Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Delta Search lässt sich nicht entfernen

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 12.02.2013, 12:00   #1
Lesserclown
 
Delta Search lässt sich nicht entfernen - Beitrag

Delta Search lässt sich nicht entfernen



Hallo liebe Helfer,

ich habe mich hier angemeldet, weil ich im Netz nichts Brauchbares zu meinem Problem gefunden habe. Bin etwas eingeschüchtert von den ganzen Regeln hier und weiß nicht, ob ich alles richtig mache. Seid bitte nachsichtig. Bin mir auch nicht sicher, was ich alles posten muss.

Ich habe exakt das gleiche Problem mit Delta Search wie Tenonen, der am 10.2. hier gepostet hat.

- beim Öffnen des Browsers Google Chrome öffnet sich gleichzeitig der 2. Tab mit Delta Search
- Virenschutz von Avast

Habe schon alles an Programmen, was Delta angeht, deinstalliert. Es bleibt aber immer noch diese Suchmaschine, die sich automatisch öffnet.

OTL Logfile:

Code:
ATTFilter
OTL logfile created on: 12.02.2013 10:42:29 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Judith\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,94 Gb Total Physical Memory | 2,09 Gb Available Physical Memory | 53,06% Memory free
7,87 Gb Paging File | 5,42 Gb Available in Paging File | 68,84% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 244,04 Gb Total Space | 100,53 Gb Free Space | 41,19% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 50,37 Gb Free Space | 21,63% Space Free | Partition Type: NTFS
Drive E: | 221,62 Gb Total Space | 162,63 Gb Free Space | 73,38% Space Free | Partition Type: NTFS
 
Computer Name: JUDITH-PC | User Name: Judith | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2013.02.12 10:22:10 | 001,363,528 | ---- | M] (Malwarebytes Corporation) -- C:\Users\Judith\Downloads\mbar-1.01.0.1020\mbar\mbar.exe
PRC - [2013.02.11 20:16:30 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Judith\Downloads\OTL.exe
PRC - [2013.01.26 03:35:08 | 001,248,208 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2013.01.11 15:39:50 | 000,440,896 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
PRC - [2013.01.11 15:39:50 | 000,297,536 | ---- | M] (IncrediMail, Ltd.) -- C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
PRC - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.12.03 16:47:14 | 001,259,880 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.11.30 22:43:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.11.20 15:09:00 | 000,188,760 | ---- | M] () -- C:\Program Files\IB Updater\ExtensionUpdaterService.exe
PRC - [2012.11.13 14:08:12 | 003,487,240 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
PRC - [2012.11.13 14:08:08 | 003,825,176 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
PRC - [2012.11.13 14:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2012.11.13 14:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2012.11.13 14:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2012.10.30 23:50:59 | 004,297,136 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011.11.22 09:59:30 | 000,018,432 | ---- | M] () -- C:\Users\Judith\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe
PRC - [2011.04.01 04:11:52 | 000,428,640 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
PRC - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
PRC - [2009.11.30 04:28:22 | 000,084,144 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\IntelITDirector\itdirectorservice.exe
PRC - [2009.10.24 02:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2009.07.21 23:40:56 | 002,066,968 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
PRC - [2009.07.21 23:40:50 | 000,174,616 | R--- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\AMT\LMS.exe
PRC - [2008.01.22 18:35:52 | 000,103,808 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.02.08 16:13:48 | 014,586,736 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll
MOD - [2013.01.26 03:35:06 | 000,460,240 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
MOD - [2013.01.26 03:35:04 | 004,012,496 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\pdf.dll
MOD - [2013.01.26 03:34:19 | 000,597,968 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\libglesv2.dll
MOD - [2013.01.26 03:34:18 | 000,124,368 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\libegl.dll
MOD - [2013.01.26 03:34:16 | 001,552,848 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll
MOD - [2013.01.11 15:39:51 | 000,272,960 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\ImLookExU.dll
MOD - [2013.01.11 15:39:51 | 000,072,256 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\wlessfp1.dll
MOD - [2013.01.11 15:39:50 | 000,133,696 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\ImComUtlU.dll
MOD - [2013.01.11 15:39:50 | 000,080,448 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\bin\ImAppRU.dll
MOD - [2013.01.11 15:39:50 | 000,033,272 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\IMHttpComm.dll
MOD - [2012.12.30 20:18:10 | 000,109,040 | ---- | M] () -- C:\Program Files (x86)\IncrediMail\Bin\pmc.dll
MOD - [2012.11.13 14:06:32 | 000,158,624 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
MOD - [2012.11.13 14:06:30 | 000,108,960 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
MOD - [2012.11.13 14:06:28 | 000,554,400 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl
MOD - [2012.11.13 14:06:28 | 000,528,288 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl
MOD - [2012.11.13 14:06:28 | 000,416,160 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - File not found [Disabled | Unknown] -- C:\Program Files\AVAST Software\Avast\afwServ.exe -- (avast! Firewall)
SRV:64bit: - [2012.11.20 15:09:00 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Program Files\IB Updater\ExtensionUpdaterService.exe -- (IB Updater)
SRV:64bit: - [2012.10.30 23:50:59 | 000,044,808 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV:64bit: - [2011.09.27 20:04:08 | 000,359,192 | ---- | M] (Logitech, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe -- (LBTServ)
SRV:64bit: - [2009.07.14 02:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2009.07.14 02:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2013.02.08 16:13:50 | 000,251,248 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.02.07 10:30:30 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2012.12.18 15:28:08 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.12.03 16:47:14 | 001,259,880 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.11.30 22:43:38 | 000,382,824 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012.06.07 18:12:14 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.01.18 13:38:28 | 000,155,320 | ---- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe -- (Sony PC Companion)
SRV - [2011.11.22 09:59:30 | 000,018,432 | ---- | M] () [Auto | Running] -- C:\Users\Judith\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe -- (StumbleUponUpdater)
SRV - [2011.04.01 04:11:52 | 000,428,640 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 10:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2009.11.30 04:28:22 | 000,084,144 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\IntelITDirector\itdirectorservice.exe -- (ITDirectorService)
SRV - [2009.10.24 02:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2009.07.21 23:40:56 | 002,066,968 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe -- (UNS)
SRV - [2009.07.21 23:40:50 | 000,174,616 | R--- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\AMT\LMS.exe -- (LMS)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2008.01.22 18:35:52 | 000,103,808 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC)
SRV - [2007.05.31 16:11:54 | 000,443,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007.05.31 16:11:46 | 000,225,672 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.02.12 10:23:52 | 000,157,000 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbamswissarmy.sys -- (mbamswissarmy)
DRV:64bit: - [2013.02.12 10:23:51 | 000,036,680 | ---- | M] () [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\mbamchameleon.sys -- (mbamchameleon)
DRV:64bit: - [2012.10.30 23:51:56 | 000,059,728 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswTdi.sys -- (aswTdi)
DRV:64bit: - [2012.10.30 23:51:55 | 000,984,144 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\Windows\SysNative\drivers\aswSnx.sys -- (aswSnx)
DRV:64bit: - [2012.10.30 23:51:55 | 000,370,288 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswSP.sys -- (aswSP)
DRV:64bit: - [2012.10.30 23:51:55 | 000,071,600 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswMonFlt.sys -- (aswMonFlt)
DRV:64bit: - [2012.10.30 23:51:53 | 000,025,232 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV:64bit: - [2012.10.15 17:59:28 | 000,054,072 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswRdr2.sys -- (aswRdr)
DRV:64bit: - [2012.08.23 15:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 15:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.07.03 16:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.03.07 00:02:45 | 000,028,504 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\aswKbd.sys -- (aswKbd)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.09.02 07:30:46 | 000,042,776 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\LUsbFilt.sys -- (LUsbFilt)
DRV:64bit: - [2011.09.02 07:30:36 | 000,060,696 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LMouFilt.Sys -- (LMouFilt)
DRV:64bit: - [2011.09.02 07:30:24 | 000,076,056 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LEqdUsb.sys -- (LEqdUsb)
DRV:64bit: - [2011.09.02 07:30:24 | 000,066,840 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidFilt.Sys -- (LHidFilt)
DRV:64bit: - [2011.09.02 07:30:24 | 000,015,128 | ---- | M] (Logitech, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\LHidEqd.sys -- (LHidEqd)
DRV:64bit: - [2011.05.18 09:14:22 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt)
DRV:64bit: - [2011.05.18 09:14:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev)
DRV:64bit: - [2011.05.18 09:14:16 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc)
DRV:64bit: - [2011.05.18 09:14:12 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd)
DRV:64bit: - [2011.05.10 07:06:08 | 000,051,712 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2011.04.01 04:07:54 | 004,184,672 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 11:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2010.06.14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TFsExDisk.sys -- (TFsExDisk)
DRV:64bit: - [2010.04.27 03:25:20 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)
DRV:64bit: - [2010.04.27 03:25:20 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus)
DRV:64bit: - [2010.04.27 03:25:20 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)
DRV:64bit: - [2010.04.27 03:25:16 | 000,161,280 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdm.sys -- (ss_bmdm)
DRV:64bit: - [2010.04.27 03:25:16 | 000,127,488 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bbus.sys -- (ss_bbus)
DRV:64bit: - [2010.04.27 03:25:16 | 000,018,944 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ss_bmdfl.sys -- (ss_bmdfl)
DRV:64bit: - [2009.11.19 03:25:32 | 000,294,064 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\e1k62x64.sys -- (e1kexpress)
DRV:64bit: - [2009.10.21 04:30:32 | 001,270,784 | ---- | M] (VIA Technologies, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\viahduaa.sys -- (VIAHdAudAddService)
DRV:64bit: - [2009.09.29 08:15:02 | 000,016,384 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lgbtpt64.sys -- (LgBttPort)
DRV:64bit: - [2009.09.29 08:15:00 | 000,017,408 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lgvmdm64.sys -- (LGVMODEM)
DRV:64bit: - [2009.09.29 08:15:00 | 000,014,848 | ---- | M] (LG Electronics Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\lgbtbs64.sys -- (lgbusenum)
DRV:64bit: - [2009.07.16 12:38:40 | 000,015,416 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ASACPI.sys -- (MTsensor)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 00:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009.06.23 22:28:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2007.01.15 15:13:18 | 000,160,256 | ---- | M] (C-Media Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cmiucr_x64.SYS -- (CMIUCR)
DRV - [2011.03.02 12:06:50 | 000,015,664 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV - [2010.06.14 09:32:54 | 000,016,448 | ---- | M] (Teruten Inc) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys -- (TFsExDisk)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=646b8b60000000000000bcaec54621d0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5C 5D 4E 33 BE 38 CC 01  [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - No CLSID value found
IE - HKCU\..\URLSearchHook: {990af1c2-5a27-4460-8149-ecc6bc122af3} - No CLSID value found
IE - HKCU\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {F59E500D-2897-496E-8A56-5E7A011482B3}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&affID=119776&babsrc=SP_ss&mntrId=646b8b60000000000000bcaec54621d0
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = hxxp://isearch.avg.com/search?cid={DEFA877B-B782-403E-A0EE-DD2BBA4786EB}&mid=9b43c2209ac247d1b9bc6de783a2c823-919ac64f5cd147b60fbdf57150f3eb2b0e5670de&lang=de&ds=AVG&pr=fr&d=2012-06-05 20:33:39&v=11.1.0.7&sap=dsp&q={searchTerms}
IE - HKCU\..\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A}: "URL" = hxxp://mystart.incredimail.com//?search={searchTerms}&loc=search_box&a=1eyo0sjSFml
IE - HKCU\..\SearchScopes\{F59E500D-2897-496E-8A56-5E7A011482B3}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7GGNI_deDE478
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=110.171.33.200:3128
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Delta Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.facebook.de"
FF - prefs.js..extensions.enabledAddons: uss-button%40uploadscreenshot.com:1.9.1
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.13
FF - prefs.js..extensions.enabledAddons: stealthyextension%40gmail.com:2.5
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
FF - prefs.js..network.proxy.ftp: "186.113.26.38"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.http: "186.113.26.38"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "186.113.26.38"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "186.113.26.38"
FF - prefs.js..network.proxy.ssl_port: 3128
FF - prefs.js..network.proxy.type: 0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Judith\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll File not found
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX [2013.01.08 07:23:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.07.02 18:11:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.22 20:19:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.11.14 13:36:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\Program Files\IB Updater\Firefox [2013.01.08 07:23:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.07 10:30:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.07 10:30:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.07 10:30:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.07 10:30:15 | 000,000,000 | ---D | M]
 
