Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Arbeitsstationsdienst lässt sich nicht starten!

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 03.02.2013, 20:16   #1
FRANKY93
 
Arbeitsstationsdienst lässt sich nicht starten! - Standard

Arbeitsstationsdienst lässt sich nicht starten!



Hi

ich wollte heute Kaspersky installieren, aber als ich den Lizenzschlüssel eingeben wollte kam eine Fehlermeldung. Ich vermute es liegt daran, dass ich den Arbeitsstationsdienst nicht starten kann, es erscheint immer folgende Fehlermeldung: Der Dienst "Arbeitsdienst" auf "Lokaler Computer" konnte nicht gestartet werden. Fehler 2: Das System kann die angegebene Datei nicht finden.

Außerdem kann ich keine Fenster mehr öffnen, es erscheint immer die Meldung:
"Windows-Explorer funktioniert nicht mehr" und im Anschluss "Windows-Explorer wird neu gestartet" - oft ist es so, dass dieser Zustand in einer Art Dauerschleufe hängenbleibt - es hört einfach nicht auf.

Ich habe auch diesen "LanmanworkstationCheck" gemacht und raus kam folgende Meldung:
"Vermutlich infiziert
Der Lanmanworkstationschlüssel konnte nicht ausgelesen werden oder ist nicht vorhanden!
Auf ihrem Rechner wurde eine Datei gefunden die auf eine Infektion mit einem Mediyes Trojaner hindeuten könnte! Bitte wenden sie sich mit den angezeiten Infos an das Virenforum und erstellen sie dort einen neuen Beitrag!!!"

Hier die Infos:

DLL im Lanmanworkstation Schlüssel:
Geladene DLL:
Signatur der DLL:
Rückgabe der Signaturermittlung: Das System kann die angegebene Datei nicht finden.
MD5 der DLL:

DLL im Dnscache Schlüssel: %SystemRoot%\System32\dnsrslvr.dll
Geladene DLL: C:\Windows\System32\dnsrslvr.dll
Signatur der DLL: Microsoft Windows
Rückgabe der Signaturermittlung: Der Vorgang wurde erfolgreich beendet.
MD5 der DLL: 16835866AAA693C7D7FCEBA8FFF706E4

Der Lanmanworkstation Schlüssel konnte nicht ausgelesen werden oder ist nicht vorhanden!
Auf ihrem Rechner wurde eine Datei gefunden, die auf eine Infektion mit einem
Mediyes Trojaner hindeuten könnte!


Ich bitte dringenst um eure Mithilfe!!
Vielen Dank schonmal im voraus!

Alt 04.02.2013, 11:29   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Arbeitsstationsdienst lässt sich nicht starten! - Standard

Arbeitsstationsdienst lässt sich nicht starten!



Hallo und

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Erstmal eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in CODE-Tags in den Thread.
__________________

__________________

Alt 04.02.2013, 18:08   #3
FRANKY93
 
Arbeitsstationsdienst lässt sich nicht starten! - Standard

Arbeitsstationsdienst lässt sich nicht starten!



Vielen Dank für deine Hilfe
Ich werde mich bemühen deinen Anweisungen zu folgen!

OTL.Txt

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 04.02.2013 17:49:42 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Frank\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,91 Gb Total Physical Memory | 5,07 Gb Available Physical Memory | 64,13% Memory free
15,82 Gb Paging File | 12,22 Gb Available in Paging File | 77,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 301,93 Gb Total Space | 61,10 Gb Free Space | 20,24% Space Free | Partition Type: NTFS
Drive D: | 371,71 Gb Total Space | 280,24 Gb Free Space | 75,39% Space Free | Partition Type: NTFS
Drive F: | 1863,01 Gb Total Space | 1127,99 Gb Free Space | 60,55% Space Free | Partition Type: NTFS
 
Computer Name: FRANK-PC | User Name: Frank | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Frank\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (Emsisoft GmbH)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org)
PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org)
PRC - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe (Microsoft Corporation.)
PRC - C:\Windows\SysWOW64\PnkBstrA.exe ()
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe (ASUS)
PRC - C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe (ASUS)
PRC - C:\Windows\SysWOW64\ACEngSvr.exe (ASUSTeK)
PRC - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
PRC - C:\ASUS.SYS\SIONExportService.exe (Splashtop Inc.)
PRC - C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe (Intel Corporation)
PRC - C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (CyberLink)
PRC - C:\Program Files (x86)\CyberLink\Shared files\brs.exe (cyberlink)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\syncables\syncables desktop\syncables.exe (syncables, LLC)
PRC - C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe (Sun Microsystems, Inc.)
PRC - C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\QtWebKit\qmlwebkitplugin4.dll ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll ()
MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll ()
MOD - C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll ()
MOD - C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll ()
MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (UxTuneUp) -- C:\Windows\SysNative\uxtuneup.dll (TuneUp Software)
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:64bit: - (AMPPALR3) -- C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation)
SRV:64bit: - (BTHSSecurityMgr) -- C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation)
SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (TurboBoost) -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe (Intel(R) Corporation)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV:64bit: - (LanmanWorkstation) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV - (a2AntiMalware) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe (Emsisoft GmbH)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (Hamachi2Svc) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe (LogMeIn Inc.)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\SysWOW64\uxtuneup.dll (TuneUp Software)
SRV - (AVP) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe (Microsoft Corporation.)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe (Microsoft Corporation.)
SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe ()
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Acresso Software Inc.)
SRV - (Update-Service) -- C:\Windows\SysWOW64\UpdSvc.dll (Joosoft.com GmbH)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (ASUS InstantOn) -- C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe (ASUS)
SRV - (Splashtop MDES) -- C:\ASUS.SYS\SIONExportService.exe (Splashtop Inc.)
SRV - (Bluetooth OBEX Service) -- C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Intel Corporation)
SRV - (Bluetooth Media Service) -- C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe (Intel Corporation)
SRV - (Bluetooth Device Monitor) -- C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Intel Corporation)
SRV - (Fabs) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (CLKMSVC10_38F51D56) -- C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe (CyberLink)
SRV - (HPSLPSVC) -- C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (DfSdkS) -- C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 8\DfsdkS64.exe (mst software GmbH, Germany)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FirebirdServerMAGIXInstance) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (Kaspersky Lab)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (Kaspersky Lab)
DRV:64bit: - (klkbdflt) -- C:\Windows\SysNative\drivers\klkbdflt.sys (Kaspersky Lab)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (kneps) -- C:\Windows\SysNative\drivers\kneps.sys (Kaspersky Lab)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (Kaspersky Lab ZAO)
DRV:64bit: - (kl1) -- C:\Windows\SysNative\drivers\kl1.sys (Kaspersky Lab ZAO)
DRV:64bit: - (kltdi) -- C:\Windows\SysNative\drivers\kltdi.sys (Kaspersky Lab)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (nvkflt) -- C:\Windows\SysNative\drivers\nvkflt.sys (NVIDIA Corporation)
DRV:64bit: - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:64bit: - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (NETwNs64) -- C:\Windows\SysNative\drivers\NETwNs64.sys (Intel Corporation)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (AMPPALP) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (AMPPAL) -- C:\Windows\SysNative\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (intaud_WaveExtensible) -- C:\Windows\SysNative\drivers\intelaud.sys (Intel Corporation)
DRV:64bit: - (iwdbus) -- C:\Windows\SysNative\drivers\iwdbus.sys (Intel Corporation)
DRV:64bit: - (iBtFltCoex) -- C:\Windows\SysNative\drivers\iBtFltCoex.sys (Intel Corporation)
DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (btmhsf) -- C:\Windows\SysNative\drivers\btmhsf.sys (Intel Corporation)
DRV:64bit: - (btmaux) -- C:\Windows\SysNative\drivers\btmaux.sys (Intel Corporation)
DRV:64bit: - (AiCharger) -- C:\Windows\SysNative\drivers\AiCharger.sys (ASUSTek Computer Inc.)
DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc)
DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc)
DRV:64bit: - (TurboB) -- C:\Windows\SysNative\drivers\TurboB.sys (Intel(R) Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (RTL8187B) -- C:\Windows\SysNative\drivers\RTL8187B.sys (Realtek Semiconductor Corporation                           )
DRV:64bit: - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV:64bit: - (ewusbnet) -- C:\Windows\SysNative\drivers\ewusbnet.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (hwusbdev) -- C:\Windows\SysNative\drivers\ewusbdev.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (hwdatacard) -- C:\Windows\SysNative\drivers\ewusbmdm.sys (Huawei Technologies Co., Ltd.)
DRV:64bit: - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (a2acc) -- C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys (Emsisoft GmbH)
DRV - (A2DDA) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys (Emsi Software GmbH)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE - HKLM\..\URLSearchHook: {62d40876-df18-411f-9d34-a9dd7a197bc5} - C:\Program Files (x86)\BrotherSoft_Extreme3\prxtbBrot.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
IE - HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1000\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus.msn.com
IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://asus.msn.com
IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001\..\URLSearchHook: {62d40876-df18-411f-9d34-a9dd7a197bc5} - C:\Program Files (x86)\BrotherSoft_Extreme3\prxtbBrot.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001\..\SearchScopes\{5895BA2C-841C-4749-B86C-CBC07A293553}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3205709
IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..CT3205709.browser.search.defaultthis.engineName: true
FF - prefs.js..CT3240727.browser.search.defaultthis.engineName: "true"
FF - prefs.js..browser.search.defaultenginename: "Search the web"
FF - prefs.js..browser.search.defaultthis.engineName: "findr Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3240727&SearchSource=3&q={searchTerms}&CUI=UN26736811875978932"
FF - prefs.js..browser.search.order.1: "Search the web"
FF - prefs.js..browser.search.selectedEngine: "Search the web"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://search.conduit.com/?ctid=CT3240727&SearchSource=13&CUI=UN26736811875978932"
FF - prefs.js..ct3205709.browser.search.defaultthis.engineName: true
FF - prefs.js..extensions.enabledAddons: %7BC9B68337-E93A-44EA-94DC-CB300EC06444%7D:5.30.4
FF - prefs.js..extensions.enabledAddons: %7BFCAB6FDD-5585-425b-95C1-5ED856F3FD08%7D:6.9
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.145
FF - prefs.js..extensions.enabledAddons: %7B62d40876-df18-411f-9d34-a9dd7a197bc5%7D:10.14.42.7
FF - prefs.js..extensions.enabledAddons: anti_banner%40kaspersky.com:13.0.1.4190
FF - prefs.js..extensions.enabledAddons: %7B4373e9b4-0a12-4112-8e3d-36ded19ee3dd%7D:10.14.42.7
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.1
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3240727&SearchSource=2&CUI=UN26736811875978932&q="
 
FF - user.js..browser.search.selectedEngine: "Search the web"
FF - user.js..browser.search.order.1: "Search the web"
FF - user.js..browser.search.defaultenginename: "Search the web"
FF - user.js..keyword.URL: "hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q="
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_146.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files (x86)\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.11.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.11.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\virtualKeyboard@kaspersky.ru: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.02.22 22:09:22 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.06.12 15:13:45 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\webbooster@iminent.com: C:\Program Files (x86)\Iminent\webbooster@iminent.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013.02.03 14:30:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013.02.03 14:30:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013.02.03 14:29:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013.02.03 14:29:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013.02.03 14:29:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.19 04:53:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.26 20:17:08 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012.06.12 15:13:45 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.01.19 04:53:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.01.26 20:17:08 | 000,000,000 | ---D | M]
 
[2011.12.09 22:25:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Frank\AppData\Roaming\mozilla\Extensions
[2013.02.03 17:48:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Frank\AppData\Roaming\mozilla\Firefox\Profiles\n1tor11v.default\extensions
[2013.02.03 09:28:59 | 000,000,000 | ---D | M] (findr) -- C:\Users\Frank\AppData\Roaming\mozilla\Firefox\Profiles\n1tor11v.default\extensions\{4373e9b4-0a12-4112-8e3d-36ded19ee3dd}
[2013.01.25 10:33:12 | 000,000,000 | ---D | M] (BrotherSoft Extreme3) -- C:\Users\Frank\AppData\Roaming\mozilla\Firefox\Profiles\n1tor11v.default\extensions\{62d40876-df18-411f-9d34-a9dd7a197bc5}
[2012.09.30 13:20:19 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\Frank\AppData\Roaming\mozilla\Firefox\Profiles\n1tor11v.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2012.02.22 22:01:00 | 000,000,000 | ---D | M] (toolplugin) -- C:\Users\Frank\AppData\Roaming\mozilla\Firefox\Profiles\n1tor11v.default\extensions\welcome@toolmin.com
[2013.02.03 17:48:27 | 000,817,973 | ---- | M] () (No name found) -- C:\Users\Frank\AppData\Roaming\mozilla\firefox\profiles\n1tor11v.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.09.16 20:22:51 | 000,304,450 | ---- | M] () (No name found) -- C:\Users\Frank\AppData\Roaming\mozilla\firefox\profiles\n1tor11v.default\extensions\{FCAB6FDD-5585-425b-95C1-5ED856F3FD08}.xpi
[2013.02.03 10:20:47 | 000,001,066 | ---- | M] () -- C:\Users\Frank\AppData\Roaming\mozilla\firefox\profiles\n1tor11v.default\searchplugins\findr-customized-web-search.xml
[2013.01.19 04:53:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.01.19 04:53:37 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\Program Files (x86)\mozilla firefox\extensions\KavAntiBanner@kaspersky.ru_bak
[2013.01.19 04:53:38 | 000,000,000 | ---D | M] (Modul zur Link-Untersuchung) -- C:\Program Files (x86)\mozilla firefox\extensions\linkfilter@kaspersky.ru_bak
[2012.02.22 22:09:22 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2013.02.03 14:29:47 | 000,000,000 | ---D | M] (Anti-Banner) -- C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY INTERNET SECURITY 2013\FFEXT\ANTI_BANNER@KASPERSKY.COM
[2013.01.19 04:53:47 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.11.29 10:19:31 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.11.29 10:19:31 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.11.29 10:19:31 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.11.29 10:19:32 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.02.22 22:01:00 | 000,000,158 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\Search the web.src
[2012.11.29 10:19:31 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.11.29 10:19:31 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (BrotherSoft Extreme3 Toolbar) - {62d40876-df18-411f-9d34-a9dd7a197bc5} - C:\Program Files (x86)\BrotherSoft_Extreme3\prxtbBrot.dll (Conduit Ltd.)
O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (BrotherSoft Extreme3 Toolbar) - {62d40876-df18-411f-9d34-a9dd7a197bc5} - C:\Program Files (x86)\BrotherSoft_Extreme3\prxtbBrot.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001\..\Toolbar\WebBrowser: (BrotherSoft Extreme3 Toolbar) - {62D40876-DF18-411F-9D34-A9DD7A197BC5} - C:\Program Files (x86)\BrotherSoft_Extreme3\prxtbBrot.dll (Conduit Ltd.)
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [BTMTrayAgent] C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll (Intel Corporation)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [IntelliType Pro] C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S                                                                                                                                                                                                 File not found
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe (Kaspersky Lab ZAO)
O4 - HKLM..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe (cyberlink)
O4 - HKLM..\Run: [emsisoft anti-malware] C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe (Emsisoft GmbH)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1000..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1000..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe (Samsung)
O4 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001..\Run: [Syncables] C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe (syncables, LLC)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1000..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Intel(R) Turbo Boost Technology Monitor 2.0.lnk =  File not found
O4 - Startup: C:\Users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-3164768286-1964387947-1448381298-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9:64bit: - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 1.6.0_31)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab (Java Plug-in 10.11.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{42713A31-1749-4DB5-91DC-FE79CFCC532C}: NameServer = 193.189.244.206 193.189.244.225
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B023C04D-E2DD-4399-975A-9BFF60B791C9}: NameServer = 193.189.244.225 193.189.244.206
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F72A33CB-0D97-46D0-8B73-02D4B5A20E02}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\asuswspanel.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\excel.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\groove.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\hamachi-2-ui.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\hpwucli.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\infopath.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\kies.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\labelprint.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\mediaespresso.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\msaccess.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\mspub.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\mstore.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\offdiag.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\ois.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\olrsubmission.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\onenote.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\outlook.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\pdr8.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\pdvdlaunchpolicy.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\power2go.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\power2goexpress.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\powerstarter.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\setup.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\uninst.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\Winword.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\asuswspanel.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\excel.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\groove.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\hamachi-2-ui.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\hpwucli.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\infopath.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\kies.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\labelprint.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\mediaespresso.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\msaccess.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\mspub.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\mstore.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\offdiag.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\ois.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\olrsubmission.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\onenote.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\outlook.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\pdr8.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\pdvdlaunchpolicy.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\power2go.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\power2goexpress.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\powerstarter.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\setup.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\uninst.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\Winword.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2013\TUAutoReactivator64.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{275586c8-f4fb-11e0-b5c4-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{275586c8-f4fb-11e0-b5c4-806e6f6e6963}\Shell\AutoRun\command - "" = E:\autorun.exe
O33 - MountPoints2\{426560aa-d973-11e1-974b-ac72891c556f}\Shell - "" = AutoRun
O33 - MountPoints2\{426560aa-d973-11e1-974b-ac72891c556f}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{5e9c83eb-d5ac-11e1-98ee-14dae9ab5f76}\Shell - "" = AutoRun
O33 - MountPoints2\{5e9c83eb-d5ac-11e1-98ee-14dae9ab5f76}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{952a04ec-da71-11e1-872b-ac72891c556f}\Shell - "" = AutoRun
O33 - MountPoints2\{952a04ec-da71-11e1-872b-ac72891c556f}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.04 17:48:10 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Frank\Desktop\OTL.exe
[2013.02.04 08:11:03 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan
[2013.02.04 08:10:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Task Manager
[2013.02.03 21:32:54 | 000,000,000 | ---D | C] -- C:\Users\Frank\AppData\Local\Chromium
[2013.02.03 19:52:07 | 000,623,003 | ---- | C] (No company) -- C:\Users\Frank\Desktop\LanmanCheck.exe
[2013.02.03 19:29:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
[2013.02.03 19:28:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
[2013.02.03 19:28:58 | 000,000,000 | ---D | C] -- C:\Users\Frank\Documents\Anti-Malware
[2013.02.03 18:48:03 | 000,000,000 | -HSD | C] -- C:\found.000
[2013.02.03 15:33:43 | 000,000,000 | ---D | C] -- C:\Users\Frank\AppData\Roaming\Malwarebytes
[2013.02.03 15:33:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2013.02.03 15:33:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.02.03 15:33:30 | 000,024,176 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2013.02.03 15:33:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2013.02.03 15:25:42 | 000,000,000 | ---D | C] -- C:\PPF_Scan1
[2013.02.03 14:50:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab Setup Files
[2013.02.03 14:30:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security 2013
[2013.02.03 14:30:25 | 000,064,856 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\klfphc.dll
[2013.02.03 14:29:51 | 000,000,000 | ---D | C] -- C:\Windows\ELAMBKUP
[2013.02.03 14:29:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2013.02.03 14:29:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2013.02.03 14:29:27 | 000,611,160 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klif.sys
[2013.02.03 14:29:27 | 000,089,432 | ---- | C] (Kaspersky Lab) -- C:\Windows\SysNative\drivers\klflt.sys
[2013.02.03 09:29:37 | 000,037,216 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2013.02.03 09:29:37 | 000,029,536 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2013.02.03 09:27:00 | 000,034,656 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2013.02.03 09:26:58 | 000,025,952 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2013.02.03 09:26:58 | 000,021,344 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2013.02.03 09:26:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
[2013.02.03 09:26:45 | 000,000,000 | ---D | C] -- C:\Users\Frank\AppData\Roaming\TuneUp Software
[2013.02.03 09:26:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013
[2013.02.03 09:26:38 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2013.02.03 09:26:35 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013.02.03 09:26:35 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013.02.03 09:26:16 | 000,000,000 | ---D | C] -- C:\Users\Frank\Documents\My Cheat Tables
[2013.02.03 09:26:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.2
[2013.02.03 09:26:04 | 000,000,000 | ---D | C] -- C:\Users\Frank\AppData\Roaming\OpenCandy
[2013.02.03 09:26:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Cheat Engine 6.2
[2013.02.02 18:09:29 | 000,000,000 | ---D | C] -- C:\Users\Frank\AppData\Local\Gameforge4d
[2013.02.02 18:09:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
[2013.02.02 18:08:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\GameforgeLive
[2013.02.02 18:08:51 | 000,000,000 | ---D | C] -- C:\Users\Frank\AppData\Local\Programs
[2013.01.27 17:47:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft-Maus- und Tastatur-Center
[2013.01.27 17:46:55 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Mouse and Keyboard Center
[2013.01.27 13:01:48 | 000,000,000 | ---D | C] -- C:\Users\Frank\Desktop\Minecraft!
[2013.01.27 03:16:56 | 005,113,072 | ---- | C] (PC Cleaners) -- C:\Windows\uninst.exe
[2013.01.27 03:16:55 | 000,000,000 | ---D | C] -- C:\ProgramData\PC1Data
[2013.01.26 20:17:08 | 000,859,552 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.01.26 20:17:08 | 000,261,024 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.01.26 20:16:50 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.01.26 20:16:50 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.01.26 20:16:50 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.01.26 16:09:48 | 000,000,000 | ---D | C] -- C:\Users\Frank\Desktop\Allgemein
[2013.01.26 13:07:52 | 000,308,640 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.01.26 13:07:34 | 000,188,832 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.01.26 13:07:34 | 000,188,832 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.01.26 13:07:34 | 000,108,448 | ---- | C] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013.01.26 13:07:22 | 000,000,000 | ---D | C] -- C:\Program Files\Java
[2013.01.26 11:56:05 | 000,033,856 | -H-- | C] (LogMeIn, Inc.) -- C:\Windows\SysNative\hamachi.sys
[2013.01.26 11:56:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
[2013.01.26 11:56:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi
[2013.01.26 11:55:34 | 000,000,000 | ---D | C] -- C:\Users\Frank\AppData\Local\LogMeIn Hamachi
[2013.01.25 13:24:40 | 000,000,000 | ---D | C] -- C:\Users\Frank\AppData\Roaming\.minecraft
[2013.01.19 04:53:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.01.09 17:09:05 | 000,750,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013.01.09 17:09:05 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013.01.09 17:08:51 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2013.01.09 17:08:49 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\usp10.dll
[2013.01.09 17:08:41 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\fpb.rs
[2013.01.09 17:08:41 | 000,046,592 | ---- | C] (Microsoft) -- C:\Windows\SysNative\fpb.rs
[2013.01.09 17:08:41 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc-nz.rs
[2013.01.09 17:08:41 | 000,045,568 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc-nz.rs
[2013.01.09 17:08:41 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\csrr.rs
[2013.01.09 17:08:41 | 000,043,520 | ---- | C] (Microsoft) -- C:\Windows\SysNative\csrr.rs
[2013.01.09 17:08:41 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cob-au.rs
[2013.01.09 17:08:41 | 000,040,960 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cob-au.rs
[2013.01.09 17:08:40 | 002,746,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\gameux.dll
[2013.01.09 17:08:40 | 002,576,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gameux.dll
[2013.01.09 17:08:40 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Wpc.dll
[2013.01.09 17:08:40 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegibbfc.rs
[2013.01.09 17:08:40 | 000,044,544 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegibbfc.rs
[2013.01.09 17:08:40 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\usk.rs
[2013.01.09 17:08:40 | 000,030,720 | ---- | C] (Microsoft) -- C:\Windows\SysNative\usk.rs
[2013.01.09 17:08:40 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\grb.rs
[2013.01.09 17:08:40 | 000,021,504 | ---- | C] (Microsoft) -- C:\Windows\SysNative\grb.rs
[2013.01.09 17:08:40 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-pt.rs
[2013.01.09 17:08:40 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-pt.rs
[2013.01.09 17:08:40 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi.rs
[2013.01.09 17:08:40 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi.rs
[2013.01.09 17:08:40 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\djctq.rs
[2013.01.09 17:08:40 | 000,015,360 | ---- | C] (Microsoft) -- C:\Windows\SysNative\djctq.rs
[2013.01.09 17:08:39 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Wpc.dll
[2013.01.09 17:08:38 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\cero.rs
[2013.01.09 17:08:38 | 000,055,296 | ---- | C] (Microsoft) -- C:\Windows\SysNative\cero.rs
[2013.01.09 17:08:38 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\esrb.rs
[2013.01.09 17:08:38 | 000,051,712 | ---- | C] (Microsoft) -- C:\Windows\SysNative\esrb.rs
[2013.01.09 17:08:38 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\oflc.rs
[2013.01.09 17:08:38 | 000,023,552 | ---- | C] (Microsoft) -- C:\Windows\SysNative\oflc.rs
[2013.01.09 17:08:38 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysWow64\pegi-fi.rs
[2013.01.09 17:08:38 | 000,020,480 | ---- | C] (Microsoft) -- C:\Windows\SysNative\pegi-fi.rs
[2013.01.09 17:08:07 | 000,424,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\KernelBase.dll
[2013.01.09 17:08:06 | 001,161,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\kernel32.dll
[2013.01.09 17:08:05 | 000,362,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64win.dll
[2013.01.09 17:08:05 | 000,338,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\conhost.exe
[2013.01.09 17:08:05 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64.dll
[2013.01.09 17:08:05 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.01.09 17:08:05 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntvdm64.dll
[2013.01.09 17:08:05 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.01.09 17:08:05 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wow64cpu.dll
[2013.01.09 17:08:05 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.01.09 17:08:05 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 17:08:04 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 17:08:04 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 17:08:04 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-file-l1-1-0.dll
[2013.01.09 17:08:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 17:08:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 17:08:04 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processthreads-l1-1-0.dll
[2013.01.09 17:08:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 17:08:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-sysinfo-l1-1-0.dll
[2013.01.09 17:08:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 17:08:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-synch-l1-1-0.dll
[2013.01.09 17:08:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 17:08:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 17:08:04 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localregistry-l1-1-0.dll
[2013.01.09 17:08:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 17:08:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 17:08:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-processenvironment-l1-1-0.dll
[2013.01.09 17:08:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 17:08:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-namedpipe-l1-1-0.dll
[2013.01.09 17:08:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-misc-l1-1-0.dll
[2013.01.09 17:08:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 17:08:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-memory-l1-1-0.dll
[2013.01.09 17:08:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 17:08:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-libraryloader-l1-1-0.dll
[2013.01.09 17:08:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 17:08:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 17:08:04 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-heap-l1-1-0.dll
[2013.01.09 17:08:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 17:08:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 17:08:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-string-l1-1-0.dll
[2013.01.09 17:08:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 17:08:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-profile-l1-1-0.dll
[2013.01.09 17:08:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 17:08:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-io-l1-1-0.dll
[2013.01.09 17:08:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-interlocked-l1-1-0.dll
[2013.01.09 17:08:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 17:08:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 17:08:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 17:08:04 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-delayload-l1-1-0.dll
[2013.01.09 17:08:03 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.01.09 17:08:03 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.01.09 17:08:03 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
[2013.01.09 17:08:03 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
[2013.01.09 17:08:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 17:08:03 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-localization-l1-1-0.dll
[2013.01.09 17:08:03 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
[2013.01.09 17:08:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
[2013.01.09 17:08:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-rtlsupport-l1-1-0.dll
[2013.01.09 17:08:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-handle-l1-1-0.dll
[2013.01.09 17:08:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 17:08:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-fibers-l1-1-0.dll
[2013.01.09 17:08:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-errorhandling-l1-1-0.dll
[2013.01.09 17:08:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 17:08:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-debug-l1-1-0.dll
[2013.01.09 17:08:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 17:08:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-datetime-l1-1-0.dll
[2013.01.09 17:08:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 17:08:03 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\SysNative\api-ms-win-core-console-l1-1-0.dll
[2013.01.09 17:08:02 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.01.09 17:07:43 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskhost.exe
[2 C:\Users\Frank\Documents\*.tmp files -> C:\Users\Frank\Documents\*.tmp -> ]
[10 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.04 17:50:01 | 000,000,342 | -H-- | M] () -- C:\dvmexp.idx
[2013.02.04 17:48:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Frank\Desktop\OTL.exe
[2013.02.04 17:47:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.04 14:17:39 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.04 14:17:39 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.04 14:05:38 | 000,001,804 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2013.02.04 14:04:39 | 000,045,056 | ---- | M] () -- C:\Windows\SysWow64\acovcnt.exe
[2013.02.04 14:04:24 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.04 14:03:30 | 2076,749,823 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.04 07:59:11 | 000,007,250 | ---- | M] () -- C:\Users\Frank\Desktop\Windows-Kompatibilitätsbericht.htm
[2013.02.03 21:51:45 | 007,243,680 | ---- | M] () -- C:\Users\Frank\Desktop\aion_hack_kinah_2.0_-_2.5.rar
[2013.02.03 19:52:05 | 000,623,003 | ---- | M] (No company) -- C:\Users\Frank\Desktop\LanmanCheck.exe
[2013.02.03 19:29:25 | 000,001,097 | ---- | M] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2013.02.03 18:14:17 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.03 18:14:17 | 000,001,120 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.03 15:33:32 | 000,001,115 | ---- | M] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.03 14:53:49 | 000,001,082 | ---- | M] () -- C:\Users\Frank\Desktop\Kaspersky Internet Security 2013 Version 13.0.1.4190 installieren.lnk
[2013.02.03 14:30:25 | 000,001,148 | ---- | M] () -- C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk
[2013.02.03 14:20:28 | 000,002,486 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2013.02.03 09:29:54 | 000,000,009 | ---- | M] () -- C:\END
[2013.02.03 09:26:55 | 000,002,195 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
[2013.02.03 09:26:09 | 000,001,091 | ---- | M] () -- C:\Users\Frank\Desktop\Cheat Engine.lnk
[2013.02.02 18:14:10 | 000,001,966 | ---- | M] () -- C:\Users\Public\Desktop\AION.lnk
[2013.01.27 13:01:14 | 001,531,014 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.01.27 13:01:14 | 000,666,256 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.01.27 13:01:14 | 000,628,098 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.01.27 13:01:14 | 000,134,178 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.01.27 13:01:14 | 000,110,560 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.01.27 12:57:15 | 000,000,946 | ---- | M] () -- C:\Users\Frank\Desktop\LogMeIn Hamachi.lnk
[2013.01.27 11:37:09 | 000,002,101 | -H-- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
[2013.01.27 03:16:29 | 005,113,072 | ---- | M] (PC Cleaners) -- C:\Windows\uninst.exe
[2013.01.26 20:16:34 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.01.26 20:16:33 | 000,859,552 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2013.01.26 20:16:33 | 000,780,192 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.01.26 20:16:33 | 000,261,024 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.01.26 20:16:33 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.01.26 20:16:33 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.01.26 13:07:25 | 001,081,760 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\npDeployJava1.dll
[2013.01.26 13:07:25 | 000,960,416 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\deployJava1.dll
[2013.01.26 13:07:25 | 000,308,640 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaws.exe
[2013.01.26 13:07:25 | 000,188,832 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\javaw.exe
[2013.01.26 13:07:25 | 000,188,832 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\java.exe
[2013.01.26 13:07:25 | 000,108,448 | ---- | M] (Oracle Corporation) -- C:\Windows\SysNative\WindowsAccessBridge-64.dll
[2013.01.10 14:02:03 | 000,547,864 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.01.09 17:47:39 | 000,697,864 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.01.09 17:47:39 | 000,074,248 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2 C:\Users\Frank\Documents\*.tmp files -> C:\Users\Frank\Documents\*.tmp -> ]
[10 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.02.04 07:59:11 | 000,007,250 | ---- | C] () -- C:\Users\Frank\Desktop\Windows-Kompatibilitätsbericht.htm
[2013.02.03 21:51:34 | 007,243,680 | ---- | C] () -- C:\Users\Frank\Desktop\aion_hack_kinah_2.0_-_2.5.rar
[2013.02.03 19:29:25 | 000,001,097 | ---- | C] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2013.02.03 15:33:32 | 000,001,115 | ---- | C] () -- C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
[2013.02.03 15:23:56 | 000,010,240 | ---- | C] () -- C:\Users\Frank\Desktop\Erweiterter Scan.scp
[2013.02.03 14:53:49 | 000,001,082 | ---- | C] () -- C:\Users\Frank\Desktop\Kaspersky Internet Security 2013 Version 13.0.1.4190 installieren.lnk
[2013.02.03 14:30:49 | 000,001,148 | ---- | C] () -- C:\Users\Public\Desktop\Kaspersky Internet Security 2013.lnk
[2013.02.03 09:26:55 | 000,002,195 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
[2013.02.03 09:26:54 | 000,002,207 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
[2013.02.03 09:26:09 | 000,001,091 | ---- | C] () -- C:\Users\Frank\Desktop\Cheat Engine.lnk
[2013.02.02 18:14:10 | 000,001,966 | ---- | C] () -- C:\Users\Public\Desktop\AION.lnk
[2013.01.27 12:57:15 | 000,000,946 | ---- | C] () -- C:\Users\Frank\Desktop\LogMeIn Hamachi.lnk
[2013.01.04 12:30:58 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2013.01.04 12:30:58 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2012.07.30 13:16:20 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.07.30 13:16:18 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.07.30 13:16:18 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.07.30 13:16:18 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.07.30 13:16:18 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.07.24 20:20:03 | 000,107,520 | RHS- | C] () -- C:\Windows\SysWow64\TAKDSDecoder.dll
[2012.06.12 15:06:16 | 000,233,545 | ---- | C] () -- C:\Windows\hpoins47.dat
[2012.02.22 22:00:04 | 000,000,181 | ---- | C] () -- C:\Windows\WinInit.Ini
[2012.02.11 15:39:34 | 000,000,017 | ---- | C] () -- C:\Windows\SysWow64\shortcut_ex.dat
[2012.02.11 15:37:45 | 000,000,574 | ---- | C] () -- C:\Windows\hpomdl47.dat.temp
[2012.02.06 19:35:25 | 000,017,408 | ---- | C] () -- C:\Users\Frank\AppData\Local\WebpageIcons.db
[2012.01.30 15:57:55 | 001,557,708 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.12.21 15:30:47 | 000,003,584 | ---- | C] () -- C:\Users\Frank\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.13 21:11:15 | 000,075,136 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.12.13 21:11:10 | 000,189,248 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.12.12 21:15:51 | 000,034,308 | ---- | C] () -- C:\ProgramData\mazuki.dll
[2011.12.11 20:40:09 | 000,000,000 | ---- | C] () -- C:\Users\Frank\AppData\Local\{B55A0129-9065-4945-819B-EF351192F335}
[2011.12.10 16:05:45 | 000,000,024 | ---- | C] () -- C:\Windows\ATKPF.ini
[2011.10.15 00:54:52 | 000,321,856 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe
[2011.10.12 19:18:15 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\acovcnt.exe
[2011.10.12 19:00:19 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll
[2011.07.12 09:14:12 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011.07.12 09:13:09 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.07.12 09:13:06 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.07.12 09:13:05 | 000,056,832 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2011.07.12 09:13:04 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.07.12 09:13:03 | 013,356,032 | ---- | C] () -- C:\Windows\SysWow64\ig4icd32.dll
[2011.05.10 23:55:50 | 000,368,400 | ---- | C] () -- C:\Windows\SysWow64\sqlite3.dll
[2011.04.13 03:48:48 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

