:55.0546 1908 IPNAT - ok
23:32:55.0909 1908 [ F62C69376A95795FE7CDB1C778EDACA4 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
23:32:56.0141 1908 iPod Service - ok
23:32:56.0219 1908 [ E50A95179211B12946F7E035D60AF560 ] irda C:\Windows\system32\DRIVERS\irda.sys
23:32:56.0378 1908 irda - ok
23:32:56.0464 1908 [ 109C0DFB82C3632FBD11949B73AEEAC9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:32:56.0627 1908 IRENUM - ok
23:32:56.0741 1908 [ CBB0D940221A281BCFEAEA695BD1CDA5 ] Irmon C:\Windows\System32\irmon.dll
23:32:56.0892 1908 Irmon - ok
23:32:56.0972 1908 [ 6C70698A3E5C4376C6AB5C7C17FB0614 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:32:56.0987 1908 isapnp - ok
23:32:57.0083 1908 [ 232FA340531D940AAC623B121A595034 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
23:32:57.0184 1908 iScsiPrt - ok
23:32:57.0319 1908 [ BCED60D16156E428F8DF8CF27B0DF150 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
23:32:57.0346 1908 iteatapi - ok
23:32:57.0391 1908 [ 06FA654504A498C30ADCA8BEC4E87E7E ] iteraid C:\Windows\system32\drivers\iteraid.sys
23:32:57.0427 1908 iteraid - ok
23:32:57.0506 1908 [ EAC21E8014C7E6EE341AFFFB7E2BBD54 ] k57nd60x C:\Windows\system32\DRIVERS\k57nd60x.sys
23:32:57.0636 1908 k57nd60x - ok
23:32:57.0748 1908 [ 37605E0A8CF00CBBA538E753E4344C6E ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:32:57.0807 1908 kbdclass - ok
23:32:57.0868 1908 [ EDE59EC70E25C24581ADD1FBEC7325F7 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:32:57.0925 1908 kbdhid - ok
23:32:57.0969 1908 [ A3E186B4B935905B829219502557314E ] KeyIso C:\Windows\system32\lsass.exe
23:32:58.0190 1908 KeyIso - ok
23:32:58.0430 1908 [ 4A1445EFA932A3BAF5BDB02D7131EE20 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:32:58.0547 1908 KSecDD - ok
23:32:58.0711 1908 [ 8078F8F8F7A79E2E6B494523A828C585 ] KtmRm C:\Windows\system32\msdtckrm.dll
23:32:58.0863 1908 KtmRm - ok
23:32:58.0989 1908 [ 1BF5EEBFD518DD7298434D8C862F825D ] LanmanServer C:\Windows\system32\srvsvc.dll
23:32:59.0083 1908 LanmanServer - ok
23:32:59.0222 1908 [ 1DB69705B695B987082C8BAEC0C6B34F ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:32:59.0454 1908 LanmanWorkstation - ok
23:32:59.0567 1908 [ D1C5883087A0C3F1344D9D55A44901F6 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:32:59.0663 1908 lltdio - ok
23:32:59.0772 1908 [ 2D5A428872F1442631D0959A34ABFF63 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:32:59.0921 1908 lltdsvc - ok
23:32:59.0962 1908 [ 35D40113E4A5B961B6CE5C5857702518 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:33:00.0101 1908 lmhosts - ok
23:33:00.0243 1908 [ C7E15E82879BF3235B559563D4185365 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
23:33:00.0755 1908 LSI_FC - ok
23:33:00.0905 1908 [ EE01EBAE8C9BF0FA072E0FF68718920A ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
23:33:01.0011 1908 LSI_SAS - ok
23:33:01.0174 1908 [ 912A04696E9CA30146A62AFA1463DD5C ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
23:33:01.0301 1908 LSI_SCSI - ok
23:33:01.0354 1908 [ 8F5C7426567798E62A3B3614965D62CC ] luafv C:\Windows\system32\drivers\luafv.sys
23:33:01.0434 1908 luafv - ok
23:33:01.0448 1908 lxct_device - ok
23:33:01.0608 1908 [ 629CABB0421668C9D3D402A3C3D77E14 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
23:33:01.0646 1908 MBAMProtector - ok
23:33:01.0971 1908 [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
23:33:02.0102 1908 MBAMScheduler - ok
23:33:02.0199 1908 [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
23:33:02.0379 1908 MBAMService - ok
23:33:02.0653 1908 [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe
23:33:02.0691 1908 McComponentHostService - ok
23:33:02.0800 1908 [ AEF9BABB8A506BC4CE0451A64AADED46 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:33:02.0926 1908 Mcx2Svc - ok
23:33:03.0075 1908 [ 0CEA2D0D3FA284B85ED5B68365114F76 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
23:33:03.0185 1908 mdmxsdk - ok
23:33:03.0317 1908 [ 0001CE609D66632FA17B84705F658879 ] megasas C:\Windows\system32\drivers\megasas.sys
23:33:03.0375 1908 megasas - ok
23:33:03.0523 1908 [ C252F32CD9A49DBFC25ECF26EBD51A99 ] MegaSR C:\Windows\system32\drivers\megasr.sys
23:33:03.0595 1908 MegaSR - ok
23:33:03.0696 1908 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] MMCSS C:\Windows\system32\mmcss.dll
23:33:03.0824 1908 MMCSS - ok
23:33:03.0864 1908 [ E13B5EA0F51BA5B1512EC671393D09BA ] Modem C:\Windows\system32\drivers\modem.sys
23:33:04.0025 1908 Modem - ok
23:33:04.0130 1908 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:33:04.0278 1908 monitor - ok
23:33:04.0342 1908 [ 5BF6A1326A335C5298477754A506D263 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:33:04.0389 1908 mouclass - ok
23:33:04.0424 1908 [ 93B8D4869E12CFBE663915502900876F ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:33:04.0504 1908 mouhid - ok
23:33:04.0600 1908 [ BDAFC88AA6B92F7842416EA6A48E1600 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
23:33:04.0670 1908 MountMgr - ok
23:33:04.0888 1908 [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:33:04.0948 1908 MozillaMaintenance - ok
23:33:05.0061 1908 [ 511D011289755DD9F9A7579FB0B064E6 ] mpio C:\Windows\system32\drivers\mpio.sys
23:33:05.0103 1908 mpio - ok
23:33:05.0159 1908 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:33:05.0269 1908 mpsdrv - ok
23:33:05.0842 1908 [ 5DE62C6E9108F14F6794060A9BDECAEC ] MpsSvc C:\Windows\system32\mpssvc.dll
23:33:06.0027 1908 MpsSvc - ok
23:33:06.0109 1908 [ 4FBBB70D30FD20EC51F80061703B001E ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
23:33:06.0138 1908 Mraid35x - ok
23:33:06.0231 1908 [ 82CEA0395524AACFEB58BA1448E8325C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:33:06.0267 1908 MRxDAV - ok
23:33:06.0402 1908 [ 1E94971C4B446AB2290DEB71D01CF0C2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:33:06.0620 1908 mrxsmb - ok
23:33:06.0750 1908 [ 4FCCB34D793B116423209C0F8B7A3B03 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:33:06.0920 1908 mrxsmb10 - ok
23:33:06.0975 1908 [ C3CB1B40AD4A0124D617A1199B0B9D7C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:33:07.0068 1908 mrxsmb20 - ok
23:33:07.0131 1908 [ 28023E86F17001F7CD9B15A5BC9AE07D ] msahci C:\Windows\system32\drivers\msahci.sys
23:33:07.0154 1908 msahci - ok
23:33:07.0191 1908 [ 4468B0F385A86ECDDAF8D3CA662EC0E7 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:33:07.0208 1908 msdsm - ok
23:33:07.0263 1908 [ FD7520CC3A80C5FC8C48852BB24C6DED ] MSDTC C:\Windows\System32\msdtc.exe
23:33:07.0377 1908 MSDTC - ok
23:33:07.0426 1908 [ A9927F4A46B816C92F461ACB90CF8515 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:33:07.0525 1908 Msfs - ok
23:33:07.0630 1908 [ 0F400E306F385C56317357D6DEA56F62 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:33:07.0646 1908 msisadrv - ok
23:33:07.0754 1908 [ 85466C0757A23D9A9AECDC0755203CB2 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:33:07.0853 1908 MSiSCSI - ok
23:33:07.0864 1908 msiserver - ok
23:33:07.0915 1908 [ D8C63D34D9C9E56C059E24EC7185CC07 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:33:08.0002 1908 MSKSSRV - ok
23:33:08.0050 1908 [ 1D373C90D62DDB641D50E55B9E78D65E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:33:08.0158 1908 MSPCLOCK - ok
23:33:08.0192 1908 [ B572DA05BF4E098D4BBA3A4734FB505B ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:33:08.0282 1908 MSPQM - ok
23:33:08.0416 1908 [ B49456D70555DE905C311BCDA6EC6ADB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:33:08.0480 1908 MsRPC - ok
23:33:08.0575 1908 [ E384487CB84BE41D09711C30CA79646C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:33:08.0629 1908 mssmbios - ok
23:33:08.0683 1908 [ 7199C1EEC1E4993CAF96B8C0A26BD58A ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:33:08.0741 1908 MSTEE - ok
23:33:08.0841 1908 [ 6A57B5733D4CB702C8EA4542E836B96C ] Mup C:\Windows\system32\Drivers\mup.sys
23:33:08.0895 1908 Mup - ok
23:33:08.0993 1908 [ 2DE94E435C3EFDE58C7B1856D4F20724 ] mwlPSDFilter C:\Windows\system32\DRIVERS\mwlPSDFilter.sys
23:33:09.0021 1908 mwlPSDFilter - ok
23:33:09.0067 1908 [ 61920A7146EED3D903DBBB8EC295AF76 ] mwlPSDNServ C:\Windows\system32\DRIVERS\mwlPSDNServ.sys
23:33:09.0092 1908 mwlPSDNServ - ok
23:33:09.0146 1908 [ E0F49721E68EBD2983E84C44FADA6665 ] mwlPSDVDisk C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys
23:33:09.0162 1908 mwlPSDVDisk - ok
23:33:09.0462 1908 [ 77F8AD024059A9A8E17E654B887D1EF0 ] MWLService C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe
23:33:09.0576 1908 MWLService - ok
23:33:09.0789 1908 [ E4EAF0C5C1B41B5C83386CF212CA9584 ] napagent C:\Windows\system32\qagentRT.dll
23:33:09.0872 1908 napagent - ok
23:33:09.0959 1908 [ 85C44FDFF9CF7E72A40DCB7EC06A4416 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:33:10.0045 1908 NativeWifiP - ok
23:33:10.0127 1908 [ 1357274D1883F68300AEADD15D7BBB42 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:33:10.0187 1908 NDIS - ok
23:33:10.0236 1908 [ 0E186E90404980569FB449BA7519AE61 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:33:10.0315 1908 NdisTapi - ok
23:33:10.0354 1908 [ D6973AA34C4D5D76C0430B181C3CD389 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:33:10.0511 1908 Ndisuio - ok
23:33:10.0633 1908 [ 818F648618AE34F729FDB47EC68345C3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:33:10.0701 1908 NdisWan - ok
23:33:10.0801 1908 [ 71DAB552B41936358F3B541AE5997FB3 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:33:10.0931 1908 NDProxy - ok
23:33:10.0980 1908 [ 2969D26EEE289BE7422AA46FC55F4E38 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
23:33:11.0047 1908 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
23:33:11.0072 1908 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
23:33:11.0166 1908 [ BCD093A5A6777CF626434568DC7DBA78 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:33:11.0383 1908 NetBIOS - ok
23:33:11.0459 1908 [ ECD64230A59CBD93C85F1CD1CAB9F3F6 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
23:33:11.0624 1908 netbt - ok
23:33:11.0692 1908 [ A3E186B4B935905B829219502557314E ] Netlogon C:\Windows\system32\lsass.exe
23:33:11.0740 1908 Netlogon - ok
23:33:11.0841 1908 [ C8052711DAECC48B982434C5116CA401 ] Netman C:\Windows\System32\netman.dll
23:33:12.0445 1908 Netman - ok
23:33:12.0678 1908 [ 2EF3BBE22E5A5ACD1428EE387A0D0172 ] netprofm C:\Windows\System32\netprofm.dll
23:33:12.0846 1908 netprofm - ok
23:33:13.0163 1908 [ AF14F279BF4AC27560C6BCC82CB09D24 ] netr28u C:\Windows\system32\DRIVERS\netr28u.sys
23:33:13.0527 1908 netr28u - ok
23:33:13.0642 1908 [ D6C4E4A39A36029AC0813D476FBD0248 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:33:13.0721 1908 NetTcpPortSharing - ok
23:33:13.0809 1908 [ 2E7FB731D4790A1BC6270ACCEFACB36E ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
23:33:13.0858 1908 nfrd960 - ok
23:33:13.0986 1908 [ 2997B15415F9BBE05B5A4C1C85E0C6A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
23:33:14.0103 1908 NlaSvc - ok
23:33:14.0172 1908 [ CFE3462A9E94A57DCD9676F6B7FE7F67 ] nmwcd C:\Windows\system32\drivers\ccdcmb.sys
23:33:14.0443 1908 nmwcd - ok
23:33:14.0509 1908 [ 8F2A94F991F8C73CEC26B4B5620D1EDC ] nmwcdc C:\Windows\system32\drivers\ccdcmbo.sys
23:33:14.0672 1908 nmwcdc - ok
23:33:14.0811 1908 [ 99145C5D4B6C4D6F5CE83EE6ABFFE294 ] nmwcdnsu C:\Windows\system32\drivers\nmwcdnsu.sys
23:33:14.0896 1908 nmwcdnsu - ok
23:33:14.0943 1908 [ FAEE7B61C6885B091CEC1FF06DA2E1AB ] nmwcdnsuc C:\Windows\system32\drivers\nmwcdnsuc.sys
23:33:15.0002 1908 nmwcdnsuc - ok
23:33:15.0065 1908 [ D36F239D7CCE1931598E8FB90A0DBC26 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:33:15.0174 1908 Npfs - ok
23:33:15.0267 1908 [ 6D8D2E5652FC2442C810C5D8BE784148 ] NSCIRDA C:\Windows\system32\DRIVERS\nscirda.sys
23:33:15.0381 1908 NSCIRDA - ok
23:33:15.0459 1908 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD ] nsi C:\Windows\system32\nsisvc.dll
23:33:15.0570 1908 nsi - ok
23:33:15.0643 1908 [ 609773E344A97410CE4EBF74A8914FCF ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:33:15.0748 1908 nsiproxy - ok
23:33:15.0880 1908 [ 6A4A98CEE84CF9E99564510DDA4BAA47 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:33:15.0997 1908 Ntfs - ok
23:33:16.0119 1908 [ 516C097A2890BF5D81BCA83F98790281 ] NTI IScheduleSvc C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
23:33:16.0243 1908 NTI IScheduleSvc - ok
23:33:16.0318 1908 [ 973DCB15731339FCA176E534055CF115 ] NTIBackupSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
23:33:16.0427 1908 NTIBackupSvc - ok
23:33:16.0468 1908 [ 13E6D89060A3006F8B3ACBE49110635E ] NTIDrvr C:\Windows\system32\Drivers\NTIDrvr.sys
23:33:16.0529 1908 NTIDrvr - ok
23:33:16.0576 1908 [ 58751F9248D50BCE1053976C9E2F0859 ] NTISchedulerSvc C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
23:33:16.0641 1908 NTISchedulerSvc - ok
23:33:16.0688 1908 [ E875C093AEC0C978A90F30C9E0DFBB72 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
23:33:16.0795 1908 ntrigdigi - ok
23:33:16.0841 1908 [ C5DBBCDA07D780BDA9B685DF333BB41E ] Null C:\Windows\system32\drivers\Null.sys
23:33:16.0955 1908 Null - ok
23:33:17.0007 1908 [ 2EDF9E7751554B42CBB60116DE727101 ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:33:17.0057 1908 nvraid - ok
23:33:17.0085 1908 [ ABED0C09758D1D97DB0042DBB2688177 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:33:17.0143 1908 nvstor - ok
23:33:17.0236 1908 [ 18BBDF913916B71BD54575BDB6EEAC0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:33:17.0324 1908 nv_agp - ok
23:33:17.0339 1908 NwlnkFlt - ok
23:33:17.0360 1908 NwlnkFwd - ok
23:33:17.0583 1908 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:33:17.0901 1908 odserv - ok
23:33:17.0975 1908 [ 790E27C3DB53410B40FF9EF2FD10A1D9 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
23:33:18.0101 1908 ohci1394 - ok
23:33:18.0236 1908 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:33:18.0282 1908 ose - ok
23:33:18.0365 1908 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2pimsvc C:\Windows\system32\p2psvc.dll
23:33:18.0572 1908 p2pimsvc - ok
23:33:18.0610 1908 [ 0C8E8E61AD1EB0B250B846712C917506 ] p2psvc C:\Windows\system32\p2psvc.dll
23:33:18.0688 1908 p2psvc - ok
23:33:18.0758 1908 [ 0FA9B5055484649D63C303FE404E5F4D ] Parport C:\Windows\system32\drivers\parport.sys
23:33:18.0961 1908 Parport - ok
23:33:19.0021 1908 [ B9C2B89F08670E159F7181891E449CD9 ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:33:19.0047 1908 partmgr - ok
23:33:19.0087 1908 [ 4F9A6A8A31413180D0FCB279AD5D8112 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
23:33:19.0222 1908 Parvdm - ok
23:33:19.0305 1908 [ C6276AD11F4BB49B58AA1ED88537F14A ] PcaSvc C:\Windows\System32\pcasvc.dll
23:33:19.0447 1908 PcaSvc - ok
23:33:19.0500 1908 [ FD2041E9BA03DB7764B2248F02475079 ] pccsmcfd C:\Windows\system32\DRIVERS\pccsmcfd.sys
23:33:19.0610 1908 pccsmcfd - ok
23:33:19.0693 1908 [ 941DC1D19E7E8620F40BBC206981EFDB ] pci C:\Windows\system32\drivers\pci.sys
23:33:19.0751 1908 pci - ok
23:33:19.0828 1908 [ FC175F5DDAB666D7F4D17449A547626F ] pciide C:\Windows\system32\drivers\pciide.sys
23:33:19.0898 1908 pciide - ok
23:33:19.0944 1908 [ B7C5A8769541900F6DFA6FE0C5E4D513 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:33:19.0970 1908 pcmcia - ok
23:33:20.0018 1908 [ 6349F6ED9C623B44B52EA3C63C831A92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:33:20.0194 1908 PEAUTH - ok
23:33:20.0354 1908 [ B1689DF169143F57053F795390C99DB3 ] pla C:\Windows\system32\pla.dll
23:33:20.0459 1908 pla - ok
23:33:20.0547 1908 [ C5E7F8A996EC0A82D508FD9064A5569E ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:33:20.0674 1908 PlugPlay - ok
23:33:20.0726 1908 [ BAFC9706BDF425A02B66468AB2605C59 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
23:33:20.0798 1908 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
23:33:20.0798 1908 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
23:33:20.0882 1908 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
23:33:20.0971 1908 PNRPAutoReg - ok
23:33:21.0014 1908 [ 0C8E8E61AD1EB0B250B846712C917506 ] PNRPsvc C:\Windows\system32\p2psvc.dll
23:33:21.0042 1908 PNRPsvc - ok
23:33:21.0110 1908 [ D0494460421A03CD5225CCA0059AA146 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:33:21.0171 1908 PolicyAgent - ok
23:33:21.0252 1908 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:33:21.0372 1908 PptpMiniport - ok
23:33:21.0446 1908 [ 2027293619DD0F047C584CF2E7DF4FFD ] Processor C:\Windows\system32\DRIVERS\processr.sys
23:33:21.0587 1908 Processor - ok
23:33:21.0663 1908 [ 0508FAA222D28835310B7BFCA7A77346 ] ProfSvc C:\Windows\system32\profsvc.dll
23:33:21.0716 1908 ProfSvc - ok
23:33:21.0770 1908 [ A3E186B4B935905B829219502557314E ] ProtectedStorage C:\Windows\system32\lsass.exe
23:33:21.0800 1908 ProtectedStorage - ok
23:33:21.0857 1908 [ 99514FAA8DF93D34B5589187DB3AA0BA ] PSched C:\Windows\system32\DRIVERS\pacer.sys
23:33:21.0955 1908 PSched - ok
23:33:22.0252 1908 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
23:33:22.0581 1908 ql2300 - ok
23:33:22.0666 1908 [ 81A7E5C076E59995D54BC1ED3A16E60B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
23:33:22.0697 1908 ql40xx - ok
23:33:22.0777 1908 [ E9ECAE663F47E6CB43962D18AB18890F ] QWAVE C:\Windows\system32\qwave.dll
23:33:22.0845 1908 QWAVE - ok
23:33:22.0866 1908 [ 9F5E0E1926014D17486901C88ECA2DB7 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:33:22.0943 1908 QWAVEdrv - ok
23:33:22.0979 1908 [ 147D7F9C556D259924351FEB0DE606C3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:33:23.0079 1908 RasAcd - ok
23:33:23.0202 1908 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F ] RasAuto C:\Windows\System32\rasauto.dll
23:33:23.0326 1908 RasAuto - ok
23:33:23.0374 1908 [ A214ADBAF4CB47DD2728859EF31F26B0 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:33:23.0478 1908 Rasl2tp - ok
23:33:23.0562 1908 [ 75D47445D70CA6F9F894B032FBC64FCF ] RasMan C:\Windows\System32\rasmans.dll
23:33:23.0618 1908 RasMan - ok
23:33:23.0657 1908 [ 509A98DD18AF4375E1FC40BC175F1DEF ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:33:23.0716 1908 RasPppoe - ok
23:33:23.0756 1908 [ 2005F4A1E05FA09389AC85840F0A9E4D ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:33:23.0786 1908 RasSstp - ok
23:33:23.0831 1908 [ B14C9D5B9ADD2F84F70570BBBFAA7935 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:33:23.0919 1908 rdbss - ok
23:33:23.0965 1908 [ 89E59BE9A564262A3FB6C4F4F1CD9899 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:33:24.0090 1908 RDPCDD - ok
23:33:24.0208 1908 [ FBC0BACD9C3D7F6956853F64A66E252D ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
23:33:24.0297 1908 rdpdr - ok