[2012.05.23 18:25:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\Extensions
[2012.05.23 18:25:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\Extensions\songbird@songbirdnest.com
[2013.02.10 11:27:00 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\Firefox\Profiles\v84h9s76.default\extensions
[2013.01.11 21:15:34 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Judith\AppData\Roaming\mozilla\Firefox\Profiles\v84h9s76.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.07.26 10:37:22 | 000,000,000 | ---D | M] (Browser Companion Helper) -- C:\Users\Judith\AppData\Roaming\mozilla\Firefox\Profiles\v84h9s76.default\extensions\bbrs_002@blabbers.com
[2012.06.25 13:19:21 | 000,053,803 | ---- | M] () (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\firefox\profiles\v84h9s76.default\extensions\extension@hidemyass.com.xpi
[2013.02.10 11:14:36 | 000,185,839 | ---- | M] () (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\firefox\profiles\v84h9s76.default\extensions\stealthyextension@gmail.com.xpi
[2011.12.23 17:21:07 | 000,021,356 | ---- | M] () (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\firefox\profiles\v84h9s76.default\extensions\uss-button@uploadscreenshot.com.xpi
[2013.01.06 13:49:42 | 000,220,411 | ---- | M] () (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\firefox\profiles\v84h9s76.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2013.02.01 18:12:20 | 000,817,973 | ---- | M] () (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\firefox\profiles\v84h9s76.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.02.09 11:47:37 | 000,001,294 | ---- | M] () -- C:\Users\Judith\AppData\Roaming\mozilla\firefox\profiles\v84h9s76.default\searchplugins\delta.xml
[2012.07.25 21:44:46 | 000,002,197 | ---- | M] () -- C:\Users\Judith\AppData\Roaming\mozilla\firefox\profiles\v84h9s76.default\searchplugins\MyStart Search.xml
[2012.07.25 21:50:28 | 000,002,792 | ---- | M] () -- C:\Users\Judith\AppData\Roaming\mozilla\firefox\profiles\v84h9s76.default\searchplugins\Plusnetwork.xml
[2013.02.09 13:05:30 | 000,002,112 | ---- | M] () -- C:\Users\Judith\AppData\Roaming\mozilla\firefox\profiles\v84h9s76.default\searchplugins\wot-safe-search.xml
[2013.02.07 10:30:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.02.07 10:30:04 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.02.07 10:30:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.11.14 13:36:07 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2013.02.07 10:30:31 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.27 17:16:15 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.06.05 19:32:51 | 000,003,766 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\avg-secure-search.xml
[2013.02.09 11:46:52 | 000,006,484 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.09.17 09:30:22 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.27 17:16:15 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.27 17:16:15 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.27 17:16:15 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.27 17:16:15 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: 
CHR - plugin: Shockwave Flash (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: Screen Capture Plugin (Enabled) = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.4.4_0\plugins/screen_capture.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: DivX\u00AE Content Upload Plugin (Enabled) = C:\Program Files (x86)\DivX\DivX Content Uploader\npUpload.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 7 U11 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: VLC Web Plugin (Enabled) = C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Facebook Desktop (Enabled) = C:\Users\Judith\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_146.dll
CHR - Extension: Click to activate/deactivate ProxTube = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek\1.2.0_0\
CHR - Extension: Awesome Screenshot: Capture & Annotate = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce\3.4.4_0\
CHR - Extension: YouTube = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Click Trap Remover And Shortlinker = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\cegockafhciijfimejhnbfffnikgbpca\1.1.3_0\
CHR - Extension: Adblock Plus = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.3.4_0\
CHR - Extension: Hide My Ass! Web Proxy = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmgnmcnlncejehjlnhaglpnoolgbflbd\1.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: IB Updater = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.550_0\
CHR - Extension: avast! WebRep = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: eBay Extension f\u00FCr Google Chrome\u2122 (von eBay) = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\khhckppjhonfmcpegdjdibmngahahhck\1.6.7_0\
CHR - Extension: Dislike Button for Facebook = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbnljppimpdkhccmgflleoppbaaiglhl\2.9_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: YouTube Unblocker = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\npnkeeiehehhefofiekoflfedgehcdhl\0.3.2_0\
CHR - Extension: Marc Ecko = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjonmehjfmkejjifhhknofdnacklmjk\2_0\
CHR - Extension: Google Mail = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (IB Updater) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension64.dll ()
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - No CLSID value found.
O2 - BHO: (HistoryTriggerBHO Class) - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll (LG Electronics)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (IB Updater) - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension32.dll ()
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (StumbleUpon) - {DB616CFF-D989-48A8-9C85-E2A8D56AB2CA} - C:\Users\Judith\AppData\LocalLow\StumbleUpon\IE\StumbleUpon.dll (StumbleUpon Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Cmiboot] C:\Windows\cmiboot.exe ()
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jaureg.exe (Sun Microsystems, Inc.)
O4 - HKCU..\Run: [D42659CBA0ACC3E92A7AF83417BF9DCB240A87C1._service_run] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKCU..\Run: [LG LinkAir]  File not found
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunOnce: [SpybotDeletingE1132] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunOnce: [SpybotDeletingE2632] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunOnce: [SpybotDeletingE3164] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunOnce: [SpybotDeletingE4165] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunOnce: [SpybotDeletingE6250] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunOnce: [SpybotDeletingE9108] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunOnce: [Z1] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingF2735] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe (Safer-Networking Ltd.)
O4 - HKCU..\RunOnce: [SpybotDeletingF3125] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe (Safer-Networking Ltd.)
O4 - HKCU..\RunOnce: [SpybotDeletingF3192] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe (Safer-Networking Ltd.)
O4 - HKCU..\RunOnce: [SpybotDeletingF4611] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe (Safer-Networking Ltd.)
O4 - HKCU..\RunOnce: [SpybotDeletingF5674] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe (Safer-Networking Ltd.)
O4 - HKCU..\RunOnce: [SpybotDeletingF605] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe (Safer-Networking Ltd.)
O4 - HKCU..\RunOnce: [SpybotDeletingF6108] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe (Safer-Networking Ltd.)
O4 - HKCU..\RunOnce: [SpybotDeletingF897] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 10.2.0)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 1.7.0_09)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 10.13.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash/cabs/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5BFA4620-F0FC-4F48-9877-80EB9BDEF57E}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll) -  File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) -  File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.02.06 18:06:29 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{4818e502-a491-11e1-9ec0-bcaec54621d0}\Shell - "" = AutoRun
O33 - MountPoints2\{4818e502-a491-11e1-9ec0-bcaec54621d0}\Shell\AutoRun\command - "" = J:\setup.exe
O33 - MountPoints2\{a58f08d9-a4e4-11e0-bbc3-bcaec54621d0}\Shell - "" = AutoRun
O33 - MountPoints2\{a58f08d9-a4e4-11e0-bbc3-bcaec54621d0}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\L\Shell - "" = AutoRun
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.12 10:23:52 | 000,157,000 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys
[2013.02.11 21:12:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013.02.11 21:11:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
[2013.02.11 21:11:45 | 000,017,272 | ---- | C] (Safer Networking Limited) -- C:\Windows\SysNative\sdnclean64.exe
[2013.02.11 21:11:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013.02.10 20:11:48 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2013.02.10 20:11:41 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\TestApp
[2013.02.09 11:45:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013.02.09 11:45:22 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\hdvidcodec.com
[2013.02.09 11:45:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\hdvidcodec.com
[2013.02.07 10:30:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.02.05 20:46:34 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Logishrd
[2013.02.04 10:45:50 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.02.04 10:44:33 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.02.04 10:44:33 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.02.04 10:44:33 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.01.16 11:27:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.01.16 11:26:13 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.01.16 11:26:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013.01.16 11:21:03 | 013,085,120 | ---- | C] (Microsoft Corporation) -- C:\Users\Judith\Silverlight_x64.exe
[2013.01.15 19:55:23 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Local\Programs
[2013.01.13 21:38:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
[2011.11.08 19:15:50 | 014,598,944 | ---- | C] (Mozilla) -- C:\Users\Judith\Firefox_Setup_8.0.exe
[2011.11.02 20:15:20 | 017,197,344 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\Judith\jre-6u29-windows-x64.exe
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.12 10:44:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.12 10:23:52 | 000,157,000 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys
[2013.02.12 10:23:51 | 000,036,680 | ---- | M] () -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2013.02.12 10:17:00 | 000,000,314 | ---- | M] () -- C:\Windows\tasks\DMEPeriodicTask.job
[2013.02.12 10:13:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.12 09:54:54 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3006580132-100186128-2252486993-1001UA.job
[2013.02.12 09:54:51 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.11 21:50:03 | 000,000,710 | ---- | M] () -- C:\Windows\wininit.ini
[2013.02.11 21:11:56 | 000,002,173 | ---- | M] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013.02.11 20:59:05 | 000,050,477 | ---- | M] () -- C:\Users\Judith\Desktop\Defogger.exe
[2013.02.11 20:45:47 | 000,000,000 | ---- | M] () -- C:\Users\Judith\defogger_reenable
[2013.02.11 20:28:30 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.11 20:28:30 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.11 20:11:01 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.11 20:09:20 | 3169,345,536 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.11 18:14:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3006580132-100186128-2252486993-1001Core.job
[2013.02.09 22:31:37 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.02.09 22:31:37 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.02.09 22:31:37 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.02.09 22:31:37 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.02.09 22:31:37 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.02.09 11:44:00 | 000,214,344 | ---- | M] () -- C:\Users\Judith\hdplugin_firefox.exe
[2013.02.08 20:42:11 | 000,001,031 | ---- | M] () -- C:\Users\Judith\Desktop\PhotoScape.lnk
[2013.02.08 16:13:48 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.02.08 16:13:48 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.02.06 20:36:05 | 000,036,352 | ---- | M] () -- C:\Users\Judith\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.02.04 10:44:20 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.02.04 10:42:40 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.02.04 10:42:38 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.02.04 10:42:32 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.02.04 10:41:56 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll
[2013.02.04 10:41:55 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.02.03 10:47:11 | 000,002,413 | ---- | M] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2013.02.03 10:46:32 | 000,000,831 | ---- | M] () -- C:\Users\Judith\Desktop\LGMobile Support Tool.lnk
[2013.01.16 11:22:15 | 013,085,120 | ---- | M] (Microsoft Corporation) -- C:\Users\Judith\Silverlight_x64.exe
[2013.01.13 21:38:22 | 000,001,066 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.02.12 10:23:51 | 000,036,680 | ---- | C] () -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2013.02.11 21:49:00 | 000,000,710 | ---- | C] () -- C:\Windows\wininit.ini
[2013.02.11 21:11:56 | 000,002,185 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
[2013.02.11 21:11:56 | 000,002,173 | ---- | C] () -- C:\Users\Public\Desktop\Spybot-S&D Start Center.lnk
[2013.02.11 20:45:47 | 000,000,000 | ---- | C] () -- C:\Users\Judith\defogger_reenable
[2013.02.11 20:44:28 | 000,050,477 | ---- | C] () -- C:\Users\Judith\Desktop\Defogger.exe
[2013.02.09 11:43:38 | 000,214,344 | ---- | C] () -- C:\Users\Judith\hdplugin_firefox.exe
[2013.02.03 10:46:32 | 000,000,831 | ---- | C] () -- C:\Users\Judith\Desktop\LGMobile Support Tool.lnk
[2013.01.13 21:38:22 | 000,001,066 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.01.11 15:27:39 | 000,260,248 | ---- | C] () -- C:\Windows\SysWow64\QMO.dll
[2013.01.11 15:27:39 | 000,092,312 | ---- | C] () -- C:\Windows\SysWow64\QMOCameraDll.dll
[2013.01.10 21:19:22 | 000,018,404 | ---- | C] () -- C:\Users\Judith\030 (2).crx
[2013.01.05 17:19:54 | 000,015,665 | ---- | C] () -- C:\Users\Judith\Robi´s Regeln
[2013.01.04 18:20:47 | 009,128,288 | ---- | C] () -- C:\Users\Judith\lg_e730_optimus_sol.pdf
[2013.01.04 11:09:26 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2013.01.04 11:09:26 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2012.12.01 12:25:02 | 000,395,405 | ---- | C] () -- C:\Users\Judith\DHL-Marke-445LRRPKS3.ps
[2012.11.22 22:40:06 | 000,000,043 | ---- | C] () -- C:\Users\Judith\gsview32.ini
[2012.11.22 22:37:55 | 000,000,043 | ---- | C] () -- C:\Users\Judith\gsview64.ini
[2012.08.05 16:15:22 | 000,095,461 | ---- | C] () -- C:\Users\Judith\Steuererklärung 2011.elfo
[2012.07.29 13:09:43 | 000,003,240 | ---- | C] () -- C:\Users\Judith\ESt2011.elfo
[2012.07.29 12:30:09 | 000,013,105 | ---- | C] () -- C:\Users\Judith\ESt2011_DAMIECKI_ROBERT_und_DAMIECKI_JUDITH.elfo
[2012.03.28 10:50:16 | 000,181,808 | ---- | C] () -- C:\Users\Judith\Damiecki-Kuendigung-2011-12-31.pdf
[2012.02.14 21:40:27 | 000,114,580 | ---- | C] () -- C:\Users\Judith\cc_20120214_214014.reg
[2012.02.05 13:57:38 | 000,015,097 | ---- | C] () -- C:\Users\Judith\Judith´s Bewerbungsunterlagen.odt
[2011.11.16 15:04:17 | 000,000,021 | ---- | C] () -- C:\Windows\progman.ini
[2011.11.16 14:58:44 | 131,084,288 | ---- | C] () -- C:\Users\Judith\DBFahrplaninfo.exe
[2011.09.27 20:19:51 | 000,082,466 | ---- | C] () -- C:\Users\Judith\Dankbar.pdf
[2011.09.19 12:49:39 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2011.09.19 12:49:39 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2011.09.07 19:11:29 | 000,286,659 | ---- | C] () -- C:\Users\Judith\Eidesstattliche Erklärung.pdf
[2011.08.29 16:34:12 | 000,000,279 | ---- | C] () -- C:\Windows\HAUSDRCKINST.INI
[2011.08.29 16:26:04 | 000,080,896 | ---- | C] () -- C:\Windows\cadkasdeinst01.exe
[2011.07.20 12:19:46 | 000,036,352 | ---- | C] () -- C:\Users\Judith\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.20 12:19:42 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011.07.05 10:27:29 | 000,000,343 | ---- | C] () -- C:\Windows\lgfwup.ini
[2011.07.02 19:05:22 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2011.07.02 19:05:22 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2011.07.02 18:53:09 | 000,025,875 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2011.07.02 18:51:39 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011.07.02 18:51:36 | 000,020,270 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2011.07.02 17:46:38 | 000,179,470 | ---- | C] () -- C:\Windows\hpoins38.dat
[2011.04.01 04:07:02 | 010,877,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2011.04.01 04:07:02 | 000,102,744 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011.04.01 04:06:56 | 000,331,608 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:F4BE8180

< End of report >
         

Habe gestern noch Spybot scannen lassen, welcher 50 Ungereimtheiten aufweiste, die ich entfernen ließ. Aber das hat nichts geändert an der Situation.

Bin mir ziemlich sicher, dass ihr noch mehr Angaben braucht, ich weiß aber nicht welche.
Manchmal bin ich etwas begriffstutzig, wäre also dankbar, wenn ihr nicht ganz so viel computerdeutsch verwendet.

Vielen Dank schonmal für die Unterstützung.

Gruß Judith

Alt 13.02.2013, 10:20   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Delta Search lässt sich nicht entfernen - Standard

Delta Search lässt sich nicht entfernen



Hallo und

Zitat:
Habe gestern noch Spybot scannen lassen, welcher 50 Ungereimtheiten aufweiste, die ich entfernen ließ. Aber das hat nichts geändert an der Situation.
Solche Angaben reichen nicht, bitte poste die vollständigen Angaben/Logs der Virenscanner siehe http://www.trojaner-board.de/125889-...tml#post941520


Bitte alles nach Möglichkeit hier in CODE-Tags posten.

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.



Also die Logs von Spybot nachreichen und Spybot anschließend deinstallieren, das Tool ist weitgehend wirkungslos...mach danach bitte bitte GMER und MBAR weiter:

Bitte nun Logs mit GMER (<<< klick für Anleitung) und MBAR (Anleitung etwas weiter unten) erstellen und posten.
GMER stürzt häufiger ab, wenn das Tool auch beim zweiten Mal nicht will, lass es einfach weg und führ nur MBAR aus.

Anleitung MBAR:

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________

__________________

Alt 13.02.2013, 19:58   #3
Lesserclown
 
Delta Search lässt sich nicht entfernen - Standard

Delta Search lässt sich nicht entfernen



Hi Cosinus

vielen Dank für deine schnelle Anleitung.

Hier die Logs von Spybot. Die GMER Logs musste ich zippen.

Code:
ATTFilter
Search results from Spybot - Search & Destroy

12.02.2013 13:17:21
Scan took 00:28:31.
23 items found.

IncrediBar: [SBI $4A0F744C] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Extension.ExtensionHelperObject

IncrediBar: [SBI $4A0F744C] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Extension.ExtensionHelperObject.1

IncrediBar: [SBI $4A0F744C] Class ID (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}

IncrediBar: [SBI $4A0F744C] Browser helper object (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}

IncrediBar: [SBI $4A0F744C] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Extension.ExtensionHelperObject.1

IncrediBar: [SBI $4A0F744C] Class ID (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}

IncrediBar: [SBI $4A0F744C] Browser helper object (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}

IncrediBar: [SBI $4A0F744C] Root class (Registry Key, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Extension.ExtensionHelperObject

Facebook.Messenger: [SBI $917BFFAB] Program directory (Directory, nothing done)
  C:\Users\Judith\AppData\Local\Facebook\
  Directory.subfile=C:\Users\Judith\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll_old
  Directory.subfile.size=175536
  Directory.subfile.md5=6AD8DB9CD0AC44811C75AA0CB4DF4AFC
  Directory.subfile.filedate=1348563942
  Directory.subfile.filedatetext=2012-09-25 10:05:42

Facebook.Messenger: [SBI $33FCC3BA] Program directory (Directory, nothing done)
  C:\Users\Judith\AppData\Local\Facebook\Messenger\
  Directory.subfile=C:\Users\Judith\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll_old
  Directory.subfile.size=175536
  Directory.subfile.md5=6AD8DB9CD0AC44811C75AA0CB4DF4AFC
  Directory.subfile.filedate=1348563942
  Directory.subfile.filedatetext=2012-09-25 10:05:42

Macromedia.FlashPlayer.Cookies: [SBI $6AA61750]  Text file (File, nothing done)
  C:\Users\Judith\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\U6GF35JU\s-assets.tp-cdn.com\dealspot.sol
  Properties.size=53
  Properties.md5=7E7F30A3176252BC8D2B775AF7975F52
  Properties.filedate=1360647876
  Properties.filedatetext=2013-02-12 06:44:36

Log: [SBI $8E73A7FB]  Install: setupact.log (File, nothing done)
  C:\Windows\setupact.log
  Properties.size=2016
  Properties.md5=479F4FBF0D24BD795629DC2033318084
  Properties.filedate=1360669854
  Properties.filedatetext=2013-02-12 12:50:53

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

Internet Explorer: [SBI $0BC7B918] User agent (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent

MS Direct3D: [SBI $7FB7B83F] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\.DEFAULT\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-21-3006580132-100186128-2252486993-1001\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS Direct3D: [SBI $C2A44980] Most recent application (Registry Change, nothing done)
  HKEY_USERS\S-1-5-18\Software\Microsoft\Direct3D\MostRecentApplication\Name

MS DirectDraw: [SBI $EB49D5AF] Most recent application (Registry Change, nothing done)
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DirectDraw\MostRecentApplication\Name

Cookie: [SBI $49804B54] Browser: Cookie (4) (Browser: Cookie, nothing done)
  

Cache: [SBI $49804B54] Browser: Cache (13) (Browser: Cache, nothing done)
  

Verlauf: [SBI $49804B54] Browser: History (4) (Browser: History, nothing done)
  

Cookie: [SBI $49804B54] Browser: Cookie (21) (Browser: Cookie, nothing done)
  