< End of report >
         
--- --- ---
__________________

Alt 04.02.2013, 19:54   #4
FRANKY93
 
Arbeitsstationsdienst lässt sich nicht starten! - Standard

Arbeitsstationsdienst lässt sich nicht starten!



Extras.Txt

OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 04.02.2013 17:49:42 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Frank\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
7,91 Gb Total Physical Memory | 5,07 Gb Available Physical Memory | 64,13% Memory free
15,82 Gb Paging File | 12,22 Gb Available in Paging File | 77,20% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 301,93 Gb Total Space | 61,10 Gb Free Space | 20,24% Space Free | Partition Type: NTFS
Drive D: | 371,71 Gb Total Space | 280,24 Gb Free Space | 75,39% Space Free | Partition Type: NTFS
Drive F: | 1863,01 Gb Total Space | 1127,99 Gb Free Space | 60,55% Space Free | Partition Type: NTFS
 
Computer Name: FRANK-PC | User Name: Frank | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software)
 
[HKEY_USERS\S-1-5-21-3164768286-1964387947-1448381298-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files (x86)\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~1\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{026F28B2-4112-45D7-86C9-DF12DAFD671E}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{04F13F12-B56A-45DF-8C87-19ABBBC547DA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{05C2E10B-73AD-46B7-AE15-36B508DC9E0B}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{0A1CFD93-70BA-44AD-B349-BBCDFF1CF6AA}" = lport=445 | protocol=6 | dir=in | app=system | 
"{0D41A9F8-AEBD-40AF-BB6E-86AB2A1B5F2C}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{28D0B26B-8B52-477F-8EED-4850B30FD34A}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{2EA147DD-C580-42F4-88E6-303307743D54}" = rport=445 | protocol=6 | dir=out | app=system | 
"{3EE82233-EEF0-4F3F-BD41-EE03797E00D6}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{410C7CDE-ADD8-414A-A7CD-3E3843391B86}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{48E93503-3600-488F-9503-A917B6DC8D8F}" = rport=137 | protocol=17 | dir=out | app=system | 
"{4E00135A-770B-47DD-827A-E8330345F76A}" = lport=139 | protocol=6 | dir=in | app=system | 
"{506984D9-DE61-4E40-9679-2D3BDE5A3CB8}" = lport=8182 | protocol=6 | dir=in | name=java(tm) platform se binary | 
"{656CC142-A605-4762-978B-6E1CAA7B0B3A}" = lport=138 | protocol=17 | dir=in | app=system | 
"{6D86BBA6-660B-4EA4-9C85-ADBCBF533D55}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{791B4AF4-246C-4E1C-A822-D77FF9D90D9E}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{7C84E8B4-292F-4387-A6FF-85F86F780646}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{803A9BF5-E051-45F2-B1CF-EAAE68DA0574}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{8A889400-2DB5-4FB5-826E-0B1EC5B8C74A}" = rport=427 | protocol=17 | dir=in | svc=hpslpsvc | app=c:\windows\system32\svchost.exe | 
"{94922B9A-C569-41CD-8266-59553D72EB4A}" = rport=138 | protocol=17 | dir=out | app=system | 
"{97E4330D-A257-4617-B034-7D0AA0648385}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{A72233AF-337A-40D3-BCE9-4CBCFF8C6B0B}" = lport=5353 | protocol=17 | dir=in | name=java(tm) platform se binary | 
"{AE52A85A-FB5E-4A38-B8F6-D3BEA64996C9}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{AF3EC28E-E7BB-49F9-9ACC-8A533507284C}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{B827E1C7-5A7A-484C-9653-2FE388A8B888}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{BBDDDA9C-86A9-4551-8218-CBE4E88E5D0B}" = lport=137 | protocol=17 | dir=in | app=system | 
"{D7104979-663D-4398-A2AD-B0EB928506FC}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe | 
"{EB3931EC-1871-460B-AAFD-6A39EE09CA30}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{F61A0EBD-FA03-490B-8C98-30F4955A7611}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{FDB2458D-4D68-4AB7-8490-0CE92A842050}" = rport=139 | protocol=6 | dir=out | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0087BA66-969B-4D93-9B9D-BCB7FEC560FD}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
"{033CF1F1-7967-44BE-B6C1-AA3D263E1610}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe | 
"{074085CA-0F91-4F28-A926-C8AFCB938406}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | 
"{08A9F95D-7CDC-4D0B-A807-687B0B0A134D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{110E1EBB-D366-4823-8512-6BE2ADB34DFA}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | 
"{1241C853-A9BF-4C24-B856-F8EFDA7A4D8E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{1346C3D0-4EFC-486C-A4F1-6AB109432716}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe | 
"{143B7CF2-8293-449B-9A54-675278E2E203}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{1A1280C6-E72A-4BCF-85EA-92FDF2E34406}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{1B56B178-8AE2-4BF1-93EB-8BA95EAC9B31}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe | 
"{1C26B8E9-017F-48B7-9534-ABDC36BE5F9A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{257680F7-C301-4733-A1CF-E70C9DD71261}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{25BDD843-A815-48A8-A216-66D065687049}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{2A2BA377-2A73-44C3-853D-B8EFDC57B9EA}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{2B56AC0E-2D34-4B1A-8AD0-8EC520F1C278}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{2F7F2A47-15B9-4E0A-B3E1-4D5FE1F82727}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe | 
"{33FC3C20-3C1E-4713-B306-EA370FD15C18}" = protocol=17 | dir=in | app=d:\games\avatar\bin\avatar.exe | 
"{39886990-6DA5-435F-AF79-0BE2C649CFAC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | 
"{3D981610-0DAE-471B-9D92-B7012BE7623F}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe | 
"{3DFEFF10-2FDE-4E7E-917B-1A7F20F5F87C}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{3FBE5635-0BEB-49AD-9B5C-B9F8687D9560}" = protocol=6 | dir=in | app=d:\games\age of empires iii\age of empires iii\age3y.exe | 
"{41FED41A-41A4-441F-AA4B-45D3DE83AAC0}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{42545A11-14FD-46D1-9409-38A89B7989B1}" = protocol=17 | dir=in | app=d:\games\age of empires iii\age of empires iii\age3.exe | 
"{43E1DB64-3946-4EB7-A429-56C85F8D3F86}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | 
"{499C344C-75F5-466C-824D-71569580D58A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{4C208F8A-0AF3-46CE-97E0-62F00C33B292}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | 
"{4CBC787C-2730-4E39-AE8C-4544A50D1D53}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrsp.exe | 
"{4D11A4DE-77D7-4073-A858-5101040D800B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe | 
"{50D76052-134E-46DB-AF8E-63827F883C0F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{513803D3-2CBE-4AD7-888B-9FBB87B7F6F6}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{5139507B-AE4F-4801-B58C-3F4462CE5BBE}" = dir=in | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe | 
"{57FFA164-EBE0-4AFF-B0F1-9BE45057C3F6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | 
"{58A37FBC-C980-4DA4-BDFE-FA86530E1279}" = protocol=6 | dir=in | app=d:\games\gta iv\rockstar games social club\rgsclauncher.exe | 
"{58C43DDC-31E4-46F8-AFAC-E8A91409832B}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe | 
"{5EDC770F-EEE8-4707-A500-4CF3A47B9E03}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{608B7EA1-5255-4D45-89A8-DB05FB6C7F31}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\assassinscreedrevelations.exe | 
"{61B371C5-B57D-4212-843D-36000116DB95}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{63E82044-D25A-436B-98C6-39E3C701CFE4}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{66D51F49-4790-4758-874E-8789F4563E77}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | 
"{69808785-007A-4AB1-A6F6-CC94D0123ED3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{706BAAD3-6376-41B5-9A65-B278F7A0BE43}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 
"{7099C2A9-3AEB-49DA-BD14-4F30C10341AE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{727CD718-E57E-4C2D-A18F-AD32A375FDE4}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | 
"{757EA4FA-DB8D-4070-9AEF-F724118944E8}" = dir=in | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe | 
"{76FE2EAD-41B2-46D4-9214-2545AE01306D}" = protocol=17 | dir=in | app=d:\games\age of empires iii\age of empires iii\age3y.exe | 
"{7BF72C69-9170-4AD1-8925-BE127059083A}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"{7C151C6B-AD46-4AC0-B220-F3DAABF64036}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe | 
"{7FA06F0E-FB41-459B-BDCA-8EB52C7D0B43}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{7FE4D89C-CCED-4DFC-854D-BC55F793CFFF}" = protocol=17 | dir=in | app=d:\games\gta iv\rockstar games social club\rgsclauncher.exe | 
"{853C20A7-0182-4439-8E9B-1BED0CC822CD}" = protocol=6 | dir=in | app=d:\games\gta iv\grand theft auto iv\launchgtaiv.exe | 
"{86689817-277B-47C7-94F9-A89F86C994DC}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | 
"{872A7F77-2BCB-4C25-980E-EC159538C93D}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{8928D9A5-C13F-497A-98E8-03D633F44079}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | 
"{894F2A3A-01D4-4696-9E2F-FAF1A60FB825}" = protocol=6 | dir=in | app=d:\games\age of empires iii\age of empires iii\age3.exe | 
"{8C47B80B-36E6-4D5E-8DDF-2E66BE707A75}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{8EF01BA1-D1F6-4D73-AADB-AB5E81F83EF1}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{9087C678-E140-427B-A315-61BC0A7D02CE}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | 
"{9B0DBA31-8CAD-4D9A-BFB9-0C1111D9AE66}" = protocol=6 | dir=out | app=system | 
"{9D78343A-DA63-4A71-9551-1BA7843A6A1C}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | 
"{9E89F54A-8A8D-433F-9F47-0B6181230749}" = protocol=6 | dir=in | app=d:\games\age of empires iii\age of empires iii\age3x.exe | 
"{A18DDF2B-B1CC-4BAC-926A-AE3744A21AB5}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe | 
"{A80522B8-0C6A-4522-ACF0-634A77A676AD}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{A80E1F92-EC8F-419B-A1CE-A634831364A8}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{B1E5F4A6-C366-4466-AC0C-CEEBABAF2136}" = protocol=6 | dir=in | app=d:\games\avatar\bin\avatarlauncher.exe | 
"{BB2CBA44-51FB-498D-BB21-1758E8464CEC}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{BDC4E9DB-AA26-4461-8BBF-0E1770911456}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{BE63B653-69A2-4B10-9AA6-C9F5D78A5377}" = protocol=17 | dir=in | app=d:\games\age of empires iii\age of empires iii\age3x.exe | 
"{C72241F6-7698-4FD3-A3FF-7BE96E70766B}" = protocol=6 | dir=in | app=d:\games\avatar\bin\avatar.exe | 
"{C885D74D-EBB1-48C9-B859-931A654241A5}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed revelations\acrmp.exe | 
"{C92CF1B2-8BF6-4E52-99E5-697911372680}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{CBDE7739-94E4-4ACA-8F50-DFAC7A3F275F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | 
"{CE3B1A99-FA81-4F96-8562-BAA3F68BD881}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe | 
"{D2AEAE29-34A6-44C7-8D62-E54D8936BCE5}" = protocol=6 | dir=out | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\support\bin\win\rosettastoneltdservices.exe | 
"{D39FEFF8-49E6-46D9-B41C-5CCCC9A5F4B3}" = dir=in | app=e:\setup\hpznui40.exe | 
"{D4F0E4EE-F566-4AD3-86A0-B37ED5CB9F50}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 
"{D7F289E0-5350-4ED5-9C1A-7337486615EE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{E2315EF4-132E-4EB6-9572-1F453362F660}" = protocol=17 | dir=in | app=d:\games\avatar\bin\avatarlauncher.exe | 
"{E8FC992F-084D-4BB7-B0A8-1BE47FCF0D93}" = protocol=17 | dir=in | app=d:\games\gta iv\grand theft auto iv\launchgtaiv.exe | 
"{EA54A53C-2F02-4D8A-AEA8-337E1AADDCB9}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{EAA60805-57A5-4C15-AF0A-76B7B4F6D0F3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{EBE658DA-90BF-4F7F-A87E-5EBD79CA800F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{EC467394-B11F-456A-8472-856A7358643F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{F19A67D9-2FC7-498F-896C-05692DB83B1B}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{F30A4339-21FF-4CCA-B8B6-ED9B2921B4B8}" = protocol=6 | dir=out | app=c:\program files (x86)\rosetta stone\rosetta stone version 3\rosettastoneversion3.exe | 
"{F53F2B8E-35C7-47A3-8F8A-A5EBDFC33D65}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{F9FEF07C-8A6C-4F5B-8E04-34B8DFC678F5}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\ubisoft game launcher\ubisoftgamelauncher.exe | 
"{FFA64E37-BBF2-4E0A-BF70-B72BA01DD83E}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe | 
"TCP Query User{D694BC43-C580-4881-AD99-D9500562500D}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe | 
"UDP Query User{445C7303-C4CD-45F6-86D3-F5BD91E1B033}C:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\syncables\syncables desktop\jre\bin\javaw.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{006B5C65-3938-4246-B182-994A7E415EDE}" = Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{0F696557-180C-4813-A754-5D43969B0691}" = Windows Live Family Safety
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{169C77B7-69C9-4648-9DD0-72B152AF269F}" = Windows Live Family Safety
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{26A24AE4-039D-4CA4-87B4-2F86417011FF}" = Java 7 Update 11 (64-bit)
"{289809B1-078A-49F3-83D0-7E51715B3915}" = Windows Live Family Safety
"{33B98264-A889-4913-A0CA-C364A75032B3}" = ASUS Power4Gear Hybrid
"{3946328A-5B3A-434C-A22B-64CF6652FBAD}" = Windows Live Family Safety
"{3C41721F-AF0F-4086-AA1C-4C7F29076228}" = Intel(R) PROSet/Wireless WiFi Software
"{401C50F6-B443-43EE-8F27-A80DB19B03FD}" = Windows Live Family Safety
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{48C0866E-57EB-444C-8371-8E4321066BC3}" = Network64
"{59C83C08-63F4-4AEC-81D6-392C5E23B843}" = HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{64A3A4F4-B792-11D6-A78A-00B0D0170110}" = Java SE Development Kit 7 Update 11 (64-bit)
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}" = Network64
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7734509D-A1F7-4A5E-AF9D-77CD17AE41AF}" = Windows Live Family Safety
"{7AB6F8D7-7804-4662-BE8C-1AFCCD602D9F}" = Microsoft-Maus- und Tastatur-Center
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{9210D7A2-DC28-43F6-92F9-E6CD4C729F7B}" = Windows Live Family Safety
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A0E106D2-4815-4B7A-BAA7-7E21B530CFB4}" = Intel(R) PROSet/Wireless for Bluetooth(R) 3.0 + High Speed
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B22C8566-D522-4B40-A7AF-525F5A70D832}" = Windows Live Family Safety
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 285.62
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 285.62
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.11.0621
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.5.20
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.2.24.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}" = Intel(R) Turbo Boost Technology Monitor 2.0
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CB7935EF-43EE-4C0F-AC02-B0E4DD5DAC17}" = Windows Live Family Safety
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"{FE4BE0BD-1EDB-4D24-9614-847B3C472887}" = Windows Live Family Safety
"{FF21C3E6-97FD-474F-9518-8DCBE94C2854}" = 64 Bit HP CIO Components Installer
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"MAXON8C02D5E0" = CINEMA 4D 12.048
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Mouse and Keyboard Center" = Microsoft-Maus- und Tastatur-Center
"ProInst" = Intel PROSet Wireless
"Shop for HP Supplies" = Shop for HP Supplies
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"WinRAR archiver" = WinRAR 4.01 (64-Bit)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{08B3869E-D282-424C-9AFC-870E04A4BA14}" = Rockstar Games Social Club
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = SonicMaster
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0E1FE502-7536-4155-BBC6-7BE8E465DE08}" = Firebird SQL Server - MAGIX Edition
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{106B4413-ACBB-4CDE-8707-587DB9BD77EC}" = LogMeIn Hamachi
"{117B6BF6-82C3-420C-B284-9247C8568E53}" = Die Sims™ 3 Design-Garten-Accessoires
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{148E08FF-D7C4-46ED-8D4D-601C67FE0AFD}" = Rosetta Stone Version 3
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1AE46C09-2AB8-4EE5-88FB-08CD0FF7F2DF}" = Bing Bar
"{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25680C01-6753-4FE9-A891-7857F26457C1}" = Intel(R) WiDi
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{26A24AE4-039D-4CA4-87B4-2F83216031FF}" = Java(TM) 6 Update 31
"{26A24AE4-039D-4CA4-87B4-2F83217011FF}" = Java 7 Update 11
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2B81872B-A054-48DA-BE3B-FA5C164C303A}" = ASUS FancyStart
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2EFA4E4C-7B5F-48F7-A1C0-1AA882B7A9C3}" = HP Update
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{33A22B2D-55BA-4508-B767-BF2E9C21A73F}" = Assassin's Creed Revelations
"{341697D8-9923-445E-B42A-529E5A99CB7A}" = syncables desktop SE
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{38253529-D97D-4901-AE53-5CC9736D3A2E}" = ASUS AI Recovery
"{3966711E-1F98-4C9F-AE0B-6AD28137FE64}" = Multiple Image Resizer .NET 4
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3F262ADC-5AD2-48E5-A586-44315E04A9E2}" = Microsoft Picture It!-Bibliothek 10
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{42756145-9997-4D28-809B-8756BFD00106}" = Microsoft Picture It! Foto Premium 10
"{45057FCE-5784-48BE-8176-D9D00AF56C3C}" = Die Sims™ 3 Late Night
"{4555BB9E-E715-4260-A178-E8EFD2B653E3}" = Alcor Micro USB Card Reader
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{47FA2C44-D148-4DBC-AF60-B91934AA4842}" = Adobe AIR
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{579BA58C-F33D-4970-9953-B94B43768AC3}" = Grand Theft Auto IV
"{59E4543A-D49D-4489-B445-473D763C79AF}" = Microsoft Games for Windows - LIVE Redistributable
"{5B025634-7D5B-4B8D-BE2A-7943C1CF2D5D}" = Status
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5F6E678A-7E61-448A-86CB-BC2AD1E04138}" = Windows Live Messenger
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}" = Windows Live Messenger
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{709E38A9-7F80-4598-96CC-44B0D553FECE}" = Windows Live Messenger
"{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71828142-5A24-4BD0-97E7-976DA08CE6CF}" = Die Sims™ 3 Luxus-Accessoires
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{733B66AD-B771-4FA6-8DBF-765B820CC0EB}" = Langenscheidt Vokabeltrainer 6.0 Englisch
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{749F674B-2674-47E8-879C-5626A06B2A91}" = InstantOn
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7B11296A-F894-449C-8DF6-6AAAA7D4D118}" = Die Sims™ 3 Stadt-Accessoires
"{7C6A4E35-5EEE-426A-A7BF-EA95CDC54DEA}" = Music Now!
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E19B002-4CA3-4C9F-BA92-91D101B97219}" = James Cameron's AVATAR(tm): DAS SPIEL
"{7F6D7FD9-648D-4DD9-BB6E-3990C675ECA4}" = NVIDIA PhysX
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1" = AION Free-to-Play Version 1.0
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{888F1505-C2B3-4FDE-835D-36353EBD4754}" = Ubisoft Game Launcher
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8F311E2E-C275-4CF0-8154-B63991832668}_is1" = SUPER © v2012.build.52 (July 7, 2012) Version v2012.build.52
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.SingleImage_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.SingleImage_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.SingleImage_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.SingleImage_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.SingleImage_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.SingleImage_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{910F4A29-1134-49E0-AD8B-56E4A3152BD1}" = Die Sims™ 3 Traumkarrieren
"{915726DF-7891-444A-AA03-0DF1D64F561A}" = L.A. Noire
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1" = Gameforge Live 1.0 "Legend"
"{9D4C7DFA-CBBB-4F06-BDAC-94D831406DF0}" = פקד ActiveX של Windows Live Mesh עבור חיבורים מרוחקים
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9F7FC79B-3059-4264-9450-39EB368E3225}" = Microsoft Digital Image Library 9 - Blocker
"{9F9A2D22-7E30-4546-B817-10644FFB9935}" = B110
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A48B9CD8-C2BA-4EC9-0081-7260D238C7CF}" = Need for Speed™ Most Wanted
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AECA3622-E634-4A55-A696-70A511CBE06E}" = ASUS USB Charger Plus
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}" = Die Sims™ 3 Reiseabenteuer
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware
"{BC5DD87B-0143-4D14-AAE6-97109614DC6B}" = SolutionCenter
"{BCB0D6F7-7EAB-4009-A6F2-8E0E7F317773}" = Элемент управления Windows Live Mesh ActiveX для удаленных подключений
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = Die Sims™ 3
"{C12631C6-804D-4B32-B0DD-8A496462F106}" = Die Sims™ 3 Einfach tierisch
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C32CE55C-12BA-4951-8797-0967FDEF556F}" = Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
"{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C63A1E60-B6A4-440B-89A5-1FC6E4AC1C94}" = Windows Live Mesh ActiveX Control for Remote Connections
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{CAAB0192-5704-469F-A0BE-2D842D70E93B}_is1" = Sothink FLV Player
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CC8C451E-A820-48C8-AE92-A0FF088969D8}" = Stereoscopic Player
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DD47370C-E0F1-407F-9DB0-3FF98907F1BC}" = ASUS Music Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E18B30AA-6E2D-480C-B918-AF61009F4010}" = عنصر تحكم ActiveX الخاص بـ Windows Live Mesh للاتصالات البعيدة
"{E280923D-C5D9-4728-8C79-AC9A0DC75875}" = BioShock
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}" = Die Sims™ 3 Lebensfreude
"{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}" = Need for Speed™ Undercover
"{E71E60C1-533E-45A5-8D80-E475E88D2B17}_is1" = Game Park Console
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}" = Die Sims™ 3 Gib Gas-Accessoires
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F665F3B8-01B4-46A9-8E47-FF8DC2208C9F}" = Στοιχείο ελέγχου ActiveX του Windows Live Mesh για απομακρυσμένες συνδέσεις
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F88E2E04-7EF5-488C-8E38-C94EB808458E}" = PS_AIO_07_B110_SW_Min
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AmUStor" = Alcor Micro USB Card Reader
"Ashampoo Burning Studio 10_is1" = Ashampoo Burning Studio 10.0.7
"Ashampoo WinOptimizer 8_is1" = Ashampoo WinOptimizer 8 v.8.0.1
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"AsusScr_N5_En" = AsusScr_N5_En
"BrotherSoft_Extreme3 Toolbar" = BrotherSoft Extreme3 Toolbar
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"Cheat Engine 6.2_is1" = Cheat Engine 6.2
"DivX Setup" = DivX-Setup
"DPP" = Canon Utilities Digital Photo Professional 3.10
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EOS Sample Music" = Canon Utilities EOS Sample Music
"EOS Utility" = Canon Utilities EOS Utility
"EOS Video Snapshot Task" = Canon Utilities EOS Video Snapshot Task for ZoomBrowser EX
"Governor of Poker" = Governor of Poker
"Hotel Dash Suite Success" = Hotel Dash Suite Success
"InstallShield_{1C08A24C-B168-407E-A826-68FAF5F20710}" = Age of Empires III - The WarChiefs
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{70F8B183-99EB-4304-BA35-080E2DFFD2A3}" = Age of Empires III
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{7C6A4E35-5EEE-426A-A7BF-EA95CDC54DEA}" = Music Now!
"InstallShield_{C43C1415-3DFC-4089-9A32-0BECF28A6046}" = Age of Empires III - The Asian Dynasties
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"IrfanView" = IrfanView (remove only)
"Jewel Quest 3" = Jewel Quest 3
"JPEG ReSizer" = JPEG ReSizer (remove only)
"LogMeIn Hamachi" = LogMeIn Hamachi
"Luxor 3" = Luxor 3
"MAGIX_MSI_mm17_silver_asus" = ASUS Music Maker
"Mahjongg dimensions" = Mahjongg dimensions
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"MegaTrainer eXperience_is1" = MegaTrainer eXperience V1.0.1.8d
"Mobile Partner" = Mobile Partner
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"MovieUploaderForYouTube" = Canon Utilities Movie Uploader for YouTube
"Mozilla Firefox 18.0.1 (x86 de)" = Mozilla Firefox 18.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MPE" = MyPhoneExplorer
"Multiple Image Resizer .NET 4" = Multiple Image Resizer .NET 4
"MyCamera Download Plugin" = CANON iMAGE GATEWAY MyCamera Download Plugin
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"Office14.SingleImage" = Microsoft Office Home and Business 2010
"Opera 12.13.1734" = Opera 12.13
"Origin" = Origin
"PhotoStitch" = Canon Utilities PhotoStitch
"Picture Style Editor" = Canon Utilities Picture Style Editor
"PictureItPrem_v10" = Microsoft Picture It! Foto Premium 10
"Plants vs Zombies" = Plants vs Zombies
"ProInst" = Intel PROSet Wireless
"PunkBusterSvc" = PunkBuster Services
"Rockstar Games Social Club" = Rockstar Games Social Club
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"VLC media player" = VLC media player 1.1.11
"WinLiveSuite" = Windows Live Essentials
"World of Goo" = World of Goo
"xSIMS_Censor_Remover_TS3" = Sims 3 - Nude Censor Remover
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3164768286-1964387947-1448381298-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Kies Air Discovery Service" = Kies Air Discovery Service
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 13.01.2013 14:27:34 | Computer Name = Frank-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4758
 