23:33:24.0345 1908 [ 9D91FE5286F748862ECFFA05F8A0710C ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:33:24.0452 1908 RDPENCDD - ok
23:33:24.0551 1908 [ C127EBD5AFAB31524662C48DFCEB773A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:33:24.0683 1908 RDPWD - ok
23:33:24.0781 1908 [ BCDD6B4804D06B1F7EBF29E53A57ECE9 ] RemoteAccess C:\Windows\System32\mprdim.dll
23:33:24.0888 1908 RemoteAccess - ok
23:33:24.0990 1908 [ 9E6894EA18DAFF37B63E1005F83AE4AB ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:33:25.0032 1908 RemoteRegistry - ok
23:33:25.0086 1908 [ 5123F83CBC4349D065534EEB6BBDC42B ] RpcLocator C:\Windows\system32\locator.exe
23:33:25.0148 1908 RpcLocator - ok
23:33:25.0197 1908 [ 3B5B4D53FEC14F7476CA29A20CC31AC9 ] RpcSs C:\Windows\system32\rpcss.dll
23:33:25.0257 1908 RpcSs - ok
23:33:25.0335 1908 [ 9C508F4074A39E8B4B31D27198146FAD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:33:25.0425 1908 rspndr - ok
23:33:25.0501 1908 [ 4A8393F03CB2F40E08126D83916C5633 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIV.sys
23:33:25.0539 1908 RTHDMIAzAudService - ok
23:33:25.0570 1908 [ A3E186B4B935905B829219502557314E ] SamSs C:\Windows\system32\lsass.exe
23:33:25.0599 1908 SamSs - ok
23:33:25.0635 1908 [ 3CE8F073A557E172B330109436984E30 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:33:25.0714 1908 sbp2port - ok
23:33:25.0752 1908 [ 77B7A11A0C3D78D3386398FBBEA1B632 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:33:25.0833 1908 SCardSvr - ok
23:33:25.0873 1908 [ 1A58069DB21D05EB2AB58EE5753EBE8D ] Schedule C:\Windows\system32\schedsvc.dll
23:33:25.0947 1908 Schedule - ok
23:33:26.0040 1908 [ 312EC3E37A0A1F2006534913E37B4423 ] SCPolicySvc C:\Windows\System32\certprop.dll
23:33:26.0097 1908 SCPolicySvc - ok
23:33:26.0153 1908 [ 126EA89BCC413EE45E3004FB0764888F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
23:33:26.0258 1908 sdbus - ok
23:33:26.0292 1908 [ 716313D9F6B0529D03F726D5AAF6F191 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:33:26.0384 1908 SDRSVC - ok
23:33:26.0435 1908 [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:33:26.0586 1908 secdrv - ok
23:33:26.0665 1908 [ FD5199D4D8A521005E4B5EE7FE00FA9B ] seclogon C:\Windows\system32\seclogon.dll
23:33:26.0801 1908 seclogon - ok
23:33:26.0842 1908 [ A9BBAB5759771E523F55563D6CBE140F ] SENS C:\Windows\System32\sens.dll
23:33:26.0930 1908 SENS - ok
23:33:26.0959 1908 [ 68E44E331D46F0FB38F0863A84CD1A31 ] Serenum C:\Windows\system32\drivers\serenum.sys
23:33:27.0082 1908 Serenum - ok
23:33:27.0146 1908 [ C70D69A918B178D3C3B06339B40C2E1B ] Serial C:\Windows\system32\drivers\serial.sys
23:33:27.0311 1908 Serial - ok
23:33:27.0356 1908 [ 8AF3D28A879BF75DB53A0EE7A4289624 ] sermouse C:\Windows\system32\drivers\sermouse.sys
23:33:27.0417 1908 sermouse - ok
23:33:27.0605 1908 [ 8C1F87F5FDD92229D1754B98F073913F ] ServiceLayer C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
23:33:27.0650 1908 ServiceLayer ( UnsignedFile.Multi.Generic ) - warning
23:33:27.0650 1908 ServiceLayer - detected UnsignedFile.Multi.Generic (1)
23:33:27.0735 1908 [ D2193326F729B163125610DBF3E17D57 ] SessionEnv C:\Windows\system32\sessenv.dll
23:33:27.0799 1908 SessionEnv - ok
23:33:27.0875 1908 [ 3EFA810BDCA87F6ECC24F9832243FE86 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:33:27.0929 1908 sffdisk - ok
23:33:27.0957 1908 [ E95D451F7EA3E583AEC75F3B3EE42DC5 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:33:28.0015 1908 sffp_mmc - ok
23:33:28.0043 1908 [ 3D0EA348784B7AC9EA9BD9F317980979 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:33:28.0112 1908 sffp_sd - ok
23:33:28.0151 1908 [ 46ED8E91793B2E6F848015445A0AC188 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
23:33:28.0250 1908 sfloppy - ok
23:33:28.0420 1908 [ E1499BD0FF76B1B2FBBF1AF339D91165 ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:33:28.0552 1908 SharedAccess - ok
23:33:28.0657 1908 [ C7230FBEE14437716701C15BE02C27B8 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:33:28.0731 1908 ShellHWDetection - ok
23:33:28.0755 1908 [ 1D76624A09A054F682D746B924E2DBC3 ] sisagp C:\Windows\system32\drivers\sisagp.sys
23:33:28.0771 1908 sisagp - ok
23:33:28.0820 1908 [ 43CB7AA756C7DB280D01DA9B676CFDE2 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
23:33:28.0836 1908 SiSRaid2 - ok
23:33:28.0855 1908 [ A99C6C8B0BAA970D8AA59DDC50B57F94 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
23:33:28.0878 1908 SiSRaid4 - ok
23:33:29.0007 1908 [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
23:33:29.0053 1908 SkypeUpdate - ok
23:33:29.0502 1908 [ 862BB4CBC05D80C5B45BE430E5EF872F ] slsvc C:\Windows\system32\SLsvc.exe
23:33:29.0854 1908 slsvc - ok
23:33:29.0932 1908 [ 6EDC422215CD78AA8A9CDE6B30ABBD35 ] SLUINotify C:\Windows\system32\SLUINotify.dll
23:33:30.0009 1908 SLUINotify - ok
23:33:30.0071 1908 [ 7B75299A4D201D6A6533603D6914AB04 ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:33:30.0127 1908 Smb - ok
23:33:30.0199 1908 [ EB49860E776CE860DC3CFB9EDB1BA517 ] snapman C:\Windows\system32\DRIVERS\snapman.sys
23:33:30.0252 1908 snapman - ok
23:33:30.0311 1908 [ 2A146A055B4401C16EE62D18B8E2A032 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:33:30.0384 1908 SNMPTRAP - ok
23:33:30.0452 1908 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF ] spldr C:\Windows\system32\drivers\spldr.sys
23:33:30.0493 1908 spldr - ok
23:33:30.0587 1908 [ 8554097E5136C3BF9F69FE578A1B35F4 ] Spooler C:\Windows\System32\spoolsv.exe
23:33:30.0671 1908 Spooler - ok
23:33:30.0822 1908 [ 41987F9FC0E61ADF54F581E15029AD91 ] srv C:\Windows\system32\DRIVERS\srv.sys
23:33:30.0888 1908 srv - ok
23:33:30.0958 1908 [ FF33AFF99564B1AA534F58868CBE41EF ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:33:31.0009 1908 srv2 - ok
23:33:31.0080 1908 [ 7605C0E1D01A08F3ECD743F38B834A44 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:33:31.0152 1908 srvnet - ok
23:33:31.0246 1908 [ 03D50B37234967433A5EA5BA72BC0B62 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:33:31.0339 1908 SSDPSRV - ok
23:33:31.0379 1908 [ A36EE93698802CD899F98BFD553D8185 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
23:33:31.0427 1908 ssmdrv - ok
23:33:31.0512 1908 [ 6F1A32E7B7B30F004D9A20AFADB14944 ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:33:31.0587 1908 SstpSvc - ok
23:33:31.0709 1908 [ 359FEE084F1173FFFFD7F9CCBD43D47F ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
23:33:31.0761 1908 ssudmdm - ok
23:33:31.0894 1908 [ 5DE7D67E49B88F5F07F3E53C4B92A352 ] stisvc C:\Windows\System32\wiaservc.dll
23:33:31.0958 1908 stisvc - ok
23:33:31.0998 1908 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:33:32.0026 1908 swenum - ok
23:33:32.0268 1908 [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
23:33:32.0324 1908 SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
23:33:32.0324 1908 SwitchBoard - detected UnsignedFile.Multi.Generic (1)
23:33:32.0436 1908 [ F21FD248040681CCA1FB6C9A03AAA93D ] swprv C:\Windows\System32\swprv.dll
23:33:32.0522 1908 swprv - ok
23:33:32.0552 1908 [ 192AA3AC01DF071B541094F251DEED10 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
23:33:32.0610 1908 Symc8xx - ok
23:33:32.0645 1908 [ 8C8EB8C76736EBAF3B13B633B2E64125 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
23:33:32.0674 1908 Sym_hi - ok
23:33:32.0707 1908 [ 8072AF52B5FD103BBBA387A1E49F62CB ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
23:33:32.0736 1908 Sym_u3 - ok
23:33:32.0819 1908 [ AEE6E411A915F50101895BA8DC5C15D4 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
23:33:32.0861 1908 SynTP - ok
23:33:32.0998 1908 [ 9A51B04E9886AA4EE90093586B0BA88D ] SysMain C:\Windows\system32\sysmain.dll
23:33:33.0145 1908 SysMain - ok
23:33:33.0198 1908 [ 2DCA225EAE15F42C0933E998EE0231C3 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:33:33.0255 1908 TabletInputService - ok
23:33:33.0333 1908 [ D7673E4B38CE21EE54C59EEEB65E2483 ] TapiSrv C:\Windows\System32\tapisrv.dll
23:33:33.0944 1908 TapiSrv - ok
23:33:34.0427 1908 [ CB05822CD9CC6C688168E113C603DBE7 ] TBS C:\Windows\System32\tbssvc.dll
23:33:34.0562 1908 TBS - ok
23:33:34.0808 1908 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:33:37.0372 1908 Tcpip - ok
23:33:37.0700 1908 [ 27D470DABC77BC60D0A3B0E4DEB6CB91 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
23:33:37.0788 1908 Tcpip6 - ok
23:33:37.0843 1908 [ 608C345A255D82A6289C2D468EB41FD7 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:33:37.0901 1908 tcpipreg - ok
23:33:37.0945 1908 [ 5DCF5E267BE67A1AE926F2DF77FBCC56 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:33:38.0039 1908 TDPIPE - ok
23:33:38.0097 1908 [ 431801FCC97034E04A6EFF81136578D7 ] tdrpman273 C:\Windows\system32\DRIVERS\tdrpm273.sys
23:33:38.0130 1908 tdrpman273 - ok
23:33:38.0158 1908 [ 389C63E32B3CEFED425B61ED92D3F021 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:33:38.0223 1908 TDTCP - ok
23:33:38.0282 1908 [ 76B06EB8A01FC8624D699E7045303E54 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:33:38.0398 1908 tdx - ok
23:33:38.0434 1908 [ 3CAD38910468EAB9A6479E2F01DB43C7 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:33:38.0475 1908 TermDD - ok
23:33:38.0570 1908 [ BB95DA09BEF6E7A131BFF3BA5032090D ] TermService C:\Windows\System32\termsrv.dll
23:33:38.0734 1908 TermService - ok
23:33:38.0813 1908 [ C7230FBEE14437716701C15BE02C27B8 ] Themes C:\Windows\system32\shsvcs.dll
23:33:38.0872 1908 Themes - ok
23:33:38.0898 1908 [ 1076FFCFFAAE8385FD62DFCB25AC4708 ] THREADORDER C:\Windows\system32\mmcss.dll
23:33:38.0955 1908 THREADORDER - ok
23:33:39.0028 1908 [ A34D7024BB7140EC785C86BC065D4F60 ] timounter C:\Windows\system32\DRIVERS\timntr.sys
23:33:39.0072 1908 timounter - ok
23:33:39.0132 1908 [ EC74E77D0EB004BD3A809B5F8FB8C2CE ] TrkWks C:\Windows\System32\trkwks.dll
23:33:39.0173 1908 TrkWks - ok
23:33:39.0291 1908 [ 97D9D6A04E3AD9B6C626B9931DB78DBA ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:33:39.0415 1908 TrustedInstaller - ok
23:33:39.0463 1908 [ DCF0F056A2E4F52287264F5AB29CF206 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:33:39.0564 1908 tssecsrv - ok
23:33:39.0590 1908 [ CAECC0120AC49E3D2F758B9169872D38 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
23:33:39.0638 1908 tunmp - ok
23:33:39.0661 1908 [ 300DB877AC094FEAB0BE7688C3454A9C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:33:39.0703 1908 tunnel - ok
23:33:39.0732 1908 [ 7D33C4DB2CE363C8518D2DFCF533941F ] uagp35 C:\Windows\system32\drivers\uagp35.sys
23:33:39.0773 1908 uagp35 - ok
23:33:39.0805 1908 [ F763E070843EE2803DE1395002B42938 ] UBHelper C:\Windows\system32\drivers\UBHelper.sys
23:33:39.0830 1908 UBHelper - ok
23:33:39.0903 1908 [ D9728AF68C4C7693CB100B8441CBDEC6 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:33:39.0968 1908 udfs - ok
23:33:40.0056 1908 [ ECEF404F62863755951E09C802C94AD5 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:33:40.0168 1908 UI0Detect - ok
23:33:40.0222 1908 [ B0ACFDC9E4AF279E9116C03E014B2B27 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:33:40.0320 1908 uliagpkx - ok
23:33:40.0434 1908 [ 9224BB254F591DE4CA8D572A5F0D635C ] uliahci C:\Windows\system32\drivers\uliahci.sys
23:33:40.0515 1908 uliahci - ok
23:33:40.0557 1908 [ 8514D0E5CD0534467C5FC61BE94A569F ] UlSata C:\Windows\system32\drivers\ulsata.sys
23:33:40.0631 1908 UlSata - ok
23:33:40.0684 1908 [ 38C3C6E62B157A6BC46594FADA45C62B ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
23:33:40.0735 1908 ulsata2 - ok
23:33:40.0760 1908 [ 32CFF9F809AE9AED85464492BF3E32D2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:33:40.0861 1908 umbus - ok
23:33:40.0909 1908 [ 68308183F4AE0BE7BF8ECD07CB297999 ] upnphost C:\Windows\System32\upnphost.dll
23:33:41.0043 1908 upnphost - ok
23:33:41.0106 1908 [ EC01DA44B090D2651FC032C8B9257232 ] upperdev C:\Windows\system32\DRIVERS\usbser_lowerflt.sys
23:33:41.0231 1908 upperdev - ok
23:33:41.0285 1908 [ 83CAFCB53201BBAC04D822F32438E244 ] USBAAPL C:\Windows\system32\Drivers\usbaapl.sys
23:33:41.0371 1908 USBAAPL - ok
23:33:41.0408 1908 [ CAF811AE4C147FFCD5B51750C7F09142 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:33:41.0480 1908 usbccgp - ok
23:33:41.0544 1908 [ E9476E6C486E76BC4898074768FB7131 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:33:41.0642 1908 usbcir - ok
23:33:41.0699 1908 [ 79E96C23A97CE7B8F14D310DA2DB0C9B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:33:41.0815 1908 usbehci - ok
23:33:41.0878 1908 [ EDCA5124B54BCF04E5C0538AA397A9C1 ] usbfilter C:\Windows\system32\DRIVERS\usbfilter.sys
23:33:41.0916 1908 usbfilter - ok
23:33:41.0950 1908 [ 4673BBCB006AF60E7ABDDBE7A130BA42 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:33:42.0013 1908 usbhub - ok
23:33:42.0065 1908 [ CE697FEE0D479290D89BEC80DFE793B7 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
23:33:42.0194 1908 usbohci - ok
23:33:42.0250 1908 [ E75C4B5269091D15A2E7DC0B6D35F2F5 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:33:42.0324 1908 usbprint - ok
23:33:42.0397 1908 [ A508C9BD8724980512136B039BBA65E9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:33:42.0461 1908 usbscan - ok
23:33:42.0524 1908 [ 4ABD37CFBD710E64F01F9DA8710C73F7 ] UsbserFilt C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys
23:33:42.0583 1908 UsbserFilt - ok
23:33:42.0605 1908 [ BE3DA31C191BC222D9AD503C5224F2AD ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:33:42.0636 1908 USBSTOR - ok
23:33:42.0676 1908 [ 814D653EFC4D48BE3B04A307ECEFF56F ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
23:33:42.0741 1908 usbuhci - ok
23:33:42.0765 1908 [ E67998E8F14CB0627A769F6530BCB352 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
23:33:42.0826 1908 usbvideo - ok
23:33:42.0865 1908 [ 35C9095FA7076466AFBFC5B9EC4B779E ] usb_rndisx C:\Windows\system32\DRIVERS\usb8023x.sys
23:33:42.0949 1908 usb_rndisx - ok
23:33:42.0990 1908 [ 1509E705F3AC1D474C92454A5C2DD81F ] UxSms C:\Windows\System32\uxsms.dll
23:33:43.0053 1908 UxSms - ok
23:33:43.0125 1908 [ CD88D1B7776DC17A119049742EC07EB4 ] vds C:\Windows\System32\vds.exe
23:33:43.0212 1908 vds - ok
23:33:43.0288 1908 [ 87B06E1F30B749A114F74622D013F8D4 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:33:43.0439 1908 vga - ok
23:33:43.0493 1908 [ 2E93AC0A1D8C79D019DB6C51F036636C ] VgaSave C:\Windows\System32\drivers\vga.sys
23:33:43.0617 1908 VgaSave - ok
23:33:43.0655 1908 [ 5D7159DEF58A800D5781BA3A879627BC ] viaagp C:\Windows\system32\drivers\viaagp.sys
23:33:43.0704 1908 viaagp - ok
23:33:43.0765 1908 [ C4F3A691B5BAD343E6249BD8C2D45DEE ] ViaC7 C:\Windows\system32\drivers\viac7.sys
23:33:43.0837 1908 ViaC7 - ok
23:33:43.0897 1908 [ AADF5587A4063F52C2C3FED7887426FC ] viaide C:\Windows\system32\drivers\viaide.sys
23:33:43.0926 1908 viaide - ok
23:33:44.0028 1908 [ 6E021D6DA429AD7288FE8322E2BBA96B ] VMCService C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
23:33:44.0098 1908 VMCService ( UnsignedFile.Multi.Generic ) - warning
23:33:44.0099 1908 VMCService - detected UnsignedFile.Multi.Generic (1)
23:33:44.0132 1908 [ 69503668AC66C77C6CD7AF86FBDF8C43 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:33:44.0179 1908 volmgr - ok
23:33:44.0232 1908 [ 23E41B834759917BFD6B9A0D625D0C28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:33:44.0267 1908 volmgrx - ok
23:33:44.0322 1908 [ 786DB5771F05EF300390399F626BF30A ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:33:44.0352 1908 volsnap - ok
23:33:44.0396 1908 [ 587253E09325E6BF226B299774B728A9 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:33:44.0422 1908 vsmraid - ok
23:33:44.0614 1908 [ DB3D19F850C6EB32BDCB9BC0836ACDDB ] VSS C:\Windows\system32\vssvc.exe
23:33:44.0889 1908 VSS - ok
23:33:44.0979 1908 [ 96EA68B9EB310A69C25EBB0282B2B9DE ] W32Time C:\Windows\system32\w32time.dll
23:33:45.0102 1908 W32Time - ok
23:33:45.0146 1908 [ 48DFEE8F1AF7C8235D4E626F0C4FE031 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:33:45.0267 1908 WacomPen - ok
23:33:45.0290 1908 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
23:33:45.0363 1908 Wanarp - ok
23:33:45.0369 1908 [ 55201897378CCA7AF8B5EFD874374A26 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:33:45.0409 1908 Wanarpv6 - ok
23:33:45.0510 1908 [ A3CD60FD826381B49F03832590E069AF ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:33:45.0589 1908 wcncsvc - ok
23:33:45.0636 1908 [ 11BCB7AFCDD7AADACB5746F544D3A9C7 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:33:45.0692 1908 WcsPlugInService - ok
23:33:45.0748 1908 [ 78FE9542363F297B18C027B2D7E7C07F ] Wd C:\Windows\system32\drivers\wd.sys
23:33:45.0777 1908 Wd - ok
23:33:45.0865 1908 [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:33:45.0931 1908 Wdf01000 - ok
23:33:45.0975 1908 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:33:46.0097 1908 WdiServiceHost - ok
23:33:46.0123 1908 [ ABFC76B48BB6C96E3338D8943C5D93B5 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:33:46.0197 1908 WdiSystemHost - ok
23:33:46.0267 1908 [ 04C37D8107320312FBAE09926103D5E2 ] WebClient C:\Windows\System32\webclnt.dll
23:33:46.0337 1908 WebClient - ok
23:33:46.0433 1908 [ AE3736E7E8892241C23E4EBBB7453B60 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:33:46.0507 1908 Wecsvc - ok
23:33:46.0559 1908 [ 670FF720071ED741206D69BD995EA453 ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:33:46.0612 1908 wercplsupport - ok
23:33:46.0660 1908 [ 32B88481D3B326DA6DEB07B1D03481E7 ] WerSvc C:\Windows\System32\WerSvc.dll
23:33:46.0714 1908 WerSvc - ok
23:33:46.0816 1908 [ 4575AA12561C5648483403541D0D7F2B ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
23:33:46.0839 1908 WinDefend - ok
23:33:46.0876 1908 WinHttpAutoProxySvc - ok
23:33:46.0938 1908 [ 6B2A1D0E80110E3D04E6863C6E62FD8A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:33:46.0968 1908 Winmgmt - ok
23:33:47.0095 1908 [ 7CFE68BDC065E55AA5E8421607037511 ] WinRM C:\Windows\system32\WsmSvc.dll
23:33:47.0216 1908 WinRM - ok
23:33:47.0360 1908 [ C008405E4FEEB069E30DA1D823910234 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:33:47.0493 1908 Wlansvc - ok
23:33:47.0786 1908 [ 5144AE67D60EC653F97DDF3FEED29E77 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
23:33:47.0991 1908 wlidsvc - ok
23:33:48.0056 1908 [ 2E7255D172DF0B8283CDFB7B433B864E ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
23:33:48.0168 1908 WmiAcpi - ok
23:33:48.0251 1908 [ 43BE3875207DCB62A85C8C49970B66CC ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:33:48.0335 1908 wmiApSrv - ok
23:33:48.0483 1908 [ 3978704576A121A9204F8CC49A301A9B ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
23:33:48.0619 1908 WMPNetworkSvc - ok
23:33:48.0694 1908 [ CFC5A04558F5070CEE3E3A7809F3FF52 ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:33:48.0832 1908 WPCSvc - ok