--- Spybot - Search & Destroy version: 2.0.12.131  DLL (build: 20121113) ---

2012-11-13 blindman.exe (2.0.12.151)
2012-11-13 explorer.exe (2.0.12.173)
2012-11-13 SDBootCD.exe (2.0.12.109)
2012-11-13 SDCleaner.exe (2.0.12.110)
2012-11-13 SDDelFile.exe (2.0.12.94)
2012-11-13 SDFiles.exe (2.0.12.135)
2012-11-13 SDFileScanHelper.exe (2.0.12.1)
2012-11-13 SDFSSvc.exe (2.0.12.205)
2012-11-13 SDImmunize.exe (2.0.12.130)
2012-11-13 SDLogReport.exe (2.0.12.107)
2012-11-13 SDPESetup.exe (2.0.12.3)
2012-11-13 SDPEStart.exe (2.0.12.86)
2012-11-13 SDPhoneScan.exe (2.0.12.27)
2012-11-13 SDPRE.exe (2.0.12.13)
2012-11-13 SDPrepPos.exe (2.0.12.10)
2012-11-13 SDQuarantine.exe (2.0.12.103)
2012-11-13 SDRootAlyzer.exe (2.0.12.116)
2012-11-13 SDSBIEdit.exe (2.0.12.39)
2012-11-13 SDScan.exe (2.0.12.173)
2012-11-13 SDScript.exe (2.0.12.53)
2012-11-13 SDSettings.exe (2.0.12.130)
2012-11-13 SDShred.exe (2.0.12.105)
2012-11-13 SDSysRepair.exe (2.0.12.101)
2012-11-13 SDTools.exe (2.0.12.150)
2012-11-13 SDTray.exe (2.0.12.127)
2012-11-13 SDUpdate.exe (2.0.12.89)
2012-11-13 SDUpdSvc.exe (2.0.12.76)
2012-11-13 SDWelcome.exe (2.0.12.126)
2012-11-13 SDWSCSvc.exe (2.0.12.2)
2013-02-11 unins000.exe (51.1052.0.0)
1999-12-02 xcacls.exe
2012-08-23 borlndmm.dll (10.0.2288.42451)
2012-09-05 DelZip190.dll (1.9.0.107)
2012-09-10 libeay32.dll (1.0.0.4)
2012-09-10 libssl32.dll (1.0.0.4)
2012-11-13 SDAdvancedCheckLibrary.dll (2.0.12.98)
2012-11-13 SDECon32.dll (2.0.12.113)
2012-11-13 SDECon64.dll (2.0.12.113)
2012-11-13 SDEvents.dll (2.0.12.2)
2012-11-13 SDFileScanLibrary.dll (2.0.12.9)
2012-11-13 SDHelper.dll (2.0.12.88)
2012-11-13 SDImmunizeLibrary.dll (2.0.12.2)
2012-11-13 SDLists.dll (2.0.12.4)
2012-11-13 SDResources.dll (2.0.12.7)
2012-11-13 SDScanLibrary.dll (2.0.12.131)
2012-11-13 SDTasks.dll (2.0.12.15)
2012-11-13 SDWinLogon.dll (2.0.12.0)
2012-08-23 sqlite3.dll
2012-09-10 ssleay32.dll (1.0.0.4)
2012-11-13 Tools.dll (2.0.12.36)
2012-11-13 UninsSrv.dll (2.0.12.52)
2012-11-14 Includes\Adware.sbi (*)
2012-11-14 Includes\AdwareC.sbi (*)
2010-08-13 Includes\Cookies.sbi (*)
2012-11-14 Includes\Dialer.sbi (*)
2012-11-14 Includes\DialerC.sbi (*)
2012-11-14 Includes\HeavyDuty.sbi (*)
2012-11-14 Includes\Hijackers.sbi (*)
2012-11-14 Includes\HijackersC.sbi (*)
2012-11-14 Includes\iPhone.sbi (*)
2012-11-14 Includes\Keyloggers.sbi (*)
2012-11-14 Includes\KeyloggersC.sbi (*)
2012-11-14 Includes\Malware.sbi (*)
2012-11-14 Includes\MalwareC.sbi (*)
2012-11-14 Includes\PUPS.sbi (*)
2012-11-14 Includes\PUPSC.sbi (*)
2012-11-14 Includes\Security.sbi (*)
2012-11-14 Includes\SecurityC.sbi (*)
2008-06-03 Includes\Spybots.sbi (*)
2008-06-03 Includes\SpybotsC.sbi (*)
2012-11-14 Includes\Spyware.sbi (*)
2012-11-14 Includes\SpywareC.sbi (*)
2011-06-07 Includes\Tracks.sbi (*)
2005-02-17 Includes\Tracks.uti (*)
2012-11-14 Includes\Trojans.sbi (*)
2012-11-14 Includes\TrojansC-02.sbi (*)
2012-11-14 Includes\TrojansC-03.sbi (*)
2012-11-14 Includes\TrojansC-04.sbi (*)
2012-11-14 Includes\TrojansC-05.sbi (*)
2012-11-14 Includes\TrojansC.sbi (*)
         



Habe mbar scannen lassen, hat aber keine Malware gefunden.
Hoffe, es ist alles richtig so
__________________

Alt 14.02.2013, 10:14   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Delta Search lässt sich nicht entfernen - Standard

Delta Search lässt sich nicht entfernen



Zitat:
Habe mbar scannen lassen, hat aber keine Malware gefunden.
Die Logs der von mir angeforderten Tools bitte immer posten, egal ob Fund oder kein Fund
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 14.02.2013, 11:14   #5
Lesserclown
 
Delta Search lässt sich nicht entfernen - Standard

Delta Search lässt sich nicht entfernen



Code:
ATTFilter
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1020

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 9.0.8112.16421

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 2.499000 GHz
Memory total: 4225798144, free: 2262704128

------------ Kernel report ------------
     02/12/2013 10:23:55
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\vmbus.sys
\SystemRoot\system32\drivers\winhv.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\ASACPI.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\aswSnx.SYS
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\Drivers\nvBridge.kmd
\SystemRoot\System32\Drivers\aswKbd.SYS
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\System32\Drivers\aswTdi.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\Drivers\aswrdr2.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\SysWOW64\drivers\Afc.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\drivers\tpm.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\lgbtbs64.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\lgvmdm64.sys
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\DRIVERS\lgbtpt64.sys
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\viahduaa.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\System32\Drivers\aswSP.SYS
\SystemRoot\SysWow64\drivers\AsUpIO.sys
\SystemRoot\SysWow64\drivers\AsIO.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\LEqdUsb.Sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\LHidEqd.Sys
\SystemRoot\system32\DRIVERS\LHidFilt.Sys
\SystemRoot\system32\DRIVERS\LMouFilt.Sys
\SystemRoot\system32\DRIVERS\cmiucr_x64.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\aswMonFlt.sys
\SystemRoot\System32\Drivers\aswFsBlk.SYS
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\system32\DRIVERS\e1k62x64.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk5\DR5
Upper Device Object: 0xfffffa8005230790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000009c\
Lower Device Object: 0xfffffa800524ed90
Lower Device Driver Name: \Driver\CMIUCR\
Driver name found: CMIUCR
Load Function returned 0xc0000001
<<<1>>>
Upper Device Name: \Device\Harddisk4\DR4
Upper Device Object: 0xfffffa800522f790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000009b\
Lower Device Object: 0xfffffa80051b7060
Lower Device Driver Name: \Driver\CMIUCR\
Driver name found: CMIUCR
Load Function returned 0xc0000001
<<<1>>>
Upper Device Name: \Device\Harddisk3\DR3
Upper Device Object: 0xfffffa8005235790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000009a\
Lower Device Object: 0xfffffa8005235060
Lower Device Driver Name: \Driver\CMIUCR\
Driver name found: CMIUCR
Load Function returned 0xc0000001
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xfffffa80051f3790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000090\
Lower Device Object: 0xfffffa80051a6780
Lower Device Driver Name: \Driver\CMIUCR\
Driver name found: CMIUCR
Load Function returned 0xc0000001
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa800452b060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP1T0L0-1\
Lower Device Object: 0xfffffa800401d060
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
Initialization returned 0x0
Port sub-driver loaded: \??\C:\Windows\System32\drivers\ataport.sys (0x0)
Load Function returned 0x0
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa800452a060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\
Lower Device Object: 0xfffffa8004018060
Lower Device Driver Name: \Driver\atapi\
Driver name found: atapi
Downloaded database version: v2013.02.12.04
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1020

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 9.0.8112.16421

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 2.499000 GHz
Memory total: 4225798144, free: 2266312704

------------ Kernel report ------------
     02/13/2013 20:15:27
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\system32\drivers\pciide.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\vmbus.sys
\SystemRoot\system32\drivers\winhv.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\DRIVERS\disk.sys
\SystemRoot\system32\DRIVERS\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\ASACPI.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\parport.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\aswSnx.SYS
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\Drivers\nvBridge.kmd
\SystemRoot\System32\Drivers\aswKbd.SYS
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\HDAudBus.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\usbuhci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\System32\Drivers\aswTdi.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\Drivers\aswrdr2.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\drivers\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\drivers\mssmbios.sys
\SystemRoot\SysWOW64\drivers\Afc.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\drivers\tpm.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\drivers\swenum.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\DRIVERS\lgbtbs64.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\lgvmdm64.sys
\SystemRoot\system32\drivers\modem.sys
\SystemRoot\system32\DRIVERS\lgbtpt64.sys
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\viahduaa.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\System32\Drivers\aswSP.SYS
\SystemRoot\SysWow64\drivers\AsUpIO.sys
\SystemRoot\SysWow64\drivers\AsIO.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\LEqdUsb.Sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\LHidEqd.Sys
\SystemRoot\system32\DRIVERS\LHidFilt.Sys
\SystemRoot\system32\DRIVERS\LMouFilt.Sys
\SystemRoot\system32\DRIVERS\cmiucr_x64.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_atapi.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\drivers\luafv.sys
\??\C:\Windows\system32\drivers\aswMonFlt.sys
\SystemRoot\System32\Drivers\aswFsBlk.SYS
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\system32\DRIVERS\e1k62x64.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\??\C:\Users\Judith\AppData\Local\Temp\fwdiqpod.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\mbamswissarmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------
<<<1>>>
Upper Device Name: \Device\Harddisk5\DR5
Upper Device Object: 0xfffffa8005230790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000009c\
Lower Device Object: 0xfffffa800524ed90
Lower Device Driver Name: \Driver\CMIUCR\
Driver name found: CMIUCR
Load Function returned 0xc0000001
<<<1>>>
Upper Device Name: \Device\Harddisk4\DR4
Upper Device Object: 0xfffffa800522f790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000009b\
Lower Device Object: 0xfffffa80051b7060
Lower Device Driver Name: \Driver\CMIUCR\
Driver name found: CMIUCR
Load Function returned 0xc0000001
<<<1>>>
Upper Device Name: \Device\Harddisk3\DR3
Upper Device Object: 0xfffffa8005235790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\0000009a\
Lower Device Object: 0xfffffa8005235060
Lower Device Driver Name: \Driver\CMIUCR\
Driver name found: CMIUCR
Load Function returned 0xc0000001
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xfffffa80051f3790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\00000090\
Lower Device Object: 0xfffffa80051a6780
Lower Device Driver Name: \Driver\CMIUCR\
Driver name found: CMIUCR
Load Function returned 0xc0000001
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa800452b060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP1T0L0-1\
Lower Device Object: 0xfffffa800401d060
Lower Device Driver Name: \Driver\atapi\
Device already Exists: 0xfffffa8003a63900
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa800452a060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\
Lower Device Object: 0xfffffa8004018060
Lower Device Driver Name: \Driver\atapi\
Device already Exists: 0xfffffa8006d685a0
Downloaded database version: v2013.02.12.05
Downloaded database version: v2013.02.12.06
Downloaded database version: v2013.02.12.07
Downloaded database version: v2013.02.12.08
Downloaded database version: v2013.02.12.09
Downloaded database version: v2013.02.12.10
Downloaded database version: v2013.02.13.01
Downloaded database version: v2013.02.13.02
Downloaded database version: v2013.02.13.03
Downloaded database version: v2013.02.13.04
Downloaded database version: v2013.02.13.05
Downloaded database version: v2013.02.13.06
Downloaded database version: v2013.02.13.07
Downloaded database version: v2013.02.13.08
Initializing...
Done!
<<<2>>>
Device number: 0, partition: 2
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa800452a060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800452ab20, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800452a060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80040569b0, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa8004018060, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0xfffff8a011667380, 0xfffffa800452a060, 0xfffffa80050f0230
Lower DeviceData: 0xfffff8a003770220, 0xfffffa8004018060, 0xfffffa8006d685a0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 13F513F4

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 206848  Numsec = 511795200

    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 512002048  Numsec = 464769024

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa800452b060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800452bb20, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800452b060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80040bfe40, DeviceName: Unknown, DriverName: \Driver\ACPI\
DevicePointer: 0xfffffa800401d060, DeviceName: \Device\Ide\IdeDeviceP1T0L0-1\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0xfffff8a012ddf160, 0xfffffa800452b060, 0xfffffa80051c7790
Lower DeviceData: 0xfffff8a001895a80, 0xfffffa800401d060, 0xfffffa8003a63900
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: D294D294

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 488375937
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 250059350016 bytes
Sector size: 512 bytes

Physical Sector Size: 0
Drive: 2, DevicePointer: 0xfffffa80051f3790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80051dc040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80051f3790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80051a6780, DeviceName: \Device\00000090\, DriverName: \Driver\CMIUCR\
------------ End ----------
Physical Sector Size: 0
Drive: 3, DevicePointer: 0xfffffa8005235790, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800521a040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005235790, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8005235060, DeviceName: \Device\0000009a\, DriverName: \Driver\CMIUCR\
------------ End ----------
Physical Sector Size: 0
Drive: 4, DevicePointer: 0xfffffa800522f790, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80051c2040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800522f790, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80051b7060, DeviceName: \Device\0000009b\, DriverName: \Driver\CMIUCR\
------------ End ----------
Physical Sector Size: 0
Drive: 5, DevicePointer: 0xfffffa8005230790, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8005029b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005230790, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800524ed90, DeviceName: \Device\0000009c\, DriverName: \Driver\CMIUCR\
------------ End ----------
Done!
Performing system, memory and registry scan...
Done!
Scan finished
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning directory: C:\Windows\system32\drivers...
<<<2>>>
Device number: 0, partition: 2
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 13F513F4

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 206848  Numsec = 511795200

    Partition 2 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 512002048  Numsec = 464769024

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-976753168-976773168)...
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: D294D294

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 63  Numsec = 488375937
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 250059350016 bytes
Sector size: 512 bytes

Physical Sector Size: 0
Drive: 2, DevicePointer: 0xfffffa80051f3790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80051dc040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa80051f3790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80051a6780, DeviceName: \Device\00000090\, DriverName: \Driver\CMIUCR\
------------ End ----------
Physical Sector Size: 0
Drive: 3, DevicePointer: 0xfffffa8005235790, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800521a040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005235790, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa8005235060, DeviceName: \Device\0000009a\, DriverName: \Driver\CMIUCR\
------------ End ----------
Physical Sector Size: 0
Drive: 4, DevicePointer: 0xfffffa800522f790, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa80051c2040, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800522f790, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa80051b7060, DeviceName: \Device\0000009b\, DriverName: \Driver\CMIUCR\
------------ End ----------
Physical Sector Size: 0
Drive: 5, DevicePointer: 0xfffffa8005230790, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa8005029b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa8005230790, DeviceName: \Device\Harddisk5\DR5\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800524ed90, DeviceName: \Device\0000009c\, DriverName: \Driver\CMIUCR\
------------ End ----------
Done!
Performing system, memory and registry scan...
Done!
Scan finished
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.01.0.1020

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 9.0.8112.16421

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 2.499000 GHz
Memory total: 4225798144, free: 3092811776

=======================================
         


Alt 14.02.2013, 12:12   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Delta Search lässt sich nicht entfernen - Standard

Delta Search lässt sich nicht entfernen



Das ist das falsche Log, bitte die Anleitungen sorgfältiger lesen und umsetzen
__________________
--> Delta Search lässt sich nicht entfernen

Alt 14.02.2013, 16:16   #7
Lesserclown
 
Delta Search lässt sich nicht entfernen - Standard

Delta Search lässt sich nicht entfernen



Entschuldige, war zu voreilig.