Error - 13.01.2013 14:27:34 | Computer Name = Frank-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4758
 
Error - 13.01.2013 14:32:19 | Computer Name = Frank-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: obexsrv.exe, Version: 1.1.0.51, Zeitstempel:
 0x4d6e5ab8  Name des fehlerhaften Moduls: obexsrv.exe, Version: 1.1.0.51, Zeitstempel:
 0x4d6e5ab8  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0001aade  ID des fehlerhaften Prozesses:
 0xf18  Startzeit der fehlerhaften Anwendung: 0x01cdf1bc1531552e  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe  Pfad des fehlerhaften
 Moduls: C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe  Berichtskennung: 8fbe3130-5daf-11e2-941d-ac72891c556f
 
Error - 14.01.2013 06:47:23 | Computer Name = Frank-PC | Source = CVHSVC | ID = 100
Description = Nur zur Information.  Failed to Start the CVH service 1063
 
Error - 14.01.2013 11:21:30 | Computer Name = Frank-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 14.01.2013 11:21:30 | Computer Name = Frank-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 8734512
 
Error - 14.01.2013 11:21:30 | Computer Name = Frank-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8734512
 
Error - 14.01.2013 12:52:27 | Computer Name = Frank-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 14.01.2013 12:52:27 | Computer Name = Frank-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 2090
 
Error - 14.01.2013 12:52:27 | Computer Name = Frank-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 2090
 
Error - 15.01.2013 07:05:15 | Computer Name = Frank-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: obexsrv.exe, Version: 1.1.0.51, Zeitstempel:
 0x4d6e5ab8  Name des fehlerhaften Moduls: obexsrv.exe, Version: 1.1.0.51, Zeitstempel:
 0x4d6e5ab8  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0001aade  ID des fehlerhaften Prozesses:
 0xf1c  Startzeit der fehlerhaften Anwendung: 0x01cdf30ff9d7db8a  Pfad der fehlerhaften
 Anwendung: C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe  Pfad des fehlerhaften
 Moduls: C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe  Berichtskennung: 6fe49d88-5f03-11e2-93d6-ac72891c556f
 
[ Media Center Events ]
Error - 26.12.2012 14:21:02 | Computer Name = Frank-PC | Source = MCUpdate | ID = 0
Description = 19:21:02 - Fehler beim Herstellen der Internetverbindung.  19:21:02 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 26.12.2012 14:21:14 | Computer Name = Frank-PC | Source = MCUpdate | ID = 0
Description = 19:21:07 - Fehler beim Herstellen der Internetverbindung.  19:21:07 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 26.12.2012 15:21:19 | Computer Name = Frank-PC | Source = MCUpdate | ID = 0
Description = 20:21:19 - Fehler beim Herstellen der Internetverbindung.  20:21:19 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 26.12.2012 15:21:26 | Computer Name = Frank-PC | Source = MCUpdate | ID = 0
Description = 20:21:24 - Fehler beim Herstellen der Internetverbindung.  20:21:24 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 26.12.2012 16:21:32 | Computer Name = Frank-PC | Source = MCUpdate | ID = 0
Description = 21:21:32 - Fehler beim Herstellen der Internetverbindung.  21:21:32 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 26.12.2012 16:21:39 | Computer Name = Frank-PC | Source = MCUpdate | ID = 0
Description = 21:21:37 - Fehler beim Herstellen der Internetverbindung.  21:21:37 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 26.12.2012 18:14:55 | Computer Name = Frank-PC | Source = MCUpdate | ID = 0
Description = 23:14:55 - Fehler beim Herstellen der Internetverbindung.  23:14:55 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 26.12.2012 18:15:02 | Computer Name = Frank-PC | Source = MCUpdate | ID = 0
Description = 23:15:00 - Fehler beim Herstellen der Internetverbindung.  23:15:00 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 02.01.2013 12:19:29 | Computer Name = Frank-PC | Source = MCUpdate | ID = 0
Description = 17:19:29 - Fehler beim Herstellen der Internetverbindung.  17:19:29 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 02.01.2013 12:20:03 | Computer Name = Frank-PC | Source = MCUpdate | ID = 0
Description = 17:19:58 - Fehler beim Herstellen der Internetverbindung.  17:19:58 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ System Events ]
Error - 04.02.2013 09:08:17 | Computer Name = Frank-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 04.02.2013 09:10:53 | Computer Name = Frank-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Google Update Service (gupdate) erreicht.
 
Error - 04.02.2013 09:10:53 | Computer Name = Frank-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Google Update Service (gupdate)" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1053
 
Error - 04.02.2013 09:11:14 | Computer Name = Frank-PC | Source = WMPNetworkSvc | ID = 866300
Description = Dienst "WMPNetworkSvc" konnte nicht ordnungsgemäß gestartet werden,
 da ein Fehler "0x80070422" in "CoCreateInstance(CLSID_UPnPDeviceFinder)" aufgetreten
 ist. Überprüfen Sie, ob der Dienst "UPnPHost" ausgeführt wird und ob die Windows-Komponente
 "UPnPHost" richtig installiert ist.
 
Error - 04.02.2013 09:11:19 | Computer Name = Frank-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1058
 
Error - 04.02.2013 11:17:26 | Computer Name = Frank-PC | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Arbeitsstationsdienst" wurde mit folgendem Fehler beendet:
   %%2
 
Error - 04.02.2013 11:53:37 | Computer Name = Frank-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1058
 
Error - 04.02.2013 11:53:40 | Computer Name = Frank-PC | Source = WMPNetworkSvc | ID = 866300
Description = Dienst "WMPNetworkSvc" konnte nicht ordnungsgemäß gestartet werden,
 da ein Fehler "0x80070422" in "CoCreateInstance(CLSID_UPnPDeviceFinder)" aufgetreten
 ist. Überprüfen Sie, ob der Dienst "UPnPHost" ausgeführt wird und ob die Windows-Komponente
 "UPnPHost" richtig installiert ist.
 
Error - 04.02.2013 12:50:49 | Computer Name = Frank-PC | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host"
 abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:   %%1058
 
Error - 04.02.2013 12:50:51 | Computer Name = Frank-PC | Source = WMPNetworkSvc | ID = 866300
Description = Dienst "WMPNetworkSvc" konnte nicht ordnungsgemäß gestartet werden,
 da ein Fehler "0x80070422" in "CoCreateInstance(CLSID_UPnPDeviceFinder)" aufgetreten
 ist. Überprüfen Sie, ob der Dienst "UPnPHost" ausgeführt wird und ob die Windows-Komponente
 "UPnPHost" richtig installiert ist.
 
 
< End of report >
         
--- --- ---

Alt 04.02.2013, 21:32   #5
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Arbeitsstationsdienst lässt sich nicht starten! - Standard

Arbeitsstationsdienst lässt sich nicht starten!



Zitat:
C:\Users\Frank\Desktop\aion_hack_kinah_2.0_-_2.5.rar
Bitte um kurze Erläuterung was das genau sein sein und aus welcher Quelle es stammt.

Anschließend Logs mit GMER (<<< klick für Anleitung) und aswMBR (Anleitung etwas weiter unten) erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim zweiten Mal nicht will, lass es einfach weg und führ nur aswMBR aus.

aswMBR-Download => aswMBR.exe - speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe Vista und Win7 User mit Rechtsklick "als Admininstartor starten"
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 05.02.2013, 14:41   #6
FRANKY93
 
Arbeitsstationsdienst lässt sich nicht starten! - Standard

Arbeitsstationsdienst lässt sich nicht starten!



GMER 1/2

Code:
ATTFilter
GMER 2.0.18454 - hxxp://www.gmer.net
Rootkit scan 2013-02-05 14:15:35
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST975042 rev.0001 698,64GB
Running: gmer_2.0.18454.exe; Driver: C:\Users\Frank\AppData\Local\Temp\ugloypog.sys