23:33:48.0899 1908 [ 801FBDB89D472B3C467EB112A0FC9246 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:33:48.0986 1908 WPDBusEnum - ok
23:33:49.0060 1908 [ DE9D36F91A4DF3D911626643DEBF11EA ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
23:33:49.0149 1908 WpdUsb - ok
23:33:49.0497 1908 [ DCF3E3EDF5109EE8BC02FE6E1F045795 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:33:49.0638 1908 WPFFontCache_v0400 - ok
23:33:49.0678 1908 [ E3A3CB253C0EC2494D4A61F5E43A389C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:33:49.0760 1908 ws2ifsl - ok
23:33:49.0803 1908 [ 1CA6C40261DDC0425987980D0CD2AAAB ] wscsvc C:\Windows\System32\wscsvc.dll
23:33:49.0884 1908 wscsvc - ok
23:33:49.0901 1908 WSearch - ok
23:33:50.0126 1908 [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv C:\Windows\system32\wuaueng.dll
23:33:50.0543 1908 wuauserv - ok
23:33:50.0633 1908 [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:33:50.0701 1908 WudfPf - ok
23:33:50.0736 1908 [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:33:50.0797 1908 WUDFRd - ok
23:33:50.0881 1908 [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:33:50.0925 1908 wudfsvc - ok
23:33:50.0960 1908 [ 22A08B9FAECD6A306868F59B7F03F188 ] XAudio C:\Windows\system32\DRIVERS\XAudio32.sys
23:33:51.0005 1908 XAudio - ok
23:33:51.0047 1908 ================ Scan global ===============================
23:33:51.0161 1908 [ F31EEBC1A1C81FD04005489CC3DCDFE7 ] C:\Windows\system32\basesrv.dll
23:33:51.0265 1908 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
23:33:51.0285 1908 [ D2293B069E4B63DC17B2F08D45E71124 ] C:\Windows\system32\winsrv.dll
23:33:51.0316 1908 [ D4E6D91C1349B7BFB3599A6ADA56851B ] C:\Windows\system32\services.exe
23:33:51.0323 1908 [Global] - ok
23:33:51.0323 1908 ================ Scan MBR ==================================
23:33:51.0337 1908 [ BEEDF9B7F43A72A91456F7131AFC11B2 ] \Device\Harddisk0\DR0
23:33:54.0394 1908 \Device\Harddisk0\DR0 - ok
23:33:54.0414 1908 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
23:33:54.0702 1908 \Device\Harddisk2\DR2 - ok
23:33:54.0713 1908 ================ Scan VBR ==================================
23:33:54.0741 1908 [ 99FE4A73127FA1D0AFF5A97EDBF547C4 ] \Device\Harddisk0\DR0\Partition1
23:33:54.0787 1908 \Device\Harddisk0\DR0\Partition1 - ok
23:33:54.0804 1908 [ 687AD03AEA27D313CB5015F18451437D ] \Device\Harddisk2\DR2\Partition1
23:33:54.0815 1908 \Device\Harddisk2\DR2\Partition1 - ok
23:33:54.0819 1908 ============================================================
23:33:54.0819 1908 Scan finished
23:33:54.0820 1908 ============================================================
23:33:54.0882 5752 Detected object count: 12
23:33:54.0883 5752 Actual detected object count: 12
23:35:06.0914 5752 Adobe LM Service ( UnsignedFile.Multi.Generic ) - skipped by user
23:35:06.0915 5752 Adobe LM Service ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:35:06.0916 5752 AdobeVersionCue ( UnsignedFile.Multi.Generic ) - skipped by user
23:35:06.0916 5752 AdobeVersionCue ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:35:06.0916 5752 Akamai ( HiddenFile.Multi.Generic ) - skipped by user
23:35:06.0916 5752 Akamai ( HiddenFile.Multi.Generic ) - User select action: Skip
23:35:06.0922 5752 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
23:35:06.0922 5752 FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:35:06.0922 5752 hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
23:35:06.0922 5752 hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:35:06.0932 5752 hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
23:35:06.0932 5752 hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:35:06.0933 5752 HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
23:35:06.0934 5752 HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:35:06.0940 5752 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
23:35:06.0940 5752 Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:35:06.0948 5752 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
23:35:06.0949 5752 Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:35:06.0949 5752 ServiceLayer ( UnsignedFile.Multi.Generic ) - skipped by user
23:35:06.0949 5752 ServiceLayer ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:35:06.0952 5752 SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
23:35:06.0953 5752 SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:35:06.0955 5752 VMCService ( UnsignedFile.Multi.Generic ) - skipped by user
23:35:06.0955 5752 VMCService ( UnsignedFile.Multi.Generic ) - User select action: Skip
 Ich fühle mich hier wirklich sehr gut aufgehoben! Du, Cosinus, ich hab noch mal 'ne Frage: Ich hab ja das Windows Vista Home auf'm Rechner. Ich hab immer schon mit dem Gedanken gespielt da ein Update auf Windows 7 oder auch 8 zu machen. Ich trau mich das bloß nicht, weil ich echt Schiß hab, dass dann alle Programme weg sind, bzw. auch dann nicht mehr mit dem neuen Windows kompatibel sind und ich alles komplett neu installieren muss. Gibt's da irgendwie eine Hintertür, das man das nicht tun muss? Rechner ist ein Laptop Acer Aspire 7535G, Vista war vorinstalliert. |
|
20.01.2013, 19:20
| #12 |
| | Malwarebytes bricht ständig ab AdwCleaner: Code:
ATTFilter # AdwCleaner v2.106 - Datei am 20/01/2013 um 19:17:46 erstellt
# Aktualisiert am 17/01/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Kirstin - KIRSTINS-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Kirstin\Desktop\adwcleaner.exe
# Option [Suche]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gefunden : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Datei Gefunden : C:\user.js
Datei Gefunden : C:\Users\Kirstin\AppData\Local\funmoods-speeddial.crx
Datei Gefunden : C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\emn4ri5p.default\searchplugins\Askcom.xml
Datei Gefunden : C:\Windows\system32\conduitEngine.tmp
Ordner Gefunden : C:\Program Files\Ask.com
Ordner Gefunden : C:\Program Files\BabylonToolbar
Ordner Gefunden : C:\Program Files\ChatZum Toolbar
Ordner Gefunden : C:\Program Files\Conduit
Ordner Gefunden : C:\Program Files\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Ordner Gefunden : C:\Program Files\Suche_Deutschland
Ordner Gefunden : C:\Program Files\Yontoo
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\ProgramData\Tarma Installer
Ordner Gefunden : C:\Users\Kirstin\AppData\Local\APN
Ordner Gefunden : C:\Users\Kirstin\AppData\Local\AskToolbar
Ordner Gefunden : C:\Users\Kirstin\AppData\Local\Conduit
Ordner Gefunden : C:\Users\Kirstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Ordner Gefunden : C:\Users\Kirstin\AppData\LocalLow\AskToolbar
Ordner Gefunden : C:\Users\Kirstin\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\Kirstin\AppData\LocalLow\PriceGong
Ordner Gefunden : C:\Users\Kirstin\AppData\LocalLow\Suche_Deutschland
Ordner Gefunden : C:\Users\Kirstin\AppData\LocalLow\Toolbar4
Ordner Gefunden : C:\Users\Kirstin\AppData\Roaming\Babylon
Ordner Gefunden : C:\Users\Kirstin\AppData\Roaming\BabylonToolbar
Ordner Gefunden : C:\Users\Kirstin\AppData\Roaming\iWin
Ordner Gefunden : C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\emn4ri5p.default\extensions\bbrs_002@blabbers.com
Ordner Gefunden : C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\emn4ri5p.default\extensions\toolbar@ask.com
Ordner Gefunden : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Registrierungsdatenbank] *****
Schlüssel Gefunden : HKCU\Software\APN
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Suche_Deutschland
Schlüssel Gefunden : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gefunden : HKCU\Software\Ask.com
Schlüssel Gefunden : HKCU\Software\AskToolbar
Schlüssel Gefunden : HKCU\Software\BabylonToolbar
Schlüssel Gefunden : HKCU\Software\Blabbers
Schlüssel Gefunden : HKCU\Software\BrowserCompanion
Schlüssel Gefunden : HKCU\Software\ChatZum Toolbar
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\Microsoft\Babylon
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{83AA2913-C123-4146-85BD-AD8F93971D39}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BrowserCompanion
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ChatZum Toolbar
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Suche_Deutschland Toolbar
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{937F343C-C9C2-4235-B544-7FC4DA2F2594}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4EB4BD89-4701-4106-A78C-3C01E8CD02D1}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{937F343C-C9C2-4235-B544-7FC4DA2F2594}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gefunden : HKCU\Software\Optimizer Pro
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKLM\Software\APN
Schlüssel Gefunden : HKLM\Software\AskToolbar
Schlüssel Gefunden : HKLM\Software\Babylon
Schlüssel Gefunden : HKLM\Software\BabylonToolbar
Schlüssel Gefunden : HKLM\Software\BrowserCompanion
Schlüssel Gefunden : HKLM\Software\ChatZum Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\b
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{4EB4BD89-4701-4106-A78C-3C01E8CD02D1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{937F343C-C9C2-4235-B544-7FC4DA2F2594}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Schlüssel Gefunden : HKLM\Software\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
Schlüssel Gefunden : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\Software\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
Schlüssel Gefunden : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2303923
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8CE2C24C-CBA8-4424-8120-7771EF7DC92A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6909F59-197A-4762-B1E0-C6AC3EA44824}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Scheduled Update for Ask Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{937F343C-C9C2-4235-B544-7FC4DA2F2594}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4EB4BD89-4701-4106-A78C-3C01E8CD02D1}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DA5BD2D3CA2D6943A1A233CD3F88CE7
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC9EFC5C3366B4DB850DAB49330C52
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7E98451C7CA808F47AFE467BDABD02FA
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BFD11FD45FC7B9E46A8F4B69F3A66E35
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5979AD63CA2D6943A1A233CD3F88CE7
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF9BD2952384A9C49B4A5D3D95329890
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FABA2A33488410A4AA40489BD2224282
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ChatZum Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Suche_Deutschland Toolbar
Schlüssel Gefunden : HKLM\Software\Suche_Deutschland
Schlüssel Gefunden : HKU\S-1-5-21-2900932004-3961150359-2209842598-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKU\S-1-5-21-2900932004-3961150359-2209842598-1000\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Schlüssel Gefunden : HKU\S-1-5-21-2900932004-3961150359-2209842598-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{937F343C-C9C2-4235-B544-7FC4DA2F2594}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{937F343C-C9C2-4235-B544-7FC4DA2F2594}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{937F343C-C9C2-4235-B544-7FC4DA2F2594}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{937F343C-C9C2-4235-B544-7FC4DA2F2594}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16457
[HKCU\Software\Microsoft\Internet Explorer\Main - Backup.Old.Start Page] = hxxp://search.babylon.com/?affID=112843&babsrc=HP_ss&mntrId=5ed31ef70000000000000017c47d807f
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.chatzum.com/
-\\ Mozilla Firefox v18.0.1 (de)
Datei : C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\emn4ri5p.default\prefs.js
Gefunden : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Gefunden : user_pref("browser.newtab.url", "search.chatzum.com");
Gefunden : user_pref("browser.search.defaultengine", "Ask.com");
Gefunden : user_pref("browser.search.defaultthis.engineName", "Suche Deutschland Customized Web Search");
Gefunden : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2303923&Sea[...]
Gefunden : user_pref("extensions.BabylonToolbar.admin", false);
Gefunden : user_pref("extensions.BabylonToolbar.aflt", "orgnl");
Gefunden : user_pref("extensions.BabylonToolbar.bbDpng", 18);
Gefunden : user_pref("extensions.BabylonToolbar.dfltLng", "de");
Gefunden : user_pref("extensions.BabylonToolbar.dfltSrch", false);
Gefunden : user_pref("extensions.BabylonToolbar.hmpg", false);
Gefunden : user_pref("extensions.BabylonToolbar.lastDP", 18);
Gefunden : user_pref("extensions.BabylonToolbar.lastVrsnTs", "");
Gefunden : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "13.0");
Gefunden : user_pref("extensions.BabylonToolbar.newTab", true);
Gefunden : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?affID=112843&babsrc=NT_[...]
Gefunden : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
Gefunden : user_pref("extensions.BabylonToolbar.propectorlck", 81160409);
Gefunden : user_pref("extensions.BabylonToolbar.prtkDS", 1);
Gefunden : user_pref("extensions.BabylonToolbar.smplGrp", "free");
Gefunden : user_pref("extensions.BabylonToolbar_i.newTab", true);
Gefunden : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=112843&babsrc=N[...]
Gefunden : user_pref("extensions.asktb.FeaturePageVersion", "1");
Gefunden : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
Gefunden : user_pref("extensions.asktb.OOBEVersion", "1");
Gefunden : user_pref("extensions.asktb.apn_dbr", "ff_16.0.2");
Gefunden : user_pref("extensions.asktb.autofill-text-highlight-enabled", true);
Gefunden : user_pref("extensions.asktb.cbid", "^AGS");
Gefunden : user_pref("extensions.asktb.config-updated", false);
Gefunden : user_pref("extensions.asktb.cr-o", "APN10261");
Gefunden : user_pref("extensions.asktb.crumb", "2012.11.06+23.12.45-toolbar009iad-DE-SGFtYnVyZyxHZXJtYW55");
Gefunden : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://avira-int.ask.com/web?q={query}&qsrc=[...]
Gefunden : user_pref("extensions.asktb.domain", "avira-int.ask.com");
Gefunden : user_pref("extensions.asktb.domainName", "avira-int.ask.com");
Gefunden : user_pref("extensions.asktb.dtid", "^YYYYYY^YY^DE");
Gefunden : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://www.finduny.com?client=mozilla-firefox[...]
Gefunden : user_pref("extensions.asktb.first-launch-url", "hxxp://redirect.avira.com/?operationtype=install&lng[...]
Gefunden : user_pref("extensions.asktb.fresh-install", false);
Gefunden : user_pref("extensions.asktb.guid", "c499b9f8-8ea2-43a8-b166-8e5718f8f42b");
Gefunden : user_pref("extensions.asktb.hpr", "YES");
Gefunden : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Gefunden : user_pref("extensions.asktb.if", "first");
Gefunden : user_pref("extensions.asktb.l", "dis");
Gefunden : user_pref("extensions.asktb.last-config-req", "1358670022551");
Gefunden : user_pref("extensions.asktb.last-search-timestamp", "1353970746319");
Gefunden : user_pref("extensions.asktb.locale", "de_DE");
Gefunden : user_pref("extensions.asktb.localePref", true);
Gefunden : user_pref("extensions.asktb.location", "Hamburg,Germany");
Gefunden : user_pref("extensions.asktb.nthp", "YES");
Gefunden : user_pref("extensions.asktb.nthp_prev", "1");
Gefunden : user_pref("extensions.asktb.o", "APN10261");
Gefunden : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Gefunden : user_pref("extensions.asktb.qsrc", "2871");
Gefunden : user_pref("extensions.asktb.r", "5");
Gefunden : user_pref("extensions.asktb.sa", "YES");
Gefunden : user_pref("extensions.asktb.saguid", "B51F3D41-F8DA-4BC7-A3B0-29FCBD8F8293");
Gefunden : user_pref("extensions.asktb.search-history-queries", "horsemanshipschule||info@stapeline.com||info@p[...]
Gefunden : user_pref("extensions.asktb.search-suggestions-enabled", true);
Gefunden : user_pref("extensions.asktb.silent-upgrade", true);
Gefunden : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Gefunden : user_pref("extensions.asktb.socialmini-first", true);
Gefunden : user_pref("extensions.asktb.socialmini-interval", "1200000");
Gefunden : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Gefunden : user_pref("extensions.asktb.socialmini-max-items", "30");
Gefunden : user_pref("extensions.asktb.socialmini-native-on", true);
Gefunden : user_pref("extensions.asktb.socialmini-speed", "5000");
Gefunden : user_pref("extensions.asktb.themeid", "");
Gefunden : user_pref("extensions.asktb.timeinstalled", "07.11.2012 08:15:02");
Gefunden : user_pref("extensions.asktb.to", "");
Gefunden : user_pref("extensions.asktb.v", "3.15.13.100015");
Gefunden : user_pref("extensions.asktb.version", "5.15.13.33021");
Gefunden : user_pref("extensions.enabledAddons", "adblockpopups%40jessehakanen.net:0.5,browserlab%40adobe.com:1[...]
Gefunden : user_pref("extensions.funmoods.aflt", "sware");
Gefunden : user_pref("extensions.funmoods.autoRvrt", false);
Gefunden : user_pref("extensions.funmoods.cntry", "DE");
Gefunden : user_pref("extensions.funmoods.cv", "cv5");
Gefunden : user_pref("extensions.funmoods.dfltLng", "");
Gefunden : user_pref("extensions.funmoods.dfltSrch", true);
Gefunden : user_pref("extensions.funmoods.dnsErr", true);
Gefunden : user_pref("extensions.funmoods.envrmnt", "production");
Gefunden : user_pref("extensions.funmoods.excTlbr", false);
Gefunden : user_pref("extensions.funmoods.hdrMd5", "AF77880F1E50D17D9E790BD397E75F81");
Gefunden : user_pref("extensions.funmoods.hmpg", true);
Gefunden : user_pref("extensions.funmoods.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=sware&chnl=sware&cd=2Xzuy[...]
Gefunden : user_pref("extensions.funmoods.id", "001F1698B70E1EF7");
Gefunden : user_pref("extensions.funmoods.instlDay", "15580");
Gefunden : user_pref("extensions.funmoods.instlRef", "sware");
Gefunden : user_pref("extensions.funmoods.isdcmntcmplt", true);
Gefunden : user_pref("extensions.funmoods.lastVrsnTs", "1.5.23.2223:24:55");
Gefunden : user_pref("extensions.funmoods.mntrvrsn", "1.3.0");
Gefunden : user_pref("extensions.funmoods.newTab", true);
Gefunden : user_pref("extensions.funmoods.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=sware&chnl=sware&cd=2Xz[...]
Gefunden : user_pref("extensions.funmoods.prdct", "funmoods");
Gefunden : user_pref("extensions.funmoods.prtnrId", "funmoods");
Gefunden : user_pref("extensions.funmoods.sg", "none");
Gefunden : user_pref("extensions.funmoods.smplGrp", "none");
Gefunden : user_pref("extensions.funmoods.srchPrvdr", "Search");
Gefunden : user_pref("extensions.funmoods.tlbrId", "base");
Gefunden : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://start.funmoods.com/?f=3&a=sware&chnl=sware&cd=2[...]