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.01.0.1020
www.malwarebytes.org

Database version: v2013.02.13.08

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Judith :: JUDITH-PC [administrator]

13.02.2013 20:30:41
mbar-log-2013-02-13 (20-30-41).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled: 
Objects scanned: 31266
Time elapsed: 14 minute(s), 38 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
         

Alt 14.02.2013, 16:21   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Delta Search lässt sich nicht entfernen - Standard

Delta Search lässt sich nicht entfernen



aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).




TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 15.02.2013, 12:31   #9
Lesserclown
 
Delta Search lässt sich nicht entfernen - Standard

Delta Search lässt sich nicht entfernen



Code:
ATTFilter
aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-02-15 10:58:06
-----------------------------
10:58:06.429    OS Version: Windows x64 6.1.7601 Service Pack 1
10:58:06.429    Number of processors: 2 586 0x170A
10:58:06.429    ComputerName: JUDITH-PC  UserName: Judith
10:58:22.325    Initialize success
10:58:22.481    AVAST engine defs: 13021400
10:58:29.611    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
10:58:29.611    Disk 0 Vendor: WDC_WD5000AADS-00S9B0 01.00A01 Size: 476940MB BusType: 3
10:58:29.626    Disk 1  \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP1T0L0-1
10:58:29.626    Disk 1 Vendor: ST3250823AS 3.03 Size: 238475MB BusType: 3
10:58:29.704    Disk 0 MBR read successfully
10:58:29.704    Disk 0 MBR scan
10:58:29.704    Disk 0 Windows 7 default MBR code
10:58:29.735    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
10:58:29.829    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       249900 MB offset 206848
10:58:29.860    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       226938 MB offset 512002048
10:58:31.420    Disk 0 scanning C:\Windows\system32\drivers
10:59:50.273    Service scanning
11:00:55.950    Modules scanning
11:00:56.496    Disk 0 trace - called modules:
11:00:56.527    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys 
11:00:56.527    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800455a060]
11:00:56.543    3 CLASSPNP.SYS[fffff880013bc43f] -> nt!IofCallDriver -> [0xfffffa8004421520]
11:00:56.543    5 ACPI.sys[fffff88000f167a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8004038060]
11:00:57.541    AVAST engine scan C:\Windows
11:01:08.586    AVAST engine scan C:\Windows\system32
11:06:02.103    AVAST engine scan C:\Windows\system32\drivers
11:06:57.545    AVAST engine scan C:\Users\Judith
11:14:46.139    AVAST engine scan C:\ProgramData
11:16:32.484    Scan finished successfully
13:13:43.516    Disk 0 MBR has been saved successfully to "C:\Users\Judith\Desktop\MBR.dat"
13:13:43.516    The log file has been saved successfully to "C:\Users\Judith\Desktop\aswMBR.txt"
         