---- User code sections - GMER 2.0 ----

.text  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1444] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                                        0000000076b7efe0 5 bytes JMP 000000016fff0148
.text  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1444] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                                                      0000000076ba99b0 7 bytes JMP 000000016fff00d8
.text  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1444] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                                                      0000000076bb94d0 5 bytes JMP 000000016fff0180
.text  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1444] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                                                      0000000076bb9640 5 bytes JMP 000000016fff0110
.text  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1444] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                                               0000000076bda500 7 bytes JMP 000000016fff01b8
.text  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1444] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                           000007fefd573460 7 bytes JMP 000007fffd5600d8
.text  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1444] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                             000007fefd579940 6 bytes JMP 000007fffd560148
.text  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1444] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                000007fefd579fb0 5 bytes JMP 000007fffd560180
.text  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1444] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                         000007fefd57a150 5 bytes JMP 000007fffd560110
.text  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1444] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                          000007fefd8189e0 8 bytes JMP 000007fffd5601f0
.text  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1444] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                        000007fefd81be40 8 bytes JMP 000007fffd5601b8
.text  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1444] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                                000007fefefa7490 11 bytes JMP 000007fffd560228
.text  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[1444] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                                               000007fefefbbf00 7 bytes JMP 000007fffd560260
.text  C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe[2432] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                                                             0000000074cc1429 5 bytes JMP 00000001701a1eb0
.text  C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe[2432] C:\Windows\syswow64\kernel32.dll!RegSetValueExA + 6                                                                         0000000074cc142f 1 byte INT3
.text  C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe[2432] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                                                    0000000074cdb223 5 bytes JMP 00000001701a1dc0
.text  C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe[2432] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                                                    0000000074d588f4 7 bytes JMP 00000001701a1db0
.text  C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe[2432] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                                                    0000000074d58979 5 bytes JMP 00000001701a1ea0
.text  C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe[2432] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                                                      0000000074d58ccf 5 bytes JMP 00000001701a1e30
.text  C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe[2432] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                                         0000000074fd1d1b 5 bytes JMP 00000001701a24b0
.text  C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe[2432] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                                       0000000074fd1dc9 5 bytes JMP 00000001701a2510
.text  C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe[2432] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                           0000000074fd2aa4 5 bytes JMP 00000001701a2580
.text  C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe[2432] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                              0000000074fd2d0a 5 bytes JMP 00000001701a26e0
.text  C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe[2432] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                                      000000007490e9a2 5 bytes JMP 00000001701a1a10
.text  C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe[2432] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                                        000000007490ebdc 5 bytes JMP 00000001701a1aa0
.text  C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe[2432] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                                                             00000000750f5ea5 5 bytes JMP 00000001701a1d00
.text  C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe[2432] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                                              0000000075129d0b 5 bytes JMP 00000001701a1c80
.text  C:\Windows\system32\taskeng.exe[2488] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                                                    000007fefd573460 7 bytes JMP 000007fffd5600d8
.text  C:\Windows\system32\taskeng.exe[2488] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                                                      000007fefd579940 6 bytes JMP 000007fffd560148
.text  C:\Windows\system32\taskeng.exe[2488] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                                         000007fefd579fb0 5 bytes JMP 000007fffd560180
.text  C:\Windows\system32\taskeng.exe[2488] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                                                  000007fefd57a150 5 bytes JMP 000007fffd560110
.text  C:\Windows\system32\taskeng.exe[2488] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                                   000007fefd8189e0 8 bytes JMP 000007fffd5601f0
.text  C:\Windows\system32\taskeng.exe[2488] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                                                 000007fefd81be40 8 bytes JMP 000007fffd5601b8
.text  C:\Windows\system32\taskeng.exe[2488] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                                                         000007fefefa7490 11 bytes JMP 000007fffd560228
.text  C:\Windows\system32\taskeng.exe[2488] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                                                                        000007fefefbbf00 7 bytes JMP 000007fffd560260
.text  C:\Windows\system32\Dwm.exe[2536] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                                                        000007fefd573460 7 bytes JMP 000007fffd5600d8
.text  C:\Windows\system32\Dwm.exe[2536] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                                                          000007fefd579940 6 bytes JMP 000007fffd560148
.text  C:\Windows\system32\Dwm.exe[2536] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                                             000007fefd579fb0 5 bytes JMP 000007fffd560180
.text  C:\Windows\system32\Dwm.exe[2536] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                                                      000007fefd57a150 5 bytes JMP 000007fffd560110
.text  C:\Windows\system32\Dwm.exe[2536] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                                       000007fefd8189e0 8 bytes JMP 000007fffd5601f0
.text  C:\Windows\system32\Dwm.exe[2536] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                                                     000007fefd81be40 8 bytes JMP 000007fffd5601b8
.text  C:\Windows\system32\taskeng.exe[2956] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                                                    000007fefd573460 7 bytes JMP 000007fffd5600d8
.text  C:\Windows\system32\taskeng.exe[2956] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                                                      000007fefd579940 6 bytes JMP 000007fffd560148
.text  C:\Windows\system32\taskeng.exe[2956] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                                         000007fefd579fb0 5 bytes JMP 000007fffd560180
.text  C:\Windows\system32\taskeng.exe[2956] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                                                  000007fefd57a150 5 bytes JMP 000007fffd560110
.text  C:\Windows\system32\taskeng.exe[2956] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                                   000007fefd8189e0 8 bytes JMP 000007fffd5601f0
.text  C:\Windows\system32\taskeng.exe[2956] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                                                 000007fefd81be40 8 bytes JMP 000007fffd5601b8
.text  C:\Windows\system32\taskeng.exe[2956] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                                                         000007fefefa7490 11 bytes JMP 000007fffd560228
.text  C:\Windows\system32\taskeng.exe[2956] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                                                                        000007fefefbbf00 7 bytes JMP 000007fffd560260
.text  C:\Windows\SysWOW64\ACEngSvr.exe[2176] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                                                                                       0000000074cc1429 5 bytes JMP 00000001701a1eb0
.text  C:\Windows\SysWOW64\ACEngSvr.exe[2176] C:\Windows\syswow64\kernel32.dll!RegSetValueExA + 6                                                                                                   0000000074cc142f 1 byte INT3
.text  C:\Windows\SysWOW64\ACEngSvr.exe[2176] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                                                                              0000000074cdb223 5 bytes JMP 00000001701a1dc0
.text  C:\Windows\SysWOW64\ACEngSvr.exe[2176] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                                                                              0000000074d588f4 7 bytes JMP 00000001701a1db0
.text  C:\Windows\SysWOW64\ACEngSvr.exe[2176] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                                                                              0000000074d58979 5 bytes JMP 00000001701a1ea0
.text  C:\Windows\SysWOW64\ACEngSvr.exe[2176] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                                                                                0000000074d58ccf 5 bytes JMP 00000001701a1e30
.text  C:\Windows\SysWOW64\ACEngSvr.exe[2176] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                                                                   0000000074fd1d1b 5 bytes JMP 00000001701a24b0
.text  C:\Windows\SysWOW64\ACEngSvr.exe[2176] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                                                                 0000000074fd1dc9 5 bytes JMP 00000001701a2510
.text  C:\Windows\SysWOW64\ACEngSvr.exe[2176] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                                                     0000000074fd2aa4 5 bytes JMP 00000001701a2580
.text  C:\Windows\SysWOW64\ACEngSvr.exe[2176] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                                                        0000000074fd2d0a 5 bytes JMP 00000001701a26e0
.text  C:\Windows\SysWOW64\ACEngSvr.exe[2176] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                                                                000000007490e9a2 5 bytes JMP 00000001701a1a10
.text  C:\Windows\SysWOW64\ACEngSvr.exe[2176] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                                  000000007490ebdc 5 bytes JMP 00000001701a1aa0
.text  C:\Windows\SysWOW64\ACEngSvr.exe[2176] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                                                                                       00000000750f5ea5 5 bytes JMP 00000001701a1d00
.text  C:\Windows\SysWOW64\ACEngSvr.exe[2176] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                                                                        0000000075129d0b 5 bytes JMP 00000001701a1c80
.text  C:\Windows\System32\igfxpers.exe[2800] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                                                                0000000076b7efe0 5 bytes JMP 000000016fff0148
.text  C:\Windows\System32\igfxpers.exe[2800] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                                                                              0000000076ba99b0 7 bytes JMP 000000016fff00d8
.text  C:\Windows\System32\igfxpers.exe[2800] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                                                                              0000000076bb94d0 5 bytes JMP 000000016fff0180
.text  C:\Windows\System32\igfxpers.exe[2800] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                                                                              0000000076bb9640 5 bytes JMP 000000016fff0110
.text  C:\Windows\System32\igfxpers.exe[2800] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                                                                       0000000076bda500 7 bytes JMP 000000016fff01b8
.text  C:\Windows\System32\igfxpers.exe[2800] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                                                   000007fefd573460 7 bytes JMP 000007fffd5600d8
.text  C:\Windows\System32\igfxpers.exe[2800] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                                                     000007fefd579940 6 bytes JMP 000007fffd560148
.text  C:\Windows\System32\igfxpers.exe[2800] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                                        000007fefd579fb0 5 bytes JMP 000007fffd560180
.text  C:\Windows\System32\igfxpers.exe[2800] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                                                 000007fefd57a150 5 bytes JMP 000007fffd560110
.text  C:\Windows\System32\igfxpers.exe[2800] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                                  000007fefd8189e0 8 bytes JMP 000007fffd5601f0
.text  C:\Windows\System32\igfxpers.exe[2800] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                                                000007fefd81be40 8 bytes JMP 000007fffd5601b8
.text  C:\Windows\System32\igfxpers.exe[2800] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                                                        000007fefefa7490 11 bytes JMP 000007fffd560228
.text  C:\Windows\System32\igfxpers.exe[2800] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                                                                       000007fefefbbf00 7 bytes JMP 000007fffd560260
.text  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[2836] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                                                  0000000076b7efe0 5 bytes JMP 000000016fff0148
.text  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[2836] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                                                                0000000076ba99b0 7 bytes JMP 000000016fff00d8
.text  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[2836] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                                                                0000000076bb94d0 5 bytes JMP 000000016fff0180
.text  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[2836] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                                                                0000000076bb9640 5 bytes JMP 000000016fff0110
.text  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[2836] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                                                         0000000076bda500 7 bytes JMP 000000016fff01b8
.text  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[2836] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                                     000007fefd573460 7 bytes JMP 000007fffd5600d8
.text  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[2836] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                                       000007fefd579940 6 bytes JMP 000007fffd560148
.text  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[2836] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                          000007fefd579fb0 5 bytes JMP 000007fffd560180
.text  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[2836] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                                   000007fefd57a150 5 bytes JMP 000007fffd560110
.text  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[2836] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                                          000007fefefa7490 11 bytes JMP 000007fffd560228
.text  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[2836] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                                                         000007fefefbbf00 7 bytes JMP 000007fffd560260
.text  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[2836] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                    000007fefd8189e0 8 bytes JMP 000007fffd5601f0
.text  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[2836] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                                  000007fefd81be40 8 bytes JMP 000007fffd5601b8
.text  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2852] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                                                   0000000076b7efe0 5 bytes JMP 000000016fff0148
.text  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2852] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                                                                 0000000076ba99b0 7 bytes JMP 000000016fff00d8
.text  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2852] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                                                                 0000000076bb94d0 5 bytes JMP 000000016fff0180
.text  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2852] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                                                                 0000000076bb9640 5 bytes JMP 000000016fff0110
.text  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2852] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                                                          0000000076bda500 7 bytes JMP 000000016fff01b8
.text  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2852] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                                      000007fefd573460 7 bytes JMP 000007fffd5600d8
.text  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2852] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                                        000007fefd579940 6 bytes JMP 000007fffd560148
.text  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2852] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                           000007fefd579fb0 5 bytes JMP 000007fffd560180
.text  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2852] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                                    000007fefd57a150 5 bytes JMP 000007fffd560110
.text  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2852] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                     000007fefd8189e0 8 bytes JMP 000007fffd5601f0
.text  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2852] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                                   000007fefd81be40 8 bytes JMP 000007fffd5601b8
.text  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2852] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                                           000007fefefa7490 11 bytes JMP 000007fffd560228
.text  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[2852] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                                                          000007fefefbbf00 7 bytes JMP 000007fffd560260
.text  C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2952] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                                 0000000076b7efe0 5 bytes JMP 000000016fff0148
.text  C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2952] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                                               0000000076ba99b0 7 bytes JMP 000000016fff00d8
.text  C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2952] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                                               0000000076bb94d0 5 bytes JMP 000000016fff0180
.text  C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2952] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                                               0000000076bb9640 5 bytes JMP 000000016fff0110
.text  C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2952] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                                        0000000076bda500 7 bytes JMP 000000016fff01b8
.text  C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2952] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                    000007fefd573460 7 bytes JMP 000007fffd5600d8
.text  C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2952] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                      000007fefd579940 6 bytes JMP 000007fffd560148
.text  C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2952] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                         000007fefd579fb0 5 bytes JMP 000007fffd560180
.text  C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2952] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                  000007fefd57a150 5 bytes JMP 000007fffd560110
.text  C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2952] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                   000007fefd8189e0 8 bytes JMP 000007fffd5601f0
.text  C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2952] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                 000007fefd81be40 8 bytes JMP 000007fffd5601b8
.text  C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2952] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                         000007fefefa7490 11 bytes JMP 000007fffd560228
.text  C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe[2952] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                                        000007fefefbbf00 7 bytes JMP 000007fffd560260
.text  C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                                  0000000076b7efe0 5 bytes JMP 000000016fff0148
.text  C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                                                0000000076ba99b0 7 bytes JMP 000000016fff00d8
.text  C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                                                0000000076bb94d0 5 bytes JMP 000000016fff0180
.text  C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                                                0000000076bb9640 5 bytes JMP 000000016fff0110
.text  C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                                         0000000076bda500 7 bytes JMP 000000016fff01b8
.text  C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                     000007fefd573460 7 bytes JMP 000007fffd5600d8
.text  C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                       000007fefd579940 6 bytes JMP 000007fffd560148
.text  C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                          000007fefd579fb0 5 bytes JMP 000007fffd560180
.text  C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                   000007fefd57a150 5 bytes JMP 000007fffd560110
.text  C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                    000007fefd8189e0 8 bytes JMP 000007fffd5601f0
.text  C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                  000007fefd81be40 8 bytes JMP 000007fffd5601b8
.text  C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                          000007fefefa7490 11 bytes JMP 000007fffd560228
.text  C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                                         000007fefefbbf00 7 bytes JMP 000007fffd560260
.text  C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                                 0000000076b7efe0 5 bytes JMP 000000016fff0148
.text  C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                                               0000000076ba99b0 7 bytes JMP 000000016fff00d8
.text  C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                                               0000000076bb94d0 5 bytes JMP 000000016fff0180
.text  C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                                               0000000076bb9640 5 bytes JMP 000000016fff0110
.text  C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                                        0000000076bda500 7 bytes JMP 000000016fff01b8
.text  C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                    000007fefd573460 7 bytes JMP 000007fffd4b00d8
.text  C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                      000007fefd579940 6 bytes JMP 000007fffd4b0148
.text  C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                         000007fefd579fb0 5 bytes JMP 000007fffd4b0180
.text  C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                  000007fefd57a150 5 bytes JMP 000007fffd4b0110
.text  C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                   000007fefd8189e0 8 bytes JMP 000007fffd4b01f0
.text  C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                 000007fefd81be40 8 bytes JMP 000007fffd4b01b8
.text  C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                         000007fefefa7490 11 bytes JMP 000007fffd4b0228
.text  C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                                        000007fefefbbf00 7 bytes JMP 000007fffd4b0260
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                                                       0000000074cc1429 5 bytes JMP 00000001701a1eb0
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\kernel32.dll!RegSetValueExA + 6                                                                   0000000074cc142f 1 byte INT3
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                                              0000000074cdb223 5 bytes JMP 00000001701a1dc0
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                                              0000000074d588f4 7 bytes JMP 00000001701a1db0
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                                              0000000074d58979 5 bytes JMP 00000001701a1ea0
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                                                0000000074d58ccf 5 bytes JMP 00000001701a1e30
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                                   0000000074fd1d1b 5 bytes JMP 00000001701a24b0
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                                 0000000074fd1dc9 5 bytes JMP 00000001701a2510
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                     0000000074fd2aa4 5 bytes JMP 00000001701a2580
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                        0000000074fd2d0a 5 bytes JMP 00000001701a26e0
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                               0000000076511401 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                 0000000076511419 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                               0000000076511431 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                               000000007651144a 2 bytes [51, 76]
.text  ...                                                                                                                                                                                          * 9
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                  00000000765114dd 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                           00000000765114f5 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                  000000007651150d 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                           0000000076511525 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                 000000007651153d 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                      0000000076511555 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                               000000007651156d 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                 0000000076511585 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                    000000007651159d 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                 00000000765115b5 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                               00000000765115cd 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                           00000000765116b2 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                           00000000765116bd 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                                000000007490e9a2 5 bytes JMP 00000001701a1a10
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                                  000000007490ebdc 5 bytes JMP 00000001701a1aa0
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                                                       00000000750f5ea5 5 bytes JMP 00000001701a1d00
.text  C:\Program Files (x86)\syncables\syncables desktop\syncables.exe[3076] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                                        0000000075129d0b 5 bytes JMP 00000001701a1c80
.text  C:\Program Files\Windows Sidebar\sidebar.exe[3084] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                                                    0000000076b7efe0 5 bytes JMP 000000016fff0148
.text  C:\Program Files\Windows Sidebar\sidebar.exe[3084] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                                                                  0000000076ba99b0 7 bytes JMP 000000016fff00d8
.text  C:\Program Files\Windows Sidebar\sidebar.exe[3084] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                                                                  0000000076bb94d0 5 bytes JMP 000000016fff0180
.text  C:\Program Files\Windows Sidebar\sidebar.exe[3084] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                                                                  0000000076bb9640 5 bytes JMP 000000016fff0110
.text  C:\Program Files\Windows Sidebar\sidebar.exe[3084] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                                                           0000000076bda500 7 bytes JMP 000000016fff01b8
.text  C:\Program Files\Windows Sidebar\sidebar.exe[3084] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                                       000007fefd573460 7 bytes JMP 000007fffd5600d8
.text  C:\Program Files\Windows Sidebar\sidebar.exe[3084] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                                         000007fefd579940 6 bytes JMP 000007fffd560148
.text  C:\Program Files\Windows Sidebar\sidebar.exe[3084] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                            000007fefd579fb0 5 bytes JMP 000007fffd560180
.text  C:\Program Files\Windows Sidebar\sidebar.exe[3084] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                                     000007fefd57a150 5 bytes JMP 000007fffd560110
.text  C:\Program Files\Windows Sidebar\sidebar.exe[3084] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                      000007fefd8189e0 8 bytes JMP 000007fffd5601f0
.text  C:\Program Files\Windows Sidebar\sidebar.exe[3084] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                                    000007fefd81be40 8 bytes JMP 000007fffd5601b8
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                                                   0000000074cc1429 5 bytes JMP 00000001701a1eb0
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\kernel32.dll!RegSetValueExA + 6                                                               0000000074cc142f 1 byte INT3
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                                          0000000074cdb223 5 bytes JMP 00000001701a1dc0
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                                          0000000074d588f4 7 bytes JMP 00000001701a1db0
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                                          0000000074d58979 5 bytes JMP 00000001701a1ea0
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                                            0000000074d58ccf 5 bytes JMP 00000001701a1e30
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                               0000000074fd1d1b 5 bytes JMP 00000001701a24b0
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                             0000000074fd1dc9 5 bytes JMP 00000001701a2510
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                 0000000074fd2aa4 5 bytes JMP 00000001701a2580
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                    0000000074fd2d0a 5 bytes JMP 00000001701a26e0
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                            000000007490e9a2 5 bytes JMP 00000001701a1a10
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                              000000007490ebdc 5 bytes JMP 00000001701a1aa0
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                                                   00000000750f5ea5 5 bytes JMP 00000001701a1d00
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                                    0000000075129d0b 5 bytes JMP 00000001701a1c80
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                           0000000076511401 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                             0000000076511419 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                           0000000076511431 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                           000000007651144a 2 bytes [51, 76]
.text  ...                                                                                                                                                                                          * 9
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                              00000000765114dd 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                       00000000765114f5 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                              000000007651150d 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                       0000000076511525 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                             000000007651153d 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                  0000000076511555 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                           000000007651156d 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                             0000000076511585 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                000000007651159d 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                             00000000765115b5 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                           00000000765115cd 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                       00000000765116b2 2 bytes [51, 76]
.text  C:\Program Files (x86)\syncables\syncables desktop\jre\bin\javaw.exe[3204] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                       00000000765116bd 2 bytes [51, 76]
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe[3568] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                                                            0000000074cc1429 5 bytes JMP 00000001701a1eb0
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe[3568] C:\Windows\syswow64\kernel32.dll!RegSetValueExA + 6                                                                        0000000074cc142f 1 byte INT3
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe[3568] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                                                   0000000074cdb223 5 bytes JMP 00000001701a1dc0
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe[3568] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                                                   0000000074d588f4 7 bytes JMP 00000001701a1db0
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe[3568] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                                                   0000000074d58979 5 bytes JMP 00000001701a1ea0
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe[3568] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                                                     0000000074d58ccf 5 bytes JMP 00000001701a1e30
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe[3568] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                                        0000000074fd1d1b 5 bytes JMP 00000001701a24b0
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe[3568] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                                      0000000074fd1dc9 5 bytes JMP 00000001701a2510
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe[3568] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                          0000000074fd2aa4 5 bytes JMP 00000001701a2580
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe[3568] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                             0000000074fd2d0a 5 bytes JMP 00000001701a26e0
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe[3568] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                                     000000007490e9a2 5 bytes JMP 00000001701a1a10
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe[3568] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                                       000000007490ebdc 5 bytes JMP 00000001701a1aa0
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe[3568] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                                                            00000000750f5ea5 5 bytes JMP 00000001701a1d00
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe[3568] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                                             0000000075129d0b 5 bytes JMP 00000001701a1c80
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                                                                                                0000000074cc1429 5 bytes JMP 00000001701a1eb0
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\kernel32.dll!RegSetValueExA + 6                                                                                                            0000000074cc142f 1 byte INT3
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                                                                                       0000000074cdb223 5 bytes JMP 00000001701a1dc0
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                                                                                       0000000074d588f4 7 bytes JMP 00000001701a1db0
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                                                                                       0000000074d58979 5 bytes JMP 00000001701a1ea0
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                                                                                         0000000074d58ccf 5 bytes JMP 00000001701a1e30
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                                                                            0000000074fd1d1b 5 bytes JMP 00000001701a24b0
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                                                                          0000000074fd1dc9 5 bytes JMP 00000001701a2510
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                                                              0000000074fd2aa4 5 bytes JMP 00000001701a2580
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                                                                 0000000074fd2d0a 5 bytes JMP 00000001701a26e0
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                                                                         000000007490e9a2 5 bytes JMP 00000001701a1a10
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                                           000000007490ebdc 5 bytes JMP 00000001701a1aa0
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                                                                                                00000000750f5ea5 5 bytes JMP 00000001701a1d00
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                                                                                 0000000075129d0b 5 bytes JMP 00000001701a1c80
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                                                        0000000076511401 2 bytes [51, 76]
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                                                          0000000076511419 2 bytes [51, 76]
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                                                        0000000076511431 2 bytes [51, 76]
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                                                        000000007651144a 2 bytes [51, 76]
.text  ...                                                                                                                                                                                          * 9
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                                                           00000000765114dd 2 bytes [51, 76]
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                                                    00000000765114f5 2 bytes [51, 76]
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                                                           000000007651150d 2 bytes [51, 76]
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                                                    0000000076511525 2 bytes [51, 76]
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                                                          000000007651153d 2 bytes [51, 76]
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                                               0000000076511555 2 bytes [51, 76]
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                                                        000000007651156d 2 bytes [51, 76]
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                                                          0000000076511585 2 bytes [51, 76]
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                                             000000007651159d 2 bytes [51, 76]
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                                                          00000000765115b5 2 bytes [51, 76]
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                                                        00000000765115cd 2 bytes [51, 76]
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                                                    00000000765116b2 2 bytes [51, 76]
.text  C:\Windows\AsScrPro.exe[3760] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                                                    00000000765116bd 2 bytes [51, 76]
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                                                            0000000074cc1429 5 bytes JMP 00000001701a1eb0
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\kernel32.dll!RegSetValueExA + 6                                                                        0000000074cc142f 1 byte INT3
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                                                   0000000074cdb223 5 bytes JMP 00000001701a1dc0
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                                                   0000000074d588f4 7 bytes JMP 00000001701a1db0
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                                                   0000000074d58979 5 bytes JMP 00000001701a1ea0
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                                                     0000000074d58ccf 5 bytes JMP 00000001701a1e30
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                                        0000000074fd1d1b 5 bytes JMP 00000001701a24b0
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                                      0000000074fd1dc9 5 bytes JMP 00000001701a2510
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                          0000000074fd2aa4 5 bytes JMP 00000001701a2580
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                             0000000074fd2d0a 5 bytes JMP 00000001701a26e0
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                                     000000007490e9a2 5 bytes JMP 00000001701a1a10
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                                       000000007490ebdc 5 bytes JMP 00000001701a1aa0
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                                                            00000000750f5ea5 5 bytes JMP 00000001701a1d00
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                                             0000000075129d0b 5 bytes JMP 00000001701a1c80
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                    0000000076511401 2 bytes [51, 76]
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                      0000000076511419 2 bytes [51, 76]
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                    0000000076511431 2 bytes [51, 76]
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                    000000007651144a 2 bytes [51, 76]
.text  ...                                                                                                                                                                                          * 9
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                       00000000765114dd 2 bytes [51, 76]
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                00000000765114f5 2 bytes [51, 76]
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                       000000007651150d 2 bytes [51, 76]
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                0000000076511525 2 bytes [51, 76]
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                      000000007651153d 2 bytes [51, 76]
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                           0000000076511555 2 bytes [51, 76]
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                    000000007651156d 2 bytes [51, 76]
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                      0000000076511585 2 bytes [51, 76]
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                         000000007651159d 2 bytes [51, 76]
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                      00000000765115b5 2 bytes [51, 76]
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                    00000000765115cd 2 bytes [51, 76]
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                00000000765116b2 2 bytes [51, 76]
.text  C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[3768] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                00000000765116bd 2 bytes [51, 76]
.text  C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe[4076] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                                                                  0000000074cc1429 5 bytes JMP 00000001701a1eb0
.text  C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe[4076] C:\Windows\syswow64\kernel32.dll!RegSetValueExA + 6                                                                              0000000074cc142f 1 byte INT3
.text  C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe[4076] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                                                         0000000074cdb223 5 bytes JMP 00000001701a1dc0
.text  C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe[4076] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                                                         0000000074d588f4 7 bytes JMP 00000001701a1db0
.text  C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe[4076] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                                                         0000000074d58979 5 bytes JMP 00000001701a1ea0
.text  C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe[4076] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                                                           0000000074d58ccf 5 bytes JMP 00000001701a1e30
.text  C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe[4076] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                                              0000000074fd1d1b 5 bytes JMP 00000001701a24b0
.text  C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe[4076] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                                            0000000074fd1dc9 5 bytes JMP 00000001701a2510
.text  C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe[4076] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                                0000000074fd2aa4 5 bytes JMP 00000001701a2580
.text  C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe[4076] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                                   0000000074fd2d0a 5 bytes JMP 00000001701a26e0
.text  C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe[4076] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                                           000000007490e9a2 5 bytes JMP 00000001701a1a10
.text  C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe[4076] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                                             000000007490ebdc 5 bytes JMP 00000001701a1aa0
.text  C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe[4076] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                                                                  00000000750f5ea5 5 bytes JMP 00000001701a1d00
.text  C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe[4076] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                                                   0000000075129d0b 5 bytes JMP 00000001701a1c80
.text  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[2704] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                                          0000000076b7efe0 5 bytes JMP 000000016fff0148
.text  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[2704] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                                                        0000000076ba99b0 7 bytes JMP 000000016fff00d8
.text  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[2704] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                                                        0000000076bb94d0 5 bytes JMP 000000016fff0180
.text  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[2704] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                                                        0000000076bb9640 5 bytes JMP 000000016fff0110
.text  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[2704] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                                                 0000000076bda500 7 bytes JMP 000000016fff01b8
.text  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[2704] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                             000007fefd573460 7 bytes JMP 000007fffd5600d8
.text  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[2704] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                               000007fefd579940 6 bytes JMP 000007fffd560148
.text  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[2704] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                  000007fefd579fb0 5 bytes JMP 000007fffd560180
.text  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[2704] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                           000007fefd57a150 5 bytes JMP 000007fffd560110
.text  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[2704] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                            000007fefd8189e0 8 bytes JMP 000007fffd5601f0
.text  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe[2704] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                          000007fefd81be40 8 bytes JMP 000007fffd5601b8
         

Alt 05.02.2013, 14:42   #7
FRANKY93
 
Arbeitsstationsdienst lässt sich nicht starten! - Standard

Arbeitsstationsdienst lässt sich nicht starten!



GMER 2/2

Code:
ATTFilter
.text  C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe[3668] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                                                            0000000074cc1429 5 bytes JMP 00000001701a1eb0
.text  C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe[3668] C:\Windows\syswow64\kernel32.dll!RegSetValueExA + 6                                                                        0000000074cc142f 1 byte INT3
.text  C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe[3668] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                                                   0000000074cdb223 5 bytes JMP 00000001701a1dc0
.text  C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe[3668] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                                                   0000000074d588f4 7 bytes JMP 00000001701a1db0
.text  C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe[3668] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                                                   0000000074d58979 5 bytes JMP 00000001701a1ea0
.text  C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe[3668] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                                                     0000000074d58ccf 5 bytes JMP 00000001701a1e30
.text  C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe[3668] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                                        0000000074fd1d1b 5 bytes JMP 00000001701a24b0
.text  C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe[3668] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                                      0000000074fd1dc9 5 bytes JMP 00000001701a2510
.text  C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe[3668] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                          0000000074fd2aa4 5 bytes JMP 00000001701a2580
.text  C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe[3668] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                             0000000074fd2d0a 5 bytes JMP 00000001701a26e0
.text  C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe[3668] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                                                            00000000750f5ea5 5 bytes JMP 00000001701a1d00
.text  C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe[3668] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                                             0000000075129d0b 5 bytes JMP 00000001701a1c80
.text  C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe[3668] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                                     000000007490e9a2 5 bytes JMP 00000001701a1a10
.text  C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe[3668] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                                       000000007490ebdc 5 bytes JMP 00000001701a1aa0
.text  C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe[3480] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                                                           0000000074cc1429 5 bytes JMP 00000001701a1eb0
.text  C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe[3480] C:\Windows\syswow64\kernel32.dll!RegSetValueExA + 6                                                                       0000000074cc142f 1 byte INT3
.text  C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe[3480] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                                                  0000000074cdb223 5 bytes JMP 00000001701a1dc0
.text  C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe[3480] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                                                  0000000074d588f4 7 bytes JMP 00000001701a1db0
.text  C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe[3480] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                                                  0000000074d58979 5 bytes JMP 00000001701a1ea0
.text  C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe[3480] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                                                    0000000074d58ccf 5 bytes JMP 00000001701a1e30
.text  C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe[3480] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                                       0000000074fd1d1b 5 bytes JMP 00000001701a24b0
.text  C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe[3480] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                                     0000000074fd1dc9 5 bytes JMP 00000001701a2510
.text  C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe[3480] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                         0000000074fd2aa4 5 bytes JMP 00000001701a2580
.text  C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe[3480] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                            0000000074fd2d0a 5 bytes JMP 00000001701a26e0
.text  C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe[3480] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                                    000000007490e9a2 5 bytes JMP 00000001701a1a10
.text  C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe[3480] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                                      000000007490ebdc 5 bytes JMP 00000001701a1aa0
.text  C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe[3480] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                                                           00000000750f5ea5 5 bytes JMP 00000001701a1d00
.text  C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe[3480] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                                            0000000075129d0b 5 bytes JMP 00000001701a1c80
.text  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe[3360] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                                                    0000000074cc1429 5 bytes JMP 00000001701a1eb0
.text  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe[3360] C:\Windows\syswow64\kernel32.dll!RegSetValueExA + 6                                                                0000000074cc142f 1 byte INT3
.text  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe[3360] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                                           0000000074cdb223 5 bytes JMP 00000001701a1dc0
.text  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe[3360] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                                           0000000074d588f4 7 bytes JMP 00000001701a1db0
.text  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe[3360] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                                           0000000074d58979 5 bytes JMP 00000001701a1ea0
.text  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe[3360] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                                             0000000074d58ccf 5 bytes JMP 00000001701a1e30
.text  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe[3360] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                                0000000074fd1d1b 5 bytes JMP 00000001701a24b0
.text  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe[3360] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                              0000000074fd1dc9 5 bytes JMP 00000001701a2510
.text  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe[3360] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                  0000000074fd2aa4 5 bytes JMP 00000001701a2580
.text  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe[3360] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                     0000000074fd2d0a 5 bytes JMP 00000001701a26e0
.text  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe[3360] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                             000000007490e9a2 5 bytes JMP 00000001701a1a10
.text  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe[3360] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                               000000007490ebdc 5 bytes JMP 00000001701a1aa0
.text  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe[3360] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                                                    00000000750f5ea5 5 bytes JMP 00000001701a1d00
.text  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe[3360] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                                     0000000075129d0b 5 bytes JMP 00000001701a1c80
.text  C:\Program Files (x86)\CyberLink\Shared files\brs.exe[3692] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                                                                  0000000074cc1429 5 bytes JMP 00000001701a1eb0
.text  C:\Program Files (x86)\CyberLink\Shared files\brs.exe[3692] C:\Windows\syswow64\kernel32.dll!RegSetValueExA + 6                                                                              0000000074cc142f 1 byte INT3
.text  C:\Program Files (x86)\CyberLink\Shared files\brs.exe[3692] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                                                         0000000074cdb223 5 bytes JMP 00000001701a1dc0
.text  C:\Program Files (x86)\CyberLink\Shared files\brs.exe[3692] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                                                         0000000074d588f4 7 bytes JMP 00000001701a1db0
.text  C:\Program Files (x86)\CyberLink\Shared files\brs.exe[3692] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                                                         0000000074d58979 5 bytes JMP 00000001701a1ea0
.text  C:\Program Files (x86)\CyberLink\Shared files\brs.exe[3692] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                                                           0000000074d58ccf 5 bytes JMP 00000001701a1e30
.text  C:\Program Files (x86)\CyberLink\Shared files\brs.exe[3692] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                                              0000000074fd1d1b 5 bytes JMP 00000001701a24b0
.text  C:\Program Files (x86)\CyberLink\Shared files\brs.exe[3692] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                                            0000000074fd1dc9 5 bytes JMP 00000001701a2510
.text  C:\Program Files (x86)\CyberLink\Shared files\brs.exe[3692] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                                0000000074fd2aa4 5 bytes JMP 00000001701a2580
.text  C:\Program Files (x86)\CyberLink\Shared files\brs.exe[3692] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                                   0000000074fd2d0a 5 bytes JMP 00000001701a26e0
.text  C:\Program Files (x86)\CyberLink\Shared files\brs.exe[3692] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                                           000000007490e9a2 5 bytes JMP 00000001701a1a10
.text  C:\Program Files (x86)\CyberLink\Shared files\brs.exe[3692] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                                             000000007490ebdc 5 bytes JMP 00000001701a1aa0
.text  C:\Program Files (x86)\CyberLink\Shared files\brs.exe[3692] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                                                                  00000000750f5ea5 5 bytes JMP 00000001701a1d00
.text  C:\Program Files (x86)\CyberLink\Shared files\brs.exe[3692] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                                                   0000000075129d0b 5 bytes JMP 00000001701a1c80
.text  C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe[3344] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                                                            0000000074cc1429 5 bytes JMP 00000001701a1eb0
.text  C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe[3344] C:\Windows\syswow64\kernel32.dll!RegSetValueExA + 6                                                                        0000000074cc142f 1 byte INT3
.text  C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe[3344] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                                                   0000000074cdb223 5 bytes JMP 00000001701a1dc0
.text  C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe[3344] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                                                   0000000074d588f4 7 bytes JMP 00000001701a1db0
.text  C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe[3344] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                                                   0000000074d58979 5 bytes JMP 00000001701a1ea0
.text  C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe[3344] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                                                     0000000074d58ccf 5 bytes JMP 00000001701a1e30
.text  C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe[3344] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                                        0000000074fd1d1b 5 bytes JMP 00000001701a24b0
.text  C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe[3344] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                                      0000000074fd1dc9 5 bytes JMP 00000001701a2510
.text  C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe[3344] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                          0000000074fd2aa4 5 bytes JMP 00000001701a2580
.text  C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe[3344] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                             0000000074fd2d0a 5 bytes JMP 00000001701a26e0
.text  C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe[3344] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                                     000000007490e9a2 5 bytes JMP 00000001701a1a10
.text  C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe[3344] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                                       000000007490ebdc 5 bytes JMP 00000001701a1aa0
.text  C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe[3344] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                                                            00000000750f5ea5 5 bytes JMP 00000001701a1d00
.text  C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe[3344] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                                             0000000075129d0b 5 bytes JMP 00000001701a1c80
.text  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2400] C:\Windows\system32\kernel32.dll!K32GetMappedFileNameW                                                                                 0000000076b7efe0 5 bytes JMP 000000016fff0148
.text  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2400] C:\Windows\system32\kernel32.dll!K32EnumProcessModulesEx                                                                               0000000076ba99b0 7 bytes JMP 000000016fff00d8
.text  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2400] C:\Windows\system32\kernel32.dll!K32GetModuleInformation                                                                               0000000076bb94d0 5 bytes JMP 000000016fff0180
.text  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2400] C:\Windows\system32\kernel32.dll!K32GetModuleFileNameExW                                                                               0000000076bb9640 5 bytes JMP 000000016fff0110
.text  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2400] C:\Windows\system32\kernel32.dll!RegSetValueExA                                                                                        0000000076bda500 7 bytes JMP 000000016fff01b8
.text  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2400] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                                    000007fefd573460 7 bytes JMP 000007fffd5600d8
.text  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2400] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                                      000007fefd579940 6 bytes JMP 000007fffd560148
.text  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2400] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                         000007fefd579fb0 5 bytes JMP 000007fffd560180
.text  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2400] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                                  000007fefd57a150 5 bytes JMP 000007fffd560110
.text  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2400] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                   000007fefd8189e0 8 bytes JMP 000007fffd5601f0
.text  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2400] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                                 000007fefd81be40 8 bytes JMP 000007fffd5601b8
.text  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2400] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                                         000007fefefa7490 11 bytes JMP 000007fffd560228
.text  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe[2400] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                                                        000007fefefbbf00 7 bytes JMP 000007fffd560260
.text  C:\Windows\SysWOW64\PnkBstrA.exe[3124] C:\Windows\SysWOW64\WSOCK32.dll!recv + 82                                                                                                             00000000745017fa 2 bytes [50, 74]
.text  C:\Windows\SysWOW64\PnkBstrA.exe[3124] C:\Windows\SysWOW64\WSOCK32.dll!recvfrom + 88                                                                                                         0000000074501860 2 bytes [50, 74]
.text  C:\Windows\SysWOW64\PnkBstrA.exe[3124] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 98                                                                                                       0000000074501942 2 bytes [50, 74]
.text  C:\Windows\SysWOW64\PnkBstrA.exe[3124] C:\Windows\SysWOW64\WSOCK32.dll!setsockopt + 109                                                                                                      000000007450194d 2 bytes [50, 74]
.text  C:\Program Files (x86)\iTunes\iTunesHelper.exe[4632] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                                                                         0000000074cc1429 5 bytes JMP 00000001701a1eb0
.text  C:\Program Files (x86)\iTunes\iTunesHelper.exe[4632] C:\Windows\syswow64\kernel32.dll!RegSetValueExA + 6                                                                                     0000000074cc142f 1 byte INT3
.text  C:\Program Files (x86)\iTunes\iTunesHelper.exe[4632] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                                                                0000000074cdb223 5 bytes JMP 00000001701a1dc0
.text  C:\Program Files (x86)\iTunes\iTunesHelper.exe[4632] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                                                                0000000074d588f4 7 bytes JMP 00000001701a1db0
.text  C:\Program Files (x86)\iTunes\iTunesHelper.exe[4632] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                                                                0000000074d58979 5 bytes JMP 00000001701a1ea0
.text  C:\Program Files (x86)\iTunes\iTunesHelper.exe[4632] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                                                                  0000000074d58ccf 5 bytes JMP 00000001701a1e30
.text  C:\Program Files (x86)\iTunes\iTunesHelper.exe[4632] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                                                     0000000074fd1d1b 5 bytes JMP 00000001701a24b0
.text  C:\Program Files (x86)\iTunes\iTunesHelper.exe[4632] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                                                   0000000074fd1dc9 5 bytes JMP 00000001701a2510
.text  C:\Program Files (x86)\iTunes\iTunesHelper.exe[4632] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                                       0000000074fd2aa4 5 bytes JMP 00000001701a2580
.text  C:\Program Files (x86)\iTunes\iTunesHelper.exe[4632] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                                          0000000074fd2d0a 5 bytes JMP 00000001701a26e0
.text  C:\Program Files (x86)\iTunes\iTunesHelper.exe[4632] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                                                  000000007490e9a2 5 bytes JMP 00000001701a1a10
.text  C:\Program Files (x86)\iTunes\iTunesHelper.exe[4632] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                    000000007490ebdc 5 bytes JMP 00000001701a1aa0
.text  C:\Program Files (x86)\iTunes\iTunesHelper.exe[4632] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                                                                         00000000750f5ea5 5 bytes JMP 00000001701a1d00
.text  C:\Program Files (x86)\iTunes\iTunesHelper.exe[4632] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                                                          0000000075129d0b 5 bytes JMP 00000001701a1c80
.text  C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[5224] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                         0000000076511401 2 bytes [51, 76]
.text  C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[5224] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                           0000000076511419 2 bytes [51, 76]
.text  C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[5224] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                         0000000076511431 2 bytes [51, 76]
.text  C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[5224] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                         000000007651144a 2 bytes [51, 76]
.text  ...                                                                                                                                                                                          * 9
.text  C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[5224] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                            00000000765114dd 2 bytes [51, 76]
.text  C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[5224] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                     00000000765114f5 2 bytes [51, 76]
.text  C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[5224] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                            000000007651150d 2 bytes [51, 76]
.text  C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[5224] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                     0000000076511525 2 bytes [51, 76]
.text  C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[5224] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                           000000007651153d 2 bytes [51, 76]
.text  C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[5224] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                0000000076511555 2 bytes [51, 76]
.text  C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[5224] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                         000000007651156d 2 bytes [51, 76]
.text  C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[5224] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                           0000000076511585 2 bytes [51, 76]
.text  C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[5224] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                              000000007651159d 2 bytes [51, 76]
.text  C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[5224] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                           00000000765115b5 2 bytes [51, 76]
.text  C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[5224] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                         00000000765115cd 2 bytes [51, 76]
.text  C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[5224] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                     00000000765116b2 2 bytes [51, 76]
.text  C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[5224] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                     00000000765116bd 2 bytes [51, 76]
.text  C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[5952] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                                   000007fefd573460 7 bytes JMP 000007fffd5600d8
.text  C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[5952] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                                     000007fefd579940 6 bytes JMP 000007fffd560148
.text  C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[5952] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                        000007fefd579fb0 5 bytes JMP 000007fffd560180
.text  C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[5952] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                                 000007fefd57a150 5 bytes JMP 000007fffd560110
.text  C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[5952] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                  000007fefd8189e0 8 bytes JMP 000007fffd5601f0
.text  C:\Program Files\Synaptics\SynTP\SynTPHelper.exe[5952] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                                000007fefd81be40 8 bytes JMP 000007fffd5601b8
.text  C:\Windows\system32\wbem\unsecapp.exe[6060] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                                                              000007fefd573460 7 bytes JMP 000007fffd5600d8
.text  C:\Windows\system32\wbem\unsecapp.exe[6060] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                                                000007fefd579940 6 bytes JMP 000007fffd560148
.text  C:\Windows\system32\wbem\unsecapp.exe[6060] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                                                   000007fefd579fb0 5 bytes JMP 000007fffd560180
.text  C:\Windows\system32\wbem\unsecapp.exe[6060] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                                                            000007fefd57a150 5 bytes JMP 000007fffd560110
.text  C:\Windows\system32\wbem\unsecapp.exe[6060] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                                                   000007fefefa7490 11 bytes JMP 000007fffd560228
.text  C:\Windows\system32\wbem\unsecapp.exe[6060] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                                                                  000007fefefbbf00 7 bytes JMP 000007fffd560260
.text  C:\Windows\system32\wbem\unsecapp.exe[6060] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                             000007fefd8189e0 8 bytes JMP 000007fffd5601f0
.text  C:\Windows\system32\wbem\unsecapp.exe[6060] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                                                           000007fefd81be40 8 bytes JMP 000007fffd5601b8
.text  C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe[6480] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleW                                                              000007fefd573460 7 bytes JMP 000007fffd5600d8
.text  C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe[6480] C:\Windows\system32\KERNELBASE.dll!LoadLibraryExW                                                                000007fefd579940 6 bytes JMP 000007fffd560148
.text  C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe[6480] C:\Windows\system32\KERNELBASE.dll!FreeLibrary                                                                   000007fefd579fb0 5 bytes JMP 000007fffd560180
.text  C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe[6480] C:\Windows\system32\KERNELBASE.dll!GetModuleHandleExW                                                            000007fefd57a150 5 bytes JMP 000007fffd560110
.text  C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe[6480] C:\Windows\system32\GDI32.dll!D3DKMTQueryAdapterInfo                                                             000007fefd8189e0 8 bytes JMP 000007fffd5601f0
.text  C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe[6480] C:\Windows\system32\GDI32.dll!D3DKMTGetDisplayModeList                                                           000007fefd81be40 8 bytes JMP 000007fffd5601b8
.text  C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe[6480] C:\Windows\system32\ole32.dll!CoCreateInstance                                                                   000007fefefa7490 11 bytes JMP 000007fffd560228
.text  C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe[6480] C:\Windows\system32\ole32.dll!CoSetProxyBlanket                                                                  000007fefefbbf00 7 bytes JMP 000007fffd560260
.text  C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6328] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                                            0000000076511401 2 bytes [51, 76]
.text  C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6328] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                                              0000000076511419 2 bytes [51, 76]
.text  C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6328] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                                            0000000076511431 2 bytes [51, 76]
.text  C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6328] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                                            000000007651144a 2 bytes [51, 76]
.text  ...                                                                                                                                                                                          * 9
.text  C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6328] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                                               00000000765114dd 2 bytes [51, 76]
.text  C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6328] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                                        00000000765114f5 2 bytes [51, 76]
.text  C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6328] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                                               000000007651150d 2 bytes [51, 76]
.text  C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6328] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                                        0000000076511525 2 bytes [51, 76]
.text  C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6328] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                                              000000007651153d 2 bytes [51, 76]
.text  C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6328] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                                   0000000076511555 2 bytes [51, 76]
.text  C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6328] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                                            000000007651156d 2 bytes [51, 76]
.text  C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6328] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                                              0000000076511585 2 bytes [51, 76]
.text  C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6328] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                                 000000007651159d 2 bytes [51, 76]
.text  C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6328] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                                              00000000765115b5 2 bytes [51, 76]
.text  C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6328] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                                            00000000765115cd 2 bytes [51, 76]
.text  C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6328] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                                        00000000765116b2 2 bytes [51, 76]
.text  C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe[6328] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                                        00000000765116bd 2 bytes [51, 76]
.text  C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[7048] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                                                                0000000074cc1429 5 bytes JMP 00000001701a1eb0
.text  C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[7048] C:\Windows\syswow64\kernel32.dll!RegSetValueExA + 6                                                                            0000000074cc142f 1 byte INT3
.text  C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[7048] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                                                       0000000074cdb223 5 bytes JMP 00000001701a1dc0
.text  C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[7048] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                                                       0000000074d588f4 7 bytes JMP 00000001701a1db0
.text  C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[7048] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                                                       0000000074d58979 5 bytes JMP 00000001701a1ea0
.text  C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[7048] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                                                         0000000074d58ccf 5 bytes JMP 00000001701a1e30
.text  C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[7048] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                                            0000000074fd1d1b 5 bytes JMP 00000001701a24b0
.text  C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[7048] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                                          0000000074fd1dc9 5 bytes JMP 00000001701a2510
.text  C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[7048] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                              0000000074fd2aa4 5 bytes JMP 00000001701a2580
.text  C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[7048] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                                 0000000074fd2d0a 5 bytes JMP 00000001701a26e0
.text  C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[7048] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                                         000000007490e9a2 5 bytes JMP 00000001701a1a10
.text  C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[7048] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                                           000000007490ebdc 5 bytes JMP 00000001701a1aa0
.text  C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[7048] C:\Windows\syswow64\ole32.dll!CoSetProxyBlanket                                                                                00000000750f5ea5 5 bytes JMP 00000001701a1d00
.text  C:\Program Files (x86)\Intel\Bluetooth\BTPlayerCtrl.exe[7048] C:\Windows\syswow64\ole32.dll!CoCreateInstance                                                                                 0000000075129d0b 5 bytes JMP 00000001701a1c80
.text  C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17                                                           0000000076511401 2 bytes [51, 76]
.text  C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17                                                             0000000076511419 2 bytes [51, 76]
.text  C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17                                                           0000000076511431 2 bytes [51, 76]
.text  C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42                                                           000000007651144a 2 bytes [51, 76]
.text  ...                                                                                                                                                                                          * 9
.text  C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17                                                              00000000765114dd 2 bytes [51, 76]
.text  C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17                                                       00000000765114f5 2 bytes [51, 76]
.text  C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17                                                              000000007651150d 2 bytes [51, 76]
.text  C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17                                                       0000000076511525 2 bytes [51, 76]
.text  C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17                                                             000000007651153d 2 bytes [51, 76]
.text  C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17                                                                  0000000076511555 2 bytes [51, 76]
.text  C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17                                                           000000007651156d 2 bytes [51, 76]
.text  C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17                                                             0000000076511585 2 bytes [51, 76]
.text  C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17                                                                000000007651159d 2 bytes [51, 76]
.text  C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17                                                             00000000765115b5 2 bytes [51, 76]
.text  C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17                                                           00000000765115cd 2 bytes [51, 76]
.text  C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20                                                       00000000765116b2 2 bytes [51, 76]
.text  C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe[5464] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31                                                       00000000765116bd 2 bytes [51, 76]
.text  C:\Users\Frank\Desktop\gmer_2.0.18454.exe[1808] C:\Windows\syswow64\kernel32.dll!RegSetValueExA                                                                                              0000000074cc1429 5 bytes JMP 00000001701a1eb0
.text  C:\Users\Frank\Desktop\gmer_2.0.18454.exe[1808] C:\Windows\syswow64\kernel32.dll!RegSetValueExA + 6                                                                                          0000000074cc142f 1 byte INT3
.text  C:\Users\Frank\Desktop\gmer_2.0.18454.exe[1808] C:\Windows\syswow64\kernel32.dll!K32GetModuleFileNameExW                                                                                     0000000074cdb223 5 bytes JMP 00000001701a1dc0
.text  C:\Users\Frank\Desktop\gmer_2.0.18454.exe[1808] C:\Windows\syswow64\kernel32.dll!K32EnumProcessModulesEx                                                                                     0000000074d588f4 7 bytes JMP 00000001701a1db0
.text  C:\Users\Frank\Desktop\gmer_2.0.18454.exe[1808] C:\Windows\syswow64\kernel32.dll!K32GetModuleInformation                                                                                     0000000074d58979 5 bytes JMP 00000001701a1ea0
.text  C:\Users\Frank\Desktop\gmer_2.0.18454.exe[1808] C:\Windows\syswow64\kernel32.dll!K32GetMappedFileNameW                                                                                       0000000074d58ccf 5 bytes JMP 00000001701a1e30
.text  C:\Users\Frank\Desktop\gmer_2.0.18454.exe[1808] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleW                                                                                          0000000074fd1d1b 5 bytes JMP 00000001701a24b0
.text  C:\Users\Frank\Desktop\gmer_2.0.18454.exe[1808] C:\Windows\syswow64\KERNELBASE.dll!GetModuleHandleExW                                                                                        0000000074fd1dc9 5 bytes JMP 00000001701a2510
.text  C:\Users\Frank\Desktop\gmer_2.0.18454.exe[1808] C:\Windows\syswow64\KERNELBASE.dll!LoadLibraryExW                                                                                            0000000074fd2aa4 5 bytes JMP 00000001701a2580
.text  C:\Users\Frank\Desktop\gmer_2.0.18454.exe[1808] C:\Windows\syswow64\KERNELBASE.dll!FreeLibrary                                                                                               0000000074fd2d0a 5 bytes JMP 00000001701a26e0
.text  C:\Users\Frank\Desktop\gmer_2.0.18454.exe[1808] C:\Windows\syswow64\GDI32.dll!D3DKMTGetDisplayModeList                                                                                       000000007490e9a2 5 bytes JMP 00000001701a1a10
.text  C:\Users\Frank\Desktop\gmer_2.0.18454.exe[1808] C:\Windows\syswow64\GDI32.dll!D3DKMTQueryAdapterInfo                                                                                         000000007490ebdc 5 bytes JMP 00000001701a1aa0