Gefunden : user_pref("extensions.funmoods.vrsn", "1.5.23.22");
Gefunden : user_pref("extensions.funmoods.vrsnTs", "1.5.23.2223:24:55");
Gefunden : user_pref("extensions.funmoods.vrsni", "1.5.23.22");
Gefunden : user_pref("extensions.funmoods_i.newTab", true);
Gefunden : user_pref("extensions.funmoods_i.smplGrp", "none");
Gefunden : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2223:24:55");
Gefunden : user_pref("extensions.toolbar@ask.com.install-event-fired", true);
Gefunden : user_pref("id_chatzum_installed_version", "1.0.17");
Gefunden : user_pref("id_chatzum_tabpage", "hxxp%3A//searchsafer.com/");
Gefunden : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10261&loc[...]
-\\ Google Chrome v24.0.1312.52
Datei : C:\Users\Kirstin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Gefunden [l.8] : homepage = "hxxp://start.funmoods.com/?f=1&a=sware&chnl=sware&cd=2XzuyEtN2Y1L1QzutDtDtC0FtCyCzyzz0ByBtD0EtC0E0FyBtN0D0Tzu0CtByEtCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1891229338",
Gefunden [l.12] : urls_to_restore_on_startup = [ "hxxp://search.chatzum.com" ]
Gefunden [l.1835] : homepage = "hxxp://start.funmoods.com/?f=1&a=sware&chnl=sware&cd=2XzuyEtN2Y1L1QzutDtDtC0FtCyCzyzz0ByBtD0EtC0E0FyBtN0D0Tzu0CtByEtCtN1L2XzutBtFtCtFtCtFtAtCtB&cr=1891229338",
Gefunden [l.2258] : urls_to_restore_on_startup = [ "hxxp://search.chatzum.com" ]
*************************
AdwCleaner[R1].txt - [35456 octets] - [20/01/2013 19:17:46]
########## EOF - C:\AdwCleaner[R1].txt - [35517 octets] ##########
|
|
20.01.2013, 21:09
| #13 |
| | Malwarebytes bricht ständig ab AdwCleaner: Code:
ATTFilter # AdwCleaner v2.106 - Datei am 20/01/2013 um 20:21:15 erstellt
# Aktualisiert am 17/01/2013 von Xplode
# Betriebssystem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Benutzer : Kirstin - KIRSTINS-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Kirstin\Desktop\adwcleaner.exe
# Option [Löschen]
**** [Dienste] ****
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Datei Gelöscht : C:\user.js
Datei Gelöscht : C:\Users\Kirstin\AppData\Local\funmoods-speeddial.crx
Datei Gelöscht : C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\emn4ri5p.default\searchplugins\Askcom.xml
Datei Gelöscht : C:\Windows\system32\conduitEngine.tmp
Ordner Gelöscht : C:\Program Files\Ask.com
Ordner Gelöscht : C:\Program Files\BabylonToolbar
Ordner Gelöscht : C:\Program Files\ChatZum Toolbar
Ordner Gelöscht : C:\Program Files\Conduit
Ordner Gelöscht : C:\Program Files\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Ordner Gelöscht : C:\Program Files\Suche_Deutschland
Ordner Gelöscht : C:\Program Files\Yontoo
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\Kirstin\AppData\Local\APN
Ordner Gelöscht : C:\Users\Kirstin\AppData\Local\AskToolbar
Ordner Gelöscht : C:\Users\Kirstin\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Kirstin\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Ordner Gelöscht : C:\Users\Kirstin\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\Kirstin\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Kirstin\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Kirstin\AppData\LocalLow\Suche_Deutschland
Ordner Gelöscht : C:\Users\Kirstin\AppData\LocalLow\Toolbar4
Ordner Gelöscht : C:\Users\Kirstin\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Kirstin\AppData\Roaming\BabylonToolbar
Ordner Gelöscht : C:\Users\Kirstin\AppData\Roaming\iWin
Ordner Gelöscht : C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\emn4ri5p.default\extensions\bbrs_002@blabbers.com
Ordner Gelöscht : C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\emn4ri5p.default\extensions\toolbar@ask.com
Ordner Gelöscht : C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
***** [Registrierungsdatenbank] *****
Schlüssel Gelöscht : HKCU\Software\APN
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Suche_Deutschland
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\Ask.com
Schlüssel Gelöscht : HKCU\Software\AskToolbar
Schlüssel Gelöscht : HKCU\Software\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\Blabbers
Schlüssel Gelöscht : HKCU\Software\BrowserCompanion
Schlüssel Gelöscht : HKCU\Software\ChatZum Toolbar
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Microsoft\Babylon
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{70D46D94-BF1E-45ED-B567-48701376298E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{83AA2913-C123-4146-85BD-AD8F93971D39}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\BrowserCompanion
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ChatZum Toolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Suche_Deutschland Toolbar
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{937F343C-C9C2-4235-B544-7FC4DA2F2594}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4EB4BD89-4701-4106-A78C-3C01E8CD02D1}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{937F343C-C9C2-4235-B544-7FC4DA2F2594}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKLM\Software\APN
Schlüssel Gelöscht : HKLM\Software\AskToolbar
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\BabylonToolbar
Schlüssel Gelöscht : HKLM\Software\BrowserCompanion
Schlüssel Gelöscht : HKLM\Software\ChatZum Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\b
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4EB4BD89-4701-4106-A78C-3C01E8CD02D1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{937F343C-C9C2-4235-B544-7FC4DA2F2594}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\3192AA38321C641458DBDAF83979D193
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\3192AA38321C641458DBDAF83979D193
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2303923
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\YontooIEClient.Api.1
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8CE2C24C-CBA8-4424-8120-7771EF7DC92A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C6909F59-197A-4762-B1E0-C6AC3EA44824}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{937F343C-C9C2-4235-B544-7FC4DA2F2594}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{4EB4BD89-4701-4106-A78C-3C01E8CD02D1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DA5BD2D3CA2D6943A1A233CD3F88CE7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC9EFC5C3366B4DB850DAB49330C52
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4B2468513CA2D6943A1A233CD3F88CE7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7E98451C7CA808F47AFE467BDABD02FA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BFD11FD45FC7B9E46A8F4B69F3A66E35
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5979AD63CA2D6943A1A233CD3F88CE7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DF9BD2952384A9C49B4A5D3D95329890
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FABA2A33488410A4AA40489BD2224282
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3192AA38321C641458DBDAF83979D193
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ChatZum Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Suche_Deutschland Toolbar
Schlüssel Gelöscht : HKLM\Software\Suche_Deutschland
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{937F343C-C9C2-4235-B544-7FC4DA2F2594}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{00000000-6E41-4FD3-8538-502F5495E5FC}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{937F343C-C9C2-4235-B544-7FC4DA2F2594}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{937F343C-C9C2-4235-B544-7FC4DA2F2594}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{937F343C-C9C2-4235-B544-7FC4DA2F2594}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ApnUpdater]
***** [Internet Browser] *****
-\\ Internet Explorer v9.0.8112.16457
Gelöscht : [HKCU\Software\Microsoft\Internet Explorer\Main - Backup.Old.Start Page]
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.chatzum.com/ --> hxxp://www.google.com
-\\ Mozilla Firefox v18.0.1 (de)
Datei : C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\emn4ri5p.default\prefs.js
C:\Users\Kirstin\AppData\Roaming\Mozilla\Firefox\Profiles\emn4ri5p.default\user.js ... Gelöscht !
Gelöscht : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com");
Gelöscht : user_pref("browser.newtab.url", "search.chatzum.com");
Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Gelöscht : user_pref("browser.search.defaultthis.engineName", "Suche Deutschland Customized Web Search");
Gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2303923&Sea[...]
Gelöscht : user_pref("extensions.BabylonToolbar.admin", false);
Gelöscht : user_pref("extensions.BabylonToolbar.aflt", "orgnl");
Gelöscht : user_pref("extensions.BabylonToolbar.bbDpng", 18);
Gelöscht : user_pref("extensions.BabylonToolbar.dfltLng", "de");
Gelöscht : user_pref("extensions.BabylonToolbar.dfltSrch", false);
Gelöscht : user_pref("extensions.BabylonToolbar.hmpg", false);
Gelöscht : user_pref("extensions.BabylonToolbar.lastDP", 18);
Gelöscht : user_pref("extensions.BabylonToolbar.lastVrsnTs", "");
Gelöscht : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "13.0");
Gelöscht : user_pref("extensions.BabylonToolbar.newTab", true);
Gelöscht : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?affID=112843&babsrc=NT_[...]
Gelöscht : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
Gelöscht : user_pref("extensions.BabylonToolbar.propectorlck", 81160409);
Gelöscht : user_pref("extensions.BabylonToolbar.prtkDS", 1);
Gelöscht : user_pref("extensions.BabylonToolbar.smplGrp", "free");
Gelöscht : user_pref("extensions.BabylonToolbar_i.newTab", true);
Gelöscht : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=112843&babsrc=N[...]
Gelöscht : user_pref("extensions.asktb.FeaturePageVersion", "1");
Gelöscht : user_pref("extensions.asktb.InstallDir", "C:\\Program Files\\Ask.com\\");
Gelöscht : user_pref("extensions.asktb.OOBEVersion", "1");
Gelöscht : user_pref("extensions.asktb.apn_dbr", "ff_16.0.2");
Gelöscht : user_pref("extensions.asktb.autofill-text-highlight-enabled", true);
Gelöscht : user_pref("extensions.asktb.cbid", "^AGS");
Gelöscht : user_pref("extensions.asktb.config-updated", false);
Gelöscht : user_pref("extensions.asktb.cr-o", "APN10261");
Gelöscht : user_pref("extensions.asktb.crumb", "2012.11.06+23.12.45-toolbar009iad-DE-SGFtYnVyZyxHZXJtYW55");
Gelöscht : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://avira-int.ask.com/web?q={query}&qsrc=[...]
Gelöscht : user_pref("extensions.asktb.domain", "avira-int.ask.com");
Gelöscht : user_pref("extensions.asktb.domainName", "avira-int.ask.com");
Gelöscht : user_pref("extensions.asktb.dtid", "^YYYYYY^YY^DE");
Gelöscht : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://www.finduny.com?client=mozilla-firefox[...]
Gelöscht : user_pref("extensions.asktb.first-launch-url", "hxxp://redirect.avira.com/?operationtype=install&lng[...]
Gelöscht : user_pref("extensions.asktb.fresh-install", false);
Gelöscht : user_pref("extensions.asktb.guid", "c499b9f8-8ea2-43a8-b166-8e5718f8f42b");
Gelöscht : user_pref("extensions.asktb.hpr", "YES");
Gelöscht : user_pref("extensions.asktb.hxxp-header-whitelist-hosts", "[\"static-dev.en.dev.ask.com\", \"ask.com[...]
Gelöscht : user_pref("extensions.asktb.if", "first");
Gelöscht : user_pref("extensions.asktb.l", "dis");
Gelöscht : user_pref("extensions.asktb.last-config-req", "1358670022551");
Gelöscht : user_pref("extensions.asktb.last-search-timestamp", "1353970746319");
Gelöscht : user_pref("extensions.asktb.locale", "de_DE");
Gelöscht : user_pref("extensions.asktb.localePref", true);
Gelöscht : user_pref("extensions.asktb.location", "Hamburg,Germany");
Gelöscht : user_pref("extensions.asktb.nthp", "YES");
Gelöscht : user_pref("extensions.asktb.nthp_prev", "1");
Gelöscht : user_pref("extensions.asktb.o", "APN10261");
Gelöscht : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Gelöscht : user_pref("extensions.asktb.qsrc", "2871");
Gelöscht : user_pref("extensions.asktb.r", "5");
Gelöscht : user_pref("extensions.asktb.sa", "YES");
Gelöscht : user_pref("extensions.asktb.saguid", "B51F3D41-F8DA-4BC7-A3B0-29FCBD8F8293");
Gelöscht : user_pref("extensions.asktb.search-history-queries", "horsemanshipschule||info@stapeline.com||info@p[...]
Gelöscht : user_pref("extensions.asktb.search-suggestions-enabled", true);
Gelöscht : user_pref("extensions.asktb.silent-upgrade", true);
Gelöscht : user_pref("extensions.asktb.silent-upgrade-from-pre-newtabs-build", false);
Gelöscht : user_pref("extensions.asktb.socialmini-first", true);
Gelöscht : user_pref("extensions.asktb.socialmini-interval", "1200000");
Gelöscht : user_pref("extensions.asktb.socialmini-max-char-ticker", "33");
Gelöscht : user_pref("extensions.asktb.socialmini-max-items", "30");
Gelöscht : user_pref("extensions.asktb.socialmini-native-on", true);
Gelöscht : user_pref("extensions.asktb.socialmini-speed", "5000");
Gelöscht : user_pref("extensions.asktb.themeid", "");
Gelöscht : user_pref("extensions.asktb.timeinstalled", "07.11.2012 08:15:02");
Gelöscht : user_pref("extensions.asktb.to", "");
Gelöscht : user_pref("extensions.asktb.v", "3.15.13.100015");
Gelöscht : user_pref("extensions.asktb.version", "5.15.13.33021");
Gelöscht : user_pref("extensions.enabledAddons", "adblockpopups%40jessehakanen.net:0.5,browserlab%40adobe.com:1[...]
Gelöscht : user_pref("extensions.funmoods.aflt", "sware");
Gelöscht : user_pref("extensions.funmoods.autoRvrt", false);
Gelöscht : user_pref("extensions.funmoods.cntry", "DE");
Gelöscht : user_pref("extensions.funmoods.cv", "cv5");
Gelöscht : user_pref("extensions.funmoods.dfltLng", "");
Gelöscht : user_pref("extensions.funmoods.dfltSrch", true);
Gelöscht : user_pref("extensions.funmoods.dnsErr", true);
Gelöscht : user_pref("extensions.funmoods.envrmnt", "production");
Gelöscht : user_pref("extensions.funmoods.excTlbr", false);
Gelöscht : user_pref("extensions.funmoods.hdrMd5", "AF77880F1E50D17D9E790BD397E75F81");
Gelöscht : user_pref("extensions.funmoods.hmpg", true);
Gelöscht : user_pref("extensions.funmoods.hmpgUrl", "hxxp://start.funmoods.com/?f=1&a=sware&chnl=sware&cd=2Xzuy[...]
Gelöscht : user_pref("extensions.funmoods.id", "001F1698B70E1EF7");
Gelöscht : user_pref("extensions.funmoods.instlDay", "15580");
Gelöscht : user_pref("extensions.funmoods.instlRef", "sware");
Gelöscht : user_pref("extensions.funmoods.isdcmntcmplt", true);
Gelöscht : user_pref("extensions.funmoods.lastVrsnTs", "1.5.23.2223:24:55");
Gelöscht : user_pref("extensions.funmoods.mntrvrsn", "1.3.0");
Gelöscht : user_pref("extensions.funmoods.newTab", true);
Gelöscht : user_pref("extensions.funmoods.newTabUrl", "hxxp://start.funmoods.com/?f=2&a=sware&chnl=sware&cd=2Xz[...]
Gelöscht : user_pref("extensions.funmoods.prdct", "funmoods");
Gelöscht : user_pref("extensions.funmoods.prtnrId", "funmoods");
Gelöscht : user_pref("extensions.funmoods.sg", "none");
Gelöscht : user_pref("extensions.funmoods.smplGrp", "none");
Gelöscht : user_pref("extensions.funmoods.srchPrvdr", "Search");
Gelöscht : user_pref("extensions.funmoods.tlbrId", "base");
Gelöscht : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://start.funmoods.com/?f=3&a=sware&chnl=sware&cd=2[...]
Gelöscht : user_pref("extensions.funmoods.vrsn", "1.5.23.22");
Gelöscht : user_pref("extensions.funmoods.vrsnTs", "1.5.23.2223:24:55");
Gelöscht : user_pref("extensions.funmoods.vrsni", "1.5.23.22");
Gelöscht : user_pref("extensions.funmoods_i.newTab", true);
Gelöscht : user_pref("extensions.funmoods_i.smplGrp", "none");
Gelöscht : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2223:24:55");
Gelöscht : user_pref("extensions.toolbar@ask.com.install-event-fired", true);
Gelöscht : user_pref("id_chatzum_installed_version", "1.0.17");
Gelöscht : user_pref("id_chatzum_tabpage", "hxxp%3A//searchsafer.com/");
Gelöscht : user_pref("keyword.URL", "hxxp://websearch.ask.com/redirect?client=ff&src=kw&tb=AVR-4&o=APN10261&loc[...]
-\\ Google Chrome v24.0.1312.52
Datei : C:\Users\Kirstin\AppData\Local\Google\Chrome\User Data\Default\Preferences
Gelöscht [l.8] : homepage = "hxxp://start.funmoods.com/?f=1&a=sware&chnl=sware&cd=2XzuyEtN2Y1L1QzutDtDtC0FtCyC[...]
Gelöscht [l.12] : urls_to_restore_on_startup = [ "hxxp://search.chatzum.com" ]
Gelöscht [l.1835] : homepage = "hxxp://start.funmoods.com/?f=1&a=sware&chnl=sware&cd=2XzuyEtN2Y1L1QzutDtDtC0FtCyCzyz[...]