Code:
ATTFilter
13:17:50.0277 4256  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
13:17:51.0421 4256  ============================================================
13:17:51.0421 4256  Current date / time: 2013/02/15 13:17:51.0421
13:17:51.0421 4256  SystemInfo:
13:17:51.0421 4256  
13:17:51.0421 4256  OS Version: 6.1.7601 ServicePack: 1.0
13:17:51.0421 4256  Product type: Workstation
13:17:51.0421 4256  ComputerName: JUDITH-PC
13:17:51.0422 4256  UserName: Judith
13:17:51.0422 4256  Windows directory: C:\Windows
13:17:51.0422 4256  System windows directory: C:\Windows
13:17:51.0422 4256  Running under WOW64
13:17:51.0422 4256  Processor architecture: Intel x64
13:17:51.0422 4256  Number of processors: 2
13:17:51.0422 4256  Page size: 0x1000
13:17:51.0422 4256  Boot type: Normal boot
13:17:51.0422 4256  ============================================================
13:18:24.0808 4256  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0x38080, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
13:18:24.0838 4256  Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:18:24.0880 4256  ============================================================
13:18:24.0880 4256  \Device\Harddisk0\DR0:
13:18:24.0917 4256  MBR partitions:
13:18:24.0918 4256  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
13:18:24.0918 4256  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1E816000
13:18:24.0918 4256  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1E848800, BlocksNum 0x1BB3D000
13:18:24.0918 4256  \Device\Harddisk1\DR1:
13:18:24.0938 4256  MBR partitions:
13:18:24.0938 4256  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681
13:18:24.0938 4256  ============================================================
13:18:26.0050 4256  C: <-> \Device\Harddisk0\DR0\Partition2
13:18:26.0067 4256  D: <-> \Device\Harddisk1\DR1\Partition1
13:18:26.0270 4256  E: <-> \Device\Harddisk0\DR0\Partition3
13:18:26.0270 4256  ============================================================
13:18:26.0270 4256  Initialize success
13:18:26.0270 4256  ============================================================
13:19:02.0707 3296  ============================================================
13:19:02.0707 3296  Scan started
13:19:02.0707 3296  Mode: Manual; 
13:19:02.0707 3296  ============================================================
13:19:05.0074 3296  ================ Scan system memory ========================
13:19:05.0074 3296  System memory - ok
13:19:05.0077 3296  ================ Scan services =============================
13:19:11.0870 3296  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
13:19:11.0890 3296  1394ohci - ok
13:19:12.0249 3296  [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
13:19:12.0264 3296  ACDaemon - ok
13:19:13.0783 3296  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
13:19:13.0977 3296  ACPI - ok
13:19:14.0320 3296  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
13:19:14.0331 3296  AcpiPmi - ok
13:19:14.0493 3296  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:19:14.0505 3296  AdobeARMservice - ok
13:19:18.0222 3296  [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:19:18.0244 3296  AdobeFlashPlayerUpdateSvc - ok
13:19:18.0577 3296  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
13:19:18.0953 3296  adp94xx - ok
13:19:20.0518 3296  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
13:19:20.0547 3296  adpahci - ok
13:19:20.0603 3296  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
13:19:20.0689 3296  adpu320 - ok
13:19:20.0762 3296  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
13:19:20.0763 3296  AeLookupSvc - ok
13:19:22.0382 3296  [ 6CCD1135320109D6B219F1A6E04AD9F6 ] Afc             C:\Windows\syswow64\drivers\Afc.sys
13:19:22.0424 3296  Afc - ok
13:19:22.0646 3296  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
13:19:22.0659 3296  AFD - ok
13:19:22.0722 3296  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
13:19:22.0745 3296  agp440 - ok
13:19:23.0388 3296  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
13:19:23.0389 3296  ALG - ok
13:19:24.0091 3296  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
13:19:24.0107 3296  aliide - ok
13:19:24.0136 3296  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
13:19:24.0154 3296  amdide - ok
13:19:24.0283 3296  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
13:19:24.0299 3296  AmdK8 - ok
13:19:24.0326 3296  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
13:19:24.0342 3296  AmdPPM - ok
13:19:24.0420 3296  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
13:19:24.0438 3296  amdsata - ok
13:19:24.0699 3296  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
13:19:25.0084 3296  amdsbs - ok
13:19:25.0693 3296  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
13:19:26.0576 3296  amdxata - ok
13:19:26.0795 3296  Andbus - ok
13:19:26.0824 3296  AndDiag - ok
13:19:26.0859 3296  AndGps - ok
13:19:26.0876 3296  ANDModem - ok
13:19:26.0888 3296  androidusb - ok
13:19:27.0007 3296  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
13:19:27.0030 3296  AppID - ok
13:19:27.0111 3296  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
13:19:27.0112 3296  AppIDSvc - ok
13:19:27.0172 3296  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
13:19:27.0173 3296  Appinfo - ok
13:19:28.0759 3296  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:19:28.0780 3296  Apple Mobile Device - ok
13:19:30.0415 3296  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
13:19:30.0432 3296  AppMgmt - ok
13:19:30.0552 3296  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
13:19:30.0573 3296  arc - ok
13:19:30.0612 3296  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
13:19:30.0625 3296  arcsas - ok
13:19:30.0752 3296  [ A82C01606DC27D05D9D3BFB6BB807E32 ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
13:19:30.0764 3296  AsIO - ok
13:19:30.0807 3296  [ 26D66E32E78D3059715B3A17BC679CD9 ] AsUpIO          C:\Windows\syswow64\drivers\AsUpIO.sys
13:19:30.0819 3296  AsUpIO - ok
13:19:32.0150 3296  [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
13:19:32.0169 3296  aswFsBlk - ok
13:19:32.0371 3296  [ 316271CC32FDFFFCDB30677684906D5E ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
13:19:32.0387 3296  aswKbd - ok
13:19:33.0415 3296  [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
13:19:33.0931 3296  aswMonFlt - ok
13:19:34.0721 3296  [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
13:19:34.0736 3296  aswRdr - ok
13:19:35.0851 3296  [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
13:19:36.0242 3296  aswSnx - ok
13:19:36.0874 3296  [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
13:19:36.0894 3296  aswSP - ok
13:19:37.0001 3296  [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
13:19:37.0002 3296  aswTdi - ok
13:19:37.0067 3296  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
13:19:37.0083 3296  AsyncMac - ok
13:19:37.0133 3296  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
13:19:37.0134 3296  atapi - ok
13:19:38.0983 3296  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:19:38.0998 3296  AudioEndpointBuilder - ok
13:19:39.0035 3296  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
13:19:39.0039 3296  AudioSrv - ok
13:19:39.0308 3296  [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
13:19:39.0309 3296  avast! Antivirus - ok
13:19:39.0379 3296  avast! Firewall - ok
13:19:41.0507 3296  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
13:19:41.0509 3296  AxInstSV - ok
13:19:41.0818 3296  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
13:19:41.0917 3296  b06bdrv - ok
13:19:42.0024 3296  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
13:19:42.0098 3296  b57nd60a - ok
13:19:43.0701 3296  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
13:19:43.0748 3296  BDESVC - ok
13:19:43.0830 3296  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
13:19:43.0907 3296  Beep - ok
13:19:45.0774 3296  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
13:19:45.0812 3296  BFE - ok
13:19:46.0017 3296  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
13:19:46.0040 3296  BITS - ok
13:19:46.0128 3296  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
13:19:46.0938 3296  blbdrive - ok
13:19:48.0500 3296  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:19:48.0518 3296  Bonjour Service - ok
13:19:48.0629 3296  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
13:19:48.0645 3296  bowser - ok
13:19:48.0850 3296  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:19:49.0234 3296  BrFiltLo - ok
13:19:49.0607 3296  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:19:50.0112 3296  BrFiltUp - ok
13:19:50.0273 3296  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
13:19:50.0316 3296  Browser - ok
13:19:50.0363 3296  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
13:19:50.0394 3296  Brserid - ok
13:19:50.0434 3296  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
13:19:50.0471 3296  BrSerWdm - ok
13:19:50.0549 3296  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
13:19:50.0566 3296  BrUsbMdm - ok
13:19:51.0127 3296  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
13:19:51.0329 3296  BrUsbSer - ok
13:19:52.0095 3296  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
13:19:52.0126 3296  BTHMODEM - ok
13:19:52.0249 3296  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
13:19:52.0250 3296  bthserv - ok
13:19:52.0329 3296  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
13:19:52.0350 3296  cdfs - ok
13:19:52.0497 3296  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
13:19:53.0545 3296  cdrom - ok
13:19:54.0635 3296  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
13:19:54.0636 3296  CertPropSvc - ok
13:19:54.0731 3296  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
13:19:54.0743 3296  circlass - ok
13:19:54.0853 3296  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
13:19:54.0867 3296  CLFS - ok
13:19:56.0261 3296  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:19:56.0657 3296  clr_optimization_v2.0.50727_32 - ok
13:19:56.0897 3296  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:19:56.0917 3296  clr_optimization_v2.0.50727_64 - ok
13:19:58.0438 3296  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:19:58.0453 3296  clr_optimization_v4.0.30319_32 - ok
13:19:58.0723 3296  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:19:58.0745 3296  clr_optimization_v4.0.30319_64 - ok
13:20:00.0441 3296  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
13:20:00.0445 3296  CmBatt - ok
13:20:00.0964 3296  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
13:20:00.0975 3296  cmdide - ok
13:20:01.0144 3296  [ 2C32E2AA8DEE735B5AF2967C31BF5785 ] CMIUCR          C:\Windows\system32\DRIVERS\cmiucr_x64.SYS
13:20:01.0158 3296  CMIUCR - ok
13:20:01.0305 3296  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
13:20:01.0320 3296  CNG - ok
13:20:01.0351 3296  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
13:20:01.0361 3296  Compbatt - ok
13:20:01.0982 3296  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
13:20:02.0173 3296  CompositeBus - ok
13:20:02.0690 3296  COMSysApp - ok
13:20:02.0725 3296  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
13:20:02.0726 3296  crcdisk - ok
13:20:02.0832 3296  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
13:20:02.0844 3296  CryptSvc - ok
13:20:03.0015 3296  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
13:20:03.0037 3296  CSC - ok
13:20:04.0557 3296  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
13:20:04.0599 3296  CscService - ok
13:20:04.0752 3296  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
13:20:04.0761 3296  DcomLaunch - ok
13:20:04.0954 3296  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
13:20:04.0973 3296  defragsvc - ok
13:20:06.0645 3296  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
13:20:06.0801 3296  DfsC - ok
13:20:07.0312 3296  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
13:20:07.0334 3296  Dhcp - ok
13:20:07.0390 3296  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
13:20:07.0404 3296  discache - ok
13:20:08.0361 3296  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
13:20:08.0553 3296  Disk - ok
13:20:08.0654 3296  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
13:20:08.0675 3296  Dnscache - ok
13:20:08.0827 3296  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
13:20:08.0849 3296  dot3svc - ok
13:20:08.0974 3296  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
13:20:09.0344 3296  Dot4 - ok
13:20:10.0279 3296  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\drivers\Dot4Prt.sys
13:20:10.0280 3296  Dot4Print - ok
13:20:10.0339 3296  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
13:20:10.0340 3296  dot4usb - ok
13:20:10.0418 3296  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
13:20:10.0431 3296  DPS - ok
13:20:10.0499 3296  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
13:20:10.0500 3296  drmkaud - ok
13:20:11.0247 3296  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
13:20:11.0640 3296  DXGKrnl - ok
13:20:12.0279 3296  [ 0441D427C0625C326EBFE26A9C95D76C ] e1kexpress      C:\Windows\system32\DRIVERS\e1k62x64.sys
13:20:12.0281 3296  e1kexpress - ok
13:20:12.0345 3296  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
13:20:12.0347 3296  EapHost - ok
13:20:14.0890 3296  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
13:20:14.0950 3296  ebdrv - ok
13:20:14.0984 3296  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
13:20:14.0986 3296  EFS - ok
13:20:16.0547 3296  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
13:20:16.0554 3296  ehRecvr - ok
13:20:16.0611 3296  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
13:20:16.0623 3296  ehSched - ok
13:20:16.0866 3296  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
13:20:16.0885 3296  elxstor - ok
13:20:16.0946 3296  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
13:20:16.0947 3296  ErrDev - ok
13:20:18.0621 3296  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
13:20:18.0629 3296  EventSystem - ok
13:20:18.0668 3296  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
13:20:18.0685 3296  exfat - ok
13:20:18.0734 3296  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
13:20:18.0751 3296  fastfat - ok
13:20:18.0998 3296  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
13:20:19.0017 3296  Fax - ok
13:20:19.0252 3296  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
13:20:19.0253 3296  fdc - ok
13:20:20.0487 3296  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
13:20:20.0489 3296  fdPHost - ok
13:20:21.0153 3296  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
13:20:21.0155 3296  FDResPub - ok
13:20:21.0309 3296  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
13:20:21.0328 3296  FileInfo - ok
13:20:21.0388 3296  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
13:20:21.0389 3296  Filetrace - ok
13:20:21.0458 3296  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
13:20:21.0479 3296  flpydisk - ok
13:20:21.0509 3296  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
13:20:21.0512 3296  FltMgr - ok
13:20:21.0854 3296  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
13:20:22.0647 3296  FontCache - ok
13:20:23.0052 3296  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:20:23.0054 3296  FontCache3.0.0.0 - ok
13:20:23.0077 3296  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
13:20:23.0115 3296  FsDepends - ok
13:20:23.0153 3296  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
13:20:23.0155 3296  Fs_Rec - ok
13:20:23.0244 3296  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
13:20:23.0252 3296  fvevol - ok
13:20:23.0290 3296  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
13:20:23.0291 3296  gagp30kx - ok
13:20:23.0946 3296  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:20:24.0134 3296  GEARAspiWDM - ok
13:20:25.0103 3296  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
13:20:25.0132 3296  gpsvc - ok
13:20:27.0738 3296  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:20:27.0756 3296  gupdate - ok
13:20:27.0845 3296  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
13:20:27.0846 3296  gupdatem - ok
13:20:28.0520 3296  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
13:20:29.0165 3296  gusvc - ok
13:20:29.0347 3296  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
13:20:29.0348 3296  hcw85cir - ok
13:20:29.0574 3296  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:20:29.0612 3296  HdAudAddService - ok
13:20:29.0674 3296  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
13:20:29.0676 3296  HDAudBus - ok
13:20:29.0765 3296  [ E91AFF2610114CCAEBB90D4D991BB6B2 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
13:20:29.0780 3296  HECIx64 - ok
13:20:29.0823 3296  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
13:20:29.0824 3296  HidBatt - ok
13:20:29.0871 3296  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
13:20:29.0872 3296  HidBth - ok
13:20:29.0906 3296  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
13:20:29.0907 3296  HidIr - ok
13:20:29.0940 3296  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
13:20:29.0942 3296  hidserv - ok
13:20:30.0103 3296  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
13:20:30.0104 3296  HidUsb - ok
13:20:30.0160 3296  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
13:20:30.0162 3296  hkmsvc - ok
13:20:30.0209 3296  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:20:30.0225 3296  HomeGroupListener - ok
13:20:30.0254 3296  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:20:30.0259 3296  HomeGroupProvider - ok
13:20:30.0510 3296  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
13:20:30.0528 3296  hpqcxs08 - ok
13:20:30.0579 3296  [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
13:20:30.0591 3296  hpqddsvc - ok
13:20:30.0633 3296  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
13:20:30.0634 3296  HpSAMD - ok
13:20:30.0834 3296  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
13:20:30.0859 3296  HTTP - ok
13:20:30.0892 3296  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
13:20:30.0893 3296  hwpolicy - ok
13:20:31.0014 3296  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
13:20:31.0015 3296  i8042prt - ok
13:20:31.0058 3296  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
13:20:31.0075 3296  iaStorV - ok