---- User IAT/EAT - GMER 2.0 ----

IAT    C:\Windows\system32\winlogon.exe[944] @ C:\Windows\system32\uxtheme.dll[KERNEL32.dll!GetProcAddress]                                                                                         [7fefad72960] c:\windows\system32\uxtuneup.dll
IAT    C:\Windows\system32\winlogon.exe[944] @ C:\Windows\system32\uxtheme.dll[KERNEL32.dll!ReadFile]                                                                                               [7fefad72840] c:\windows\system32\uxtuneup.dll
IAT    C:\Windows\system32\winlogon.exe[944] @ C:\Windows\system32\themeservice.dll[KERNEL32.dll!GetProcAddress]                                                                                    [7fefad72960] c:\windows\system32\uxtuneup.dll
IAT    C:\Windows\system32\winlogon.exe[944] @ C:\Windows\system32\themeservice.dll[KERNEL32.dll!ReadFile]                                                                                          [7fefad72840] c:\windows\system32\uxtuneup.dll
IAT    C:\Windows\system32\svchost.exe[1216] @ c:\windows\system32\themeservice.dll[KERNEL32.dll!GetProcAddress]                                                                                    [7fefad72960] c:\windows\system32\uxtuneup.dll
IAT    C:\Windows\system32\svchost.exe[1216] @ c:\windows\system32\themeservice.dll[KERNEL32.dll!ReadFile]                                                                                          [7fefad72840] c:\windows\system32\uxtuneup.dll
IAT    C:\Windows\system32\svchost.exe[1216] @ C:\Windows\system32\uxtheme.dll[KERNEL32.dll!GetProcAddress]                                                                                         [7fefad72960] c:\windows\system32\uxtuneup.dll
IAT    C:\Windows\system32\svchost.exe[1216] @ C:\Windows\system32\uxtheme.dll[KERNEL32.dll!ReadFile]                                                                                               [7fefad72840] c:\windows\system32\uxtuneup.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[sqmapi.dll!SqmGetSession]                              [7fef5cf1c00] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[sqmapi.dll!SqmStartSession]                            [7fef5cf6544] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[sqmapi.dll!SqmEndSession]                              [7fef5cf5e30] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[sqmapi.dll!SqmSetAppVersion]                           [7fef5cf7064] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[sqmapi.dll!SqmSetAppId]                                [7fef5cf2750] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[sqmapi.dll!SqmSetMachineId]                            [7fef5cf2b98] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[sqmapi.dll!SqmSetUserId]                               [7fef5cf2c90] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[sqmapi.dll!SqmWriteSharedMachineId]                    [7fef5cf7de0] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[sqmapi.dll!SqmWaitForUploadComplete]                   [7fef5cf86fc] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[sqmapi.dll!SqmStartUpload]                             [7fef5cf81d8] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[sqmapi.dll!SqmCreateNewId]                             [7fef5cf8130] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[sqmapi.dll!SqmWriteSharedUserId]                       [7fef5cf7fcc] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[sqmapi.dll!SqmAddToStreamDWord]                        [7fef5cf77bc] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[sqmapi.dll!SqmSet]                                     [7fef5cf2878] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[sqmapi.dll!SqmSetBool]                                 [7fef5cf6830] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[sqmapi.dll!SqmIncrement]                               [7fef5cf6c48] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[sqmapi.dll!SqmReadSharedUserId]                        [7fef5cf22c8] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[sqmapi.dll!SqmReadSharedMachineId]                     [7fef5cf1908] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll[sqmapi.dll!SqmSetMachineId]                           [7fef5cf2b98] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll[sqmapi.dll!SqmIncrement]                              [7fef5cf6c48] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll[sqmapi.dll!SqmGetSession]                             [7fef5cf1c00] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll[sqmapi.dll!SqmStartSession]                           [7fef5cf6544] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll[sqmapi.dll!SqmEndSession]                             [7fef5cf5e30] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll[sqmapi.dll!SqmSetAppVersion]                          [7fef5cf7064] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll[sqmapi.dll!SqmSetUserId]                              [7fef5cf2c90] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll[sqmapi.dll!SqmReadSharedMachineId]                    [7fef5cf1908] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll[sqmapi.dll!SqmReadSharedUserId]                       [7fef5cf22c8] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll[sqmapi.dll!SqmWriteSharedMachineId]                   [7fef5cf7de0] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll[sqmapi.dll!SqmWriteSharedUserId]                      [7fef5cf7fcc] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll[sqmapi.dll!SqmCreateNewId]                            [7fef5cf8130] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll[sqmapi.dll!SqmStartUpload]                            [7fef5cf81d8] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe[3056] @ C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll[sqmapi.dll!SqmSetAppId]                               [7fef5cf2750] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[sqmapi.dll!SqmGetSession]                            [7fef5cf1c00] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[sqmapi.dll!SqmStartSession]                          [7fef5cf6544] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[sqmapi.dll!SqmEndSession]                            [7fef5cf5e30] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[sqmapi.dll!SqmSetAppVersion]                         [7fef5cf7064] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[sqmapi.dll!SqmSetAppId]                              [7fef5cf2750] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[sqmapi.dll!SqmSetMachineId]                          [7fef5cf2b98] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[sqmapi.dll!SqmSetUserId]                             [7fef5cf2c90] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[sqmapi.dll!SqmReadSharedMachineId]                   [7fef5cf1908] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[sqmapi.dll!SqmReadSharedUserId]                      [7fef5cf22c8] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[sqmapi.dll!SqmWriteSharedMachineId]                  [7fef5cf7de0] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[sqmapi.dll!SqmWriteSharedUserId]                     [7fef5cf7fcc] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[sqmapi.dll!SqmCreateNewId]                           [7fef5cf8130] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[sqmapi.dll!SqmStartUpload]                           [7fef5cf81d8] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[sqmapi.dll!SqmAddToStreamString]                     [7fef5cf7a5c] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[sqmapi.dll!SqmSetBool]                               [7fef5cf6830] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[sqmapi.dll!SqmSet]                                   [7fef5cf2878] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[sqmapi.dll!SqmAddToStreamDWord]                      [7fef5cf77bc] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[sqmapi.dll!SqmIncrement]                             [7fef5cf6c48] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[sqmapi.dll!SqmWaitForUploadComplete]                 [7fef5cf86fc] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll[sqmapi.dll!SqmSetMachineId]                          [7fef5cf2b98] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll[sqmapi.dll!SqmIncrement]                             [7fef5cf6c48] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll[sqmapi.dll!SqmGetSession]                            [7fef5cf1c00] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll[sqmapi.dll!SqmStartSession]                          [7fef5cf6544] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll[sqmapi.dll!SqmEndSession]                            [7fef5cf5e30] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll[sqmapi.dll!SqmSetAppVersion]                         [7fef5cf7064] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll[sqmapi.dll!SqmSetUserId]                             [7fef5cf2c90] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll[sqmapi.dll!SqmReadSharedMachineId]                   [7fef5cf1908] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll[sqmapi.dll!SqmReadSharedUserId]                      [7fef5cf22c8] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll[sqmapi.dll!SqmWriteSharedMachineId]                  [7fef5cf7de0] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll[sqmapi.dll!SqmWriteSharedUserId]                     [7fef5cf7fcc] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll[sqmapi.dll!SqmCreateNewId]                           [7fef5cf8130] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll[sqmapi.dll!SqmStartUpload]                           [7fef5cf81d8] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe[1212] @ C:\Program Files\Microsoft Mouse and Keyboard Center\dpgcmd.dll[sqmapi.dll!SqmSetAppId]                              [7fef5cf2750] C:\Program Files\Microsoft Mouse and Keyboard Center\sqmapi.dll
IAT    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[4744] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmSetAppId]              [7fef4062750] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[4744] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmSetMachineId]          [7fef4062b98] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[4744] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmWriteSharedMachineId]  [7fef4067de0] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[4744] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmCreateNewId]           [7fef4068130] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[4744] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmReadSharedMachineId]   [7fef4061908] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[4744] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmGetSession]            [7fef4061c00] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[4744] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmStartUpload]           [7fef40681d8] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[4744] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmSet]                   [7fef4062878] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[4744] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmAddToStreamString]     [7fef4067a5c] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[4744] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmIncrement]             [7fef4066c48] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[4744] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmAddToStreamDWord]      [7fef40677bc] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[4744] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmSetAppVersion]         [7fef4067064] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[4744] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmStartSession]          [7fef4066544] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
IAT    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[4744] @ C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE[sqmapi.dll!SqmEndSession]            [7fef4065e30] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll

---- Registry - GMER 2.0 ----

Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0025d3b2962e                                                                                                                  
Reg    HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ac72891c556f                                                                                                                  
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0025d3b2962e (not active ControlSet)                                                                                              
Reg    HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\ac72891c556f (not active ControlSet)                                                                                              

---- EOF - GMER 2.0 ----
         

Alt 05.02.2013, 14:44   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Arbeitsstationsdienst lässt sich nicht starten! - Standard

Arbeitsstationsdienst lässt sich nicht starten!



Was ist mit der Erklärung zu dieser besagten Datei?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 05.02.2013, 14:47   #9
FRANKY93
 
Arbeitsstationsdienst lässt sich nicht starten! - Standard

Arbeitsstationsdienst lässt sich nicht starten!



aswMBR

Code:
ATTFilter
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-05 14:43:49
-----------------------------
14:43:49.825    OS Version: Windows x64 6.1.7601 Service Pack 1
14:43:49.825    Number of processors: 8 586 0x2A07
14:43:49.825    ComputerName: FRANK-PC  UserName: Frank
14:43:50.962    Initialze error C000010E - driver not loaded
14:43:57.573    AVAST engine defs: 13020500
14:43:59.445    Service scanning
14:44:32.152    Modules scanning
14:44:32.152    Disk 0 trace - called modules:
14:44:32.162    
14:44:42.452    The log file has been saved successfully to "C:\Users\Frank\Desktop\aswMBR.txt"
         

Unbedeutende Datei, weiss die Quelle nicht mehr - wurde auch erst heuntergeladen, nachdem meine Probleme entstanden sind.

Alt 05.02.2013, 14:58   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Arbeitsstationsdienst lässt sich nicht starten! - Standard

Arbeitsstationsdienst lässt sich nicht starten!



aswMBR wurde falsch gemacht, bitte richtig wiederholen

Zitat:
Unbedeutende Datei, weiss die Quelle nicht mehr - wurde auch erst heuntergeladen, nachdem meine Probleme entstanden sind.
Und du glaubst sowas wie ein Hack sei egal und dabei nochmal gleich mit dem Satz darauf weiter verharmlos, dass die Datei ja angeblich vor der Infektion schon ja da war?
Bitte erklär was für eine Datei das sein soll und welchen Zweck sie erfüllt.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 05.02.2013, 18:15   #11
FRANKY93
 
Arbeitsstationsdienst lässt sich nicht starten! - Standard

Arbeitsstationsdienst lässt sich nicht starten!



Wenn ich "AV-scan" (none) setzte kommt das raus was ich gepostet habe.
Steht er auf Quick-scan kommt immer "avast! Antirootkit funktioniert nicht mehr"

-> Die letzten zwei Zeilen im DOS-Fenster:

File: C:\Windows\system32\xptz7cb2.tsp **INFECTED** Win32:Malware-gen M
C: Windows\assembly\GAC_MSIL\Microsoft.VisualStudios.Tools.Applications.S (Weiter kann ich nicht lesen)

Ich habe angefangen ein Rollenspiel zu spielen und war drauf und dran zu cheaten, habe micht dann aber entschieden es doch nicht zu machen, weil cheaten ne echt uncoole Sache ist - jetzt spiele ich das Spiel lieber so wie es richtig ist.
Die Datei existiert allerdings tatsächlich erst, nachdem ich diese Probleme habe!

Alt 06.02.2013, 10:46   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Arbeitsstationsdienst lässt sich nicht starten! - Standard

Arbeitsstationsdienst lässt sich nicht starten!



Dann bitte jetzt CF ausführen:

ComboFix

Ein Leitfaden und Tutorium zur Nutzung von ComboFix
  • Schliesse alle Programme, vor allem dein Antivirenprogramm und andere Hintergrundwächter sowie deinen Internetbrowser.
  • Starte combofix.exe von deinem Desktop aus, bestätige die Warnmeldungen, führe die Updates durch (falls vorgeschlagen), installiere die Wiederherstellungskonsole (falls vorgeschlagen) und lass dein System durchsuchen.
    Vermeide es auch während Combofix läuft die Maus und Tastatur zu benutzen.
  • Im Anschluss öffnet sich automatisch eine combofix.txt, diesen Inhalt bitte kopieren ([Strg]a, [Strg]c) und in deinen Beitrag einfügen ([Strg]v). Die Datei findest du außerdem unter: C:\ComboFix.txt.
Wichtiger Hinweis:
Combofix darf ausschließlich ausgeführt werden, wenn ein Kompetenzler dies ausdrücklich empfohlen hat!

Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich ziehen und eine Bereinigung der Infektion noch erschweren.

Solltest du nach der Ausführung von Combofix Probleme beim Starten von Anwendungen haben und Meldungen erhalten wie

Zitat:
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
startest du Windows dann manuell neu und die Fehlermeldungen sollten nicht mehr auftauchen.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 06.02.2013, 13:52   #13
FRANKY93
 
Arbeitsstationsdienst lässt sich nicht starten! - Standard

Arbeitsstationsdienst lässt sich nicht starten!