Gelöscht [l.2258] : urls_to_restore_on_startup = [ "hxxp://search.chatzum.com" ]
*************************
AdwCleaner[R1].txt - [35587 octets] - [20/01/2013 19:17:46]
AdwCleaner[R2].txt - [35648 octets] - [20/01/2013 20:20:34]
AdwCleaner[S1].txt - [34875 octets] - [20/01/2013 20:21:15]
########## EOF - C:\AdwCleaner[S1].txt - [34936 octets] ##########
|
|
20.01.2013, 22:15
| #14 |
| | Malwarebytes bricht ständig ab OTL.txt: Code:
ATTFilter OTL logfile created on: 20.01.2013 21:22:37 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kirstin\Desktop Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation Internet Explorer (Version = 9.0.8112.16421) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 2,37 Gb Total Physical Memory | 1,06 Gb Available Physical Memory | 44,68% Memory free 4,97 Gb Paging File | 3,38 Gb Available in Paging File | 68,03% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 455,99 Gb Total Space | 207,80 Gb Free Space | 45,57% Space Free | Partition Type: NTFS Computer Name: KIRSTINS-PC | User Name: Kirstin | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Kirstin\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Users\Kirstin\AppData\Local\Temp\RtkBtMnt.exe (Realtek Semiconductor Corp.) PRC - C:\Programme\Mozilla Firefox\firefox.exe (Mozilla Corporation) PRC - C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_5_502_146.exe (Adobe Systems, Inc.) PRC - C:\Programme\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) PRC - C:\Programme\Samsung\Kies\Kies.exe (Samsung) PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Programme\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics) PRC - C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) PRC - C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) PRC - C:\Programme\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) PRC - C:\Users\Kirstin\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) PRC - C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.) PRC - C:\Programme\Uniblue\RegistryBooster\rbmonitor.exe (Uniblue Systems Limited) PRC - C:\Programme\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis) PRC - C:\Programme\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) PRC - C:\Programme\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe (Acronis) PRC - C:\Programme\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG) PRC - C:\Windows\System32\sdclt.exe (Microsoft Corporation) PRC - C:\Programme\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) PRC - C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ArcCon.ac (ArcSoft Inc.) PRC - C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) PRC - C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated) PRC - C:\Programme\Acer\Acer ePower Management\ePowerEvent.exe (Acer Incorporated) PRC - C:\Programme\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.) PRC - C:\Programme\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) PRC - C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.) PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink) PRC - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.) PRC - C:\Programme\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.) PRC - C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe () PRC - C:\Programme\EgisTec\MyWinLocker 3\x86\MWLService.exe (EgisTec Inc.) PRC - C:\Programme\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (EgisTec Inc.) PRC - C:\Programme\AmIcoSingLun\AmIcoSinglun.exe (AlcorMicro Co., Ltd.) PRC - C:\Windows\PLFSetI.exe () PRC - C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone) PRC - C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone) PRC - C:\Windows\System32\agrsmsvc.exe (Agere Systems) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Windows\System32\lxctcoms.exe ( ) ========== Modules (No Company Name) ========== MOD - C:\Programme\Mozilla Firefox\mozjs.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Theme\8db51a0e07118635fb71b05f21937db8\Kies.Theme.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePodcast\b07ff83c3ce2fd8d3a938889f020552d\DevicePodcast.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DummyStorePlugin\54c3c22053264729fde00785baf21eb9\DummyStorePlugin.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceVideo\aaa553d73526328d450a142814849e40\DeviceVideo.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DevicePhoto\e5334ab5e29c40a7af6223175123263b\DevicePhoto.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceMusic\233972a5ba7f8718ba70734134186b1a\DeviceMusic.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\VideoManager\e2689f807ac87966b7e78f74ab677453\VideoManager.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PhotoManager\c8a238c49512fddf15119a48f1c8e520\PhotoManager.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Podcaster\b086aa6691c54b382c9dff23d19879cd\Podcaster.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\ff3157a926a4c62bd7c4fc462b44d4ae\Kies.Common.DeviceServiceLib.FirmwareUpdate.FirmwareUpdateAgentHelper.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\DeviceHost\d532b3a8c28f7131b6c1d7eb62a9a421\DeviceHost.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Phonebook\521e8f5d3e1452cabfea9ea69659c679\Phonebook.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Plugin.Content#\5c80e523a29d6577d167f5550f882dc0\Kies.Plugin.ContentsManagerLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\MusicManager\c332273df479d78fd386207bd8aeee42\MusicManager.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\BATPlugin\8bf212e316537432a2356c88f3bb6f4d\BATPlugin.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.StoreMa#\017429623044d5a3e9aa2aeef7d00017\Kies.Common.StoreManager.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MediaDB\8bb1cf762dcfd25fa6fec281620a67e3\Kies.Common.MediaDB.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\ASF_cSharpAPI\52207264bac5068c2de665b3f41e8964\ASF_cSharpAPI.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.AllShare\3b13bd2ffd57d5a08bfb85636513922d\Kies.Common.AllShare.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\ca0b9f739dc8a16a0b45b07b6f1deae0\Kies.Common.DeviceServiceLib.FirmwareUpdate.Common.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\68bf9214584209eb5ebf209d1b95ac1e\Kies.Common.DeviceServiceLib.FirmwareUpdate.Downloader.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\5ff671ad98a74cfc1dee4a439fb8728e\Kies.Common.DeviceServiceLib.FileService.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DevFileServ#\d1baf93e68f207b043f0861c5ee2d7ea\Interop.DevFileServiceLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\57a3553bbf6667ae14d38bdb66f605a2\Kies.Common.DeviceServiceLib.DeviceDataService.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\6e4f1bc2e9b41f984d67aa1cd7f65c3d\Kies.Common.DeviceServiceLib.DeviceManagement.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\2c72efd53cc6951822e9782f762e0950\Kies.Common.DeviceServiceLib.Interface.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DeviceS#\016586bd2a1964a0a519cbc522d2906d\Kies.Common.DeviceService.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.MP3FileInfo#\5f0b67eb5313c092d5b8b56426dd30e2\Interop.MP3FileInfoCOMLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.OGGFileInfo#\b2c7788a3e89dfe8758d6184bac1b663\Interop.OGGFileInfoCOMLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.P3MPINTERFA#\111be4cc197cabb6340170eeb54ae535\Interop.P3MPINTERFACECTRLLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.PRPLAYERCOR#\7316848f01ce1da27fc2d701f32cae0d\Interop.PRPLAYERCORELib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Multime#\c869231737a2b3d15915dcd3cf44b935\Kies.Common.Multimedia.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.MainUI\89a65c0b3dd11b28cee0f0af1185b12d\Kies.Common.MainUI.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.DBManag#\2a6cd90bb628de35d70c9dba6897d013\Kies.Common.DBManager.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\ICSharpCode.SharpZi#\0969ff5a4924da7d8c6ebd3fca8f154b\ICSharpCode.SharpZipLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\CabLib\af22e5bb6307e2882abe5fbdb3c00c8e\CabLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.CRMMana#\c7db33ddaee23e7ec8a3458fde5b50eb\Kies.Common.CRMManager.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Common.Util\7134f52b3f25107e9868d664eed50a2f\Kies.Common.Util.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Locale\83ea8d246c90eeee2b100f01994eef5b\Kies.Locale.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Interop.DeviceSearc#\4f4243b3bc2e4cdf0ec6e7ad5559aa20\Interop.DeviceSearchLib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.MVVM\0bbdc52b6dd44363e4a194ee8bd8a460\Kies.MVVM.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.UI\8e2b0a9c69e1065931751dcb16bd5fac\Kies.UI.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\GongSolutions.Wpf.D#\7c3107cb236a66aa4602f12d23611c55\GongSolutions.Wpf.DragDrop.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies.Interface\7ed89054a3bdd9dbbf1cce0e0b592d78\Kies.Interface.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceProce#\7f6c86879d27a285cc97c12d59424dd0\System.ServiceProcess.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\dbe82a95ee3feebc5999138fdf36d3c9\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\40c7a89fe2cbf3c12a2c39e034da54cf\System.Xaml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\Kies\f619ad24547bdefcd7ae3b6afdf99a67\Kies.ni.exe () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\f042f66c2ad8fd5b8c34fa22cd22079e\System.Management.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\56e40fa3c6d2f2a4200ee4e11fce57e7\System.ServiceProcess.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Accessibility\9b2eef59d0cfc5aff182d0951de5f040\Accessibility.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\b5df40c22ab563a816103629e2ca99d4\System.Runtime.Remoting.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\d995a0e7d64a874cddea6294caaa2539\System.Transactions.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\259f7342c8ebb1150db3df1bc4d3394c\System.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Security\776fced3857dce33967e805879757d24\System.Security.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\004bc6615f9c06df5c98859d35149fe6\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\b757806657fa5db2b1ed1a89b026b463\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\0c3da9004b277959e24a9fd606d3dd05\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\78157a494dc9a7e52be8840decfcd9cc\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\0f5a23bb73681b6388daccd8e250ba66\System.Data.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\cc149d08e75f8c53cd28ac926b38c370\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\2227d1559f87943255069398608d5c56\mscorlib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\b8e60f81fd56934c9f9da7b15bee3376\PresentationFramework.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\af7e2da8fcdb0d788cea0638e157c54b\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\78ecbee4a7444353dce52afb9d9d795c\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\fc476bbac36944e352c2f547352ffa64\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\932901ff0ad5e365ffbe705d7459a37e\PresentationCore.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\7cd4aa51f6e6b9330b8f50bba8bb62c6\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\b519f42484e1d488662a9a8a87cb8849\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\8abaedf6aecb073b22f8801aa0b8babf\WindowsBase.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\f93dca0e4baa1dcb37cf75392b7c89da\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6a1ccc1e1a79ce267d3d1808af382cd6\mscorlib.ni.dll () MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_5_502_146.dll () MOD - C:\Programme\Acronis\TrueImageHome\Common\ti_managers.dll () MOD - C:\Programme\FileZilla FTP Client\fzshellext.dll () MOD - C:\Programme\WinRAR\RarExt.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Wizard\2.0.3321.40317__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3321.40399__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3321.40301__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3321.40319__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3321.40378__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3321.40308__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3321.40357__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3321.40314__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3321.40343__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3321.40308__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3321.40400__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3321.40363__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3321.40363__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Dashboard\2.0.3321.40413__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard\2.0.3321.40398__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3321.40362__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime\2.0.3321.40398__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Runtime\2.0.3321.40414__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3321.40346__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3321.40372__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3321.40320__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3321.40354__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3321.40345__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3321.40354__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager.Graphics.Dashboard\2.0.3321.40310__90ba9c70f846762e\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3321.40320__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3321.40340__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3321.40344__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Dashboard\2.0.3321.40356__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Wizard\2.0.3321.40325__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3321.40343__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3321.40324__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3321.40355__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3321.40344__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3294.18699__90ba9c70f846762e\LOG.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3294.18701__90ba9c70f846762e\NEWAEM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3294.18832__90ba9c70f846762e\CLI.Foundation.XManifest.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS.I0602\2.0.3294.18753__90ba9c70f846762e\DEM.OS.I0602.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3294.18728__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3294.18709__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3294.18745__90ba9c70f846762e\MOM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.OS\2.0.3294.18787__90ba9c70f846762e\DEM.OS.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0702\2.0.2594.25693__90ba9c70f846762e\DEM.Graphics.I0702.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3294.18755__90ba9c70f846762e\DEM.Graphics.dll () MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3294.18751__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3294.18787__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3294.18795__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3294.18747__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3294.18794__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3294.18708__90ba9c70f846762e\CLI.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3294.18735__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3294.18767__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3294.18771__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3294.18785__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerPlayDPPE.Graphics.Shared\2.0.3294.18784__90ba9c70f846762e\CLI.Aspect.PowerPlayDPPE.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.PowerXpress.Graphics.Shared\2.0.3294.18795__90ba9c70f846762e\CLI.Aspect.PowerXpress.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3294.18737__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3294.18731__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3294.18717__90ba9c70f846762e\CLI.Component.Client.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3294.18727__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3294.18758__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3294.18755__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3321.40431__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3321.40393__90ba9c70f846762e\MOM.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3294.18772__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3294.18766__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3294.18765__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3321.40409__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3294.18771__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3294.18742__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3294.18760__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3294.18756__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3294.18748__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3294.18769__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\ACE.Graphics.DisplaysManager.Shared\2.0.2573.17685__90ba9c70f846762e\ACE.Graphics.DisplaysManager.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3294.18720__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3294.18757__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3294.18746__90ba9c70f846762e\APM.Foundation.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3294.18728__90ba9c70f846762e\AEM.Server.Shared.dll () MOD - C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll () MOD - C:\Windows\assembly\GAC\Interop.WBOCXLib\1.0.0.0__90ba9c70f846762e\Interop.WBOCXLib.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3321.40297__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3321.40305__90ba9c70f846762e\CLI.Component.Dashboard.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3321.40387__90ba9c70f846762e\CLI.Component.Systemtray.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3321.40314__90ba9c70f846762e\CLI.Component.Wizard.dll () MOD - C:\Windows\assembly\GAC_MSIL\ATIDEMOS\2.0.3321.40299__90ba9c70f846762e\ATIDEMOS.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3321.40298__90ba9c70f846762e\CLI.Component.Runtime.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3321.40391__90ba9c70f846762e\LOG.Foundation.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3321.40300__90ba9c70f846762e\CLI.Component.SkinFactory.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3294.18750__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3294.18714__90ba9c70f846762e\CLI.Foundation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3294.18740__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3294.18725__90ba9c70f846762e\LOG.Foundation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3321.40392__90ba9c70f846762e\CCC.Implementation.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3294.18748__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3294.18745__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3294.18744__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3294.18774__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll () MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3321.40298__90ba9c70f846762e\APM.Server.dll () MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3321.40297__90ba9c70f846762e\AEM.Server.dll () MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll () MOD - C:\Windows\System32\msjetoledb40.dll () MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll () MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Windows\System32\atitmmxx.dll () MOD - C:\Programme\NewTech Infosystems\Acer Backup Manager\sqlite3.dll () MOD - C:\Programme\ATI Technologies\ATI.ACE\Branding\Branding.dll () MOD - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMediaLibrary.dll () MOD - C:\Programme\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvcPS.dll () MOD - C:\Windows\PLFSetI.exe () MOD - C:\Programme\Launch Manager\PowerUtl.dll () ========== Services (SafeList) ========== SRV - (Napsuivcudm) -- File not found SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (MBAMService) -- C:\Programme\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation) SRV - (MBAMScheduler) -- C:\Programme\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) SRV - (AntiVirSchedulerService) -- C:\Programme\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirWebService) -- C:\Programme\Avira\AntiVir Desktop\avwebgrd.exe (Avira Operations GmbH & Co. KG) SRV - (AntiVirService) -- C:\Programme\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG) SRV - (Akamai) -- c:\program files\common files\akamai/netsession_win_ce5ba24.dll () SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies) SRV - (afcdpsrv) -- C:\Programme\Common Files\Acronis\CDP\afcdpsrv.exe (Acronis) SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (McComponentHostService) -- C:\Programme\McAfee Security Scan\3.0.207\McCHSvc.exe (McAfee, Inc.) SRV - (ServiceLayer) -- C:\Programme\PC Connectivity Solution\ServiceLayer.exe (Nokia) SRV - (AcrSch2Svc) -- C:\Programme\Common Files\Acronis\Schedule2\schedul2.exe (Acronis) SRV - (ACDaemon) -- C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.) SRV - (SwitchBoard) -- C:\Programme\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated) SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corporation) SRV - (ePowerSvc) -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe (Acer Incorporated) SRV - (NTI IScheduleSvc) -- C:\Programme\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe (NewTech Infosystems, Inc.) SRV - (HsfXAudioService) -- C:\Windows\System32\XAudio32.dll (Conexant Systems, Inc.) SRV - (CLHNService) -- C:\Programme\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe () SRV - (MWLService) -- C:\Program Files\EgisTec\MyWinLocker 3\x86\\MWLService.exe () SRV - (VMCService) -- C:\Programme\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe (Vodafone) SRV - (AgereModemAudio) -- C:\Windows\System32\agrsmsvc.exe (Agere Systems) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (lxct_device) -- C:\Windows\System32\lxctcoms.exe ( ) SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\MAGIX\Common\Database\bin\fbserver.exe (MAGIX®) SRV - (AdobeVersionCue) -- C:\Programme\Adobe\Adobe Version Cue\service\VersionCue.exe (Adobe Sytems) ========== Driver Services (SafeList) ========== DRV - (NwlnkFwd) -- system32\DRIVERS\nwlnkfwd.sys File not found DRV - (NwlnkFlt) -- system32\DRIVERS\nwlnkflt.sys File not found DRV - (IpInIp) -- system32\DRIVERS\ipinip.sys File not found DRV - (catchme) -- C:\Users\Kirstin\AppData\Local\Temp\catchme.sys File not found DRV - (MBAMProtector) -- C:\Windows\System32\drivers\mbam.sys (Malwarebytes Corporation) DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira Operations GmbH & Co. KG) DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG) DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG) DRV - (ssudmdm) -- C:\Windows\System32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV - (dg_ssudbus) -- C:\Windows\System32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH) DRV - (AnyDVD) -- C:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.) DRV - (afcdp) -- C:\Windows\System32\drivers\afcdp.sys (Acronis) DRV - (tdrpman273) -- C:\Windows\System32\drivers\tdrpm273.sys (Acronis) DRV - (timounter) -- C:\Windows\System32\drivers\timntr.sys (Acronis) DRV - (UsbserFilt) -- C:\Windows\System32\drivers\usbser_lowerfltj.sys (Nokia) DRV - (upperdev) -- C:\Windows\System32\drivers\usbser_lowerflt.sys (Nokia) DRV - (nmwcdc) -- C:\Windows\System32\drivers\ccdcmbo.sys (Nokia) DRV - (nmwcd) -- C:\Windows\System32\drivers\ccdcmb.sys (Nokia) DRV - (esgiguard) -- C:\Programme\Enigma Software Group\SpyHunter\esgiguard.sys () DRV - (snapman) -- C:\Windows\System32\drivers\snapman.sys (Acronis) DRV - (nmwcdnsu) -- C:\Windows\System32\drivers\nmwcdnsu.sys (Nokia) DRV - (nmwcdnsuc) -- C:\Windows\System32\drivers\nmwcdnsuc.sys (Nokia) DRV - (RTHDMIAzAudService) -- C:\Windows\System32\drivers\RtHDMIV.sys (Realtek Semiconductor Corp.) DRV - (ahcix86s) -- C:\Windows\System32\drivers\ahcix86s.sys (Advanced Micro Devices, Inc) DRV - (AtiPcie) -- C:\Windows\System32\drivers\AtiPcie.sys (ATI Technologies Inc.) DRV - (amdkmdag) -- C:\Windows\System32\drivers\atipmdag.sys (ATI Technologies Inc.) DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.) DRV - (XAudio) -- C:\Windows\System32\drivers\XAudio32.sys (Conexant Systems, Inc.) DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.) DRV - (netr28u) -- C:\Windows\System32\drivers\netr28u.sys (Ralink Technology Corp.) DRV - (mwlPSDVDisk) -- C:\Windows\System32\drivers\mwlPSDVDisk.sys (Egis Incorporated.) DRV - (mwlPSDFilter) -- C:\Windows\System32\drivers\mwlPSDFilter.sys (Egis Incorporated.) DRV - (mwlPSDNServ) -- C:\Windows\System32\drivers\mwlPSDNserv.sys (Egis Incorporated.) DRV - (k57nd60x) -- C:\Windows\System32\drivers\k57nd60x.sys (Broadcom Corporation) DRV - (pccsmcfd) -- C:\Windows\System32\drivers\pccsmcfd.sys (Nokia) DRV - (usbfilter) -- C:\Windows\System32\drivers\usbfilter.sys (Advanced Micro Devices Inc.) DRV - (hwdatacard) -- C:\Windows\System32\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.) DRV - (AgereSoftModem) -- C:\Windows\System32\drivers\AGRSM.sys (Agere Systems) DRV - (Afc) -- C:\Windows\System32\drivers\afc.sys (Arcsoft, Inc.) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKLM\..\SearchScopes,Backup.Old.DefaultScope = {afdbddaa-5d3f-42ee-b79c-185a7020515b} IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{3D34971C-E1B2-B068-DFC3-6337AA1A9947}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2303923 IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2900932004-3961150359-2209842598-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://global.acer.com [binary data] IE - HKU\S-1-5-21-2900932004-3961150359-2209842598-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1 IE - HKU\S-1-5-21-2900932004-3961150359-2209842598-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.de/ IE - HKU\S-1-5-21-2900932004-3961150359-2209842598-1000\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 1 IE - HKU\S-1-5-21-2900932004-3961150359-2209842598-1000\..\SearchScopes,Backup.Old.DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-2900932004-3961150359-2209842598-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2900932004-3961150359-2209842598-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC IE - HKU\S-1-5-21-2900932004-3961150359-2209842598-1000\..\SearchScopes\{3D34971C-E1B2-B068-DFC3-6337AA1A9947}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&affID=112843&babsrc=SP_ss&mntrId=5ed31ef70000000000000017c47d807f IE - HKU\S-1-5-21-2900932004-3961150359-2209842598-1000\..\SearchScopes\{61D67AE6-764E-4fe3-9EA9-EED03317C725}: "URL" = hxxp://www.ask.com/web?&o=13795&l=dis&q={searchTerms} IE - HKU\S-1-5-21-2900932004-3961150359-2209842598-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE330DE330 IE - HKU\S-1-5-21-2900932004-3961150359-2209842598-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7ACAW_deDE330DE330&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\S-1-5-21-2900932004-3961150359-2209842598-1000\..\SearchScopes\{BE89DB2D-4B15-4FB4-8237-D5FDE15FDE87}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-4&o=APN10261&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^AGS&apn_dtid=^YYYYYY^YY^DE&apn_uid=c499b9f8-8ea2-43a8-b166-8e5718f8f42b&apn_sauid=B51F3D41-F8DA-4BC7-A3B0-29FCBD8F8293 IE - HKU\S-1-5-21-2900932004-3961150359-2209842598-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2900932004-3961150359-2209842598-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..backup.old.browser.search.selectedEngine: "foxsearch" FF - prefs.js..browser.startup.homepage: "hxxp://www.google.de/" FF - prefs.js..browser.search.defaultenginename: "foxsearch" FF - prefs.js..browser.search.order.1: "foxsearch" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "https://www.google.de/" FF - prefs.js..extensions.enabledAddons: adblockpopups%40jessehakanen.net:0.5 FF - prefs.js..extensions.enabledAddons: browserlab%40adobe.com:1.0.0.1227P.314153 FF - prefs.js..extensions.enabledAddons: firebug%40tools.sitepoint.com:1.6 FF - prefs.js..extensions.enabledAddons: firebugpaintevents%40kylescholz.com:0.1.8 FF - prefs.js..extensions.enabledAddons: firefinder%40robertnyman.com:1.2.5 FF - prefs.js..extensions.enabledAddons: icffirebug%40robertnyman.com:1.1 FF - prefs.js..extensions.enabledAddons: ich%40maltegoetz.de:1.4.3 FF - prefs.js..extensions.enabledAddons: info%40skymeissner.com:1.4 FF - prefs.js..extensions.enabledAddons: personas%40christopher.beard:1.6.2 FF - prefs.js..extensions.enabledAddons: %7B9aad3da6-6c46-4ef0-9109-6df5eaaf597c%7D:1.4.1 FF - prefs.js..extensions.enabledAddons: %7B9BAE5926-8513-417d-8E47-774955A7C60D%7D:1.1.1d FF - prefs.js..extensions.enabledAddons: %7Ba7c6cf7f-112c-4500-a7ea-39801a327e5f%7D:2.0.7 FF - prefs.js..extensions.enabledAddons: %7Bc45c406e-ab73-11d8-be73-000a95be3b12%7D:1.2.2 FF - prefs.js..extensions.enabledAddons: %7BE6C1199F-E687-42da-8C24-E7770CC3AE66%7D:1.8.0 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1 FF - prefs.js..extensions.enabledItems: {9BAE5926-8513-417d-8E47-774955A7C60D}:1.1.1d FF - prefs.js..extensions.enabledItems: {A27F3FEF-1113-4cfb-A032-8E12D7D8EE70}:7.3.4.48 FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.732 FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.2 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22 FF - prefs.js..extensions.enabledItems: firebug@software.joehewitt.com:1.6.2 FF - prefs.js..extensions.enabledItems: firebug@tools.sitepoint.com:1.6 FF - prefs.js..extensions.enabledItems: browserlab@adobe.com:1.0.0.1009P.274944 FF - prefs.js..extensions.enabledItems: firefinder@robertnyman.com:1.01 FF - prefs.js..extensions.enabledItems: {c45c406e-ab73-11d8-be73-000a95be3b12}:1.1.9 FF - prefs.js..extensions.enabledItems: icffirebug@robertnyman.com:1.0 FF - prefs.js..extensions.enabledItems: {a7c6cf7f-112c-4500-a7ea-39801a327e5f}:1.0.10 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23 FF - prefs.js..extensions.enabledItems: {0329E7D6-6F54-462D-93F6-F5C3118BADF2}:2.2.9 FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24 FF - prefs.js..network.proxy.autoconfig_url: "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20((url.indexOf('turntable.fm')%20!%3D%20-1%20%26%26%20url.indexOf('static.turntable.fm')%20%3D%3D%20-1)%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20host%20%3D%3D%20'www.pandora.com')%20%7B%20return%20'PROXY%20us04.personalitycores.com%3A8000%3B%20PROXY%20us01.personalitycores.com%3A8000%3B%20PROXY%20us05.personalitycores.com%3A8000'%3B%7D%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D" FF - prefs.js..network.proxy.type: 2 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_146.dll () FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.) FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8051.1204: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.01.13 15:40:39 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.01.18 21:40:59 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.01.18 21:40:42 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.08.21 08:22:23 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010.01.13 15:40:39 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.01.18 21:40:59 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.01.18 21:40:42 | 000,000,000 | ---D | M] [2010.05.03 12:27:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kirstin\AppData\Roaming\mozilla\Extensions [2010.05.03 12:27:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kirstin\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6} [2013.01.20 20:51:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Kirstin\AppData\Roaming\mozilla\Firefox\Profiles\emn4ri5p.default\extensions [2011.04.09 20:02:41 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\Kirstin\AppData\Roaming\mozilla\Firefox\Profiles\emn4ri5p.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}(316) [2011.04.09 20:02:44 | 000,000,000 | ---D | M] (ImTranslator) -- C:\Users\Kirstin\AppData\Roaming\mozilla\Firefox\Profiles\emn4ri5p.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}(317) [2011.04.06 11:07:59 | 000,000,000 | ---D | M] (Firebug Autocompleter) -- C:\Users\Kirstin\AppData\Roaming\mozilla\Firefox\Profiles\emn4ri5p.default\extensions\{9aad3da6-6c46-4ef0-9109-6df5eaaf597c}(318) [2009.12.17 00:36:51 | 000,000,000 | ---D | M] (FireFTP button) -- C:\Users\Kirstin\AppData\Roaming\mozilla\Firefox\Profiles\emn4ri5p.default\extensions\{9BAE5926-8513-417d-8E47-774955A7C60D} [2010.06.02 11:38:59 | 000,000,000 | ---D | M] (FireFTP) -- C:\Users\Kirstin\AppData\Roaming\mozilla\Firefox\Profiles\emn4ri5p.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}(358) [2010.12.03 10:40:39 | 000,000,000 | ---D | M] (FireFTP) -- C:\Users\Kirstin\AppData\Roaming\mozilla\Firefox\Profiles\emn4ri5p.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}(491) [2010.02.06 09:15:15 | 000,000,000 | ---D | M] (gTranslate) -- C:\Users\Kirstin\AppData\Roaming\mozilla\Firefox\Profiles\emn4ri5p.default\extensions\{aff87fa2-a58e-4edd-b852-0a20203c1e17}(249) [2010.07.27 06:35:49 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Kirstin\AppData\Roaming\mozilla\Firefox\Profiles\emn4ri5p.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(692) [2012.04.02 06:57:28 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Kirstin\AppData\Roaming\mozilla\Firefox\Profiles\emn4ri5p.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(820) [2012.11.25 22:07:02 | 000,000,000 | ---D | M] (Adobe BrowserLab for Firebug) -- C:\Users\Kirstin\AppData\Roaming\mozilla\Firefox\Profiles\emn4ri5p.default\extensions\browserlab@adobe.com [2011.04.26 09:45:23 | 000,000,000 | ---D | M] (FlashFirebug) -- C:\Users\Kirstin\AppData\Roaming\mozilla\Firefox\Profiles\emn4ri5p.default\extensions\flashfirebug@o-minds(315).com [2012.09.19 21:23:42 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Kirstin\AppData\Roaming\mozilla\Firefox\Profiles\emn4ri5p.default\extensions\ich@maltegoetz.de [2011.03.13 20:21:38 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Kirstin\AppData\Roaming\mozilla\Firefox\Profiles\emn4ri5p.default\extensions\personas@christopher.beard [2010.07.29 22:55:34 | 000,000,000 | ---D | M] (1-Click YouTube Video Downloader) -- C:\Users\Kirstin\AppData\Roaming\mozilla\Firefox\Profiles\emn4ri5p.default\extensions\YoutubeDownloader@PeterOlayev(691).com [2012.11.14 21:43:16 | 000,124,993 | ---- | M] () (No name found) -- C:\Users\Kirstin\AppData\Roaming\mozilla\firefox\profiles\emn4ri5p.default\extensions\adblockpopups@jessehakanen.net.xpi [2013.01.05 19:48:11 | 000,013,169 | ---- | M] () (No name found) -- C:\Users\Kirstin\AppData\Roaming\mozilla\firefox\profiles\emn4ri5p.default\extensions\DrupalForFirebug@drupal.org.xpi [2012.12.13 10:23:31 | 002,151,598 | ---- | M] () (No name found) -- C:\Users\Kirstin\AppData\Roaming\mozilla\firefox\profiles\emn4ri5p.default\extensions\firebug@software.joehewitt.com.xpi [2012.11.25 22:07:02 | 000,870,767 | ---- | M] () (No name found) -- C:\Users\Kirstin\AppData\Roaming\mozilla\firefox\profiles\emn4ri5p.default\extensions\firebug@tools.sitepoint.com.xpi [2012.11.25 22:07:02 | 000,006,131 | ---- | M] () (No name found) -- C:\Users\Kirstin\AppData\Roaming\mozilla\firefox\profiles\emn4ri5p.default\extensions\firebugpaintevents@kylescholz.com.xpi [2012.11.25 22:07:02 | 000,043,807 | ---- | M] () (No name found) -- C:\Users\Kirstin\AppData\Roaming\mozilla\firefox\profiles\emn4ri5p.default\extensions\firefinder@robertnyman.com.xpi [2012.11.25 22:07:02 | 000,011,251 | ---- | M] () (No name found) -- C:\Users\Kirstin\AppData\Roaming\mozilla\firefox\profiles\emn4ri5p.default\extensions\icffirebug@robertnyman.com.xpi [2012.11.12 09:57:49 | 000,009,689 | ---- | M] () (No name found) -- C:\Users\Kirstin\AppData\Roaming\mozilla\firefox\profiles\emn4ri5p.default\extensions\info@skymeissner.com.xpi [2013.01.11 19:55:53 | 000,300,446 | ---- | M] () (No name found) -- C:\Users\Kirstin\AppData\Roaming\mozilla\firefox\profiles\emn4ri5p.default\extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2012.11.25 22:07:02 | 000,338,733 | ---- | M] () (No name found) -- C:\Users\Kirstin\AppData\Roaming\mozilla\firefox\profiles\emn4ri5p.default\extensions\{9aad3da6-6c46-4ef0-9109-6df5eaaf597c}.xpi [2012.11.22 15:12:27 | 000,876,990 | ---- | M] () (No name found) -- C:\Users\Kirstin\AppData\Roaming\mozilla\firefox\profiles\emn4ri5p.default\extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f}.xpi [2013.01.05 19:48:13 | 000,220,411 | ---- | M] () (No name found) -- C:\Users\Kirstin\AppData\Roaming\mozilla\firefox\profiles\emn4ri5p.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi [2012.09.06 17:20:33 | 001,268,546 | ---- | M] () (No name found) -- C:\Users\Kirstin\AppData\Roaming\mozilla\firefox\profiles\emn4ri5p.default\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi [2012.12.21 13:16:58 | 000,014,714 | ---- | M] () (No name found) -- C:\Users\Kirstin\AppData\Roaming\mozilla\firefox\profiles\emn4ri5p.default\extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2013.01.20 20:21:19 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2013.01.18 21:40:35 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013.01.18 21:40:59 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll [2012.06.21 07:37:53 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml [2012.08.30 06:24:26 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml [2012.06.21 07:37:53 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml [2010.07.01 06:33:42 | 000,000,143 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\foxsearch.src [2012.06.21 07:37:53 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml [2012.06.21 07:37:53 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml [2012.06.21 07:37:53 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== O1 HOSTS File: ([2013.01.19 10:20:18 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (AcroIEToolbarHelper Class) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll () O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programme\Google\GoogleToolbarNotifier\3.1.415.1646\swg.dll (Google Inc.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll () O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-48514E463B27} - No CLSID value found. O3 - HKU\S-1-5-21-2900932004-3961150359-2209842598-1000\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found. O3 - HKU\S-1-5-21-2900932004-3961150359-2209842598-1000\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll () O4 - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4 - HKLM..\Run: [Acronis Scheduler2 Service] C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe (Acronis) O4 - HKLM..\Run: [AmIcoSinglun] C:\Programme\AmIcoSingLun\AmIcoSinglun.exe (AlcorMicro Co., Ltd.) O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [ArcSoft Connection Service] C:\Programme\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe (ArcSoft Inc.) O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG) O4 - HKLM..\Run: [BackupManagerTray] C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe (NewTech Infosystems, Inc.) O4 - HKLM..\Run: [CLMLServer] C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe (CyberLink) O4 - HKLM..\Run: [KiesTrayAgent] C:\Programme\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.) O4 - HKLM..\Run: [LexwareInfoService] C:\Program Files\Common Files\Lexware\Update Manager\LxUpdateManager.exe (Haufe-Lexware GmbH & Co. KG) O4 - HKLM..\Run: [LManager] C:\Programme\Launch Manager\LManager.exe (Dritek System Inc.) O4 - HKLM..\Run: [MobileConnect] C:\Program Files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone) O4 - HKLM..\Run: [mwlDaemon] C:\Programme\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe (EgisTec Inc.) O4 - HKLM..\Run: [PlayMovie] C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.) O4 - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4 - HKLM..\Run: [SAOB Monitor] C:\Programme\Acronis\TrueImageHome\OnlineBackupStandalone\TrueImageMonitor.exe (Acronis) O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKLM..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) O4 - HKU\S-1-5-21-2900932004-3961150359-2209842598-1000..\Run: [Akamai NetSession Interface] C:\Users\Kirstin\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKU\S-1-5-21-2900932004-3961150359-2209842598-1000..\Run: [AnyDVD] C:\Programme\SlySoft\AnyDVD\AnyDVDtray.exe (SlySoft, Inc.) O4 - HKU\S-1-5-21-2900932004-3961150359-2209842598-1000..\Run: [D490D4BEFDEAEF6310F5FBDFAEDB8D5359769B10._service_run] C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) O4 - HKU\S-1-5-21-2900932004-3961150359-2209842598-1000..\Run: [KiesAirMessage] C:\Program Files\Samsung\Kies\KiesAirMessage.exe (Samsung Electronics) O4 - HKU\S-1-5-21-2900932004-3961150359-2209842598-1000..\Run: [KiesPreload] C:\Program Files\Samsung\Kies\Kies.exe (Samsung) O4 - HKU\S-1-5-21-2900932004-3961150359-2209842598-1000..\Run: [Optimizer Pro] C:\Programme\Optimizer Pro\OptProLauncher.exe (PC Utilities Pro) O4 - HKU\S-1-5-21-2900932004-3961150359-2209842598-1000..\Run: [RegistryBooster] C:\Program Files\Uniblue\RegistryBooster\launcher.exe (Uniblue Systems Limited) O4 - HKU\S-1-5-21-2900932004-3961150359-2209842598-1000..\Run: [WMPNSCFG] C:\Programme\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) O4 - Startup: C:\Users\Kirstin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BackupManager.list () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1 O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2900932004-3961150359-2209842598-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKU\S-1-5-21-2900932004-3961150359-2209842598-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG) O15 - HKU\S-1-5-21-2900932004-3961150359-2209842598-1000\..Trusted Domains: localhost ([]http in Local intranet) O15 - HKU\S-1-5-21-2900932004-3961150359-2209842598-1000\..Trusted Ranges: GD ([http] in Local intranet) O16 - DPF: {28B66320-9687-4B13-8757-36F901887AB5} hxxp://www.lidl-fotos.de/ips-opdata/layout/lidl02/objects/canvasx.cab (CanvasX Class) O16 - DPF: {34DC6011-88B5-4EA9-BA7A-DC7B4F4437FE} hxxp://www.lidl-fotos.de/ips-opdata/layout/lidl02/objects/jordan.cab (JordanUploader Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://javadl-esd.sun.com/update/1.5.0/jinstall-1_5-windows-i586.cab (Java Plug-in 10.4.1) O16 - DPF: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_17-windows-i586.cab (Java Plug-in 1.5.0_17) O16 - DPF: {CAFEEFAC-0017-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_04-windows-i586.cab (Java Plug-in 1.7.0_04) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_10-windows-i586.cab (Java Plug-in 10.4.1) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0C127B67-4A0E-49B6-A4E5-0D313D95E43A}: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8050.1202.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL) - C:\Programme\Google\Google Desktop Search\GoogleDesktopNetwork3.dll (Google) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O24 - Desktop WallPaper: C:\Windows\Web\Wallpaper\img30.jpg O24 - Desktop BackupWallPaper: C:\Windows\Web\Wallpaper\img30.jpg O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006.09.18 22:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) ========== Files/Folders - Created Within 30 Days ========== [2013.01.20 21:11:59 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Kirstin\Desktop\OTL.exe [2013.01.19 10:24:03 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013.01.19 09:52:54 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013.01.19 09:52:54 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013.01.19 09:52:54 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013.01.19 09:52:39 | 000,000,000 | ---D | C] -- C:\ComboFix [2013.01.19 09:52:22 | 000,000,000 | ---D | C] -- C:\Qoobox [2013.01.19 09:50:40 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013.01.18 21:43:45 | 005,023,971 | R--- | C] (Swearware) -- C:\Users\Kirstin\Desktop\ComboFix.exe [2013.01.18 21:40:28 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox [2013.01.17 23:26:17 | 002,213,976 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Kirstin\Desktop\tdsskiller.exe [2013.01.17 22:18:40 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Kirstin\Desktop\aswMBR.exe [2013.01.17 14:45:24 | 000,000,000 | ---D | C] -- C:\Users\Kirstin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter [2013.01.17 14:45:18 | 000,000,000 | ---D | C] -- C:\sh4ldr [2013.01.17 14:45:18 | 000,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group [2013.01.16 07:49:33 | 000,000,000 | ---D | C] -- C:\Users\Kirstin\Desktop\mbar [2013.01.14 09:07:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.01.14 09:07:24 | 000,021,104 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2013.01.14 09:07:24 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2013.01.13 22:18:33 | 000,000,000 | ---D | C] -- C:\Users\Kirstin\AppData\Roaming\Malwarebytes [2013.01.13 22:18:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.01.09 10:33:33 | 002,048,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2013.01.09 10:32:31 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ncrypt.dll [2013.01.07 22:44:53 | 000,000,000 | ---D | C] -- C:\Users\Kirstin\AppData\Roaming\HPAppData [2013.01.06 19:16:30 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CrashDump [2012.12.22 03:01:41 | 000,293,376 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2012.12.22 03:01:41 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.01.20 21:31:10 | 000,001,100 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.01.20 21:12:11 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kirstin\Desktop\OTL.exe [2013.01.20 21:04:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.01.20 20:57:26 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.01.20 20:57:23 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\RegistryBooster.job [2013.01.20 20:57:12 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2013.01.20 20:57:12 | 000,003,216 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2013.01.20 20:57:07 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl [2013.01.20 20:56:58 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.01.20 20:56:51 | 2548,350,976 | -HS- | M] () -- C:\hiberfil.sys [2013.01.20 18:54:37 | 000,574,677 | ---- | M] () -- C:\Users\Kirstin\Desktop\adwcleaner.exe [2013.01.20 17:39:38 | 000,000,680 | ---- | M] () -- C:\Users\Kirstin\AppData\Local\d3d9caps.dat [2013.01.19 