13:20:31.0261 3296  [ 0C88EA9A724D2512E05BAE6F73D02040 ] IB Updater      C:\Program Files\IB Updater\ExtensionUpdaterService.exe
13:20:31.0262 3296  IB Updater - ok
13:20:31.0349 3296  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:20:31.0371 3296  idsvc - ok
13:20:31.0418 3296  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
13:20:31.0419 3296  iirsp - ok
13:20:33.0678 3296  [ 755519F49906B73C1FE9CBBF75E347EA ] IJPLMSVC        C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
13:20:33.0695 3296  IJPLMSVC - ok
13:20:33.0749 3296  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
13:20:33.0846 3296  IKEEXT - ok
13:20:33.0867 3296  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
13:20:33.0868 3296  intelide - ok
13:20:33.0917 3296  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
13:20:33.0931 3296  intelppm - ok
13:20:33.0969 3296  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
13:20:33.0971 3296  IPBusEnum - ok
13:20:34.0011 3296  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:20:34.0039 3296  IpFilterDriver - ok
13:20:34.0085 3296  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
13:20:34.0702 3296  iphlpsvc - ok
13:20:35.0472 3296  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
13:20:35.0473 3296  IPMIDRV - ok
13:20:35.0651 3296  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
13:20:35.0652 3296  IPNAT - ok
13:20:35.0804 3296  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
13:20:35.0826 3296  iPod Service - ok
13:20:35.0850 3296  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
13:20:35.0851 3296  IRENUM - ok
13:20:35.0875 3296  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
13:20:35.0876 3296  isapnp - ok
13:20:35.0921 3296  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
13:20:35.0942 3296  iScsiPrt - ok
13:20:36.0076 3296  [ DED87077CD0207BFE6E5CA65802506A1 ] ITDirectorService C:\Program Files (x86)\Intel\IntelITDirector\itdirectorservice.exe
13:20:36.0092 3296  ITDirectorService - ok
13:20:37.0464 3296  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
13:20:38.0582 3296  kbdclass - ok
13:20:39.0171 3296  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
13:20:39.0172 3296  kbdhid - ok
13:20:39.0728 3296  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
13:20:39.0731 3296  KeyIso - ok
13:20:39.0930 3296  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
13:20:39.0931 3296  KSecDD - ok
13:20:39.0975 3296  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
13:20:39.0977 3296  KSecPkg - ok
13:20:40.0030 3296  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
13:20:40.0031 3296  ksthunk - ok
13:20:40.0110 3296  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
13:20:40.0130 3296  KtmRm - ok
13:20:40.0157 3296  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
13:20:40.0179 3296  LanmanServer - ok
13:20:40.0214 3296  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:20:40.0229 3296  LanmanWorkstation - ok
13:20:41.0677 3296  [ 7772DFAB22611050B79504E671B06E6E ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
13:20:41.0682 3296  LBTServ - ok
13:20:41.0766 3296  [ ED7EC050CD6C20E1A93A4DAFB7EFD14D ] LEqdUsb         C:\Windows\system32\DRIVERS\LEqdUsb.Sys
13:20:41.0768 3296  LEqdUsb - ok
13:20:41.0833 3296  [ 174803F2EEA3B22165DFE0E5A1F20685 ] LgBttPort       C:\Windows\system32\DRIVERS\lgbtpt64.sys
13:20:41.0835 3296  LgBttPort - ok
13:20:41.0870 3296  [ 565F93BB7C0361E61B3DAEA670C354D6 ] lgbusenum       C:\Windows\system32\DRIVERS\lgbtbs64.sys
13:20:41.0872 3296  lgbusenum - ok
13:20:41.0897 3296  [ ABF477857B7CED873362EC92C6CE10A7 ] LGVMODEM        C:\Windows\system32\DRIVERS\lgvmdm64.sys
13:20:41.0898 3296  LGVMODEM - ok
13:20:41.0929 3296  [ 3267BC698E29474A8381E68904EB0390 ] LHidEqd         C:\Windows\system32\DRIVERS\LHidEqd.Sys
13:20:41.0930 3296  LHidEqd - ok
13:20:41.0969 3296  [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
13:20:41.0971 3296  LHidFilt - ok
13:20:42.0004 3296  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
13:20:42.0005 3296  lltdio - ok
13:20:42.0025 3296  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
13:20:42.0030 3296  lltdsvc - ok
13:20:42.0068 3296  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
13:20:42.0070 3296  lmhosts - ok
13:20:42.0091 3296  [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
13:20:42.0093 3296  LMouFilt - ok
13:20:42.0514 3296  [ 2763A02188FFB04287F5034EC5B6B451 ] LMS             C:\Program Files (x86)\Intel\AMT\LMS.exe
13:20:42.0709 3296  LMS - ok
13:20:43.0447 3296  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
13:20:43.0620 3296  LSI_FC - ok
13:20:43.0825 3296  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
13:20:43.0826 3296  LSI_SAS - ok
13:20:43.0865 3296  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:20:43.0866 3296  LSI_SAS2 - ok
13:20:43.0901 3296  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:20:43.0902 3296  LSI_SCSI - ok
13:20:43.0923 3296  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
13:20:43.0925 3296  luafv - ok
13:20:44.0069 3296  [ 29C733E1DE824670DC9315CFC9BDBCD3 ] LUsbFilt        C:\Windows\system32\Drivers\LUsbFilt.Sys
13:20:44.0070 3296  LUsbFilt - ok
13:20:45.0488 3296  [ EDF73BFA1BD24D74D1D64DC0ED28A7CD ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
13:20:45.0701 3296  LVUVC64 - ok
13:20:46.0443 3296  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
13:20:46.0612 3296  Mcx2Svc - ok
13:20:46.0657 3296  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
13:20:46.0658 3296  megasas - ok
13:20:46.0703 3296  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
13:20:46.0715 3296  MegaSR - ok
13:20:46.0767 3296  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
13:20:46.0777 3296  MMCSS - ok
13:20:46.0794 3296  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
13:20:46.0795 3296  Modem - ok
13:20:46.0863 3296  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
13:20:46.0877 3296  monitor - ok
13:20:46.0919 3296  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
13:20:46.0920 3296  mouclass - ok
13:20:46.0972 3296  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
13:20:46.0973 3296  mouhid - ok
13:20:47.0017 3296  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
13:20:47.0036 3296  mountmgr - ok
13:20:48.0211 3296  [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:20:48.0409 3296  MozillaMaintenance - ok
13:20:48.0750 3296  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
13:20:48.0753 3296  mpio - ok
13:20:48.0830 3296  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
13:20:48.0831 3296  mpsdrv - ok
13:20:48.0937 3296  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
13:20:48.0947 3296  MpsSvc - ok
13:20:49.0018 3296  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
13:20:49.0570 3296  MRxDAV - ok
13:20:50.0130 3296  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
13:20:50.0311 3296  mrxsmb - ok
13:20:50.0409 3296  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:20:50.0424 3296  mrxsmb10 - ok
13:20:50.0477 3296  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:20:50.0479 3296  mrxsmb20 - ok
13:20:50.0507 3296  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
13:20:50.0508 3296  msahci - ok
13:20:50.0548 3296  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
13:20:50.0549 3296  msdsm - ok
13:20:50.0598 3296  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
13:20:50.0611 3296  MSDTC - ok
13:20:50.0668 3296  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
13:20:50.0670 3296  Msfs - ok
13:20:50.0715 3296  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
13:20:50.0716 3296  mshidkmdf - ok
13:20:50.0755 3296  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
13:20:50.0756 3296  msisadrv - ok
13:20:52.0528 3296  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
13:20:52.0535 3296  MSiSCSI - ok
13:20:52.0704 3296  msiserver - ok
13:20:52.0935 3296  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
13:20:52.0936 3296  MSKSSRV - ok
13:20:53.0008 3296  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
13:20:53.0009 3296  MSPCLOCK - ok
13:20:53.0059 3296  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
13:20:53.0060 3296  MSPQM - ok
13:20:53.0130 3296  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
13:20:53.0153 3296  MsRPC - ok
13:20:53.0191 3296  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
13:20:53.0210 3296  mssmbios - ok
13:20:53.0228 3296  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
13:20:53.0229 3296  MSTEE - ok
13:20:53.0274 3296  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
13:20:53.0275 3296  MTConfig - ok
13:20:53.0312 3296  [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
13:20:53.0313 3296  MTsensor - ok
13:20:54.0034 3296  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
13:20:54.0037 3296  Mup - ok
13:20:54.0971 3296  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
13:20:55.0007 3296  napagent - ok
13:20:55.0067 3296  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
13:20:55.0080 3296  NativeWifiP - ok
13:20:55.0276 3296  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
13:20:55.0293 3296  NDIS - ok
13:20:55.0331 3296  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
13:20:55.0332 3296  NdisCap - ok
13:20:55.0365 3296  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
13:20:55.0366 3296  NdisTapi - ok
13:20:55.0433 3296  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
13:20:55.0434 3296  Ndisuio - ok
13:20:56.0654 3296  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
13:20:57.0670 3296  NdisWan - ok
13:20:57.0774 3296  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
13:20:57.0775 3296  NDProxy - ok
13:20:57.0856 3296  [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
13:20:57.0876 3296  Net Driver HPZ12 - ok
13:20:57.0938 3296  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
13:20:57.0939 3296  NetBIOS - ok
13:20:57.0996 3296  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
13:20:58.0011 3296  NetBT - ok
13:20:58.0040 3296  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
13:20:58.0042 3296  Netlogon - ok
13:20:58.0155 3296  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
13:20:58.0782 3296  Netman - ok
13:20:59.0304 3296  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
13:20:59.0311 3296  netprofm - ok
13:20:59.0495 3296  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:20:59.0497 3296  NetTcpPortSharing - ok
13:20:59.0538 3296  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
13:20:59.0539 3296  nfrd960 - ok
13:20:59.0594 3296  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
13:20:59.0600 3296  NlaSvc - ok
13:20:59.0683 3296  [ 88F2F2CB9FAEE2E14BCCF384F4C88061 ] nmwcd           C:\Windows\system32\drivers\ccdcmbx64.sys
13:20:59.0684 3296  nmwcd - ok
13:20:59.0700 3296  [ 31C1FAC4AE14FB2F8771C59BA3F90BAD ] nmwcdc          C:\Windows\system32\drivers\ccdcmbox64.sys
13:20:59.0722 3296  nmwcdc - ok
13:20:59.0741 3296  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
13:20:59.0742 3296  Npfs - ok
13:20:59.0781 3296  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
13:20:59.0795 3296  nsi - ok
13:20:59.0833 3296  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
13:20:59.0835 3296  nsiproxy - ok
13:21:00.0119 3296  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
13:21:00.0715 3296  Ntfs - ok
13:21:01.0015 3296  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
13:21:01.0222 3296  Null - ok
13:21:01.0460 3296  [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
13:21:01.0478 3296  NVHDA - ok
13:21:01.0852 3296  [ FE2909F7DFB12B9A20AD207FE23B7E96 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:21:01.0970 3296  nvlddmkm - ok
13:21:03.0163 3296  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
13:21:03.0165 3296  nvraid - ok
13:21:03.0200 3296  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
13:21:03.0202 3296  nvstor - ok
13:21:03.0270 3296  [ 3341D2C91989BC87C3C0BAA97C27253B ] nvsvc           C:\Windows\system32\nvvsvc.exe
13:21:03.0295 3296  nvsvc - ok
13:21:03.0373 3296  [ 551CE34DAD2DFF0A480781E68B286E4D ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
13:21:03.0380 3296  nvUpdatusService - ok
13:21:03.0426 3296  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
13:21:03.0427 3296  nv_agp - ok
13:21:03.0445 3296  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
13:21:03.0461 3296  ohci1394 - ok
13:21:03.0488 3296  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
13:21:03.0506 3296  p2pimsvc - ok
13:21:03.0550 3296  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
13:21:03.0557 3296  p2psvc - ok
13:21:03.0611 3296  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
13:21:03.0612 3296  Parport - ok
13:21:03.0648 3296  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
13:21:03.0649 3296  partmgr - ok
13:21:03.0659 3296  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
13:21:04.0537 3296  PcaSvc - ok
13:21:05.0269 3296  pccsmcfd - ok
13:21:05.0615 3296  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
13:21:05.0618 3296  pci - ok
13:21:05.0657 3296  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
13:21:05.0658 3296  pciide - ok
13:21:05.0745 3296  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
13:21:05.0758 3296  pcmcia - ok
13:21:05.0787 3296  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
13:21:05.0789 3296  pcw - ok
13:21:05.0808 3296  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
13:21:05.0814 3296  PEAUTH - ok
13:21:05.0904 3296  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
13:21:05.0920 3296  PeerDistSvc - ok
13:21:06.0074 3296  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
13:21:06.0077 3296  PerfHost - ok
13:21:06.0518 3296  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
13:21:07.0131 3296  pla - ok
13:21:07.0445 3296  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
13:21:07.0458 3296  PlugPlay - ok
13:21:07.0550 3296  [ 627FA58ADC043704F9D14CA44340956F ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
13:21:07.0555 3296  PMBDeviceInfoProvider - ok
13:21:07.0632 3296  [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
13:21:07.0635 3296  Pml Driver HPZ12 - ok
13:21:07.0645 3296  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
13:21:07.0649 3296  PNRPAutoReg - ok
13:21:07.0688 3296  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
13:21:07.0692 3296  PNRPsvc - ok
13:21:07.0745 3296  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
13:21:07.0751 3296  PolicyAgent - ok
13:21:07.0773 3296  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
13:21:07.0787 3296  Power - ok
13:21:07.0840 3296  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
13:21:07.0841 3296  PptpMiniport - ok
13:21:08.0067 3296  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
13:21:08.0068 3296  Processor - ok
13:21:09.0231 3296  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
13:21:09.0297 3296  ProfSvc - ok
13:21:09.0368 3296  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:21:09.0371 3296  ProtectedStorage - ok
13:21:10.0780 3296  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
13:21:11.0188 3296  Psched - ok
13:21:11.0684 3296  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
13:21:11.0732 3296  ql2300 - ok
13:21:11.0760 3296  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
13:21:11.0762 3296  ql40xx - ok
13:21:11.0814 3296  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
13:21:11.0847 3296  QWAVE - ok
13:21:11.0884 3296  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
13:21:11.0885 3296  QWAVEdrv - ok
13:21:12.0167 3296  [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
13:21:12.0170 3296  RapiMgr - ok
13:21:12.0386 3296  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
13:21:12.0387 3296  RasAcd - ok
13:21:13.0153 3296  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
13:21:13.0343 3296  RasAgileVpn - ok
13:21:13.0515 3296  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
13:21:13.0519 3296  RasAuto - ok
13:21:13.0557 3296  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
13:21:13.0559 3296  Rasl2tp - ok
13:21:13.0600 3296  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
13:21:13.0622 3296  RasMan - ok
13:21:13.0678 3296  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
13:21:13.0679 3296  RasPppoe - ok
13:21:13.0718 3296  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
13:21:13.0719 3296  RasSstp - ok
13:21:13.0785 3296  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
13:21:13.0802 3296  rdbss - ok
13:21:13.0820 3296  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
13:21:13.0822 3296  rdpbus - ok
13:21:13.0840 3296  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
13:21:13.0841 3296  RDPCDD - ok
13:21:13.0887 3296  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
13:21:13.0902 3296  RDPDR - ok
13:21:13.0947 3296  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
13:21:13.0948 3296  RDPENCDD - ok
13:21:14.0143 3296  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
13:21:14.0144 3296  RDPREFMP - ok
13:21:15.0086 3296  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
13:21:15.0087 3296  RdpVideoMiniport - ok
13:21:15.0636 3296  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
13:21:15.0639 3296  RDPWD - ok
13:21:15.0687 3296  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
13:21:15.0690 3296  rdyboost - ok
13:21:15.0714 3296  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
13:21:15.0718 3296  RemoteAccess - ok
13:21:15.0733 3296  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
13:21:15.0752 3296  RemoteRegistry - ok
13:21:15.0939 3296  [ 06A49B7BDC36CFBF97DD90804F833369 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
13:21:15.0943 3296  RichVideo - ok
13:21:15.0982 3296  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
13:21:15.0986 3296  RpcEptMapper - ok
13:21:16.0014 3296  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
13:21:16.0016 3296  RpcLocator - ok
13:21:16.0079 3296  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
13:21:16.0084 3296  RpcSs - ok
13:21:18.0035 3296  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
13:21:18.0036 3296  rspndr - ok
13:21:18.0324 3296  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
13:21:18.0325 3296  s3cap - ok