Code:
ATTFilter
ity *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E}
SP: Emsisoft Anti-Malware *Enabled/Updated* {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
SP: Kaspersky Internet Security *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\programdata\mazuki.dll
c:\programdata\ntuser.dat
c:\programdata\Roaming
c:\users\Frank\Documents\~WRL0522.tmp
c:\users\Frank\Documents\~WRL3026.tmp
c:\windows\msvcr71.dll
c:\windows\SysWow64\muzapp.exe
c:\windows\wininit.ini
.
.
(((((((((((((((((((((((   Dateien erstellt von 2013-01-06 bis 2013-02-06  ))))))))))))))))))))))))))))))
.
.
2013-02-06 12:33 . 2013-02-06 12:33	--------	d-----w-	c:\users\Default\AppData\Local\temp
2013-02-05 11:01 . 2013-01-08 05:32	9161176	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{FD9D20CF-00BC-4A22-8739-A2D4E8570483}\mpengine.dll
2013-02-04 21:24 . 2012-08-21 12:01	33240	----a-w-	c:\windows\system32\drivers\GEARAspiWDM.sys
2013-02-04 21:23 . 2013-02-04 21:23	--------	d-----w-	c:\program files\iPod
2013-02-04 21:23 . 2013-02-04 21:24	--------	d-----w-	c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-02-04 21:23 . 2013-02-04 21:24	--------	d-----w-	c:\program files\iTunes
2013-02-04 21:23 . 2013-02-04 21:23	--------	d-----w-	c:\program files (x86)\iTunes
2013-02-04 07:11 . 2013-02-04 13:02	--------	d-----w-	c:\programdata\SecTaskMan
2013-02-04 07:10 . 2013-02-04 13:02	--------	d-----w-	c:\program files (x86)\Security Task Manager
2013-02-03 20:32 . 2013-02-03 20:32	--------	d-----w-	c:\users\Frank\AppData\Local\Chromium
2013-02-03 18:28 . 2013-02-06 12:14	--------	d-----w-	c:\program files (x86)\Emsisoft Anti-Malware
2013-02-03 17:48 . 2013-02-03 17:48	--------	d-----w-	C:\found.000
2013-02-03 14:33 . 2013-02-03 14:33	--------	d-----w-	c:\users\Frank\AppData\Roaming\Malwarebytes
2013-02-03 14:33 . 2013-02-03 14:33	--------	d-----w-	c:\programdata\Malwarebytes
2013-02-03 14:33 . 2013-02-03 14:33	--------	d-----w-	c:\program files (x86)\Malwarebytes' Anti-Malware
2013-02-03 14:33 . 2012-12-14 15:49	24176	----a-w-	c:\windows\system32\drivers\mbam.sys
2013-02-03 14:25 . 2013-02-03 14:25	--------	d-----w-	C:\PPF_Scan1
2013-02-03 13:50 . 2013-02-03 13:54	--------	d-----w-	c:\programdata\Kaspersky Lab Setup Files
2013-02-03 13:30 . 2012-07-11 16:09	64856	----a-w-	c:\windows\system32\klfphc.dll
2013-02-03 13:29 . 2013-02-03 13:29	--------	d-----w-	c:\windows\ELAMBKUP
2013-02-03 13:29 . 2013-02-06 12:34	--------	d-----w-	c:\programdata\Kaspersky Lab
2013-02-03 13:29 . 2013-02-03 13:29	--------	d-----w-	c:\program files (x86)\Kaspersky Lab
2013-02-03 13:29 . 2012-10-25 11:42	611160	----a-w-	c:\windows\system32\drivers\klif.sys
2013-02-03 13:29 . 2012-08-13 17:24	89432	----a-w-	c:\windows\system32\drivers\klflt.sys
2013-02-03 09:29 . 2013-02-03 09:30	8282192	----a-w-	c:\programdata\Microsoft\BingBar\BBSvc\7.1.391.0oemBingBarSetup-Partner.EXE
2013-02-03 08:29 . 2012-11-29 15:06	37216	----a-w-	c:\windows\system32\uxtuneup.dll
2013-02-03 08:29 . 2012-11-29 15:06	29536	----a-w-	c:\windows\SysWow64\uxtuneup.dll
2013-02-03 08:27 . 2012-11-29 15:06	34656	----a-w-	c:\windows\system32\TURegOpt.exe
2013-02-03 08:26 . 2012-11-29 15:06	25952	----a-w-	c:\windows\system32\authuitu.dll
2013-02-03 08:26 . 2012-11-29 15:06	21344	----a-w-	c:\windows\SysWow64\authuitu.dll
2013-02-03 08:26 . 2013-02-03 08:26	--------	d-----w-	c:\users\Frank\AppData\Roaming\TuneUp Software
2013-02-03 08:26 . 2013-02-04 13:03	--------	d-----w-	c:\program files (x86)\TuneUp Utilities 2013
2013-02-03 08:26 . 2013-02-04 13:02	--------	d-----w-	c:\programdata\TuneUp Software
2013-02-03 08:26 . 2013-02-03 09:00	--------	d-sh--w-	c:\programdata\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-02-03 08:26 . 2013-02-03 08:26	--------	d--h--w-	c:\programdata\Common Files
2013-02-03 08:26 . 2013-02-03 08:26	--------	d-----w-	c:\program files (x86)\Cheat Engine 6.2
2013-02-03 08:26 . 2013-02-03 08:26	--------	d-----w-	c:\users\Frank\AppData\Roaming\OpenCandy
2013-02-02 17:09 . 2013-02-02 17:09	--------	d-----w-	c:\users\Frank\AppData\Local\Gameforge4d
2013-02-02 17:08 . 2013-02-02 17:13	--------	d-----w-	c:\program files (x86)\GameforgeLive
2013-02-02 17:08 . 2013-02-02 17:08	--------	d-----w-	c:\users\Frank\AppData\Local\Programs
2013-01-27 16:46 . 2013-01-27 16:47	--------	d-----w-	c:\program files\Microsoft Mouse and Keyboard Center
2013-01-27 02:16 . 2013-01-27 02:16	5113072	----a-w-	c:\windows\uninst.exe
2013-01-27 02:16 . 2013-01-27 02:17	--------	d-----w-	c:\programdata\PC1Data
2013-01-26 19:17 . 2013-01-26 19:16	859552	----a-w-	c:\windows\SysWow64\npDeployJava1.dll
2013-01-26 19:16 . 2013-01-26 19:16	95648	----a-w-	c:\windows\SysWow64\WindowsAccessBridge-32.dll
2013-01-26 12:07 . 2013-01-26 12:07	308640	----a-w-	c:\windows\system32\javaws.exe
2013-01-26 12:07 . 2013-01-26 12:07	188832	----a-w-	c:\windows\system32\javaw.exe
2013-01-26 12:07 . 2013-01-26 12:07	188832	----a-w-	c:\windows\system32\java.exe
2013-01-26 12:07 . 2013-01-26 12:07	108448	----a-w-	c:\windows\system32\WindowsAccessBridge-64.dll
2013-01-26 12:07 . 2013-01-26 18:31	--------	d-----w-	c:\program files\Java
2013-01-26 10:56 . 2009-03-18 15:35	33856	---ha-w-	c:\windows\system32\hamachi.sys
2013-01-26 10:56 . 2013-01-26 10:56	--------	d-----w-	c:\program files (x86)\LogMeIn Hamachi
2013-01-26 10:55 . 2013-02-04 13:02	--------	d-----w-	c:\users\Frank\AppData\Local\LogMeIn Hamachi
2013-01-25 12:24 . 2013-01-27 12:02	--------	d-----w-	c:\users\Frank\AppData\Roaming\.minecraft
2013-01-10 23:03 . 2013-01-10 23:03	0	----a-w-	c:\windows\SysWow64\shoA483.tmp
2013-01-09 16:09 . 2012-11-09 05:45	750592	----a-w-	c:\windows\system32\win32spl.dll
2013-01-09 16:09 . 2012-11-09 04:43	492032	----a-w-	c:\windows\SysWow64\win32spl.dll
2013-01-09 16:07 . 2012-11-23 03:13	68608	----a-w-	c:\windows\system32\taskhost.exe
2013-01-09 16:07 . 2012-11-23 03:26	3149824	----a-w-	c:\windows\system32\win32k.sys
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-02-06 09:52 . 2011-10-12 18:18	45056	----a-w-	c:\windows\SysWow64\acovcnt.exe
2013-01-26 19:16 . 2011-12-14 13:31	780192	----a-w-	c:\windows\SysWow64\deployJava1.dll
2013-01-26 12:07 . 2012-11-11 17:08	960416	----a-w-	c:\windows\system32\deployJava1.dll
2013-01-26 12:07 . 2012-11-11 17:08	1081760	----a-w-	c:\windows\system32\npDeployJava1.dll
2013-01-17 00:28 . 2011-12-10 16:29	273840	------w-	c:\windows\system32\MpSigStub.exe
2013-01-09 22:19 . 2011-12-13 16:47	67599240	----a-w-	c:\windows\system32\MRT.exe
2013-01-09 16:47 . 2012-04-15 09:18	697864	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2013-01-09 16:47 . 2012-01-02 23:32	74248	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-01-03 16:31 . 2011-12-12 00:13	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup-2\markup.dll
2013-01-03 16:30 . 2011-12-12 00:12	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM-2\StartResources.dll
2013-01-03 16:30 . 2011-12-15 08:58	1236816	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight-2\SpotlightResources.dll
2012-12-16 17:11 . 2012-12-22 19:59	46080	----a-w-	c:\windows\system32\atmlib.dll
2012-12-16 14:45 . 2012-12-22 19:59	367616	----a-w-	c:\windows\system32\atmfd.dll
2012-12-16 14:13 . 2012-12-22 19:59	295424	----a-w-	c:\windows\SysWow64\atmfd.dll
2012-12-16 14:13 . 2012-12-22 19:59	34304	----a-w-	c:\windows\SysWow64\atmlib.dll
2012-12-02 17:03 . 2011-12-10 13:26	893552	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll
2012-12-02 17:03 . 2011-12-10 13:26	42776	----a-w-	c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll
2012-11-30 04:45 . 2013-01-09 16:08	44032	----a-w-	c:\windows\apppatch\acwow64.dll
2012-11-28 21:35 . 2012-11-28 21:35	0	----a-w-	c:\windows\SysWow64\shoB259.tmp
2012-11-14 22:48 . 2012-11-14 22:48	0	----a-w-	c:\windows\SysWow64\sho6556.tmp
2012-11-14 07:06 . 2012-12-12 22:28	17811968	----a-w-	c:\windows\system32\mshtml.dll
2012-11-14 06:32 . 2012-12-12 22:28	10925568	----a-w-	c:\windows\system32\ieframe.dll
2012-11-14 06:11 . 2012-12-12 22:28	2312704	----a-w-	c:\windows\system32\jscript9.dll
2012-11-14 06:04 . 2012-12-12 22:28	1346048	----a-w-	c:\windows\system32\urlmon.dll
2012-11-14 06:04 . 2012-12-12 22:28	1392128	----a-w-	c:\windows\system32\wininet.dll
2012-11-14 06:02 . 2012-12-12 22:28	1494528	----a-w-	c:\windows\system32\inetcpl.cpl
2012-11-14 06:02 . 2012-12-12 22:28	237056	----a-w-	c:\windows\system32\url.dll
2012-11-14 05:59 . 2012-12-12 22:28	85504	----a-w-	c:\windows\system32\jsproxy.dll
2012-11-14 05:58 . 2012-12-12 22:28	816640	----a-w-	c:\windows\system32\jscript.dll
2012-11-14 05:57 . 2012-12-12 22:28	599040	----a-w-	c:\windows\system32\vbscript.dll
2012-11-14 05:57 . 2012-12-12 22:28	173056	----a-w-	c:\windows\system32\ieUnatt.exe
2012-11-14 05:55 . 2012-12-12 22:28	2144768	----a-w-	c:\windows\system32\iertutil.dll
2012-11-14 05:55 . 2012-12-12 22:28	729088	----a-w-	c:\windows\system32\msfeeds.dll
2012-11-14 05:53 . 2012-12-12 22:29	96768	----a-w-	c:\windows\system32\mshtmled.dll
2012-11-14 05:52 . 2012-12-12 22:29	2382848	----a-w-	c:\windows\system32\mshtml.tlb
2012-11-14 05:46 . 2012-12-12 22:28	248320	----a-w-	c:\windows\system32\ieui.dll
2012-11-14 02:09 . 2012-12-12 22:28	1800704	----a-w-	c:\windows\SysWow64\jscript9.dll
2012-11-14 01:58 . 2012-12-12 22:28	1427968	----a-w-	c:\windows\SysWow64\inetcpl.cpl
2012-11-14 01:57 . 2012-12-12 22:28	1129472	----a-w-	c:\windows\SysWow64\wininet.dll
2012-11-14 01:49 . 2012-12-12 22:28	142848	----a-w-	c:\windows\SysWow64\ieUnatt.exe
2012-11-14 01:48 . 2012-12-12 22:29	420864	----a-w-	c:\windows\SysWow64\vbscript.dll
2012-11-14 01:44 . 2012-12-12 22:29	2382848	----a-w-	c:\windows\SysWow64\mshtml.tlb
2012-11-09 05:45 . 2012-12-12 13:43	2048	----a-w-	c:\windows\system32\tzres.dll
2012-11-09 04:42 . 2012-12-12 13:43	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2006-05-03 10:06	163328	--sha-r-	c:\windows\SysWOW64\flvDX.dll
2007-02-21 11:47	31232	--sha-r-	c:\windows\SysWOW64\msfDX.dll
2008-03-16 13:30	216064	--sha-r-	c:\windows\SysWOW64\nbDX.dll
2010-01-06 22:00	107520	--sha-r-	c:\windows\SysWOW64\TAKDSDecoder.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{62d40876-df18-411f-9d34-a9dd7a197bc5}"= "c:\program files (x86)\BrotherSoft_Extreme3\prxtbBrot.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{62d40876-df18-411f-9d34-a9dd7a197bc5}]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{62d40876-df18-411f-9d34-a9dd7a197bc5}]
2011-05-09 09:49	176936	----a-w-	c:\program files (x86)\BrotherSoft_Extreme3\prxtbBrot.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{62d40876-df18-411f-9d34-a9dd7a197bc5}"= "c:\program files (x86)\BrotherSoft_Extreme3\prxtbBrot.dll" [2011-05-09 176936]
.
[HKEY_CLASSES_ROOT\clsid\{62d40876-df18-411f-9d34-a9dd7a197bc5}]
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Syncables"="c:\program files (x86)\syncables\syncables desktop\Syncables.exe" [2010-07-19 370480]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-08-07 960440]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-08-07 21432]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2011-04-13 2018032]
"ASUSWebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-02-23 731472]
"SonicMasterTray"="c:\program files (x86)\ASUS\SonicMaster\SonicMasterTray.exe" [2010-07-10 984400]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2010-08-17 5732992]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"RemoteControl10"="c:\program files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe" [2010-02-03 87336]
"BDRegion"="c:\program files (x86)\Cyberlink\Shared files\brs.exe" [2010-11-12 75048]
"UpdatePSTShortCut"="c:\program files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe" [2010-11-24 222504]
"UpdateLBPShortCut"="c:\program files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"Wireless Console 3"="c:\program files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2010-09-23 1601536]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-08-07 3524536]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-12-10 2254768]
"AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe" [2012-08-17 218880]
"emsisoft anti-malware"="c:\program files (x86)\Emsisoft Anti-Malware\a2guard.exe" [2013-01-30 3365288]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-12-12 152544]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
c:\users\Frank\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Intel(R) Turbo Boost Technology Monitor 2.0.lnk - c:\program files\Intel\TurboBoost\SignalIslandUi.exe [2010-11-29 204288]
OpenOffice.org 3.4.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2012-8-13 1199104]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AsusVibeLauncher.lnk - c:\program files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe [2011-4-13 549040]
FancyStart daemon.lnk - c:\windows\Installer\{2B81872B-A054-48DA-BE3B-FA5C164C303A}\_94E3CE3704FE82FBF49A6A.exe [2011-12-9 12862]
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Nuance PDF Reader-reminder"="c:\program files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "c:\programdata\Nuance\PDF Reader\Ereg\Ereg.ini"
"DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe"
"HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R3 AMPPALP;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Protocol;c:\windows\system32\DRIVERS\amppal.sys [2011-04-21 294912]
R3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.SYS [2011-03-18 74840]
R3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe [2012-06-11 240208]
R3 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [2011-03-30 1321296]
R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-07-28 52584]
R3 DfSdkS;Defragmentation-Service;c:\program files (x86)\Ashampoo\Ashampoo WinOptimizer 8\DfsdkS64.exe [2009-08-24 544768]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-09-19 102368]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys [2009-10-21 243200]
R3 HTCAND64;HTC Device Driver;c:\windows\system32\Drivers\ANDROIDUSB.sys [2009-11-02 33736]
R3 hwusbdev;Huawei DataCard USB PNP Device;c:\windows\system32\DRIVERS\ewusbdev.sys [2009-10-12 114304]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys [2011-03-24 34200]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [2011-05-02 340240]
R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]
R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\rtl8187B.sys [2010-03-31 450048]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-09-19 203104]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe [2010-11-29 149504]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-09-28 53760]
R4 AMPPALR3;Intel® Centrino® Bluetooth 3.0 + High Speed Service;c:\program files\Intel\BluetoothHS\BTHSAmpPalService.exe [2011-04-21 1136640]
R4 BTHSSecurityMgr;Intel(R) Centrino(R) Wireless Bluetooth(R) 3.0 + High Speed Security Service;c:\program files\Intel\BluetoothHS\BTHSSecurityMgr.exe [2011-04-21 134928]
R4 CLKMSVC10_38F51D56;CyberLink Product - 2011/10/12 11:23;c:\program files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [2010-11-12 241648]
R4 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2011-01-14 1839616]
R4 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]
R4 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-12-10 2465712]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe [2010-09-23 57184]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys [2011-10-15 28992]
S1 A2DDA;A2 Direct Disk Access Support Driver;c:\program files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [2011-05-19 23208]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [2010-07-26 17024]
S1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\DRIVERS\klim6.sys [2012-08-02 28504]
S1 kltdi;kltdi;c:\windows\system32\DRIVERS\kltdi.sys [2012-06-08 54104]
S1 kneps;kneps;c:\windows\system32\DRIVERS\kneps.sys [2012-08-13 178008]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys [2011-10-15 249152]
S2 a2AntiMalware;Emsisoft Anti-Malware 7.0 - Service;c:\program files (x86)\Emsisoft Anti-Malware\a2service.exe [2013-01-30 3089320]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2011-01-25 379520]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files (x86)\Common Files\InstantOn\InsOnSrv.exe [2011-06-02 64128]
S2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe [2012-06-11 193616]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [2011-03-30 923984]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [2011-03-30 1001808]
S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]
S2 Splashtop MDES;Splashtop Meta Data Export Service;c:\asus.sys\SIONExportService.exe [2011-05-10 338208]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-10-14 381248]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2012-11-29 2401632]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys [2010-11-29 16120]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-10-06 2655768]
S2 Update-Service;Update-Service;c:\windows\System32\svchost.exe [2009-07-14 27136]
S3 a2acc;a2acc;c:\program files (x86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [2012-04-30 66320]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys [2011-02-26 16768]
S3 AMPPAL;Intel(R) Centrino(R) Bluetooth 3.0 + High Speed Virtual Adapter;c:\windows\system32\DRIVERS\AMPPAL.sys [2011-04-21 294912]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys [2011-01-27 125416]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys [2011-01-27 385512]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys [2011-03-08 51712]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys [2011-03-08 274944]
S3 iBtFltCoex;iBtFltCoex;c:\windows\system32\DRIVERS\iBtFltCoex.sys [2011-03-23 59904]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys [2011-03-24 25496]
S3 klkbdflt;Kaspersky Lab KLKBDFLT;c:\windows\system32\DRIVERS\klkbdflt.sys [2012-10-25 29016]
S3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\DRIVERS\klmouflt.sys [2012-10-25 29528]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2010-08-24 76912]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]
S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]
S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]
S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]
S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [2012-09-19 11880]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
Update-Service-Installer-Service	REG_MULTI_SZ   	Update-Service-Installer-Service
Update-Service	REG_MULTI_SZ   	Update-Service
hpdevmgmt	REG_MULTI_SZ   	hpqcxs08 hpqddsvc
.
Inhalt des "geplante Tasks" Ordners
.
2013-02-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-15 16:47]
.
2013-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 02:33]
.
2013-02-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-04-13 02:33]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41	220160	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41	220160	----a-w-	c:\program files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-04-12 168216]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-04-12 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-04-12 416024]
"RtHDVBg"="c:\program files\Realtek\Audio\HDA\RAVBg64.exe" [2011-06-03 2226280]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 361984]
"IntelPAN"="c:\program files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" [2011-05-02 1935120]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshell.dll" [2011-03-30 10372368]
"IntelTBRunOnce"="wscript.exe" [2009-07-14 168960]
"IntelliType Pro"="c:\program files\Microsoft Mouse and Keyboard Center\itype.exe" [2012-11-02 1464944]
"IntelliPoint"="c:\program files\Microsoft Mouse and Keyboard Center\ipoint.exe" [2012-11-02 2076272]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost  - NetSvcs
UxTuneUp
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://asus.msn.com
mStart Page = hxxp://asus.msn.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: Interfaces\{42713A31-1749-4DB5-91DC-FE79CFCC532C}: NameServer = 193.189.244.206 193.189.244.225
TCP: Interfaces\{B023C04D-E2DD-4399-975A-9BFF60B791C9}: NameServer = 193.189.244.225 193.189.244.206
FF - ProfilePath - c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\n1tor11v.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3240727&SearchSource=3&q={searchTerms}&CUI=UN26736811875978932
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?ctid=CT3240727&SearchSource=13&CUI=UN26736811875978932
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3240727&SearchSource=2&CUI=UN26736811875978932&q=
FF - ExtSQL: 2013-02-03 09:29; {4373e9b4-0a12-4112-8e3d-36ded19ee3dd}; c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\n1tor11v.default\extensions\{4373e9b4-0a12-4112-8e3d-36ded19ee3dd}
FF - ExtSQL: 2013-02-03 14:29; anti_banner@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com
FF - ExtSQL: 2013-02-03 14:29; content_blocker@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com
FF - ExtSQL: 2013-02-03 14:29; online_banking@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com
FF - ExtSQL: 2013-02-03 14:30; url_advisor@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com
FF - ExtSQL: 2013-02-03 14:30; virtual_keyboard@kaspersky.com; c:\program files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com
FF - ExtSQL: 2013-02-03 17:48; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Frank\AppData\Roaming\Mozilla\Firefox\Profiles\n1tor11v.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: !HIDDEN! 2012-06-12 16:13; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF - user.js: browser.search.selectedEngine - Search the web
FF - user.js: browser.search.order.1 - Search the web
FF - user.js: browser.search.defaultenginename - Search the web
FF - user.js: keyword.URL - hxxp://www.browsersafesearch.com?client=mozilla-firefox&cd=UTF-8&search=1&q=
FF - user.js: privacy.item.cookies - false
FF - user.js: privacy.sanitize.promptOnSanitize - false
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Toolbar-Locked - (no file)
WebBrowser-{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
WebBrowser-{62D40876-DF18-411F-9D34-A9DD7A197BC5} - (no file)
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynAsusAcpi - c:\program files (x86)\Synaptics\SynTP\SynAsusAcpi.exe
AddRemove-Multiple Image Resizer .NET 4 - c:\programdata\{7E365CC2-534E-4C8D-B11C-02B771C3B82B}\Mir4Installer.exe
AddRemove-{3966711E-1F98-4C9F-AE0B-6AD28137FE64} - c:\programdata\{7E365CC2-534E-4C8D-B11C-02B771C3B82B}\Mir4Installer.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.download\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariDownload"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.safariextz\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariExtension"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.webarchive\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-3164768286-1964387947-1448381298-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.htm\UserChoice]
@Denied: (2) (S-1-5-21-3164768286-1964387947-1448381298-1001)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-3164768286-1964387947-1448381298-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.html\UserChoice]
@Denied: (2) (S-1-5-21-3164768286-1964387947-1448381298-1001)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-3164768286-1964387947-1448381298-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.shtml\UserChoice]
@Denied: (2) (S-1-5-21-3164768286-1964387947-1448381298-1001)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-3164768286-1964387947-1448381298-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.svg\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-3164768286-1964387947-1448381298-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xht\UserChoice]
@Denied: (2) (S-1-5-21-3164768286-1964387947-1448381298-1001)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-3164768286-1964387947-1448381298-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xhtml\UserChoice]
@Denied: (2) (S-1-5-21-3164768286-1964387947-1448381298-1001)
@Denied: (2) (LocalSystem)
"Progid"="FirefoxHTML"
.
[HKEY_USERS\S-1-5-21-3164768286-1964387947-1448381298-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.xml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="SafariHTML"
.
[HKEY_USERS\S-1-5-21-3164768286-1964387947-1448381298-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:75,2d,41,94,b1,1a,1c,a9,e3,03,48,52,1b,f8,b3,3b,9a,d1,8e,3d,e9,63,54,
   51,67,62,99,f7,c9,3c,ae,e5,33,06,d1,39,b1,9b,22,88,d7,69,ca,99,88,4c,6a,84,\
"??"=hex:41,e0,42,8c,cf,55,c7,95,2b,14,4d,f8,66,7b,0c,1b
.
[HKEY_USERS\S-1-5-21-3164768286-1964387947-1448381298-1001\Software\SecuROM\License information*]
"datasecu"=hex:38,65,82,07,89,cd,ac,e5,65,3e,dc,3e,94,28,1c,8f,b7,43,7b,5a,1f,
   01,af,b8,3e,22,8d,c6,53,2e,03,11,8b,db,51,ee,50,d3,99,eb,b8,d5,08,9a,d8,b8,\
"rkeysecu"=hex:cf,c5,f8,0c,f6,37,2a,22,f3,c1,47,d5,f7,9e,30,d6
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\ASUS\SmartLogon\smartlogon.exe
c:\program files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
c:\program files (x86)\ASUS\Splendid\ACMON.exe
c:\windows\SysWOW64\ACEngSvr.exe
c:\program files (x86)\Common Files\InstantOn\InsOnWMI.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
c:\program files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
c:\windows\AsScrPro.exe
c:\program files (x86)\CyberLink\Power2Go\CLMLSvc.exe
c:\program files (x86)\CyberLink\Shared files\RichVideo.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-02-06  13:43:07 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2013-02-06 12:43
.
Vor Suchlauf: 10 Verzeichnis(se), 63.689.859.072 Bytes frei
Nach Suchlauf: 21 Verzeichnis(se), 63.678.074.880 Bytes frei
.
- - End Of File - - 7C60CC20E5B5690813606B8DA65E9DFB
         

Alt 06.02.2013, 14:35   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Arbeitsstationsdienst lässt sich nicht starten! - Standard

Arbeitsstationsdienst lässt sich nicht starten!



Bitte nun (im normalen Windows-Modus) dieses Tool von Kaspersky (TDSS-Killer) ausführen und das Log posten Anleitung und Downloadlink hier => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehlalarm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 06.02.2013, 16:22   #15
FRANKY93
 
Arbeitsstationsdienst lässt sich nicht starten! - Standard

Arbeitsstationsdienst lässt sich nicht starten!