10:20:18 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2013.01.19 08:23:42 | 000,089,600 | ---- | M] () -- C:\Users\Kirstin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2013.01.18 21:45:04 | 005,023,971 | R--- | M] (Swearware) -- C:\Users\Kirstin\Desktop\ComboFix.exe [2013.01.17 23:26:24 | 002,213,976 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Kirstin\Desktop\tdsskiller.exe [2013.01.17 23:14:25 | 000,000,512 | ---- | M] () -- C:\Users\Kirstin\Desktop\MBR.dat [2013.01.17 22:57:40 | 303,258,382 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.01.17 22:19:31 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Kirstin\Desktop\aswMBR.exe [2013.01.17 14:45:26 | 000,002,085 | ---- | M] () -- C:\Users\Kirstin\Desktop\SpyHunter.lnk [2013.01.16 07:49:08 | 013,462,931 | ---- | M] () -- C:\Users\Kirstin\Desktop\mbar-1.01.0.1016.zip [2013.01.14 09:07:27 | 000,000,910 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.01.10 07:38:03 | 004,178,960 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.01.10 00:22:56 | 000,628,968 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.01.10 00:22:56 | 000,596,222 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.01.10 00:22:56 | 000,126,680 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.01.10 00:22:56 | 000,104,296 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.01.09 10:06:33 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013.01.09 10:06:32 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2013.01.07 08:26:12 | 000,065,415 | ---- | M] () -- C:\Users\Kirstin\Documents\Scan0010.pdf [2013.01.07 08:23:38 | 000,116,893 | ---- | M] () -- C:\Users\Kirstin\Documents\Scan0012.pdf [2013.01.07 08:21:39 | 000,115,993 | ---- | M] () -- C:\Users\Kirstin\Documents\Scan0011.jpg [2013.01.06 00:39:00 | 000,001,787 | ---- | M] () -- C:\Users\Kirstin\Desktop\Samsung Kies (Lite).lnk [2013.01.06 00:24:19 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2013.01.04 20:44:35 | 000,001,456 | ---- | M] () -- C:\Users\Kirstin\AppData\Local\Adobe Für Web speichern 12.0 Prefs [2012.12.31 19:18:59 | 000,007,368 | ---- | M] () -- C:\Users\Kirstin\Documents\Kontaktformular Horsemanshipschule.html [2012.12.23 00:46:57 | 000,000,133 | ---- | M] () -- C:\Users\Kirstin\Desktop\verkleinerer.set [1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.01.20 18:54:33 | 000,574,677 | ---- | C] () -- C:\Users\Kirstin\Desktop\adwcleaner.exe [2013.01.20 17:39:38 | 000,000,680 | ---- | C] () -- C:\Users\Kirstin\AppData\Local\d3d9caps.dat [2013.01.19 09:52:54 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013.01.19 09:52:54 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013.01.19 09:52:54 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013.01.19 09:52:54 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013.01.19 09:52:54 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013.01.17 23:14:25 | 000,000,512 | ---- | C] () -- C:\Users\Kirstin\Desktop\MBR.dat [2013.01.17 14:45:25 | 000,002,085 | ---- | C] () -- C:\Users\Kirstin\Desktop\SpyHunter.lnk [2013.01.16 07:48:39 | 013,462,931 | ---- | C] () -- C:\Users\Kirstin\Desktop\mbar-1.01.0.1016.zip [2013.01.14 09:07:27 | 000,000,910 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk [2013.01.07 08:23:37 | 000,116,893 | ---- | C] () -- C:\Users\Kirstin\Documents\Scan0012.pdf [2013.01.07 08:21:39 | 000,115,993 | ---- | C] () -- C:\Users\Kirstin\Documents\Scan0011.jpg [2013.01.07 07:18:24 | 000,065,415 | ---- | C] () -- C:\Users\Kirstin\Documents\Scan0010.pdf [2013.01.06 00:39:00 | 000,001,787 | ---- | C] () -- C:\Users\Kirstin\Desktop\Samsung Kies (Lite).lnk [2012.12.31 19:18:59 | 000,007,368 | ---- | C] () -- C:\Users\Kirstin\Documents\Kontaktformular Horsemanshipschule.html [2012.10.02 12:30:22 | 000,207,488 | ---- | C] () -- C:\Windows\System32\LXPrnUtil10.dll [2012.10.02 12:30:22 | 000,138,368 | ---- | C] () -- C:\Windows\System32\LxDNTvmc100.dll [2012.10.02 12:30:20 | 000,074,368 | ---- | C] () -- C:\Windows\System32\LxDNTvm100.dll [2012.10.02 12:30:18 | 000,318,592 | ---- | C] () -- C:\Windows\System32\LxDNT100.dll [2012.08.28 22:29:13 | 000,065,024 | ---- | C] () -- C:\Windows\System32\wlaopref.exe [2012.06.22 12:01:30 | 000,019,984 | ---- | C] () -- C:\Windows\System32\ESGScanner.sys [2012.04.30 08:32:38 | 000,000,728 | ---- | C] () -- C:\Users\Kirstin\AppData\Local\Tempgui.config [2011.11.29 16:38:18 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe [2011.11.29 16:38:12 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll [2011.11.29 16:38:12 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll [2011.11.29 16:38:12 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll [2011.11.29 16:38:12 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll [2011.09.07 21:43:04 | 000,000,273 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc [2011.05.10 13:07:21 | 000,000,126 | ---- | C] () -- C:\Windows\APDatabaseUI.INI [2011.05.09 09:15:20 | 000,000,132 | ---- | C] () -- C:\Users\Kirstin\AppData\Roaming\Adobe BMP Format CS5 Prefs [2011.02.17 23:07:19 | 000,000,132 | ---- | C] () -- C:\Users\Kirstin\AppData\Roaming\Adobe GIF Format CS5 Prefs [2011.02.17 22:58:28 | 000,001,456 | ---- | C] () -- C:\Users\Kirstin\AppData\Local\Adobe Für Web speichern 12.0 Prefs [2011.02.16 08:35:38 | 000,000,034 | ---- | C] () -- C:\Users\Kirstin\mm.cfg [2010.08.03 21:40:36 | 000,024,206 | ---- | C] () -- C:\Users\Kirstin\AppData\Roaming\UserTile.png [2010.07.28 14:07:43 | 003,650,262 | ---- | C] () -- C:\Users\Kirstin\AppData\Local\TempBad Segeberg 2010 Sando Leichte Kür.mp3 [2010.07.17 22:44:48 | 000,013,658 | ---- | C] () -- C:\Users\Kirstin\AppData\Local\Tempplan.xml [2010.07.17 22:44:48 | 000,001,010 | ---- | C] () -- C:\Users\Kirstin\AppData\Local\Tempvprofile.dat [2010.01.24 23:10:39 | 000,003,928 | -H-- | C] () -- C:\Users\Kirstin\AppData\Local\BackupManager.list [2010.01.12 13:38:58 | 000,001,677 | ---- | C] () -- C:\Users\Kirstin\Kalender von Kirstin.ics [2009.12.17 09:29:25 | 000,000,100 | -H-- | C] () -- C:\ProgramData\BackupManager.list [2009.12.17 03:15:57 | 000,002,780 | -H-- | C] () -- C:\Users\Kirstin\BackupManager.list [2009.12.17 01:04:17 | 000,004,836 | -H-- | C] () -- C:\Users\Kirstin\AppData\Roaming\BackupManager.list [2009.10.23 07:12:09 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2009.07.24 06:51:34 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib [2009.06.07 21:36:17 | 000,089,600 | ---- | C] () -- C:\Users\Kirstin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.06.03 12:24:51 | 000,000,772 | ---- | C] () -- C:\Users\Kirstin\AppData\Roaming\wklnhst.dat [2008.06.23 12:02:02 | 000,097,410 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4 [2008.05.23 16:48:50 | 000,020,270 | ---- | C] () -- C:\ProgramData\DeviceInstaller.xml ========== ZeroAccess Check ========== [2006.11.02 13:54:22 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2012.06.08 18:47:00 | 011,586,048 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2009.04.11 07:28:19 | 000,614,912 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.04.11 07:28:25 | 000,347,648 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both ========== LOP Check ========== [2009.03.11 23:29:48 | 000,000,000 | ---D | M] -- C:\Users\Default\AppData\Roaming\Acer GameZone Console [2009.03.11 23:29:48 | 000,000,000 | ---D | M] -- C:\Users\Default User\AppData\Roaming\Acer GameZone Console [2011.09.12 22:57:04 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\26C13EA7-D779-4643-9AB5-334070B15EBD [2012.10.07 22:38:40 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\4Free [2009.12.17 00:16:32 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\5400 Series [2011.01.06 09:04:40 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\8BF4B188-E5B9-42F4-B63E-F27754744D04 [2009.12.17 00:16:53 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\Acer GameZone Console [2010.01.25 16:47:27 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\Acronis [2010.12.10 19:36:41 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\Amazon [2012.11.26 00:01:33 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\Artisteer [2010.03.01 10:15:35 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\Avery [2012.01.30 07:48:00 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\BA46F38A-7DD2-49DA-91FB-9766CBF88899 [2012.02.28 13:00:28 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\Blender Foundation [2011.10.14 11:25:44 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\calibre [2011.02.14 15:42:36 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1 [2011.05.27 12:32:18 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\DA14BE56-1881-4862-8000-E459337B3A83 [2010.07.01 06:34:09 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\Digiarty [2012.04.13 23:55:25 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\Dropbox [2009.12.17 00:20:30 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\eSobi [2013.01.09 00:03:05 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\FileZilla [2009.12.17 00:20:31 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\fotobuch.de AG [2011.01.14 07:42:08 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\Gutscheinmieze [2009.12.17 00:20:34 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\Helios [2009.12.17 00:20:36 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\Hentrich-Software [2011.01.09 22:58:52 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\kompozer.net [2012.12.10 10:56:28 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\Lexware [2009.12.17 00:38:49 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\NCH Swift Sound [2012.04.30 08:22:41 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\Nokia [2012.04.30 08:22:42 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\Nokia Ovi Suite [2012.10.23 14:03:07 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\Optimizer Pro [2010.02.18 15:39:56 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\PC Suite [2010.08.03 21:40:36 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\PeerNetworking [2009.12.17 00:38:50 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\PowerCinema [2009.12.17 00:39:12 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\Recordpad [2012.12.05 14:42:44 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\Samsung [2009.12.17 00:41:02 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\SoftDMA [2011.04.04 12:30:54 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1 [2012.04.09 00:06:29 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\Temp [2009.12.17 00:41:16 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\Template [2010.05.03 12:27:21 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\Thunderbird [2011.09.05 10:48:34 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\Uniblue [2009.12.17 01:03:29 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\Vodafone [2011.03.03 18:34:23 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\Windows Live Writer [2011.04.28 16:10:56 | 000,000,000 | ---D | M] -- C:\Users\Kirstin\AppData\Roaming\XMedia Recode ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:3B3A35EC @Alternate Data Stream - 121 bytes -> C:\ProgramData\Temp:B623B5B8 @Alternate Data Stream - 120 bytes -> C:\ProgramData\Temp:CE0A077E @Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:B203B914 @Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:131C0EE9 < End of report > |
|
20.01.2013, 22:17
| #15 |
| | Malwarebytes bricht ständig ab OTL Extra.txt: Code:
ATTFilter OTL Extras logfile created on: 20.01.2013 21:22:37 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Kirstin\Desktop
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
2,37 Gb Total Physical Memory | 1,06 Gb Available Physical Memory | 44,68% Memory free
4,97 Gb Paging File | 3,38 Gb Available in Paging File | 68,03% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 455,99 Gb Total Space | 207,80 Gb Free Space | 45,57% Space Free | Partition Type: NTFS
Computer Name: KIRSTINS-PC | User Name: Kirstin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-2900932004-3961150359-2209842598-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- rundll32.exe shell32.dll,Control_RunDLL "%1",%*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
htafile [open] -- "%1" %*
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~3\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Directory [SNAPFISH] -- "C:\Program Files\SNAPFISH\SNAPFISH\SNAPFISH.exe" "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe /separate,/idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /separate,/e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"VistaSp2" = Reg Error: Unknown registry data type -- File not found
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\fotobuch.de AG\Designer 2.0\Designer.exe" = C:\Program Files\fotobuch.de AG\Designer 2.0\Designer.exe:*:Designer.exe -- ()
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{36216B6B-D235-4EEE-BD7C-000D23FBE068}" = lport=10243 | protocol=6 | dir=in | app=system |
"{5890EC8B-D561-4FB6-8BF8-F7EBA199E59B}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{5EC43925-47A6-473E-AE11-735312FA97C5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{69749B3D-941C-4BCD-AE5E-924F1EA4E28D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{6A80AE2F-0572-4280-ADC1-FD212D88110F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{747AE341-FED3-4DF8-A51E-964CA28E7B65}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9CB067D0-19BF-47FE-83AC-CA0CE777BC72}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B58CA460-0C64-4233-90A6-8F43BEA08B57}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BA5F590D-4D55-47A6-9165-F2BCDE63EBE5}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BFC72BE4-9A88-4734-AA4B-5CAC8F0AB26B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C5480AD3-1EFC-4CA0-9AB5-52BE5F7840EF}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{C891C919-BE4F-438C-A3D8-6994E6D60A5E}" = lport=49159 | protocol=6 | dir=in | name=akamai netsession interface |
"{E8328714-4761-4A30-8211-B882A75CECBC}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00B7897C-C34F-44C9-A204-15D58CE28078}" = dir=in | app=c:\program files\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{030E6D27-ABD2-4AEF-9A71-2E6413D0802F}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe |
"{05FA87D4-B383-4F6F-A73B-E7CEEA7F105B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{06CB9592-E30B-460B-A93B-C2FDFEDE7DF0}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{0C8EC47A-FB3E-44C4-A94D-E84281E1EBF1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{11168A22-D55E-4067-87AB-785E74D1831B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{161E7BE5-6E84-4938-8446-2988729EA90B}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqste08.exe |
"{1999BC21-F33C-407B-8095-596B083FE740}" = dir=in | app=c:\program files\hp\digital imaging\smart web printing\smartwebprintexe.exe |
"{19ABFE8C-0159-4DDB-B63B-048F847773BC}" = protocol=6 | dir=in | app=c:\program files\lexmark 5400 series\lxctaiox.exe |
"{1B882A53-4495-4DA6-B358-A1FEDB48243A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpzwiz01.exe |
"{1C59A376-AAAD-43FD-AA89-51A523E6F92A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1CA23ACD-0DAA-4E35-A6C1-4E8606982FA4}" = protocol=6 | dir=in | app=c:\program files\lexmark 5400 series\lxctmon.exe |
"{1CCA0F32-946D-460C-ADA7-675DF86B3B1A}" = dir=in | app=c:\program files\acer arcade deluxe\homemedia\homemedia.exe |
"{2119289C-4426-44C6-8DCD-B3D9E4DE59D1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqcopy2.exe |
"{21EC42CF-63DA-4CC0-84F6-3F479EE36735}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgm.exe |
"{22C58FB7-2E8C-4818-B2D4-D7D8FA4F2793}" = protocol=17 | dir=in | app=d:\alicecd.exe |
"{23686365-02C7-4943-8E98-50D30A5E868B}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\devicesetup.exe |
"{27B7146A-0188-49C3-B2EB-DCBDAF300186}" = dir=in | app=c:\program files\common files\hp\digital imaging\bin\hpqphotocrm.exe |
"{2CFF7347-B3C8-4A35-A33E-5CC7EE83939A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqfxt08.exe |
"{321F58FB-6B81-4D2C-8E89-67E8E3294ABB}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{3291AAC7-7B09-4256-918E-EC87D8EA94F3}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{342B9064-2C3E-4F40-9262-307C6CEF8C60}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposid01.exe |
"{34387E27-B86B-478C-8103-458BDD5B5189}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe |
"{3AD621CD-F3DB-40CC-AA78-F9DE377D7685}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3CAD15D5-523A-4388-98F3-309D9AFC6B8A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{3E502686-CA9B-41E4-8A23-4B4A700DB759}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgplgtupl.exe |
"{45D2F5BF-16C4-4324-93BF-A5E2EE7F73F8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{47DDC0B4-BE2B-4CFA-9605-83E366123A35}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpfccopy.exe |
"{4CEFAB47-00BA-4760-AC32-BEF5814226E9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqusgh.exe |
"{4EA0F4C2-3E70-4FC3-A19C-C15C6C9A7B1E}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4F1B65DE-C669-4BA4-9759-6D9516D1B9CE}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5202A704-E66A-437D-BF0D-99C338C7501C}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqgpc01.exe |
"{57D088B9-7F24-4035-8D61-A9391806B296}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{58C26802-5231-4762-921C-BF6C80999CA1}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpsapp.exe |
"{5F38EDED-815A-4E5F-821C-40A30A729E41}" = protocol=6 | dir=out | app=system |
"{6308DE0B-20A0-4A00-9EDB-9E6881A7778D}" = dir=in | app=c:\program files\hp\digital imaging\bin\hposfx08.exe |
"{6C975B16-6FC8-47E1-BD02-9A96BC58EEE7}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7226EADE-9C2B-43B2-83EE-E9D57C77D9F9}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{79998817-05CF-4709-A9DF-6DD2DC2901D3}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqtra08.exe |
"{7D5BD84D-0F97-45C3-BBE9-41810F3828A1}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{7D6C2C5C-4D22-48A1-A6FF-D5BA10899DE5}" = protocol=6 | dir=in | app=c:\users\kirstin\appdata\local\akamai\netsession_win.exe |
"{7FC71BDB-44B5-4879-977F-00963824D872}" = protocol=17 | dir=in | app=c:\users\kirstin\appdata\local\akamai\netsession_win.exe |
"{841FD16A-C75C-4A1A-A072-8DCC40BA0134}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\playmovie.exe |
"{87D28B73-A45A-4391-95E7-226ADFB3BC5A}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpiscnapp.exe |
"{8A3938E5-66B4-475D-B557-4024D07FD56D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{8CB531D1-CF68-463C-8102-1A593848F9E9}" = protocol=17 | dir=in | app=c:\users\kirstin\appdata\roaming\dropbox\bin\dropbox.exe |
"{94D1EF94-015E-4DA9-B49B-14545B07C76D}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\hpnetworkcommunicator.exe |
"{99B7FA1F-AD94-4C46-A434-8C999D1EF40D}" = protocol=6 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"{9A8F3A3C-4911-4EE4-8828-13ED5167AFA8}" = dir=in | app=c:\program files\acer arcade deluxe\playmovie\pmvservice.exe |
"{9BD8939B-8EBB-4EDA-85C3-843FA735BDBA}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A000D248-9E56-4F4E-B333-CB0712FAEEE9}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqnrs08.exe |
"{A0FF3DA8-7795-4942-8E76-7DE40C3012C6}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxm08.exe |
"{A6BDB3F0-A2B3-4CB4-8945-DE79B390BCBE}" = protocol=17 | dir=in | app=c:\windows\system32\lxctcoms.exe |
"{AB95645F-F9FD-4A51-A73A-4DA372DE01D7}" = protocol=6 | dir=in | app=c:\users\kirstin\appdata\roaming\dropbox\bin\dropbox.exe |
"{BE5A22FF-6A30-4A38-A03A-5186CA80B314}" = dir=in | app=c:\program files\hp\hp software update\hpwucli.exe |
"{C0339C8E-05A2-4BEA-9BA3-8D3DCEA0EC93}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{C069B866-7823-4CCA-8568-4186F651BAA6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C4C60E83-601B-449E-91AC-58C31D9C07F8}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710n-z\bin\devicesetup.exe |
"{CD7D3905-FAF6-4958-B35F-21C1D77F3948}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{CDE98BCB-D245-43A3-A1ED-FF0809BB6F46}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqpse.exe |
"{DE54707B-A614-480B-A2B0-6B29ACB20A4B}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{DEECD085-B757-4794-A4B8-F6DAD84383EA}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqsudi.exe |
"{E53E42D2-0620-4E7F-8283-1BE761990E5B}" = protocol=6 | dir=in | app=c:\windows\system32\lxctcoms.exe |
"{E6D7B207-484C-4FEA-B76D-8F657BD65A29}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpofxs08.exe |
"{E9AE87DC-A834-448A-ABB6-C3AC06BB5B93}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{EACD1FB2-D6F3-4A30-BE57-EBFAA36FA127}" = dir=in | app=c:\program files\hp\digital imaging\bin\hpqkygrp.exe |
"{ECF2E501-67E1-473C-94F6-D5EB3B7A9B4D}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{F1248F2F-3A28-4614-9D4B-7E77179E65FD}" = protocol=17 | dir=in | app=c:\program files\lexmark 5400 series\lxctaiox.exe |
"{F1A81FFE-A643-469E-9EA3-D4F25E32BE8C}" = protocol=17 | dir=in | app=c:\program files\lexmark 5400 series\lxctmon.exe |
"{F25ABB89-3577-4109-8BB6-24D83231BBEE}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{F5451596-6DC2-4BD4-A714-61A0FDC21C2B}" = dir=in | app=c:\program files\itunes\itunes.exe |
"{FBB7453C-2016-4C0C-AF54-6842C8EBAE03}" = protocol=6 | dir=in | app=d:\alicecd.exe |
"{FF85C6A5-7596-4827-8471-594B8742D16A}" = protocol=17 | dir=in | app=c:\program files\newtech infosystems\nti backup now 5\backupsvc.exe |
"TCP Query User{0A2AB32D-41E6-4B0E-8BB0-09C34246D30A}C:\users\kirstin\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\kirstin\appdata\local\akamai\netsession_win.exe |
"TCP Query User{0F62C7AF-B86A-48CA-9AB7-DE1C73D41889}C:\users\kirstin\programm-xmapp\xampp\mysql\bin\mysqld.exe" = protocol=6 | dir=in | app=c:\users\kirstin\programm-xmapp\xampp\mysql\bin\mysqld.exe |
"TCP Query User{12DE0971-1BF1-44ED-9CC1-809E3D872993}C:\users\kirstin\programm-xmapp\xampp\apache\bin\httpd.exe" = protocol=6 | dir=in | app=c:\users\kirstin\programm-xmapp\xampp\apache\bin\httpd.exe |
"TCP Query User{20F8CCC4-3B04-46DD-9679-C56555A1ECFF}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{28B44C2C-4CDD-4C30-B686-A599BE3372DE}C:\program files\internet explorer\iexplore.exe" = protocol=6 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"TCP Query User{2F3B54C2-25DB-4B2D-A3AD-FE3E42BFADD3}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"TCP Query User{395E72D6-FE39-44B9-BD39-67B9C8BF1CB4}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{53816B02-3364-4B3F-A17B-9002B908F151}C:\users\kirstin\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\kirstin\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{68F3DB9A-408C-433B-B556-6F262AE0E0E3}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"TCP Query User{7591E67A-9F70-4DC5-BE65-604185DC38AA}C:\program files\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files\emule\emule.exe |
"TCP Query User{7BB806CF-AA53-44FB-9889-040A435A24FF}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
"TCP Query User{9B604713-47BA-4A34-A9F9-933EFAD5C6E1}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{A839EE0A-B44A-41DB-BFED-8C85DAB3C00B}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=6 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"TCP Query User{BDD0980B-9157-44F2-8B5C-3B1D41225B62}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=6 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