13:21:18.0332 3296  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
13:21:18.0334 3296  SamSs - ok
13:21:18.0355 3296  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
13:21:18.0356 3296  sbp2port - ok
13:21:18.0402 3296  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
13:21:18.0425 3296  SCardSvr - ok
13:21:18.0448 3296  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
13:21:18.0449 3296  scfilter - ok
13:21:18.0486 3296  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
13:21:18.0500 3296  Schedule - ok
13:21:18.0527 3296  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
13:21:18.0530 3296  SCPolicySvc - ok
13:21:18.0556 3296  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
13:21:18.0573 3296  SDRSVC - ok
13:21:18.0619 3296  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
13:21:18.0620 3296  secdrv - ok
13:21:18.0658 3296  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
13:21:18.0662 3296  seclogon - ok
13:21:18.0885 3296  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
13:21:19.0058 3296  SENS - ok
13:21:19.0255 3296  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
13:21:19.0460 3296  SensrSvc - ok
13:21:20.0055 3296  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
13:21:20.0056 3296  Serenum - ok
13:21:20.0439 3296  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
13:21:20.0440 3296  Serial - ok
13:21:20.0509 3296  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
13:21:20.0510 3296  sermouse - ok
13:21:20.0548 3296  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
13:21:20.0553 3296  SessionEnv - ok
13:21:20.0571 3296  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
13:21:20.0572 3296  sffdisk - ok
13:21:20.0586 3296  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
13:21:20.0587 3296  sffp_mmc - ok
13:21:20.0596 3296  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
13:21:20.0597 3296  sffp_sd - ok
13:21:20.0639 3296  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
13:21:20.0640 3296  sfloppy - ok
13:21:20.0666 3296  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
13:21:20.0670 3296  SharedAccess - ok
13:21:20.0737 3296  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:21:20.0744 3296  ShellHWDetection - ok
13:21:20.0771 3296  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:21:20.0772 3296  SiSRaid2 - ok
13:21:20.0806 3296  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
13:21:20.0807 3296  SiSRaid4 - ok
13:21:20.0867 3296  [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
13:21:20.0869 3296  SkypeUpdate - ok
13:21:20.0890 3296  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
13:21:20.0891 3296  Smb - ok
13:21:21.0492 3296  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
13:21:21.0496 3296  SNMPTRAP - ok
13:21:23.0114 3296  [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
13:21:23.0129 3296  Sony PC Companion - ok
13:21:23.0170 3296  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
13:21:23.0171 3296  spldr - ok
13:21:23.0203 3296  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
13:21:23.0212 3296  Spooler - ok
13:21:23.0291 3296  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
13:21:23.0358 3296  sppsvc - ok
13:21:23.0388 3296  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
13:21:23.0412 3296  sppuinotify - ok
13:21:23.0481 3296  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
13:21:23.0486 3296  srv - ok
13:21:23.0495 3296  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
13:21:23.0499 3296  srv2 - ok
13:21:23.0544 3296  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
13:21:23.0547 3296  srvnet - ok
13:21:23.0581 3296  [ F4F1E1FF6986FE8914525AF751EA3EAC ] sscdbus         C:\Windows\system32\DRIVERS\sscdbus.sys
13:21:23.0583 3296  sscdbus - ok
13:21:23.0972 3296  [ 5447690D2CFE1BDE1BE3A5A5A3E2F796 ] sscdmdfl        C:\Windows\system32\DRIVERS\sscdmdfl.sys
13:21:24.0145 3296  sscdmdfl - ok
13:21:24.0498 3296  [ BFDA292053AEB76A0C1D63B2279D5138 ] sscdmdm         C:\Windows\system32\DRIVERS\sscdmdm.sys
13:21:24.0501 3296  sscdmdm - ok
13:21:24.0862 3296  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
13:21:24.0867 3296  SSDPSRV - ok
13:21:24.0902 3296  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
13:21:24.0906 3296  SstpSvc - ok
13:21:24.0941 3296  [ EF806D212D34B0E173BAEB3564D53E37 ] ss_bbus         C:\Windows\system32\DRIVERS\ss_bbus.sys
13:21:24.0943 3296  ss_bbus - ok
13:21:24.0957 3296  [ 08B1B34ABEBEB6AC2DEA06900C56411E ] ss_bmdfl        C:\Windows\system32\DRIVERS\ss_bmdfl.sys
13:21:24.0958 3296  ss_bmdfl - ok
13:21:24.0972 3296  [ 71A9DA6BEAA4CB54DFB827FB78600A5D ] ss_bmdm         C:\Windows\system32\DRIVERS\ss_bmdm.sys
13:21:24.0974 3296  ss_bmdm - ok
13:21:25.0021 3296  [ 0632004181860960CF6E10DE8DDEF78B ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
13:21:25.0023 3296  Stereo Service - ok
13:21:25.0045 3296  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
13:21:25.0046 3296  stexstor - ok
13:21:25.0085 3296  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
13:21:25.0105 3296  stisvc - ok
13:21:25.0135 3296  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
13:21:25.0137 3296  storflt - ok
13:21:25.0166 3296  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
13:21:25.0167 3296  storvsc - ok
13:21:25.0299 3296  [ 3FB1D84D673B4A9AF3856C8843C7A464 ] StumbleUponUpdater C:\Users\Judith\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe
13:21:25.0301 3296  StumbleUponUpdater - ok
13:21:25.0315 3296  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
13:21:25.0317 3296  swenum - ok
13:21:25.0353 3296  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
13:21:25.0777 3296  swprv - ok
13:21:26.0150 3296  Synth3dVsc - ok
13:21:26.0908 3296  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
13:21:26.0932 3296  SysMain - ok
13:21:26.0963 3296  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:21:26.0982 3296  TabletInputService - ok
13:21:27.0016 3296  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
13:21:27.0023 3296  TapiSrv - ok
13:21:27.0053 3296  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
13:21:27.0058 3296  TBS - ok
13:21:27.0149 3296  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
13:21:27.0186 3296  Tcpip - ok
13:21:27.0221 3296  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
13:21:27.0232 3296  TCPIP6 - ok
13:21:27.0280 3296  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
13:21:27.0281 3296  tcpipreg - ok
13:21:27.0323 3296  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
13:21:27.0324 3296  TDPIPE - ok
13:21:27.0370 3296  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
13:21:27.0371 3296  TDTCP - ok
13:21:28.0701 3296  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
13:21:28.0856 3296  tdx - ok
13:21:29.0227 3296  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
13:21:29.0545 3296  TermDD - ok
13:21:29.0597 3296  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
13:21:29.0624 3296  TermService - ok
13:21:29.0685 3296  [ 48D9D00C2E0E72C3D4F52772C80355F6 ] TFsExDisk       C:\Windows\System32\Drivers\TFsExDisk.sys
13:21:29.0686 3296  TFsExDisk - ok
13:21:29.0715 3296  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
13:21:29.0719 3296  Themes - ok
13:21:29.0763 3296  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
13:21:29.0766 3296  THREADORDER - ok
13:21:29.0802 3296  [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM             C:\Windows\system32\drivers\tpm.sys
13:21:29.0803 3296  TPM - ok
13:21:29.0822 3296  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
13:21:29.0826 3296  TrkWks - ok
13:21:30.0412 3296  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:21:30.0415 3296  TrustedInstaller - ok
13:21:30.0806 3296  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
13:21:30.0807 3296  tssecsrv - ok
13:21:31.0364 3296  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
13:21:31.0365 3296  TsUsbFlt - ok
13:21:31.0369 3296  tsusbhub - ok
13:21:31.0465 3296  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
13:21:31.0466 3296  tunnel - ok
13:21:31.0503 3296  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
13:21:31.0504 3296  uagp35 - ok
13:21:31.0544 3296  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
13:21:31.0560 3296  udfs - ok
13:21:31.0593 3296  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
13:21:31.0611 3296  UI0Detect - ok
13:21:31.0631 3296  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
13:21:31.0632 3296  uliagpkx - ok
13:21:31.0735 3296  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
13:21:31.0737 3296  umbus - ok
13:21:31.0769 3296  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
13:21:31.0770 3296  UmPass - ok
13:21:31.0997 3296  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
13:21:32.0003 3296  UmRdpService - ok
13:21:33.0385 3296  [ 8B802B483CBDE06F62DBC04DC7AFAF8E ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
13:21:33.0390 3296  UMVPFSrv - ok
13:21:33.0469 3296  [ D47E82866A6FF02DAE9CEDF127C4BEE0 ] UNS             C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
13:21:33.0502 3296  UNS - ok
13:21:33.0545 3296  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
13:21:33.0563 3296  upnphost - ok
13:21:33.0614 3296  [ FBD861E69E1F583BEC906FCD04E4F84E ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
13:21:33.0615 3296  upperdev - ok
13:21:33.0671 3296  [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
13:21:33.0673 3296  USBAAPL64 - ok
13:21:33.0719 3296  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
13:21:33.0720 3296  usbaudio - ok
13:21:33.0771 3296  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
13:21:33.0772 3296  usbccgp - ok
13:21:33.0835 3296  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
13:21:33.0836 3296  usbcir - ok
13:21:35.0120 3296  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
13:21:35.0122 3296  usbehci - ok
13:21:35.0513 3296  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
13:21:35.0517 3296  usbhub - ok
13:21:35.0719 3296  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
13:21:35.0720 3296  usbohci - ok
13:21:35.0946 3296  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
13:21:35.0947 3296  usbprint - ok
13:21:35.0976 3296  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
13:21:35.0977 3296  usbscan - ok
13:21:36.0015 3296  [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser          C:\Windows\system32\DRIVERS\usbser.sys
13:21:36.0016 3296  usbser - ok
13:21:36.0046 3296  [ 0FBB0080B287BBCBF5C7076E3D74A35C ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
13:21:36.0048 3296  UsbserFilt - ok
13:21:36.0096 3296  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:21:36.0097 3296  USBSTOR - ok
13:21:36.0103 3296  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
13:21:36.0104 3296  usbuhci - ok
13:21:36.0190 3296  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
13:21:36.0192 3296  usbvideo - ok
13:21:36.0211 3296  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
13:21:36.0227 3296  UxSms - ok
13:21:36.0260 3296  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
13:21:36.0262 3296  VaultSvc - ok
13:21:36.0344 3296  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
13:21:36.0529 3296  vdrvroot - ok
13:21:37.0279 3296  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
13:21:37.0608 3296  vds - ok
13:21:37.0677 3296  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
13:21:37.0678 3296  vga - ok
13:21:37.0708 3296  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
13:21:37.0730 3296  VgaSave - ok
13:21:37.0754 3296  VGPU - ok
13:21:37.0769 3296  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
13:21:37.0772 3296  vhdmp - ok
13:21:37.0862 3296  [ DB88CA4F876C7DCAEEC29BAB9E31FFC1 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
13:21:37.0890 3296  VIAHdAudAddService - ok
13:21:37.0933 3296  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
13:21:37.0934 3296  viaide - ok
13:21:37.0970 3296  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
13:21:37.0973 3296  vmbus - ok
13:21:37.0983 3296  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
13:21:37.0984 3296  VMBusHID - ok
13:21:37.0998 3296  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
13:21:38.0000 3296  volmgr - ok
13:21:38.0028 3296  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
13:21:38.0032 3296  volmgrx - ok
13:21:38.0067 3296  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
13:21:38.0072 3296  volsnap - ok
13:21:39.0003 3296  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
13:21:39.0005 3296  vsmraid - ok
13:21:39.0606 3296  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
13:21:39.0634 3296  VSS - ok
13:21:39.0659 3296  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
13:21:39.0660 3296  vwifibus - ok
13:21:39.0687 3296  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
13:21:39.0704 3296  W32Time - ok
13:21:39.0731 3296  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
13:21:39.0732 3296  WacomPen - ok
13:21:39.0767 3296  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
13:21:39.0769 3296  WANARP - ok
13:21:39.0773 3296  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
13:21:39.0774 3296  Wanarpv6 - ok
13:21:39.0822 3296  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
13:21:39.0857 3296  wbengine - ok
13:21:39.0875 3296  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
13:21:39.0881 3296  WbioSrvc - ok
13:21:39.0942 3296  [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
13:21:39.0962 3296  WcesComm - ok
13:21:40.0002 3296  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
13:21:40.0010 3296  wcncsvc - ok
13:21:40.0021 3296  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:21:40.0033 3296  WcsPlugInService - ok
13:21:40.0736 3296  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
13:21:41.0085 3296  Wd - ok
13:21:41.0662 3296  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
13:21:42.0044 3296  Wdf01000 - ok
13:21:42.0177 3296  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
13:21:42.0181 3296  WdiServiceHost - ok
13:21:42.0198 3296  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
13:21:42.0202 3296  WdiSystemHost - ok
13:21:42.0231 3296  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
13:21:42.0249 3296  WebClient - ok
13:21:42.0276 3296  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
13:21:42.0283 3296  Wecsvc - ok
13:21:42.0292 3296  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
13:21:42.0307 3296  wercplsupport - ok
13:21:42.0339 3296  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
13:21:42.0344 3296  WerSvc - ok
13:21:42.0394 3296  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
13:21:42.0395 3296  WfpLwf - ok
13:21:42.0409 3296  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
13:21:42.0411 3296  WIMMount - ok
13:21:42.0463 3296  WinDefend - ok
13:21:42.0468 3296  WinHttpAutoProxySvc - ok
13:21:42.0601 3296  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
13:21:42.0617 3296  Winmgmt - ok
13:21:43.0596 3296  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
13:21:43.0619 3296  WinRM - ok
13:21:44.0135 3296  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
13:21:44.0137 3296  WinUsb - ok
13:21:44.0179 3296  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
13:21:44.0205 3296  Wlansvc - ok
13:21:44.0236 3296  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
13:21:44.0237 3296  WmiAcpi - ok
13:21:44.0263 3296  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
13:21:44.0267 3296  wmiApSrv - ok
13:21:44.0291 3296  WMPNetworkSvc - ok
13:21:44.0299 3296  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
13:21:44.0303 3296  WPCSvc - ok
13:21:44.0347 3296  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
13:21:44.0352 3296  WPDBusEnum - ok
13:21:44.0380 3296  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
13:21:44.0381 3296  ws2ifsl - ok
13:21:44.0392 3296  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
13:21:44.0421 3296  wscsvc - ok
13:21:44.0425 3296  WSearch - ok
13:21:44.0497 3296  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
13:21:44.0547 3296  wuauserv - ok
13:21:44.0570 3296  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
13:21:44.0571 3296  WudfPf - ok
13:21:44.0648 3296  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
13:21:44.0659 3296  WUDFRd - ok
13:21:44.0679 3296  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
13:21:44.0684 3296  wudfsvc - ok
13:21:44.0696 3296  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
13:21:44.0710 3296  WwanSvc - ok
13:21:44.0743 3296  ================ Scan global ===============================
13:21:44.0770 3296  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
13:21:44.0797 3296  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
13:21:44.0808 3296  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
13:21:45.0013 3296  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
13:21:45.0589 3296  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
13:21:46.0666 3296  [Global] - ok
13:21:46.0667 3296  ================ Scan MBR ==================================
13:21:46.0683 3296  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:21:47.0043 3296  \Device\Harddisk0\DR0 - ok
13:21:47.0059 3296  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk1\DR1
13:21:47.0505 3296  \Device\Harddisk1\DR1 - ok
13:21:47.0508 3296  ================ Scan VBR ==================================
13:21:47.0903 3296  [ DDCC59EF278F7DE6678D973D5D830E81 ] \Device\Harddisk0\DR0\Partition1
13:21:47.0910 3296  \Device\Harddisk0\DR0\Partition1 - ok
13:21:48.0090 3296  [ B4147B8D609F6124CFD3483E4427D904 ] \Device\Harddisk0\DR0\Partition2
13:21:48.0091 3296  \Device\Harddisk0\DR0\Partition2 - ok
13:21:48.0296 3296  [ CF2B159744DA1FA93ED8F4800CF0C3BD ] \Device\Harddisk0\DR0\Partition3
13:21:48.0298 3296  \Device\Harddisk0\DR0\Partition3 - ok
13:21:48.0301 3296  [ B550849DEDDC1B0101E7E8D59762AFEF ] \Device\Harddisk1\DR1\Partition1
13:21:48.0302 3296  \Device\Harddisk1\DR1\Partition1 - ok
13:21:48.0304 3296  ============================================================
13:21:48.0304 3296  Scan finished
13:21:48.0304 3296  ============================================================
13:21:48.0316 4384  Detected object count: 0
13:21:48.0316 4384  Actual detected object count: 0
         