Code:
ATTFilter
16:17:27.0170 7380  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:17:27.0310 7380  ============================================================
16:17:27.0310 7380  Current date / time: 2013/02/06 16:17:27.0310
16:17:27.0310 7380  SystemInfo:
16:17:27.0310 7380  
16:17:27.0310 7380  OS Version: 6.1.7601 ServicePack: 1.0
16:17:27.0310 7380  Product type: Workstation
16:17:27.0310 7380  ComputerName: FRANK-PC
16:17:27.0310 7380  UserName: Frank
16:17:27.0310 7380  Windows directory: C:\Windows
16:17:27.0310 7380  System windows directory: C:\Windows
16:17:27.0310 7380  Running under WOW64
16:17:27.0310 7380  Processor architecture: Intel x64
16:17:27.0310 7380  Number of processors: 8
16:17:27.0310 7380  Page size: 0x1000
16:17:27.0310 7380  Boot type: Normal boot
16:17:27.0310 7380  ============================================================
16:17:27.0856 7380  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:17:27.0872 7380  ============================================================
16:17:27.0872 7380  \Device\Harddisk0\DR0:
16:17:27.0872 7380  MBR partitions:
16:17:27.0872 7380  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0x25BDA000
16:17:27.0903 7380  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x28DDB000, BlocksNum 0x2E76B000
16:17:27.0903 7380  ============================================================
16:17:27.0950 7380  C: <-> \Device\Harddisk0\DR0\Partition1
16:17:27.0996 7380  D: <-> \Device\Harddisk0\DR0\Partition2
16:17:27.0996 7380  ============================================================
16:17:27.0996 7380  Initialize success
16:17:27.0996 7380  ============================================================
16:18:15.0951 8160  ============================================================
16:18:15.0951 8160  Scan started
16:18:15.0951 8160  Mode: Manual; SigCheck; TDLFS; 
16:18:15.0951 8160  ============================================================
16:18:16.0310 8160  ================ Scan system memory ========================
16:18:16.0310 8160  System memory - ok
16:18:16.0310 8160  ================ Scan services =============================
16:18:17.0558 8160  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:18:17.0651 8160  1394ohci - ok
16:18:17.0792 8160  [ 2D6434E957F7CFA0035C20890F77BBC6 ] a2acc           C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys
16:18:17.0823 8160  a2acc - ok
16:18:17.0948 8160  [ 521C7DB6FA2B4DC01610B7A7D741F2BB ] a2AntiMalware   C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
16:18:18.0010 8160  a2AntiMalware - ok
16:18:18.0010 8160  [ 3044D0F3FEB9FFE8BC953D8F34B5B504 ] A2DDA           C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys
16:18:18.0026 8160  A2DDA - ok
16:18:18.0104 8160  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:18:18.0135 8160  ACPI - ok
16:18:18.0166 8160  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:18:18.0213 8160  AcpiPmi - ok
16:18:20.0069 8160  [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:18:20.0101 8160  AdobeFlashPlayerUpdateSvc - ok
16:18:20.0163 8160  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:18:20.0194 8160  adp94xx - ok
16:18:20.0241 8160  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:18:20.0257 8160  adpahci - ok
16:18:20.0272 8160  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:18:20.0288 8160  adpu320 - ok
16:18:20.0319 8160  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:18:20.0381 8160  AeLookupSvc - ok
16:18:20.0459 8160  [ 6E79A119B0CE418FE44E0C824BF3F039 ] AFBAgent        C:\Windows\system32\FBAgent.exe
16:18:20.0506 8160  AFBAgent - ok
16:18:20.0553 8160  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
16:18:20.0600 8160  AFD - ok
16:18:20.0647 8160  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
16:18:20.0678 8160  agp440 - ok
16:18:20.0709 8160  [ 14370049D8C9912EAC7603809A77C378 ] AiCharger       C:\Windows\system32\DRIVERS\AiCharger.sys
16:18:20.0740 8160  AiCharger - ok
16:18:20.0756 8160  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
16:18:20.0803 8160  ALG - ok
16:18:20.0834 8160  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:18:20.0865 8160  aliide - ok
16:18:20.0881 8160  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
16:18:20.0896 8160  amdide - ok
16:18:20.0927 8160  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:18:20.0990 8160  AmdK8 - ok
16:18:21.0021 8160  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
16:18:21.0083 8160  AmdPPM - ok
16:18:21.0115 8160  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:18:21.0161 8160  amdsata - ok
16:18:21.0193 8160  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:18:21.0224 8160  amdsbs - ok
16:18:21.0239 8160  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:18:21.0255 8160  amdxata - ok
16:18:21.0302 8160  [ 9921E78BC29634235F4BF5809E7E8CDE ] AMPPAL          C:\Windows\system32\DRIVERS\AMPPAL.sys
16:18:21.0364 8160  AMPPAL - ok
16:18:21.0395 8160  [ 9921E78BC29634235F4BF5809E7E8CDE ] AMPPALP         C:\Windows\system32\DRIVERS\amppal.sys
16:18:21.0411 8160  AMPPALP - ok
16:18:21.0520 8160  [ 83A0E7BA4AE616D3654E700D9C5FF9DB ] AMPPALR3        C:\Program Files\Intel\BluetoothHS\BTHSAmpPalService.exe
16:18:21.0551 8160  AMPPALR3 - ok
16:18:21.0661 8160  [ 92A848F962DA91C631147D566414BB7E ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS
16:18:21.0692 8160  AmUStor - ok
16:18:21.0739 8160  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
16:18:21.0848 8160  AppID - ok
16:18:21.0879 8160  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:18:21.0988 8160  AppIDSvc - ok
16:18:22.0035 8160  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
16:18:22.0097 8160  Appinfo - ok
16:18:22.0300 8160  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:18:22.0331 8160  Apple Mobile Device - ok
16:18:22.0378 8160  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
16:18:22.0409 8160  arc - ok
16:18:22.0441 8160  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:18:22.0472 8160  arcsas - ok
16:18:22.0503 8160  [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
16:18:22.0534 8160  ASLDRService - ok
16:18:22.0550 8160  [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
16:18:22.0581 8160  ASMMAP64 - ok
16:18:22.0612 8160  [ 718692FFF22D6AF47EBA0A741A924921 ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
16:18:22.0690 8160  asmthub3 - ok
16:18:22.0737 8160  [ BAD70A5AC534C108F680A33C654BC626 ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
16:18:22.0799 8160  asmtxhci - ok
16:18:22.0831 8160  [ 0CC5D45987A29D5F2806F4C344ACEA75 ] ASUS InstantOn  C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
16:18:22.0862 8160  ASUS InstantOn - ok
16:18:22.0893 8160  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:18:22.0955 8160  AsyncMac - ok
16:18:23.0049 8160  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
16:18:23.0080 8160  atapi - ok
16:18:23.0127 8160  [ 0ACC06FCF46F64ED4F11E57EE461C1F4 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
16:18:23.0221 8160  athr - ok
16:18:23.0236 8160  [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
16:18:23.0267 8160  ATKGFNEXSrv - ok
16:18:23.0314 8160  [ 1F7238A37389ED92E9D8EEE975CABD54 ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
16:18:23.0345 8160  ATKWMIACPIIO - ok
16:18:23.0392 8160  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:18:23.0470 8160  AudioEndpointBuilder - ok
16:18:23.0486 8160  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:18:23.0517 8160  AudioSrv - ok
16:18:23.0767 8160  [ F1CA8ED683D6945EFDC4492AB60B1460 ] AVP             C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe
16:18:23.0813 8160  AVP - ok
16:18:23.0876 8160  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:18:23.0954 8160  AxInstSV - ok
16:18:24.0016 8160  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:18:24.0094 8160  b06bdrv - ok
16:18:24.0141 8160  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:18:24.0203 8160  b57nd60a - ok
16:18:24.0344 8160  [ F48FEB7DA35821DA15E0B006DCB9A169 ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\BBSvc.exe
16:18:24.0375 8160  BBSvc - ok
16:18:24.0422 8160  [ 8E16F7A85441986FD2B9CE6C879524E4 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.1.391.0\SeaPort.exe
16:18:24.0453 8160  BBUpdate - ok
16:18:24.0500 8160  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:18:24.0547 8160  BDESVC - ok
16:18:24.0593 8160  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:18:24.0687 8160  Beep - ok
16:18:24.0781 8160  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
16:18:24.0859 8160  BFE - ok
16:18:24.0921 8160  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
16:18:25.0030 8160  BITS - ok
16:18:25.0077 8160  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:18:25.0124 8160  blbdrive - ok
16:18:25.0249 8160  [ 55B0C8441DE7D91A819A39D0351154A2 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
16:18:25.0280 8160  Bluetooth Device Monitor - ok
16:18:25.0327 8160  [ 7E262330DF0C4BE4ECE853B59B9CBE4C ] Bluetooth Media Service C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
16:18:25.0373 8160  Bluetooth Media Service - ok
16:18:25.0514 8160  [ 8BF4B9956E13871A88A3810074E2E110 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
16:18:25.0545 8160  Bluetooth OBEX Service - ok
16:18:25.0670 8160  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:18:25.0717 8160  Bonjour Service - ok
16:18:25.0763 8160  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:18:25.0810 8160  bowser - ok
16:18:25.0841 8160  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
16:18:25.0904 8160  BrFiltLo - ok
16:18:25.0935 8160  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
16:18:25.0966 8160  BrFiltUp - ok
16:18:26.0013 8160  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
16:18:26.0122 8160  BridgeMP - ok
16:18:26.0169 8160  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
16:18:26.0231 8160  Browser - ok
16:18:26.0263 8160  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:18:26.0341 8160  Brserid - ok
16:18:26.0356 8160  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:18:26.0419 8160  BrSerWdm - ok
16:18:26.0434 8160  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:18:26.0497 8160  BrUsbMdm - ok
16:18:26.0512 8160  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:18:26.0543 8160  BrUsbSer - ok
16:18:26.0606 8160  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
16:18:26.0715 8160  BthEnum - ok
16:18:26.0746 8160  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:18:26.0809 8160  BTHMODEM - ok
16:18:26.0840 8160  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
16:18:26.0887 8160  BthPan - ok
16:18:26.0933 8160  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
16:18:26.0996 8160  BTHPORT - ok
16:18:27.0058 8160  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
16:18:27.0121 8160  bthserv - ok
16:18:27.0152 8160  [ A5B3E8B2B78C7B3DA56A0DE490E6718C ] BTHSSecurityMgr C:\Program Files\Intel\BluetoothHS\BTHSSecurityMgr.exe
16:18:27.0167 8160  BTHSSecurityMgr - ok
16:18:27.0199 8160  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
16:18:27.0245 8160  BTHUSB - ok
16:18:27.0292 8160  [ 270FBA230E78E25726D065A924589A72 ] btmaux          C:\Windows\system32\DRIVERS\btmaux.sys
16:18:27.0339 8160  btmaux - ok
16:18:27.0386 8160  [ 0010A54571F525A97EED8C091E96EAA9 ] btmhsf          C:\Windows\system32\DRIVERS\btmhsf.sys
16:18:27.0433 8160  btmhsf - ok
16:18:27.0479 8160  catchme - ok
16:18:27.0511 8160  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:18:27.0620 8160  cdfs - ok
16:18:27.0667 8160  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:18:27.0729 8160  cdrom - ok
16:18:27.0776 8160  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
16:18:27.0885 8160  CertPropSvc - ok
16:18:27.0932 8160  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
16:18:27.0994 8160  circlass - ok
16:18:28.0025 8160  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
16:18:28.0057 8160  CLFS - ok
16:18:28.0135 8160  [ 524DC3807CB1746225F9D26ADD19C319 ] CLKMSVC10_38F51D56 C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe
16:18:28.0166 8160  CLKMSVC10_38F51D56 - ok
16:18:28.0259 8160  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:18:28.0291 8160  clr_optimization_v2.0.50727_32 - ok
16:18:28.0322 8160  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:18:28.0353 8160  clr_optimization_v2.0.50727_64 - ok
16:18:28.0431 8160  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:18:28.0462 8160  clr_optimization_v4.0.30319_32 - ok
16:18:28.0556 8160  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:18:28.0571 8160  clr_optimization_v4.0.30319_64 - ok
16:18:28.0618 8160  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:18:28.0681 8160  CmBatt - ok
16:18:28.0696 8160  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:18:28.0712 8160  cmdide - ok
16:18:28.0774 8160  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
16:18:28.0837 8160  CNG - ok
16:18:28.0883 8160  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
16:18:28.0883 8160  Compbatt - ok
16:18:28.0915 8160  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
16:18:28.0993 8160  CompositeBus - ok
16:18:28.0993 8160  COMSysApp - ok
16:18:29.0008 8160  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:18:29.0024 8160  crcdisk - ok
16:18:29.0055 8160  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:18:29.0102 8160  CryptSvc - ok
16:18:29.0195 8160  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:18:29.0227 8160  cvhsvc - ok
16:18:29.0289 8160  [ 1CA90212A99DB6975C344826D11055C9 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
16:18:29.0320 8160  dc3d - ok
16:18:29.0351 8160  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:18:29.0414 8160  DcomLaunch - ok
16:18:29.0492 8160  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
16:18:29.0585 8160  defragsvc - ok
16:18:29.0648 8160  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:18:29.0710 8160  DfsC - ok
16:18:29.0819 8160  [ D51B32BA3897F630D99713B74B40D6A2 ] DfSdkS          C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 8\DfsdkS64.exe
16:18:29.0866 8160  DfSdkS ( UnsignedFile.Multi.Generic ) - warning
16:18:29.0866 8160  DfSdkS - detected UnsignedFile.Multi.Generic (1)
16:18:29.0944 8160  [ B9430166FEB246F6070A62B3554932C9 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
16:18:29.0975 8160  dg_ssudbus - ok
16:18:30.0022 8160  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:18:30.0069 8160  Dhcp - ok
16:18:30.0100 8160  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
16:18:30.0209 8160  discache - ok
16:18:30.0225 8160  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
16:18:30.0241 8160  Disk - ok
16:18:30.0272 8160  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:18:30.0334 8160  Dnscache - ok
16:18:30.0365 8160  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:18:30.0475 8160  dot3svc - ok
16:18:30.0521 8160  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
16:18:30.0631 8160  DPS - ok
16:18:30.0662 8160  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:18:30.0724 8160  drmkaud - ok
16:18:30.0787 8160  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:18:30.0818 8160  DXGKrnl - ok
16:18:30.0865 8160  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
16:18:30.0943 8160  EapHost - ok
16:18:31.0021 8160  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:18:31.0192 8160  ebdrv - ok
16:18:31.0239 8160  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
16:18:31.0286 8160  EFS - ok
16:18:31.0411 8160  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:18:31.0457 8160  ehRecvr - ok
16:18:31.0489 8160  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
16:18:31.0535 8160  ehSched - ok
16:18:31.0613 8160  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:18:31.0645 8160  elxstor - ok
16:18:31.0676 8160  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:18:31.0723 8160  ErrDev - ok
16:18:31.0769 8160  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
16:18:31.0863 8160  EventSystem - ok
16:18:32.0003 8160  [ 54FC81B0162478A72A93DBBEAFB35671 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
16:18:32.0050 8160  EvtEng - ok
16:18:32.0144 8160  [ 477BC304201197F4057090BD60AF1739 ] ewusbnet        C:\Windows\system32\DRIVERS\ewusbnet.sys
16:18:32.0206 8160  ewusbnet - ok
16:18:32.0237 8160  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
16:18:32.0315 8160  exfat - ok
16:18:32.0362 8160  Fabs - ok
16:18:32.0409 8160  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:18:32.0518 8160  fastfat - ok
16:18:32.0581 8160  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
16:18:32.0643 8160  Fax - ok
16:18:32.0674 8160  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
16:18:32.0705 8160  fdc - ok
16:18:32.0737 8160  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
16:18:32.0799 8160  fdPHost - ok
16:18:32.0830 8160  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:18:32.0908 8160  FDResPub - ok
16:18:32.0986 8160  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:18:33.0017 8160  FileInfo - ok
16:18:33.0033 8160  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:18:33.0095 8160  Filetrace - ok
16:18:33.0189 8160  [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
16:18:33.0345 8160  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
16:18:33.0345 8160  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
16:18:33.0439 8160  [ BB0667B0171B632B97EA759515476F07 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
16:18:33.0485 8160  FLEXnet Licensing Service - ok
16:18:33.0532 8160  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
16:18:33.0579 8160  flpydisk - ok
16:18:33.0626 8160  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:18:33.0657 8160  FltMgr - ok
16:18:33.0704 8160  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
16:18:33.0766 8160  FontCache - ok
16:18:33.0813 8160  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:18:33.0844 8160  FontCache3.0.0.0 - ok
16:18:33.0860 8160  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:18:33.0891 8160  FsDepends - ok
16:18:33.0922 8160  [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
16:18:33.0953 8160  fssfltr - ok
16:18:34.0016 8160  [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
16:18:34.0078 8160  fsssvc - ok
16:18:34.0109 8160  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:18:34.0125 8160  Fs_Rec - ok
16:18:34.0187 8160  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:18:34.0203 8160  fvevol - ok
16:18:34.0219 8160  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:18:34.0219 8160  gagp30kx - ok
16:18:34.0297 8160  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
16:18:34.0390 8160  gpsvc - ok
16:18:34.0484 8160  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:18:34.0515 8160  gupdate - ok
16:18:34.0562 8160  [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:18:34.0593 8160  gupdatem - ok
16:18:34.0624 8160  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:18:34.0655 8160  gusvc - ok
16:18:34.0702 8160  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
16:18:34.0733 8160  hamachi - ok
16:18:34.0874 8160  [ 785FD63B74B30986A9F2C7D965CA509F ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
16:18:34.0921 8160  Hamachi2Svc - ok
16:18:34.0952 8160  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:18:34.0967 8160  hcw85cir - ok
16:18:34.0999 8160  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:18:35.0045 8160  HdAudAddService - ok
16:18:35.0077 8160  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:18:35.0123 8160  HDAudBus - ok
16:18:35.0123 8160  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
16:18:35.0155 8160  HidBatt - ok
16:18:35.0186 8160  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:18:35.0186 8160  HidBth - ok
16:18:35.0233 8160  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:18:35.0264 8160  HidIr - ok
16:18:35.0295 8160  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
16:18:35.0357 8160  hidserv - ok
16:18:35.0389 8160  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:18:35.0451 8160  HidUsb - ok
16:18:35.0467 8160  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:18:35.0545 8160  hkmsvc - ok
16:18:35.0560 8160  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:18:35.0607 8160  HomeGroupListener - ok
16:18:35.0638 8160  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:18:35.0669 8160  HomeGroupProvider - ok
16:18:35.0779 8160  [ 5DA42D24712E00728CEA2342A65009B2 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
16:18:35.0794 8160  hpqcxs08 - ok
16:18:35.0810 8160  [ D86A39BF100069444D026D22D9A6E555 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
16:18:35.0825 8160  hpqddsvc - ok
16:18:35.0872 8160  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:18:35.0888 8160  HpSAMD - ok
16:18:36.0075 8160  [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
16:18:36.0137 8160  HPSLPSVC ( UnsignedFile.Multi.Generic ) - warning
16:18:36.0137 8160  HPSLPSVC - detected UnsignedFile.Multi.Generic (1)
16:18:36.0278 8160  [ F47CEC45FB85791D4AB237563AD0FA8F ] HTCAND64        C:\Windows\system32\Drivers\ANDROIDUSB.sys
16:18:36.0325 8160  HTCAND64 ( UnsignedFile.Multi.Generic ) - warning
16:18:36.0325 8160  HTCAND64 - detected UnsignedFile.Multi.Generic (1)
16:18:36.0512 8160  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:18:36.0590 8160  HTTP - ok
16:18:36.0652 8160  [ 8F9B0FC4EC3A8194BD4CBC5ED3E7ABEB ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
16:18:36.0699 8160  hwdatacard - ok
16:18:36.0746 8160  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:18:36.0746 8160  hwpolicy - ok
16:18:36.0793 8160  [ B45B3647BA32749B94FA689175EC8C26 ] hwusbdev        C:\Windows\system32\DRIVERS\ewusbdev.sys
16:18:36.0824 8160  hwusbdev - ok
16:18:36.0855 8160  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
16:18:36.0871 8160  i8042prt - ok
16:18:36.0886 8160  [ 26CF4275034214ECEDD8EC17B0A18A99 ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
16:18:36.0902 8160  iaStor - ok
16:18:36.0980 8160  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:18:37.0027 8160  iaStorV - ok
16:18:37.0042 8160  [ DE9E40BAEE2E48FD1E3EB423074C014C ] iBtFltCoex      C:\Windows\system32\DRIVERS\iBtFltCoex.sys
16:18:37.0073 8160  iBtFltCoex - ok
16:18:37.0136 8160  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
16:18:37.0183 8160  IDriverT ( UnsignedFile.Multi.Generic ) - warning
16:18:37.0183 8160  IDriverT - detected UnsignedFile.Multi.Generic (1)
16:18:37.0261 8160  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:18:37.0307 8160  idsvc - ok
16:18:37.0713 8160  [ 174BCAC474DE13B2650E444CF124828E ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
16:18:38.0072 8160  igfx - ok
16:18:38.0119 8160  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:18:38.0134 8160  iirsp - ok
16:18:38.0181 8160  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
16:18:38.0228 8160  IKEEXT - ok
16:18:38.0275 8160  [ CADDF0927DAC63EDAE48F5C35A61D87D ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
16:18:38.0275 8160  intaud_WaveExtensible - ok
16:18:38.0384 8160  [ 028E40182A6F0374978C755F85B9F07C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:18:38.0431 8160  IntcAzAudAddService - ok
16:18:38.0477 8160  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
16:18:38.0477 8160  intelide - ok
16:18:38.0524 8160  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:18:38.0587 8160  intelppm - ok
16:18:38.0649 8160  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:18:38.0743 8160  IPBusEnum - ok
16:18:38.0789 8160  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:18:38.0883 8160  IpFilterDriver - ok
16:18:38.0945 8160  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:18:38.0992 8160  iphlpsvc - ok
16:18:39.0023 8160  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:18:39.0070 8160  IPMIDRV - ok
16:18:39.0086 8160  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:18:39.0148 8160  IPNAT - ok
16:18:39.0226 8160  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:18:39.0257 8160  iPod Service - ok
16:18:39.0289 8160  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:18:39.0351 8160  IRENUM - ok
16:18:39.0367 8160  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:18:39.0398 8160  isapnp - ok
16:18:39.0429 8160  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:18:39.0445 8160  iScsiPrt - ok
16:18:39.0491 8160  [ 716F66336F10885D935B08174DC54242 ] iwdbus          C:\Windows\system32\DRIVERS\iwdbus.sys
16:18:39.0523 8160  iwdbus - ok
16:18:39.0554 8160  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:18:39.0569 8160  kbdclass - ok
16:18:39.0585 8160  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:18:39.0647 8160  kbdhid - ok
16:18:39.0694 8160  [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
16:18:39.0725 8160  kbfiltr - ok
16:18:39.0741 8160  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
16:18:39.0757 8160  KeyIso - ok
16:18:39.0835 8160  [ 8B5219318DF5895ABD230C373F2DF18A ] kl1             C:\Windows\system32\DRIVERS\kl1.sys
16:18:39.0881 8160  kl1 - ok
16:18:39.0991 8160  [ 8191BB24F61EBCAF84719993C7F7B5C6 ] KLIF            C:\Windows\system32\DRIVERS\klif.sys
16:18:40.0037 8160  KLIF - ok
16:18:40.0084 8160  [ 9BD99E1AB3F664120AB95C35F9EC1EB0 ] KLIM6           C:\Windows\system32\DRIVERS\klim6.sys
16:18:40.0115 8160  KLIM6 - ok
16:18:40.0178 8160  [ 2C43FD500522EF3B8C283A5846B7FC41 ] klkbdflt        C:\Windows\system32\DRIVERS\klkbdflt.sys
16:18:40.0209 8160  klkbdflt - ok
16:18:40.0240 8160  [ 70A6D2E292017EC47949696F51ABE18D ] klmouflt        C:\Windows\system32\DRIVERS\klmouflt.sys
16:18:40.0256 8160  klmouflt - ok
16:18:40.0303 8160  [ FFC0501A1EA742406F1904A0CFE3BFE2 ] kltdi           C:\Windows\system32\DRIVERS\kltdi.sys
16:18:40.0318 8160  kltdi - ok
16:18:40.0381 8160  [ 185D21CB8F10CFB351FF65DA88C18BC9 ] kneps           C:\Windows\system32\DRIVERS\kneps.sys
16:18:40.0396 8160  kneps - ok
16:18:40.0427 8160  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:18:40.0443 8160  KSecDD - ok
16:18:40.0474 8160  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:18:40.0490 8160  KSecPkg - ok
16:18:40.0537 8160  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:18:40.0615 8160  ksthunk - ok
16:18:40.0661 8160  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:18:40.0755 8160  KtmRm - ok
16:18:40.0817 8160  [ A4A9CA24E54E81C6C3E469EAEB4B3F42 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
16:18:40.0833 8160  L1C - ok
16:18:40.0895 8160  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
16:18:40.0973 8160  LanmanServer - ok
16:18:41.0083 8160  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:18:41.0161 8160  lltdio - ok
16:18:41.0207 8160  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:18:41.0270 8160  lltdsvc - ok
16:18:41.0301 8160  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:18:41.0332 8160  lmhosts - ok
16:18:41.0410 8160  [ 0803906D607A9B83184447B75B60ECC2 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:18:41.0441 8160  LMS - ok
16:18:41.0488 8160  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:18:41.0504 8160  LSI_FC - ok
16:18:41.0535 8160  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:18:41.0551 8160  LSI_SAS - ok
16:18:41.0597 8160  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:18:41.0613 8160  LSI_SAS2 - ok
16:18:41.0629 8160  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:18:41.0644 8160  LSI_SCSI - ok
16:18:41.0675 8160  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
16:18:41.0753 8160  luafv - ok
16:18:41.0863 8160  [ 92EB844D90615CB266F84C3202B8786E ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
16:18:41.0894 8160  MBAMProtector - ok
16:18:41.0956 8160  [ 1ACAA67676E9E7BDA5E0C41B6E0DECAF ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
16:18:41.0987 8160  MBAMScheduler - ok
16:18:42.0050 8160  [ 916B8954AC3E06DC9E898AFFB41F3FB6 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
16:18:42.0097 8160  MBAMService - ok
16:18:42.0143 8160  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:18:42.0190 8160  Mcx2Svc - ok
16:18:42.0221 8160  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:18:42.0237 8160  megasas - ok
16:18:42.0299 8160  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
16:18:42.0331 8160  MegaSR - ok
16:18:42.0362 8160  [ 1C6E73FC46B509EFF9D0086AA37132DF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
16:18:42.0377 8160  MEIx64 - ok
16:18:42.0471 8160  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
16:18:42.0487 8160  Microsoft Office Groove Audit Service - ok
16:18:42.0518 8160  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
16:18:42.0627 8160  MMCSS - ok
16:18:42.0627 8160  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
16:18:42.0689 8160  Modem - ok
16:18:42.0721 8160  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:18:42.0783 8160  monitor - ok
16:18:42.0814 8160  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:18:42.0845 8160  mouclass - ok
16:18:42.0877 8160  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:18:42.0939 8160  mouhid - ok
16:18:42.0955 8160  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:18:42.0970 8160  mountmgr - ok
16:18:43.0033 8160  [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:18:43.0079 8160  MozillaMaintenance - ok
16:18:43.0111 8160  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:18:43.0142 8160  mpio - ok
16:18:43.0142 8160  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:18:43.0204 8160  mpsdrv - ok
16:18:43.0251 8160  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:18:43.0313 8160  MpsSvc - ok
16:18:43.0345 8160  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:18:43.0423 8160  MRxDAV - ok
16:18:43.0469 8160  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:18:43.0501 8160  mrxsmb - ok
16:18:43.0579 8160  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:18:43.0625 8160  mrxsmb10 - ok
16:18:43.0641 8160  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:18:43.0688 8160  mrxsmb20 - ok
16:18:43.0703 8160  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:18:43.0719 8160  msahci - ok
16:18:43.0750 8160  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:18:43.0766 8160  msdsm - ok
16:18:43.0781 8160  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
16:18:43.0844 8160  MSDTC - ok
16:18:43.0844 8160  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:18:43.0906 8160  Msfs - ok
16:18:43.0937 8160  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:18:43.0984 8160  mshidkmdf - ok
16:18:43.0984 8160  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:18:44.0000 8160  msisadrv - ok
16:18:44.0031 8160  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:18:44.0125 8160  MSiSCSI - ok
16:18:44.0125 8160  msiserver - ok
16:18:44.0171 8160  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:18:44.0249 8160  MSKSSRV - ok
16:18:44.0296 8160  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:18:44.0343 8160  MSPCLOCK - ok
16:18:44.0452 8160  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:18:44.0577 8160  MSPQM - ok
16:18:44.0593 8160  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:18:44.0608 8160  MsRPC - ok
16:18:44.0624 8160  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
16:18:44.0624 8160  mssmbios - ok
16:18:44.0639 8160  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:18:44.0733 8160  MSTEE - ok
16:18:44.0733 8160  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
16:18:44.0795 8160  MTConfig - ok
16:18:44.0811 8160  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
16:18:44.0827 8160  Mup - ok
16:18:44.0858 8160  [ 4BBB9D9C4DF259FAE2D172C5BB25DDD0 ] MyWiFiDHCPDNS   C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
16:18:44.0873 8160  MyWiFiDHCPDNS - ok
16:18:44.0951 8160  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
16:18:44.0998 8160  napagent - ok
16:18:45.0170 8160  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:18:45.0248 8160  NativeWifiP - ok
16:18:45.0341 8160  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:18:45.0357 8160  NDIS - ok
16:18:45.0404 8160  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:18:45.0451 8160  NdisCap - ok
16:18:45.0544 8160  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:18:45.0653 8160  NdisTapi - ok
16:18:45.0653 8160  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:18:45.0716 8160  Ndisuio - ok
16:18:45.0778 8160  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:18:45.0841 8160  NdisWan - ok
16:18:45.0856 8160  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:18:45.0903 8160  NDProxy - ok
16:18:45.0950 8160  [ 2334DC48997BA203B794DF3EE70521DB ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
16:18:45.0981 8160  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:18:45.0981 8160  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:18:46.0012 8160  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:18:46.0090 8160  NetBIOS - ok
16:18:46.0137 8160  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:18:46.0184 8160  NetBT - ok
16:18:46.0199 8160  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
16:18:46.0215 8160  Netlogon - ok
16:18:46.0262 8160  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
16:18:46.0355 8160  Netman - ok
16:18:46.0371 8160  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
16:18:46.0418 8160  netprofm - ok
16:18:46.0449 8160  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:18:46.0465 8160  NetTcpPortSharing - ok
16:18:46.0683 8160  [ AC69618DE5BCCE8747C9AB0AAE1003C1 ] NETwNs64        C:\Windows\system32\DRIVERS\NETwNs64.sys
16:18:46.0948 8160  NETwNs64 - ok
16:18:46.0995 8160  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:18:47.0026 8160  nfrd960 - ok
16:18:47.0057 8160  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:18:47.0104 8160  NlaSvc - ok
16:18:47.0120 8160  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:18:47.0167 8160  Npfs - ok
16:18:47.0213 8160  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
16:18:47.0307 8160  nsi - ok
16:18:47.0354 8160  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:18:47.0447 8160  nsiproxy - ok
16:18:47.0525 8160  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:18:47.0603 8160  Ntfs - ok
16:18:47.0619 8160  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
16:18:47.0681 8160  Null - ok
16:18:47.0728 8160  [ 10204955027011E08A9DC27737A48A54 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
16:18:47.0744 8160  NVHDA - ok
16:18:47.0806 8160  [ 63BCD806F51C31159193697F306FEB7F ] nvkflt          C:\Windows\system32\DRIVERS\nvkflt.sys
16:18:47.0822 8160  nvkflt - ok
16:18:48.0118 8160  [ B15258B1F45F9571758AC6BB2F043B01 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:18:48.0274 8160  nvlddmkm - ok
16:18:48.0305 8160  [ 682EA9ED3399D6066F0DAECF7938727E ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
16:18:48.0321 8160  nvpciflt - ok
16:18:48.0352 8160  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:18:48.0352 8160  nvraid - ok
16:18:48.0368 8160  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:18:48.0383 8160  nvstor - ok
16:18:48.0446 8160  [ 2D7092FEC9BD2ACA199673BBA2BA9277 ] NVSvc           C:\Windows\system32\nvvsvc.exe
16:18:48.0493 8160  NVSvc - ok
16:18:48.0633 8160  [ 7E22DE30E222BFDFCEC7E77032BAF3CD ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
16:18:48.0680 8160  nvUpdatusService - ok
16:18:48.0742 8160  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:18:48.0789 8160  nv_agp - ok
16:18:48.0836 8160  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:18:48.0883 8160  odserv - ok
16:18:48.0898 8160  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:18:48.0929 8160  ohci1394 - ok
16:18:48.0976 8160  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:18:49.0007 8160  ose - ok
16:18:49.0210 8160  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:18:49.0413 8160  osppsvc - ok
16:18:49.0460 8160  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:18:49.0522 8160  p2pimsvc - ok
16:18:49.0553 8160  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
16:18:49.0616 8160  p2psvc - ok
16:18:49.0663 8160  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
16:18:49.0725 8160  Parport - ok
16:18:49.0772 8160  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:18:49.0803 8160  partmgr - ok
16:18:49.0819 8160  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:18:49.0865 8160  PcaSvc - ok
16:18:49.0865 8160  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
16:18:49.0881 8160  pci - ok
16:18:49.0881 8160  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
16:18:49.0897 8160  pciide - ok
16:18:49.0912 8160  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:18:49.0928 8160  pcmcia - ok
16:18:49.0928 8160  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:18:49.0943 8160  pcw - ok
16:18:49.0959 8160  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:18:50.0021 8160  PEAUTH - ok
16:18:50.0099 8160  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:18:50.0146 8160  PerfHost - ok
16:18:50.0224 8160  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
16:18:50.0333 8160  pla - ok
16:18:50.0380 8160  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:18:50.0443 8160  PlugPlay - ok
16:18:50.0505 8160  [ AC78DF349F0E4CFB8B667C0CFFF83CCE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:18:50.0536 8160  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:18:50.0536 8160  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
16:18:50.0552 8160  PnkBstrA - ok
16:18:50.0567 8160  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:18:50.0614 8160  PNRPAutoReg - ok
16:18:50.0645 8160  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:18:50.0677 8160  PNRPsvc - ok
16:18:50.0708 8160  [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64         C:\Windows\system32\DRIVERS\point64.sys
16:18:50.0739 8160  Point64 - ok
16:18:50.0755 8160  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:18:50.0833 8160  PolicyAgent - ok
16:18:50.0864 8160  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
16:18:50.0942 8160  Power - ok
16:18:50.0989 8160  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:18:51.0082 8160  PptpMiniport - ok
16:18:51.0098 8160  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
16:18:51.0160 8160  Processor - ok
16:18:51.0191 8160  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:18:51.0254 8160  ProfSvc - ok
16:18:51.0285 8160  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:18:51.0301 8160  ProtectedStorage - ok
16:18:51.0347 8160  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:18:51.0394 8160  Psched - ok
16:18:51.0472 8160  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:18:51.0550 8160  ql2300 - ok
16:18:51.0550 8160  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:18:51.0566 8160  ql40xx - ok
16:18:51.0597 8160  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
16:18:51.0613 8160  QWAVE - ok
16:18:51.0628 8160  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:18:51.0659 8160  QWAVEdrv - ok
16:18:51.0659 8160  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:18:51.0691 8160  RasAcd - ok
16:18:51.0753 8160  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:18:51.0831 8160  RasAgileVpn - ok
16:18:51.0862 8160  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
16:18:51.0909 8160  RasAuto - ok
16:18:51.0909 8160  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:18:51.0956 8160  Rasl2tp - ok
16:18:51.0987 8160  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
16:18:52.0018 8160  RasMan - ok
16:18:52.0034 8160  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:18:52.0081 8160  RasPppoe - ok
16:18:52.0112 8160  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:18:52.0190 8160  RasSstp - ok
16:18:52.0221 8160  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:18:52.0268 8160  rdbss - ok
16:18:52.0299 8160  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
16:18:52.0361 8160  rdpbus - ok
16:18:52.0377 8160  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:18:52.0439 8160  RDPCDD - ok
16:18:52.0455 8160  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:18:52.0502 8160  RDPENCDD - ok
16:18:52.0517 8160  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:18:52.0564 8160  RDPREFMP - ok
16:18:52.0595 8160  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:18:52.0642 8160  RDPWD - ok
16:18:52.0689 8160  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:18:52.0720 8160  rdyboost - ok
16:18:52.0798 8160  [ A436F5E7D80BBDBB0826D0F176D5BEA8 ] RegSrvc         C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
16:18:52.0845 8160  RegSrvc - ok
16:18:52.0876 8160  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:18:52.0939 8160  RemoteAccess - ok
16:18:52.0985 8160  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:18:53.0079 8160  RemoteRegistry - ok
16:18:53.0126 8160  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
16:18:53.0173 8160  RFCOMM - ok
16:18:53.0282 8160  [ 616F6E52CAE254727A886BA8EDA1BEEA ] RichVideo       C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
16:18:53.0313 8160  RichVideo - ok
16:18:53.0344 8160  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:18:53.0407 8160  RpcEptMapper - ok
16:18:53.0438 8160  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
16:18:53.0469 8160  RpcLocator - ok
16:18:53.0500 8160  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
16:18:53.0531 8160  RpcSs - ok
16:18:53.0609 8160  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:18:53.0672 8160  rspndr - ok
16:18:53.0828 8160  [ 945AB249D12CBE044782430C6013AA1A ] RTL8187B        C:\Windows\system32\DRIVERS\rtl8187B.sys
16:18:53.0906 8160  RTL8187B - ok
16:18:53.0921 8160  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
16:18:53.0953 8160  SamSs - ok
16:18:53.0968 8160  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:18:53.0984 8160  sbp2port - ok
16:18:54.0046 8160  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:18:54.0109 8160  SCardSvr - ok
16:18:54.0155 8160  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:18:54.0249 8160  scfilter - ok
16:18:54.0327 8160  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
16:18:54.0405 8160  Schedule - ok
16:18:54.0436 8160  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:18:54.0467 8160  SCPolicySvc - ok
16:18:54.0467 8160  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:18:54.0499 8160  SDRSVC - ok
16:18:54.0545 8160  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:18:54.0608 8160  secdrv - ok
16:18:54.0686 8160  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
16:18:54.0779 8160  seclogon - ok
16:18:54.0795 8160  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
16:18:54.0889 8160  SENS - ok
16:18:54.0982 8160  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:18:55.0045 8160  SensrSvc - ok
16:18:55.0060 8160  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\drivers\serenum.sys
16:18:55.0107 8160  Serenum - ok
16:18:55.0154 8160  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
16:18:55.0216 8160  Serial - ok
16:18:55.0263 8160  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:18:55.0310 8160  sermouse - ok
16:18:55.0357 8160  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
16:18:55.0419 8160  SessionEnv - ok
16:18:55.0419 8160  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:18:55.0466 8160  sffdisk - ok
16:18:55.0466 8160  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:18:55.0497 8160  sffp_mmc - ok
16:18:55.0513 8160  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:18:55.0575 8160  sffp_sd - ok
16:18:55.0575 8160  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:18:55.0637 8160  sfloppy - ok
16:18:55.0793 8160  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
16:18:55.0825 8160  Sftfs - ok
16:18:55.0918 8160  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:18:55.0949 8160  sftlist - ok
16:18:55.0965 8160  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:18:55.0981 8160  Sftplay - ok
16:18:56.0012 8160  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:18:56.0027 8160  Sftredir - ok
16:18:56.0043 8160  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
16:18:56.0043 8160  Sftvol - ok
16:18:56.0059 8160  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:18:56.0074 8160  sftvsa - ok
16:18:56.0121 8160  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:18:56.0199 8160  SharedAccess - ok
16:18:56.0246 8160  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:18:56.0308 8160  ShellHWDetection - ok
16:18:56.0355 8160  [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
16:18:56.0402 8160  SiSGbeLH - ok
16:18:56.0433 8160  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:18:56.0449 8160  SiSRaid2 - ok
16:18:56.0480 8160  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:18:56.0480 8160  SiSRaid4 - ok
16:18:56.0495 8160  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:18:56.0542 8160  Smb - ok
16:18:56.0573 8160  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:18:56.0620 8160  SNMPTRAP - ok
16:18:56.0667 8160  [ 0416266CCBC2B95EAE2C6E0AA5D228FD ] Splashtop MDES  C:\ASUS.SYS\SIONExportService.exe
16:18:56.0698 8160  Splashtop MDES - ok
16:18:56.0714 8160  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:18:56.0714 8160  spldr - ok
16:18:56.0745 8160  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
16:18:56.0776 8160  Spooler - ok
16:18:56.0870 8160  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
16:18:56.0963 8160  sppsvc - ok
16:18:56.0979 8160  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:18:57.0026 8160  sppuinotify - ok
16:18:57.0057 8160  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:18:57.0088 8160  srv - ok
16:18:57.0119 8160  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:18:57.0135 8160  srv2 - ok
16:18:57.0151 8160  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:18:57.0166 8160  srvnet - ok
16:18:57.0229 8160  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:18:57.0322 8160  SSDPSRV - ok
16:18:57.0353 8160  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:18:57.0431 8160  SstpSvc - ok
16:18:57.0494 8160  [ C692C94FE55CAD0633440236022C27B3 ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys
16:18:57.0525 8160  ssudmdm - ok
16:18:57.0634 8160  [ 9E1222C417291BC836210743624A8E5E ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:18:57.0665 8160  Stereo Service - ok
16:18:57.0697 8160  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:18:57.0712 8160  stexstor - ok
16:18:57.0743 8160  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
16:18:57.0806 8160  StillCam - ok
16:18:57.0868 8160  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
16:18:57.0915 8160  stisvc - ok
16:18:57.0946 8160  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
16:18:57.0946 8160  swenum - ok
16:18:57.0977 8160  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
16:18:58.0024 8160  swprv - ok
16:18:58.0102 8160  [ 7E8902F9929A5D9FFD0F545332CE0F10 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
16:18:58.0149 8160  SynTP - ok
16:18:58.0196 8160  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
16:18:58.0243 8160  SysMain - ok
16:18:58.0258 8160  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:18:58.0289 8160  TabletInputService - ok
16:18:58.0321 8160  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:18:58.0383 8160  TapiSrv - ok
16:18:58.0414 8160  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
16:18:58.0461 8160  TBS - ok
16:18:58.0539 8160  [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:18:58.0617 8160  Tcpip - ok
16:18:58.0664 8160  [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:18:58.0695 8160  TCPIP6 - ok
16:18:58.0711 8160  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:18:58.0757 8160  tcpipreg - ok
16:18:58.0804 8160  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:18:58.0835 8160  TDPIPE - ok
16:18:58.0867 8160  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:18:58.0913 8160  TDTCP - ok
16:18:58.0945 8160  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:18:58.0976 8160  tdx - ok
16:18:59.0054 8160  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
16:18:59.0085 8160  TermDD - ok
16:18:59.0116 8160  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
16:18:59.0163 8160  TermService - ok
16:18:59.0179 8160  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
16:18:59.0210 8160  Themes - ok
16:18:59.0257 8160  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
16:18:59.0303 8160  THREADORDER - ok
16:18:59.0303 8160  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
16:18:59.0366 8160  TrkWks - ok
16:18:59.0397 8160  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:18:59.0428 8160  TrustedInstaller - ok
16:18:59.0444 8160  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:18:59.0475 8160  tssecsrv - ok
16:18:59.0506 8160  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:18:59.0553 8160  TsUsbFlt - ok
16:18:59.0569 8160  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
16:18:59.0615 8160  TsUsbGD - ok
16:18:59.0756 8160  [ E8985332F611F56ADBCFF987E7D67D51 ] TuneUp.UtilitiesSvc C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
16:18:59.0803 8160  TuneUp.UtilitiesSvc - ok
16:18:59.0834 8160  [ 7BC3381C0713F613B31ACDE38B71CB53 ] TuneUpUtilitiesDrv C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys
16:18:59.0834 8160  TuneUpUtilitiesDrv - ok
16:18:59.0896 8160  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:18:59.0974 8160  tunnel - ok
16:19:00.0005 8160  [ FD24F98D2898BE093FE926604BE7DB99 ] TurboB          C:\Windows\system32\DRIVERS\TurboB.sys
16:19:00.0005 8160  TurboB - ok
16:19:00.0052 8160  [ 600B406A04D90F577FEA8A88D7379F08 ] TurboBoost      C:\Program Files\Intel\TurboBoost\TurboBoost.exe
16:19:00.0052 8160  TurboBoost - ok
16:19:00.0068 8160  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:19:00.0083 8160  uagp35 - ok
16:19:00.0099 8160  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:19:00.0193 8160  udfs - ok
16:19:00.0239 8160  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:19:00.0302 8160  UI0Detect - ok
16:19:00.0349 8160  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:19:00.0380 8160  uliagpkx - ok
16:19:00.0427 8160  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:19:00.0489 8160  umbus - ok
16:19:00.0505 8160  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
16:19:00.0551 8160  UmPass - ok
16:19:00.0707 8160  [ EB79C6C91A99930015EF29AE7FA802D1 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:19:00.0754 8160  UNS - ok
16:19:00.0770 8160  Update-Service - ok
16:19:00.0801 8160  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
16:19:00.0879 8160  upnphost - ok
16:19:00.0941 8160  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
16:19:00.0988 8160  USBAAPL64 - ok
16:19:01.0035 8160  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
16:19:01.0097 8160  usbaudio - ok
16:19:01.0144 8160  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:19:01.0191 8160  usbccgp - ok
16:19:01.0253 8160  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:19:01.0331 8160  usbcir - ok
16:19:01.0347 8160  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
16:19:01.0394 8160  usbehci - ok
16:19:01.0441 8160  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:19:01.0472 8160  usbhub - ok
16:19:01.0487 8160  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:19:01.0503 8160  usbohci - ok
16:19:01.0519 8160  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:19:01.0550 8160  usbprint - ok
16:19:01.0597 8160  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
16:19:01.0659 8160  usbscan - ok
16:19:01.0675 8160  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:19:01.0690 8160  USBSTOR - ok
16:19:01.0706 8160  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:19:01.0753 8160  usbuhci - ok
16:19:01.0799 8160  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
16:19:01.0862 8160  usbvideo - ok
16:19:01.0893 8160  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
16:19:01.0924 8160  UxSms - ok
16:19:01.0987 8160  [ 0089C14DFBBEB6B3A22BE14A44A4CE1F ] UxTuneUp        C:\Windows\System32\uxtuneup.dll
16:19:02.0018 8160  UxTuneUp - ok
16:19:02.0033 8160  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
16:19:02.0065 8160  VaultSvc - ok
16:19:02.0096 8160  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:19:02.0111 8160  vdrvroot - ok
16:19:02.0143 8160  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
16:19:02.0205 8160  vds - ok
16:19:02.0236 8160  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:19:02.0252 8160  vga - ok
16:19:02.0267 8160  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:19:02.0283 8160  VgaSave - ok
16:19:02.0299 8160  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:19:02.0314 8160  vhdmp - ok
16:19:02.0330 8160  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:19:02.0330 8160  viaide - ok
16:19:02.0361 8160  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:19:02.0377 8160  volmgr - ok
16:19:02.0408 8160  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:19:02.0423 8160  volmgrx - ok
16:19:02.0455 8160  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:19:02.0486 8160  volsnap - ok
16:19:02.0517 8160  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:19:02.0533 8160  vsmraid - ok
16:19:02.0579 8160  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
16:19:02.0689 8160  VSS - ok
16:19:02.0720 8160  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:19:02.0767 8160  vwifibus - ok
16:19:02.0798 8160  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:19:02.0829 8160  vwififlt - ok
16:19:02.0845 8160  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
16:19:02.0876 8160  vwifimp - ok
16:19:02.0923 8160  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
16:19:03.0001 8160  W32Time - ok
16:19:03.0016 8160  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:19:03.0047 8160  WacomPen - ok
16:19:03.0063 8160  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:19:03.0094 8160  WANARP - ok
16:19:03.0110 8160  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:19:03.0141 8160  Wanarpv6 - ok
16:19:03.0172 8160  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
16:19:03.0250 8160  wbengine - ok
16:19:03.0266 8160  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:19:03.0281 8160  WbioSrvc - ok
16:19:03.0297 8160  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:19:03.0344 8160  wcncsvc - ok
16:19:03.0359 8160  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:19:03.0406 8160  WcsPlugInService - ok
16:19:03.0437 8160  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
16:19:03.0469 8160  Wd - ok
16:19:03.0562 8160  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:19:03.0640 8160  Wdf01000 - ok
16:19:03.0671 8160  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:19:03.0703 8160  WdiServiceHost - ok
16:19:03.0703 8160  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:19:03.0734 8160  WdiSystemHost - ok
16:19:03.0796 8160  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
16:19:03.0843 8160  WebClient - ok
16:19:03.0874 8160  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:19:03.0952 8160  Wecsvc - ok
16:19:03.0983 8160  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:19:04.0046 8160  wercplsupport - ok
16:19:04.0093 8160  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:19:04.0171 8160  WerSvc - ok
16:19:04.0186 8160  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:19:04.0217 8160  WfpLwf - ok
16:19:04.0249 8160  [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
16:19:04.0249 8160  WimFltr - ok
16:19:04.0280 8160  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:19:04.0280 8160  WIMMount - ok
16:19:04.0311 8160  WinDefend - ok
16:19:04.0311 8160  WinHttpAutoProxySvc - ok
16:19:04.0358 8160  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:19:04.0451 8160  Winmgmt - ok
16:19:04.0545 8160  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
16:19:04.0654 8160  WinRM - ok
16:19:04.0701 8160  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:19:04.0701 8160  WinUsb - ok
16:19:04.0748 8160  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:19:04.0857 8160  Wlansvc - ok
16:19:04.0951 8160  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
16:19:04.0966 8160  wlcrasvc - ok
16:19:05.0075 8160  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:19:05.0107 8160  wlidsvc - ok
16:19:05.0153 8160  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
16:19:05.0200 8160  WmiAcpi - ok
16:19:05.0247 8160  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:19:05.0309 8160  wmiApSrv - ok
16:19:05.0341 8160  WMPNetworkSvc - ok
16:19:05.0387 8160  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:19:05.0434 8160  WPCSvc - ok
16:19:05.0450 8160  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:19:05.0465 8160  WPDBusEnum - ok
16:19:05.0497 8160  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:19:05.0590 8160  ws2ifsl - ok
16:19:05.0606 8160  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
16:19:05.0621 8160  wscsvc - ok
16:19:05.0684 8160  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
16:19:05.0762 8160  WSDPrintDevice - ok
16:19:05.0762 8160  WSearch - ok
16:19:05.0855 8160  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:19:05.0887 8160  wuauserv - ok
16:19:05.0918 8160  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:19:05.0949 8160  WudfPf - ok
16:19:05.0980 8160  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:19:06.0043 8160  WUDFRd - ok
16:19:06.0058 8160  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:19:06.0136 8160  wudfsvc - ok
16:19:06.0183 8160  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:19:06.0245 8160  WwanSvc - ok
16:19:06.0308 8160  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
16:19:06.0355 8160  xusb21 - ok
16:19:06.0401 8160  ================ Scan global ===============================
16:19:06.0433 8160  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:19:06.0448 8160  [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
16:19:06.0464 8160  [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
16:19:06.0495 8160  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:19:06.0511 8160  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:19:06.0526 8160  [Global] - ok
16:19:06.0526 8160  ================ Scan MBR ==================================
16:19:06.0526 8160  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:19:06.0932 8160  \Device\Harddisk0\DR0 - ok
16:19:06.0932 8160  ================ Scan VBR ==================================
16:19:06.0932 8160  [ 33047DF1A8DBAF404F77E82927AEC3D7 ] \Device\Harddisk0\DR0\Partition1
16:19:06.0947 8160  \Device\Harddisk0\DR0\Partition1 - ok
16:19:06.0963 8160  [ E4E2338BBB92001ECBC46002F77046DE ] \Device\Harddisk0\DR0\Partition2
16:19:06.0979 8160  \Device\Harddisk0\DR0\Partition2 - ok
16:19:06.0979 8160  ============================================================
16:19:06.0979 8160  Scan finished
16:19:06.0979 8160  ============================================================
16:19:06.0994 7820  Detected object count: 7
16:19:06.0994 7820  Actual detected object count: 7
16:20:27.0194 7820  DfSdkS ( UnsignedFile.Multi.Generic ) - skipped by user
16:20:27.0194 7820  DfSdkS ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:20:27.0194 7820  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
16:20:27.0194 7820  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:20:27.0194 7820  HPSLPSVC ( UnsignedFile.Multi.Generic ) - skipped by user
16:20:27.0194 7820  HPSLPSVC ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:20:27.0194 7820  HTCAND64 ( UnsignedFile.Multi.Generic ) - skipped by user
16:20:27.0194 7820  HTCAND64 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:20:27.0194 7820  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
16:20:27.0194 7820  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:20:27.0194 7820  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:20:27.0194 7820  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:20:27.0194 7820  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:20:27.0194 7820  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Antwort