"TCP Query User{C5426E46-0159-40AF-B355-351F28BA3476}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"TCP Query User{E52EFD82-D7CD-4684-9976-F089B8708748}C:\program files\mozilla firefox\firefox.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"TCP Query User{F1A75F55-A9E9-45B9-A4A5-FD1F2AE9ADC7}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{003A95E7-D78D-4D1E-923A-8C56BD492EBC}C:\users\kirstin\programm-xmapp\xampp\apache\bin\httpd.exe" = protocol=17 | dir=in | app=c:\users\kirstin\programm-xmapp\xampp\apache\bin\httpd.exe |
"UDP Query User{0CC12258-FE4E-4B94-9798-E1A8579A7685}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{2443B5B0-AE01-499C-8E14-B972E0ED0444}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{394C5E5B-B985-4DD8-ABBE-DAAAF7B997B8}C:\program files\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files\emule\emule.exe |
"UDP Query User{3E9F7169-53E6-44AE-827E-01C7022ACAE7}C:\users\kirstin\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\kirstin\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{452A35F5-A707-4A07-B0CC-9125DD178BC3}C:\users\kirstin\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\kirstin\appdata\local\akamai\netsession_win.exe |
"UDP Query User{53DF4BE7-96A2-4A97-8590-7351C9ED7BC1}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
"UDP Query User{587CB2E3-373D-43E5-BDB8-BDA5541661C5}C:\program files\mozilla firefox\firefox.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\firefox.exe |
"UDP Query User{70E42497-D304-4F5E-B498-8C4CCF68A412}C:\program files\nokia\nokia ovi suite\nokiaovisuite.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia ovi suite\nokiaovisuite.exe |
"UDP Query User{71346BF5-21DD-451C-9CAE-7A475BA80C75}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{72427C59-ED23-4F79-8E00-BDADF5D99540}C:\program files\internet explorer\iexplore.exe" = protocol=17 | dir=in | app=c:\program files\internet explorer\iexplore.exe |
"UDP Query User{A9AAFC21-3131-4615-BB0F-430FB027E95D}C:\users\kirstin\programm-xmapp\xampp\mysql\bin\mysqld.exe" = protocol=17 | dir=in | app=c:\users\kirstin\programm-xmapp\xampp\mysql\bin\mysqld.exe |
"UDP Query User{C0F6C829-E0F9-4DB1-A33D-37CE16F4AC43}C:\program files\nokia\nokia software updater\nsu_ui_client.exe" = protocol=17 | dir=in | app=c:\program files\nokia\nokia software updater\nsu_ui_client.exe |
"UDP Query User{C6FF72DF-8615-4698-87C1-F2EF9F45CD27}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe" = protocol=17 | dir=in | app=c:\program files\common files\nokia\service layer\a\nsl_host_process.exe |
"UDP Query User{E6889EF9-B386-4FCF-BA45-8159E79DBF0A}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe |
"UDP Query User{E9312D64-89A2-4B07-AEC3-6066CC49470A}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
"UDP Query User{F738080C-A8B4-41F6-B6D9-7F1468CB4339}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00AB7335-3CEF-4747-9CC7-41C600A7E0E9}" = Lexware faktura+auftrag 2013
"{02698606-3A21-489D-9D2A-75C9E8D3E5BD}" = Adobe Creative Suite 5 Design Premium
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{03A7C57A-B2C8-409b-92E5-524A0DFD0DD3}" = Status
"{04441EE4-3631-43DB-813A-9D031380C8E5}" = MarketingReg
"{04A3A6B0-8E19-49BB-82FF-65C5A55F917D}" = Acronis*True*Image*Home 2011
"{052FDD78-A6EA-3187-8386-C82F4CA3A929}" = Microsoft .NET Framework 3.5 Language Pack SP1 - deu
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{087A66B8-1F0F-4a8d-A649-0CFE276AA7C0}" = WebReg
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0D2DBE8A-43D0-7830-7AE7-CA6C99A832E7}" = Adobe Community Help
"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{1696F18E-2932-8A68-91A8-EAD17895285C}" = CCC Help Polish
"{1753255A-0AEB-4220-8C75-607B73F0C133}" = Copy
"{181AEE57-04D3-26A1-6DCD-5A2084D4C36F}" = CCC Help Danish
"{18433D88-7499-D8F4-5D1C-32A83CC05752}" = CCC Help Chinese Traditional
"{1846A764-A6C1-46D2-B245-DAEDB2FDF5C9}" = Lexware kundenmanager 2011 System
"{195F5712-5E23-4DBB-8413-0EC6F0D60ABA}" = Studie zur Verbesserung von HP Officejet 6500 E710n-z Produkten
"{1B8BF8D8-325A-8AEE-CBFE-EC1251C51B0B}" = Catalyst Control Center Core Implementation
"{1E6804DA-9192-F510-7A19-DD505E662D41}" = CCC Help Korean
"{1EBD33A9-2AAF-4CE6-8D62-9D3634C8B43B}" = HP Officejet 6500 E710n-z - Grundlegende Software für das Gerät
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20aa4150-b5f4-11de-8a39-0800200c9a66}_is1" = KompoZer 0.8b3
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{25B6FA39-24D1-4B2F-9280-099F2543E6B8}" = Lexware kundenmanager 2009 System
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 10
"{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1" = ConvertHelper 2.2
"{2A329FB6-389D-4396-A974-29656D6864AE}" = MarketResearch
"{2C39F7CF-E022-4C0D-B1BA-AF6DDD931054}" = ArcSoft MediaImpression
"{2CAB55FA-A147-4215-81A6-E9A9038B7970}" = Plus Pack für Acronis True Image Home 2011
"{2CC8130C-D0DC-C15B-21BE-99926467CBD1}" = CCC Help Finnish
"{2D27D952-ACF0-0B27-DC1A-C1DB49CAD846}" = ccc-core-static
"{2D99A593-C841-43A7-B7C9-D6F3AE70B756}" = Nokia Connectivity Cable Driver
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{3248F0A8-6813-11D6-A77B-00B0D0150170}" = J2SE Runtime Environment 5.0 Update 17
"{3700194C-C5DD-439A-BE06-A66960CA4C70}" = MSVCSetup
"{38DAE5F5-EC70-4aa5-801B-D11CA0A33B41}" = BPDSoftware
"{3A3653D7-90DA-D323-EE10-02BE5A955051}" = CCC Help Turkish
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{4412F224-3849-4461-A3E9-DEEF8D252790}" = Visual Studio C++ 10.0 Runtime
"{457B1BA7-0829-B9EE-AC06-42BD80CFA6D2}" = ccc-utility
"{47ECCB1F-2811-49C0-B6A7-26778639ABA0}" = 32 Bit HP CIO Components Installer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}" = Junk Mail filter update
"{4AEC222A-82B0-A8DB-2BFC-CFB2759B3F36}" = Catalyst Control Center Localization All
"{4D304678-738E-42a0-931A-2B022F49DEB8}" = TrayApp
"{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}" = UnloadSupport
"{569A0B32-D216-63C9-9148-B3221BF5C30D}" = CCC Help German
"{57F60D52-630B-43C5-BD20-176F5CD4EED6}" = bpd_scan
"{591203A7-8794-BDD1-11F3-1447522E4150}" = CCC Help Greek
"{5A166C0B-9557-4364-A057-F946D674E6AC}" = Windows Live Mail
"{5B63A470-9334-44D1-AF61-6CE2DB565AE9}" = Orion
"{5CCF8330-F742-411A-8A04-719806D168B5}" = Deutsche Post E-Porto
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62B7C52C-CAB6-48B1-8245-52356C141C92}" = RENESIS® Player Browser Plugins
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{660AB86D-3900-62F4-C790-879ABB6B4CF7}" = CCC Help French
"{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}" = eSupportQFolder
"{676981B7-A2D9-49D0-9F4C-03018F131DA9}" = DocProc
"{681B698F-C997-42C3-B184-B489C6CA24C9}" = HPPhotoSmartDiscLabelContent1
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{69995C7A-062A-4A90-A4DF-8C22895DF522}" = iTunes
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A1ACC15-7632-45ba-A3AB-0250EBD4B7DD}" = 6500_E709a
"{6B96DADA-1A27-4A04-8CB2-CC45168D05FA}" = Windows Live Fotogalerie
"{6CC080F1-2E00-41D5-BE47-A3BC784E9DFB}" = BPDSoftware_Ini
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6EED4269-588D-45b8-A80C-26A9CA62EE4E}" = HPSSupply
"{6F5E2F4A-377D-4700-B0E3-8F7F7507EA15}" = CustomerResearchQFolder
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71C2828F-2678-4675-BDEC-895424861262}_is1" = C:\Program Files\Acer GameZone\GameConsole
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{74224F8D-4A17-4816-9EDB-7BB854DE532C}" = NVIDIA PhysX v8.04.25
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{77077FFF-8831-470F-9627-E86F06A50CCD}" = Avery Wizard 3.1
"{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}" = MobileMe Control Panel
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{7FA27A0B-8E35-A611-382F-2C31828DBBCA}" = Catalyst Control Center Graphics Light
"{81821BF8-DA20-4F8C-AA87-F70A274828D4}" = Windows Live Writer
"{824D3839-DAA1-4315-A822-7AE3E620E528}" = VideoToolkit01
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110184263}" = Puzzle Express
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11037623}" = Tradewinds 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111205743}" = Tri-Peaks Solitaire To Go
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111232687}" = Ocean Express
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-111252743}" = Mahjong Escape Ancient China
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11170417}" = Luxor 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113009953}" = Turbo Pizza
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11551977}" = Parking Dash
"{835686C5-8650-49EB-8CA0-4528B4035495}" = Windows Live Call
"{837B6259-6FF5-4E66-87C1-A5A15ED36FF4}" = Windows Live Messenger
"{83B9F0EF-68CC-6151-0339-BE2DAD01254B}" = Catalyst Control Center Graphics Full New
"{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}" = HPDiagnosticAlert
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87A9A9A9-FAB7-4224-9328-0FA2058C0FD5}" = Network
"{87E2B986-07E8-477a-93DC-AF0B6758B192}" = DocProcQFolder
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A3F7BF5-AE97-E6AA-2078-56678841B9F2}" = CCC Help Japanese
"{8AE7E507-BC49-4DF0-A236-26878691AB53}" = Lexware Info Service
"{8C1E2925-14F8-45AA-B999-1E2A74BF5607}" = Windows Live Sync
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}" = Choice Guard
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_HOMESTUDENTR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_HOMESTUDENTR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_HOMESTUDENTR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_HOMESTUDENTR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00B2-0407-0000-0000000FF1CE}" = Microsoft – Speichern als PDF oder XPS – Add-In für 2007 Microsoft Office-Programme
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9129B46A-51F0-431b-9838-DF7272F3204E}" = ProductContext
"{91D87975-616E-C6E2-6AB0-AC48E6E3C8B4}" = Catalyst Control Center InstallProxy
"{92ABBA93-EE00-41C7-8D44-67D0C9DEF51E}" = Catalyst Control Center - Branding
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A4D182C-35C7-4791-8484-4304EBC9101A}" = Windows 7 Upgrade Advisor
"{9AF0B106-56F1-461B-A270-95BC1682E282}" = Broadcom Gigabit NetLink Controller
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9CCCFD9C-248F-47FE-9496-1680E3E5C163}" = Scan
"{A0D285EA-5E1F-DC9C-2092-2C8A422E42C3}" = CCC Help Chinese Standard
"{A3AB35FA-943E-4799-99DC-46EFD59E998F}" = AMD USB Audio Driver Filter
"{A509F7BA-007E-82CF-003D-F8C01A1E8511}" = CCC Help Thai
"{A77255C4-AFCB-44A3-BF0F-2091A71FFD9E}" = Acer Crystal Eye Webcam
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB5D51AE-EBC3-438D-872C-705C7C2084B0}" = DeviceManagementQFolder
"{AC13BA3A-336B-45a4-B3FE-2D3058A7B533}" = Toolbox
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Deutsch
"{ACA85783-8EEA-4f0a-B2A3-A8173F30209F}" = C4200_doccd
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF7FC1CA-79DF-43c3-90A3-33EFEB9294CE}" = AIO_Scan
"{B09BCBF6-87EE-4403-A336-3A9510856535}" = HP Photosmart All-In-One Software 9.0
"{B2EFA385-09C9-4E52-B4B3-AD15A6D3773B}" = Lexware kundenmanager 2011
"{B4A34D42-758D-8BEE-1F06-D8AFAC8F4002}" = CCC Help Spanish
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B6EC7388-E277-4A5B-8C8F-71067A41BA64}" = TextPad 5
"{B97A0C89-29C0-4682-902C-364109A9857C}" = Belkin F6D4050 Enhanced Wireless USB Adapter
"{BF74F0D6-542B-1D47-1026-31F568D8A798}" = CCC Help Norwegian
"{BF91B300-EEBC-4223-96F3-0FCBF7241B50}" = AmIcoSingLun
"{BFDE4176-5DFE-4db9-AA00-8F30CB001BDA}" = c4200_Help
"{C23CD6DA-1958-43A5-ADD0-59396572E02E}" = Apple Mobile Device Support
"{C29C1940-CB85-4F3B-906C-33FEE0E67103}" = DocMgr
"{C2EE3A10-C169-68C7-5335-2F7FC56DA1A4}" = Catalyst Control Center Graphics Full Existing
"{C373F7C4-05D2-4047-96D1-6AF30661C6AA}" = PC Connectivity Solution
"{C39E671D-0528-4c5e-A034-8470C5BC393A}" = C4200
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C656142F-EFE1-44CD-BFAD-6CBC6DCB9860}" = Vodafone Mobile Connect Lite
"{C6579A65-9CAE-4B31-8B6B-3306E0630A66}" = Apple Software Update
"{C7E1D9E3-3569-5898-714F-22EF74C04B73}" = CCC Help Hungarian
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{CE9F5AF2-A03A-26C2-7DF6-DAED2368E673}" = CCC Help Czech
"{CF25D77A-BDBE-EE99-EACC-5576FA9FFD19}" = CCC Help Swedish
"{D03482C5-9AD8-496D-B388-692AE04C93AF}" = Bonjour
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D0D14551-3A2D-433B-861F-F4DCE5422759}" = Nokia PC Suite
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D52ECEBC-9B20-41A5-81C4-A62DE2367419}" = Adobe Creative Suite
"{D79113E7-274C-470B-BD46-01B10219DF6A}" = HPPhotosmartEssential
"{D8B7A682-20DA-4797-8415-B1FB14D4D32B}" = PS_AIO_Software
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DA20E1A8-07CB-4EE7-9B72-A7E28C953F0E}" = Acer Product Registration
"{DBB1F4ED-3212-4F58-A427-9C01DE4A24A5}_is1" = Uniblue SystemTweaker
"{DC39A078-4D4C-4EF2-9CAF-69D342D74125}" = Microsoft Sync Framework Runtime v1.0 (x86) de
"{DDA88701-D6FB-783C-5339-4F9875DB7F6B}" = CCC Help Russian
"{DDABC667-56B3-4122-82B0-2F5782EA2F9A}" = SpyHunter
"{DDD5104F-1C44-49EB-9E6B-29EC5D27658B}" = HP Update
"{DE13432E-F0C1-4842-A5BA-CC997DA72A70}" = 6500_E709_eDocs
"{DE3A9DC5-9A5D-6485-9662-347162C7E4CA}" = Adobe Media Player
"{DEE132BD-4ADD-D9A1-56C7-356CB939A69E}" = CCC Help Italian
"{DF5F687F-8018-4542-9F98-7084E9022917}" = Windows Live Essentials
"{E250B734-C4C2-8D67-546D-640D6789088D}" = CCC Help Portuguese
"{E28750A2-45F2-4b63-99F7-9F81A94B1E2D}" = PS_AIO_Software_min
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{E55B3271-7CA8-4D0C-AE06-69A24856E997}_is1" = Uniblue RegistryBooster
"{E8D33431-67EA-4DC1-B443-EE989DE532BC}" = Microsoft Sync Framework Services v1.0 (x86) de
"{EAF1DC9B-81CB-AADD-EA03-EE3F7EC9A8D7}" = CCC Help English
"{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}" = Apple Application Support
"{EC2F8A30-787F-4DA5-9A8F-8E7DFE777CC2}" = Servicepack Datumsaktualisierung
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EEEB604C-C1A7-4f8c-B03F-56F9C1C9C45F}" = Fax
"{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}" = Destination Component
"{EFBC0CB1-AFFD-4E74-ACEF-42099F1D49C3}" = HP Officejet 6500 E710n-z Hilfe
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F185B35D-38E5-4D88-B275-15C8C7FC4357}" = 6500_E709_Help
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F69E83CF-B440-43F8-89E6-6EA80712109B}" = Windows Live Communications Platform
"{F72E2DDC-3DB8-4190-A21D-63883D955FE7}" = PSSWCORE
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F769B78E-FF0E-4db5-95E2-9F4C8D6352FE}" = DeviceDiscovery
"{F7CE0C98-25D9-853D-63C8-72CD673F693E}" = CCC Help Dutch
"{FA0F0A01-4631-4161-A6C2-948BF694382E}" = HP Officejet 6500 E709 Series
"{FB0C267C-8B4F-4867-8161-A6A3B66D42C1}" = Marketsplash Schnellzugriffe
"{FD7F242B-9AA0-40c3-941E-3A9821D19C09}" = PS_AIO_ProductContext
"{FE215BA1-CFE6-37D1-81A8-231961C4941E}" = ATI Catalyst Install Manager
"{FE23D063-934D-4829-A0D8-00634CE79B4A}" = Adobe AIR
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"504244733D18C8F63FF584AEB290E3904E791693" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"72A50F48CC5601190B9C4E74D81161693133E7F7" = Windows-Treiberpaket - Nokia Modem (02/25/2011 7.01.0.9)
"Acer Screensaver" = Acer ScreenSaver
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Adobe SVG Viewer" = Adobe SVG Viewer 3.0
"Agere Systems Soft Modem" = Agere Systems HDA Modem
"Akamai" = Akamai NetSession Interface Service
"AnyDVD" = AnyDVD
"Artisteer 3" = Artisteer 3
"Artisteer 4" = Artisteer 4
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVS Screen Capture_is1" = AVS Screen Capture version 2.0.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor_is1" = AVS Video Editor 6
"AVS Video Recorder_is1" = AVS Video Recorder 2.5
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"Blender" = Blender
"Buttonz & Tilez" = Buttonz & Tilez
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"CloneDVD2" = CloneDVD2
"com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Media Player
"Designer 2.0_is1" = Designer 2.0
"DVD Decrypter" = DVD Decrypter (Remove Only)
"E0AC723A3DE3A04256288CADBBB011B112AED454" = Windows-Treiberpaket - Nokia Modem (02/25/2011 4.7)
"FileZilla Client" = FileZilla Client 3.3.3
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"Google Chrome" = Google Chrome
"Google Desktop" = Google Desktop
"GridVista" = Acer GridVista
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"HP Document Manager" = HP Document Manager 2.0
"HP Imaging Device Functions" = HP Imaging Device Functions 12.0
"HP Photosmart Essential" = HP Photosmart Essential 3.5
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 12.0
"HPOCR" = OCR Software by I.R.I.S. 12.0
"HS Mehrwertsteuer 3.27" = HS Mehrwertsteuer 3.27
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{B97A0C89-29C0-4682-902C-364109A9857C}" = Belkin F6D4050 Enhanced Wireless USB Adapter
"InstallShield_{BF91B300-EEBC-4223-96F3-0FCBF7241B50}" = AmIcoSingLun
"Lexmark 5400 Series" = Lexmark 5400 Series
"LManager" = Launch Manager
"MAGIX Screenshare D" = MAGIX Screenshare 4.3.6.1987 (D)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Marble Pop 3D" = Marble Pop 3D
"McAfee Security Scan" = McAfee Security Scan Plus
"Microsoft .NET Framework 3.5 Language Pack SP1 - deu" = Microsoft .NET Framework 3.5 Language Pack SP1 - DEU
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Mozilla Firefox 18.0.1 (x86 de)" = Mozilla Firefox 18.0.1 (x86 de)
"Mozilla Thunderbird 10.0.2 (x86 de)" = Mozilla Thunderbird 10.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MyTomTom" = MyTomTom 3.2.0.802
"Nokia PC Suite" = Nokia PC Suite
"Optimizer Pro_is1" = Optimizer Pro v3.0
"Pearl Poppers" = Pearl Poppers
"Samplitude Music Studio 15 Download-Version D" = Samplitude Music Studio 15 Download-Version 15.0.1.0 (D)
"Secret Of Six Seas" = Secret Of Six Seas
"Shop for HP Supplies" = Shop for HP Supplies
"SNAPFISH" = SNAPFISH
"Switch" = Switch Audiodatei-Konverter
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WavePad" = WavePad Sound Editor
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR
"WinX Video Converter_is1" = WinX Video Converter 4.5.2
"XMedia Recode" = XMedia Recode 2.2.9.7
"Zuma's Revenge!" = Zuma's Revenge!
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2900932004-3961150359-2209842598-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"MyFreeCodec" = MyFreeCodec
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 19.01.2013 13:02:36 | Computer Name = Kirstins-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 19.01.2013 13:20:45 | Computer Name = Kirstins-PC | Source = Windows Search Service | ID = 3079
Description =
Error - 19.01.2013 19:16:39 | Computer Name = Kirstins-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 18.0.1.4764 arbeitet nicht mehr mit
Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen über
das Problem zu suchen. Prozess-ID: 1230 Anfangszeit: 01cdf668a7dfa127 Zeitpunkt der
Beendigung: 152
Error - 19.01.2013 19:17:20 | Computer Name = Kirstins-PC | Source = Application Hang | ID = 1002
Description = Programm WINWORD.EXE, Version 12.0.6668.5000 arbeitet nicht mehr mit
Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: 1954 Anfangszeit: 01cdf67ea71d87a7 Zeitpunkt
der Beendigung: 0
Error - 19.01.2013 19:18:24 | Computer Name = Kirstins-PC | Source = Application Hang | ID = 1002
Description = Programm WINWORD.EXE, Version 12.0.6668.5000 arbeitet nicht mehr mit
Windows zusammen und wurde beendet. Überprüfen Sie den Problemverlauf im Applet
"Lösungen für Probleme" in der Systemsteuerung, um nach weiteren Informationen
über das Problem zu suchen. Prozess-ID: 18d4 Anfangszeit: 01cdf69b21b43747 Zeitpunkt
der Beendigung: 0
Error - 20.01.2013 04:09:34 | Computer Name = Kirstins-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
Error - 20.01.2013 04:10:46 | Computer Name = Kirstins-PC | Source = WinMgmt | ID = 10
Description =
Error - 20.01.2013 12:35:35 | Computer Name = Kirstins-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
Error - 20.01.2013 12:36:51 | Computer Name = Kirstins-PC | Source = WinMgmt | ID = 10
Description =
Error - 20.01.2013 15:57:18 | Computer Name = Kirstins-PC | Source = VMCService | ID = 0
Description = conflictManagerTypeValue
Error - 20.01.2013 15:58:45 | Computer Name = Kirstins-PC | Source = WinMgmt | ID = 10
Description =
[ OSession Events ]
Error - 12.08.2009 10:18:58 | Computer Name = Kirstins-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 4007
seconds with 120 seconds of active time. This session ended with a crash.
Error - 19.09.2009 08:47:51 | Computer Name = Kirstins-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6504.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 187373
seconds with 1200 seconds of active time. This session ended with a crash.
Error - 16.07.2010 02:34:16 | Computer Name = Kirstins-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6535.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 1385
seconds with 1320 seconds of active time. This session ended with a crash.
Error - 02.03.2011 13:05:00 | Computer Name = Kirstins-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 19287
seconds with 3120 seconds of active time. This session ended with a crash.
Error - 27.04.2011 22:01:29 | Computer Name = Kirstins-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6550.5004, Microsoft Office Version: 12.0.6425.1000. This session lasted 66840
seconds with 3660 seconds of active time. This session ended with a crash.
Error - 21.08.2012 16:57:46 | Computer Name = Kirstins-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 135373
seconds with 2100 seconds of active time. This session ended with a crash.
Error - 07.09.2012 04:01:08 | Computer Name = Kirstins-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 12835
seconds with 4800 seconds of active time. This session ended with a crash.
Error - 19.01.2013 19:18:14 | Computer Name = Kirstins-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 53
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 13.06.2009 16:32:08 | Computer Name = Kirstins-PC | Source = HTTP | ID = 15016
Description =
Error - 13.06.2009 16:32:40 | Computer Name = Kirstins-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 13.06.2009 16:38:11 | Computer Name = Kirstins-PC | Source = DCOM | ID = 10005
Description =
Error - 13.06.2009 16:38:11 | Computer Name = Kirstins-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 13.06.2009 16:38:11 | Computer Name = Kirstins-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 13.06.2009 16:38:11 | Computer Name = Kirstins-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 13.06.2009 16:38:11 | Computer Name = Kirstins-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 13.06.2009 16:41:41 | Computer Name = Kirstins-PC | Source = Service Control Manager | ID = 7009
Description =
Error - 13.06.2009 16:41:41 | Computer Name = Kirstins-PC | Source = Service Control Manager | ID = 7000
Description =
Error - 14.06.2009 06:36:19 | Computer Name = Kirstins-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am 13.06.2009 um 22:57:52 unerwartet heruntergefahren.
< End of report >
|
|
| Themen zu Malwarebytes bricht ständig ab |
| abbruch, brauche, browser, einfach, entferne, entfernen, firefox, forum, geladen, gen, gestern, googeln, home, komischer, kurzem, malwarebytes, meldung, probleme, programm, runter, service, system, verschoben, vista, vista home premium |
Hybrid-Darstellung