Themen zu Arbeitsstationsdienst lässt sich nicht starten!
anschluss, arbeitsstationsdienst, c:\windows, check, computer, datei, einfach, folge, forum, funktioniert, funktioniert nicht, funktioniert nicht mehr, hilfe!, infektion, kaspersky, lanmanworkstation, microsoft, neu, neue, neuen, nicht mehr, rechner, starten, system, system32, trojaner, windows-explorer, windows-explorer funktioniert nicht, öffnen



Ähnliche Themen: Arbeitsstationsdienst lässt sich nicht starten!


  1. Windows 7 Firewall ist deaktiviert und lässt sich nicht starten & Basisfiltermodul lässt sich nicht starten
    Plagegeister aller Art und deren Bekämpfung - 23.06.2015 (15)
  2. Windows 8.1: PC hängt sich auf und ADwareCleaner lässt sich nicht starten
    Log-Analyse und Auswertung - 20.06.2015 (4)
  3. Windows7 taskmgr lässt sich nicht starten, Avira Echtzeitscanner lässt sich nicht aktivieren, USB wird nicht angenommen, ohne Meldung,
    Log-Analyse und Auswertung - 01.06.2015 (15)
  4. Malwarebytes lässt sich nicht starten
    Log-Analyse und Auswertung - 04.09.2014 (5)
  5. Arbeitsstationsdienst lässt sich nicht starten, PC sehr langsam, Netzwerk eingeschränkt
    Plagegeister aller Art und deren Bekämpfung - 23.11.2013 (5)
  6. windows 7 lässt sich nicht von cd starten
    Alles rund um Windows - 05.10.2012 (4)
  7. Lässt sich nicht mehr starten!
    Plagegeister aller Art und deren Bekämpfung - 12.09.2012 (3)
  8. Norton schaltet sich automatisch ab und lässt sich nicht wieder neu starten!
    Log-Analyse und Auswertung - 06.03.2012 (1)
  9. exe dateien starten nicht, cmd lässt sich nicht öffnen,festplattenübersicht öffnet sich nicht
    Plagegeister aller Art und deren Bekämpfung - 15.10.2011 (1)
  10. Personal Shield Pro - Anti-Malware beendet sich und lässt sich nicht mehr starten-auch nicht mit OTH
    Log-Analyse und Auswertung - 18.08.2011 (1)
  11. Hijackthis lässt sich nicht starten
    Log-Analyse und Auswertung - 29.06.2009 (15)
  12. Hijack This lässt sich nicht starten
    Log-Analyse und Auswertung - 18.05.2009 (3)
  13. ComboFix lässt sich nicht starten
    Plagegeister aller Art und deren Bekämpfung - 20.10.2008 (3)
  14. Druckerwateschlangendienst lässt sich nicht starten
    Alles rund um Windows - 05.11.2007 (6)
  15. mwavscan.com lässt sich nicht starten
    Log-Analyse und Auswertung - 28.11.2006 (3)
  16. HijackThis lässt sich nicht starten
    Log-Analyse und Auswertung - 28.01.2005 (14)
  17. 2000 lässt sich nicht starten
    Alles rund um Windows - 24.06.2004 (1)

Zum Thema Arbeitsstationsdienst lässt sich nicht starten! - Hi ich wollte heute Kaspersky installieren, aber als ich den Lizenzschlüssel eingeben wollte kam eine Fehlermeldung. Ich vermute es liegt daran, dass ich den Arbeitsstationsdienst nicht starten kann, es erscheint - Arbeitsstationsdienst lässt sich nicht starten!...
Archiv
Du betrachtest: Arbeitsstationsdienst lässt sich nicht starten! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.