Habe vergessen, die Parameter bei TDSS-Killer zu verändern. Poste gleich die vollständige Datei.

Alt 15.02.2013, 13:11   #10
Lesserclown
 
Delta Search lässt sich nicht entfernen - Standard

Delta Search lässt sich nicht entfernen



Code:
ATTFilter
14:04:42.0859 4968  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:04:42.0956 4968  ============================================================
14:04:42.0956 4968  Current date / time: 2013/02/15 14:04:42.0956
14:04:42.0956 4968  SystemInfo:
14:04:42.0956 4968  
14:04:42.0956 4968  OS Version: 6.1.7601 ServicePack: 1.0
14:04:42.0956 4968  Product type: Workstation
14:04:42.0957 4968  ComputerName: JUDITH-PC
14:04:42.0957 4968  UserName: Judith
14:04:42.0957 4968  Windows directory: C:\Windows
14:04:42.0957 4968  System windows directory: C:\Windows
14:04:42.0957 4968  Running under WOW64
14:04:42.0957 4968  Processor architecture: Intel x64
14:04:42.0957 4968  Number of processors: 2
14:04:42.0957 4968  Page size: 0x1000
14:04:42.0957 4968  Boot type: Normal boot
14:04:42.0957 4968  ============================================================
14:04:59.0415 4968  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0x38080, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
14:04:59.0445 4968  Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:04:59.0460 4968  ============================================================
14:04:59.0460 4968  \Device\Harddisk0\DR0:
14:04:59.0469 4968  MBR partitions:
14:04:59.0469 4968  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:04:59.0469 4968  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1E816000
14:04:59.0469 4968  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x1E848800, BlocksNum 0x1BB3D000
14:04:59.0469 4968  \Device\Harddisk1\DR1:
14:04:59.0487 4968  MBR partitions:
14:04:59.0487 4968  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C0681
14:04:59.0487 4968  ============================================================
14:04:59.0573 4968  C: <-> \Device\Harddisk0\DR0\Partition2
14:04:59.0591 4968  D: <-> \Device\Harddisk1\DR1\Partition1
14:05:00.0974 4968  E: <-> \Device\Harddisk0\DR0\Partition3
14:05:00.0974 4968  ============================================================
14:05:00.0974 4968  Initialize success
14:05:00.0974 4968  ============================================================
14:05:58.0502 4720  ============================================================
14:05:58.0502 4720  Scan started
14:05:58.0502 4720  Mode: Manual; SigCheck; TDLFS; 
14:05:58.0502 4720  ============================================================
14:06:11.0817 4720  ================ Scan system memory ========================
14:06:11.0818 4720  System memory - ok
14:06:11.0818 4720  ================ Scan services =============================
14:06:24.0255 4720  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:06:39.0732 4720  1394ohci - ok
14:06:41.0527 4720  [ ADC420616C501B45D26C0FD3EF1E54E4 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
14:06:41.0580 4720  ACDaemon - ok
14:06:41.0760 4720  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:06:41.0790 4720  ACPI - ok
14:06:41.0834 4720  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:06:42.0494 4720  AcpiPmi - ok
14:06:43.0628 4720  [ 3927397AC60D943DAF8808AFFED582B7 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:06:43.0643 4720  AdobeARMservice - ok
14:06:53.0956 4720  [ EC807244904FA170C299AB06D87FBDBE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:06:54.0074 4720  AdobeFlashPlayerUpdateSvc - ok
14:06:54.0272 4720  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
14:06:54.0305 4720  adp94xx - ok
14:06:54.0970 4720  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
14:06:55.0380 4720  adpahci - ok
14:06:56.0727 4720  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
14:06:56.0846 4720  adpu320 - ok
14:06:56.0893 4720  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:06:56.0980 4720  AeLookupSvc - ok
14:06:57.0553 4720  [ 6CCD1135320109D6B219F1A6E04AD9F6 ] Afc             C:\Windows\syswow64\drivers\Afc.sys
14:06:57.0566 4720  Afc - ok
14:06:59.0017 4720  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
14:06:59.0117 4720  AFD - ok
14:06:59.0189 4720  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
14:06:59.0209 4720  agp440 - ok
14:06:59.0254 4720  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
14:07:00.0818 4720  ALG - ok
14:07:00.0869 4720  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:07:00.0896 4720  aliide - ok
14:07:00.0926 4720  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
14:07:00.0984 4720  amdide - ok
14:07:01.0169 4720  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
14:07:02.0627 4720  AmdK8 - ok
14:07:03.0384 4720  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
14:07:03.0498 4720  AmdPPM - ok
14:07:03.0610 4720  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:07:03.0630 4720  amdsata - ok
14:07:03.0678 4720  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
14:07:03.0699 4720  amdsbs - ok
14:07:03.0707 4720  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:07:03.0721 4720  amdxata - ok
14:07:03.0746 4720  Andbus - ok
14:07:03.0753 4720  AndDiag - ok
14:07:03.0759 4720  AndGps - ok
14:07:03.0767 4720  ANDModem - ok
14:07:03.0773 4720  androidusb - ok
14:07:04.0589 4720  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
14:07:05.0523 4720  AppID - ok
14:07:05.0569 4720  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:07:05.0665 4720  AppIDSvc - ok
14:07:05.0726 4720  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
14:07:05.0790 4720  Appinfo - ok
14:07:07.0265 4720  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:07:07.0310 4720  Apple Mobile Device - ok
14:07:07.0461 4720  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll
14:07:07.0506 4720  AppMgmt - ok
14:07:07.0571 4720  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
14:07:07.0594 4720  arc - ok
14:07:07.0631 4720  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
14:07:07.0654 4720  arcsas - ok
14:07:09.0894 4720  [ A82C01606DC27D05D9D3BFB6BB807E32 ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
14:07:09.0905 4720  AsIO - ok
14:07:09.0997 4720  [ 26D66E32E78D3059715B3A17BC679CD9 ] AsUpIO          C:\Windows\syswow64\drivers\AsUpIO.sys
14:07:10.0008 4720  AsUpIO - ok
14:07:10.0176 4720  [ 4FCAEF0C5BE7629AEB878998E0FE959B ] aswFsBlk        C:\Windows\system32\drivers\aswFsBlk.sys
14:07:10.0187 4720  aswFsBlk - ok
14:07:10.0301 4720  [ 316271CC32FDFFFCDB30677684906D5E ] aswKbd          C:\Windows\system32\drivers\aswKbd.sys
14:07:10.0311 4720  aswKbd - ok
14:07:11.0285 4720  [ B50CDD87772D6A11CB90924AAD399DF8 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
14:07:11.0297 4720  aswMonFlt - ok
14:07:11.0763 4720  [ 57768C7DB4681F2510F247F82EF31D4F ] aswRdr          C:\Windows\System32\Drivers\aswrdr2.sys
14:07:11.0774 4720  aswRdr - ok
14:07:11.0943 4720  [ E71D826A1F3CE9C9DE3E77F2D02AFFBF ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
14:07:11.0968 4720  aswSnx - ok
14:07:12.0044 4720  [ 538A32E2C99BF073D4CA76C30BEDAA60 ] aswSP           C:\Windows\system32\drivers\aswSP.sys
14:07:12.0062 4720  aswSP - ok
14:07:12.0292 4720  [ 6EDC79D73745FD44C41B55B2D13D0B70 ] aswTdi          C:\Windows\system32\drivers\aswTdi.sys
14:07:12.0304 4720  aswTdi - ok
14:07:13.0258 4720  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:07:14.0486 4720  AsyncMac - ok
14:07:14.0524 4720  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
14:07:14.0537 4720  atapi - ok
14:07:14.0630 4720  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:07:14.0744 4720  AudioEndpointBuilder - ok
14:07:14.0781 4720  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:07:14.0829 4720  AudioSrv - ok
14:07:16.0459 4720  [ 8FA553E9AE69808D99C164733A0F9590 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
14:07:16.0470 4720  avast! Antivirus - ok
14:07:16.0554 4720  avast! Firewall - ok
14:07:16.0678 4720  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:07:17.0277 4720  AxInstSV - ok
14:07:18.0068 4720  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
14:07:18.0236 4720  b06bdrv - ok
14:07:18.0275 4720  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:07:18.0320 4720  b57nd60a - ok
14:07:18.0367 4720  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:07:18.0405 4720  BDESVC - ok
14:07:18.0425 4720  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:07:18.0483 4720  Beep - ok
14:07:18.0550 4720  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
14:07:18.0610 4720  BFE - ok
14:07:18.0643 4720  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
14:07:18.0706 4720  BITS - ok
14:07:18.0743 4720  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:07:18.0783 4720  blbdrive - ok
14:07:20.0935 4720  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:07:20.0963 4720  Bonjour Service - ok
14:07:21.0004 4720  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:07:21.0031 4720  bowser - ok
14:07:21.0057 4720  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:07:21.0104 4720  BrFiltLo - ok
14:07:21.0129 4720  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:07:21.0162 4720  BrFiltUp - ok
14:07:21.0196 4720  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
14:07:21.0231 4720  Browser - ok
14:07:21.0261 4720  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:07:21.0306 4720  Brserid - ok
14:07:21.0333 4720  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:07:21.0379 4720  BrSerWdm - ok
14:07:21.0748 4720  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:07:22.0599 4720  BrUsbMdm - ok
14:07:22.0638 4720  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:07:22.0706 4720  BrUsbSer - ok
14:07:22.0802 4720  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
14:07:22.0844 4720  BTHMODEM - ok
14:07:22.0884 4720  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
14:07:22.0934 4720  bthserv - ok
14:07:22.0976 4720  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:07:23.0042 4720  cdfs - ok
14:07:23.0442 4720  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:07:23.0637 4720  cdrom - ok
14:07:24.0358 4720  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
14:07:24.0411 4720  CertPropSvc - ok
14:07:24.0454 4720  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
14:07:24.0473 4720  circlass - ok
14:07:24.0504 4720  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
14:07:24.0547 4720  CLFS - ok
14:07:24.0615 4720  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:07:24.0630 4720  clr_optimization_v2.0.50727_32 - ok
14:07:24.0736 4720  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:07:24.0764 4720  clr_optimization_v2.0.50727_64 - ok
14:07:24.0872 4720  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:07:27.0149 4720  clr_optimization_v4.0.30319_32 - ok
14:07:27.0187 4720  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:07:27.0202 4720  clr_optimization_v4.0.30319_64 - ok
14:07:27.0235 4720  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:07:27.0266 4720  CmBatt - ok
14:07:27.0289 4720  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:07:27.0304 4720  cmdide - ok
14:07:27.0350 4720  [ 2C32E2AA8DEE735B5AF2967C31BF5785 ] CMIUCR          C:\Windows\system32\DRIVERS\cmiucr_x64.SYS
14:07:27.0387 4720  CMIUCR - ok
14:07:27.0427 4720  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
14:07:27.0460 4720  CNG - ok
14:07:27.0473 4720  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
14:07:27.0487 4720  Compbatt - ok
14:07:27.0527 4720  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
14:07:27.0561 4720  CompositeBus - ok
14:07:27.0576 4720  COMSysApp - ok
14:07:27.0587 4720  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
14:07:27.0602 4720  crcdisk - ok
14:07:27.0646 4720  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:07:27.0686 4720  CryptSvc - ok
14:07:27.0721 4720  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys
14:07:27.0948 4720  CSC - ok
14:07:29.0014 4720  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll
14:07:29.0143 4720  CscService - ok
14:07:29.0254 4720  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:07:29.0315 4720  DcomLaunch - ok
14:07:29.0372 4720  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
14:07:29.0439 4720  defragsvc - ok
14:07:29.0467 4720  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:07:29.0529 4720  DfsC - ok
14:07:30.0308 4720  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:07:31.0292 4720  Dhcp - ok
14:07:31.0869 4720  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
14:07:31.0906 4720  discache - ok
14:07:32.0000 4720  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
14:07:32.0014 4720  Disk - ok
14:07:32.0041 4720  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:07:32.0084 4720  Dnscache - ok
14:07:32.0196 4720  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:07:32.0267 4720  dot3svc - ok
14:07:32.0319 4720  [ B42ED0320C6E41102FDE0005154849BB ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
14:07:32.0354 4720  Dot4 - ok
14:07:33.0354 4720  [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print       C:\Windows\system32\drivers\Dot4Prt.sys
14:07:33.0797 4720  Dot4Print - ok
14:07:33.0823 4720  [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
14:07:33.0859 4720  dot4usb - ok
14:07:33.0901 4720  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
14:07:33.0950 4720  DPS - ok
14:07:33.0982 4720  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:07:34.0000 4720  drmkaud - ok
14:07:34.0051 4720  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:07:34.0079 4720  DXGKrnl - ok
14:07:34.0108 4720  [ 0441D427C0625C326EBFE26A9C95D76C ] e1kexpress      C:\Windows\system32\DRIVERS\e1k62x64.sys
14:07:34.0123 4720  e1kexpress - ok
14:07:34.0148 4720  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
14:07:34.0202 4720  EapHost - ok
14:07:34.0867 4720  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
14:07:35.0615 4720  ebdrv - ok
14:07:35.0839 4720  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
14:07:35.0882 4720  EFS - ok
14:07:35.0930 4720  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:07:35.0987 4720  ehRecvr - ok
14:07:36.0037 4720  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
14:07:36.0082 4720  ehSched - ok
14:07:36.0192 4720  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
14:07:36.0233 4720  elxstor - ok
14:07:36.0265 4720  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:07:36.0299 4720  ErrDev - ok
14:07:38.0121 4720  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
14:07:38.0340 4720  EventSystem - ok
14:07:38.0370 4720  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
14:07:38.0425 4720  exfat - ok
14:07:38.0448 4720  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:07:38.0498 4720  fastfat - ok
14:07:38.0557 4720  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
14:07:38.0592 4720  Fax - ok
14:07:38.0630 4720  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
14:07:38.0645 4720  fdc - ok
14:07:38.0689 4720  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
14:07:38.0755 4720  fdPHost - ok
14:07:38.0779 4720  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:07:39.0043 4720  FDResPub - ok
14:07:39.0403 4720  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:07:39.0417 4720  FileInfo - ok
14:07:39.0962 4720  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:07:40.0332 4720  Filetrace - ok
14:07:40.0357 4720  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
14:07:40.0407 4720  flpydisk - ok
14:07:40.0551 4720  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:07:40.0571 4720  FltMgr - ok
14:07:41.0967 4720  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
14:07:42.0025 4720  FontCache - ok
14:07:42.0166 4720  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:07:42.0195 4720  FontCache3.0.0.0 - ok
14:07:42.0251 4720  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:07:42.0279 4720  FsDepends - ok
14:07:42.0316 4720  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:07:42.0329 4720  Fs_Rec - ok
14:07:44.0549 4720  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:07:44.0587 4720  fvevol - ok
14:07:44.0648 4720  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
14:07:44.0675 4720  gagp30kx - ok
14:07:44.0908 4720  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:07:44.0918 4720  GEARAspiWDM - ok
14:07:45.0085 4720  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
14:07:45.0155 4720  gpsvc - ok
14:07:46.0658 4720  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:07:46.0690 4720  gupdate - ok
14:07:46.0700 4720  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
14:07:46.0711 4720  gupdatem - ok
14:07:46.0918 4720  [ 5D4BC124FAAE6730AC002CDB67BF1A1C ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
14:07:46.0948 4720  gusvc - ok
14:07:46.0973 4720  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:07:47.0013 4720  hcw85cir - ok
14:07:47.0129 4720  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:07:47.0160 4720  HdAudAddService - ok
14:07:47.0253 4720  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
14:07:47.0463 4720  HDAudBus - ok
14:07:48.0413 4720  [ E91AFF2610114CCAEBB90D4D991BB6B2 ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
14:07:48.0461 4720  HECIx64 - ok
14:07:48.0507 4720  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
14:07:48.0553 4720  HidBatt - ok
14:07:48.0578 4720  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
14:07:48.0632 4720  HidBth - ok
14:07:48.0650 4720  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
14:07:48.0699 4720  HidIr - ok
14:07:48.0738 4720  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
14:07:48.0797 4720  hidserv - ok
14:07:48.0931 4720  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:07:48.0960 4720  HidUsb - ok
14:07:50.0103 4720  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:07:51.0081 4720  hkmsvc - ok
14:07:51.0365 4720  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:07:51.0402 4720  HomeGroupListener - ok
14:07:51.0481 4720  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:07:51.0529 4720  HomeGroupProvider - ok
14:07:52.0097 4720  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
14:07:52.0682 4720  hpqcxs08 ( UnsignedFile.Multi.Generic ) - warning
14:07:52.0682 4720  hpqcxs08 - detected UnsignedFile.Multi.Generic (1)
14:07:53.0109 4720  [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc        C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
14:07:53.0117 4720  hpqddsvc ( UnsignedFile.Multi.Generic ) - warning
14:07:53.0117 4720  hpqddsvc - detected UnsignedFile.Multi.Generic (1)
14:07:53.0216 4720  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:07:53.0248 4720  HpSAMD - ok
14:07:53.0489 4720  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:07:53.0565 4720  HTTP - ok
14:07:53.0619 4720  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:07:53.0632 4720  hwpolicy - ok
14:07:55.0013 4720  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
14:07:55.0247 4720  i8042prt - ok
14:07:55.0358 4720  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:07:55.0383 4720  iaStorV - ok
14:07:55.0692 4720  [ 0C88EA9A724D2512E05BAE6F73D02040 ] IB Updater      C:\Program Files\IB Updater\ExtensionUpdaterService.exe
14:07:59.0916 4720  IB Updater - ok
14:08:02.0569 4720  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:08:02.0636 4720  idsvc - ok
14:08:02.0737 4720  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
14:08:02.0762 4720  iirsp - ok
14:08:03.0831 4720  [ 755519F49906B73C1FE9CBBF75E347EA ] IJPLMSVC        C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
14:08:03.0843 4720  IJPLMSVC - ok
14:08:04.0498 4720  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
14:08:04.0552 4720  IKEEXT - ok
14:08:04.0574 4720  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
14:08:04.0600 4720  intelide - ok
14:08:04.0684 4720  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:08:04.0724 4720  intelppm - ok
14:08:04.0759 4720  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:08:04.0823 4720  IPBusEnum - ok
14:08:04.0862 4720  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:08:04.0930 4720  IpFilterDriver - ok
14:08:06.0258 4720  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:08:06.0296 4720  iphlpsvc - ok
14:08:06.0346 4720  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:08:06.0405 4720  IPMIDRV - ok
14:08:06.0466 4720  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:08:06.0538 4720  IPNAT - ok
14:08:09.0018 4720  [ 0F261EC4F514926177C70C1832374231 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
14:08:09.0055 4720  iPod Service - ok
14:08:09.0112 4720  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:08:09.0160 4720  IRENUM - ok
14:08:09.0245 4720  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:08:09.0282 4720  isapnp - ok
14:08:10.0219 4720  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:08:10.0628 4720  iScsiPrt - ok
14:08:11.0223 4720  [ DED87077CD0207BFE6E5CA65802506A1 ] ITDirectorService C:\Program Files (x86)\Intel\IntelITDirector\itdirectorservice.exe
14:08:11.0256 4720  ITDirectorService - ok
14:08:11.0350 4720  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:08:11.0364 4720  kbdclass - ok
14:08:11.0617 4720  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:08:11.0818 4720  kbdhid - ok
14:08:12.0187 4720  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
14:08:12.0202 4720  KeyIso - ok
14:08:12.0952 4720  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:08:12.0981 4720  KSecDD - ok
14:08:13.0051 4720  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:08:13.0084 4720  KSecPkg - ok
14:08:13.0160 4720  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:08:13.0226 4720  ksthunk - ok
14:08:13.0348 4720  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:08:14.0310 4720  KtmRm - ok
14:08:15.0423 4720  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:08:15.0624 4720  LanmanServer - ok
14:08:15.0708 4720  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:08:15.0761 4720  LanmanWorkstation - ok
14:08:17.0576 4720  [ 7772DFAB22611050B79504E671B06E6E ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
14:08:17.0637 4720  LBTServ - ok
14:08:17.0764 4720  [ ED7EC050CD6C20E1A93A4DAFB7EFD14D ] LEqdUsb         C:\Windows\system32\DRIVERS\LEqdUsb.Sys
14:08:17.0776 4720  LEqdUsb - ok
14:08:17.0904 4720  [ 174803F2EEA3B22165DFE0E5A1F20685 ] LgBttPort       C:\Windows\system32\DRIVERS\lgbtpt64.sys
14:08:17.0949 4720  LgBttPort - ok
14:08:18.0000 4720  [ 565F93BB7C0361E61B3DAEA670C354D6 ] lgbusenum       C:\Windows\system32\DRIVERS\lgbtbs64.sys
14:08:18.0012 4720  lgbusenum - ok
14:08:18.0555 4720  [ ABF477857B7CED873362EC92C6CE10A7 ] LGVMODEM        C:\Windows\system32\DRIVERS\lgvmdm64.sys
14:08:19.0360 4720  LGVMODEM - ok
14:08:19.0607 4720  [ 3267BC698E29474A8381E68904EB0390 ] LHidEqd         C:\Windows\system32\DRIVERS\LHidEqd.Sys
14:08:19.0617 4720  LHidEqd - ok
14:08:19.0659 4720  [ 241F2648ADF090E2A10095BD6D6F5DCB ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
14:08:19.0671 4720  LHidFilt - ok
14:08:19.0754 4720  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:08:19.0825 4720  lltdio - ok
14:08:19.0919 4720  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:08:19.0989 4720  lltdsvc - ok
14:08:20.0022 4720  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:08:20.0078 4720  lmhosts - ok
14:08:20.0105 4720  [ 342ED5A4B3326014438F36D22D803737 ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
14:08:20.0117 4720  LMouFilt - ok
14:08:21.0605 4720  [ 2763A02188FFB04287F5034EC5B6B451 ] LMS             C:\Program Files (x86)\Intel\AMT\LMS.exe
14:08:21.0617 4720  LMS - ok
14:08:22.0338 4720  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
14:08:22.0371 4720  LSI_FC - ok
14:08:22.0428 4720  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
14:08:22.0454 4720  LSI_SAS - ok
14:08:22.0492 4720  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:08:22.0523 4720  LSI_SAS2 - ok
14:08:22.0564 4720  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:08:22.0593 4720  LSI_SCSI - ok
14:08:22.0610 4720  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
14:08:22.0684 4720  luafv - ok
14:08:22.0876 4720  [ 29C733E1DE824670DC9315CFC9BDBCD3 ] LUsbFilt        C:\Windows\system32\Drivers\LUsbFilt.Sys
14:08:22.0897 4720  LUsbFilt - ok
14:08:25.0063 4720  [ EDF73BFA1BD24D74D1D64DC0ED28A7CD ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys
14:08:25.0399 4720  LVUVC64 - ok
14:08:26.0270 4720  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:08:27.0360 4720  Mcx2Svc - ok
14:08:27.0444 4720  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
14:08:27.0475 4720  megasas - ok
14:08:27.0521 4720  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
14:08:27.0544 4720  MegaSR - ok
14:08:27.0602 4720  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
14:08:27.0670 4720  MMCSS - ok
14:08:27.0689 4720  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
14:08:27.0744 4720  Modem - ok
14:08:27.0806 4720  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:08:27.0848 4720  monitor - ok
14:08:27.0946 4720  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:08:27.0959 4720  mouclass - ok
14:08:29.0139 4720  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:08:29.0511 4720  mouhid - ok
14:08:29.0591 4720  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:08:29.0607 4720  mountmgr - ok
14:08:29.0802 4720  [ 51A84B690DF519DCF656F780243D953E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:08:29.0925 4720  MozillaMaintenance - ok
14:08:29.0970 4720  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:08:30.0025 4720  mpio - ok
14:08:30.0061 4720  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:08:30.0115 4720  mpsdrv - ok
14:08:31.0672 4720  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:08:31.0737 4720  MpsSvc - ok
14:08:31.0823 4720  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:08:31.0869 4720  MRxDAV - ok
14:08:31.0936 4720  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:08:31.0992 4720  mrxsmb - ok
14:08:32.0081 4720  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:08:32.0120 4720  mrxsmb10 - ok
14:08:32.0163 4720  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:08:32.0188 4720  mrxsmb20 - ok
14:08:32.0241 4720  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:08:32.0270 4720  msahci - ok
14:08:32.0300 4720  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:08:33.0431 4720  msdsm - ok
14:08:34.0531 4720  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
14:08:34.0576 4720  MSDTC - ok
14:08:34.0646 4720  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:08:34.0693 4720  Msfs - ok
14:08:34.0740 4720  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:08:34.0815 4720  mshidkmdf - ok
14:08:34.0853 4720  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:08:34.0866 4720  msisadrv - ok
14:08:34.0956 4720  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:08:35.0022 4720  MSiSCSI - ok
14:08:35.0026 4720  msiserver - ok
14:08:35.0089 4720  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:08:35.0152 4720  MSKSSRV - ok
14:08:35.0738 4720  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:08:36.0336 4720  MSPCLOCK - ok
14:08:36.0364 4720  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:08:36.0429 4720  MSPQM - ok
14:08:36.0545 4720  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:08:36.0569 4720  MsRPC - ok
14:08:36.0652 4720  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:08:36.0666 4720  mssmbios - ok
14:08:36.0681 4720  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:08:36.0745 4720  MSTEE - ok
14:08:36.0772 4720  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
14:08:36.0822 4720  MTConfig - ok
14:08:36.0894 4720  [ 19B006B181E3875FD254F7B67ACF1E7C ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
14:08:36.0904 4720  MTsensor - ok
14:08:36.0956 4720  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
14:08:36.0970 4720  Mup - ok
14:08:38.0508 4720  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
14:08:38.0603 4720  napagent - ok
14:08:38.0732 4720  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:08:38.0796 4720  NativeWifiP - ok
14:08:39.0098 4720  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:08:39.0141 4720  NDIS - ok
14:08:40.0486 4720  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:08:40.0860 4720  NdisCap - ok
14:08:40.0915 4720  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:08:40.0987 4720  NdisTapi - ok
14:08:41.0079 4720  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:08:41.0125 4720  Ndisuio - ok
14:08:41.0218 4720  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:08:41.0280 4720  NdisWan - ok
14:08:41.0333 4720  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:08:41.0407 4720  NDProxy - ok
14:08:41.0654 4720  [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:08:42.0571 4720  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:08:42.0571 4720  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:08:42.0937 4720  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:08:42.0999 4720  NetBIOS - ok
14:08:43.0102 4720  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:08:43.0188 4720  NetBT - ok
14:08:43.0207 4720  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
14:08:43.0222 4720  Netlogon - ok
14:08:43.0393 4720  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
14:08:43.0574 4720  Netman - ok
14:08:44.0541 4720  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
14:08:45.0123 4720  netprofm - ok
14:08:45.0189 4720  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:08:45.0224 4720  NetTcpPortSharing - ok
14:08:45.0316 4720  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
14:08:45.0344 4720  nfrd960 - ok
14:08:45.0468 4720  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:08:45.0554 4720  NlaSvc - ok
14:08:45.0653 4720  [ 88F2F2CB9FAEE2E14BCCF384F4C88061 ] nmwcd           C:\Windows\system32\drivers\ccdcmbx64.sys
14:08:45.0708 4720  nmwcd - ok
14:08:47.0375 4720  [ 31C1FAC4AE14FB2F8771C59BA3F90BAD ] nmwcdc          C:\Windows\system32\drivers\ccdcmbox64.sys
14:08:47.0436 4720  nmwcdc - ok
14:08:47.0463 4720  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:08:47.0515 4720  Npfs - ok
14:08:47.0575 4720  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
14:08:47.0659 4720  nsi - ok
14:08:47.0688 4720  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:08:47.0749 4720  nsiproxy - ok
14:08:48.0756 4720  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:08:48.0982 4720  Ntfs - ok
14:08:49.0337 4720  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
14:08:49.0553 4720  Null - ok
14:08:49.0758 4720  [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
14:08:49.0772 4720  NVHDA - ok
14:08:52.0271 4720  [ FE2909F7DFB12B9A20AD207FE23B7E96 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:08:52.0427 4720  nvlddmkm - ok
14:08:52.0549 4720  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:08:52.0588 4720  nvraid - ok
14:08:52.0650 4720  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:08:52.0686 4720  nvstor - ok
14:08:52.0972 4720  [ 3341D2C91989BC87C3C0BAA97C27253B ] nvsvc           C:\Windows\system32\nvvsvc.exe
14:08:53.0007 4720  nvsvc - ok
14:08:53.0483 4720  [ 551CE34DAD2DFF0A480781E68B286E4D ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:08:53.0510 4720  nvUpdatusService - ok
14:08:53.0572 4720  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:08:53.0601 4720  nv_agp - ok
14:08:53.0652 4720  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:08:53.0685 4720  ohci1394 - ok
14:08:53.0755 4720  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:08:53.0801 4720  p2pimsvc - ok
14:08:53.0970 4720  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:08:54.0005 4720  p2psvc - ok
14:08:54.0069 4720  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
14:08:54.0099 4720  Parport - ok
14:08:54.0130 4720  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:08:54.0158 4720  partmgr - ok
14:08:54.0177 4720  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:08:54.0215 4720  PcaSvc - ok
14:08:54.0261 4720  pccsmcfd - ok
14:08:54.0346 4720  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
14:08:54.0380 4720  pci - ok
14:08:54.0435 4720  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
14:08:54.0448 4720  pciide - ok
14:08:54.0523 4720  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
14:08:54.0558 4720  pcmcia - ok
14:08:54.0590 4720  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:08:54.0603 4720  pcw - ok
14:08:54.0802 4720  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:08:54.0877 4720  PEAUTH - ok
14:08:55.0162 4720  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
14:08:55.0200 4720  PeerDistSvc - ok
14:08:56.0004 4720  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:08:56.0032 4720  PerfHost - ok
14:08:56.0436 4720  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
14:08:56.0503 4720  pla - ok
14:08:56.0633 4720  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:08:56.0658 4720  PlugPlay - ok
14:08:57.0109 4720  [ 627FA58ADC043704F9D14CA44340956F ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
14:08:57.0339 4720  PMBDeviceInfoProvider - ok
14:08:58.0355 4720  [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:08:58.0406 4720  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
14:08:58.0406 4720  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic (1)
14:08:58.0441 4720  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:08:58.0473 4720  PNRPAutoReg - ok
14:08:58.0591 4720  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:08:58.0610 4720  PNRPsvc - ok
14:08:58.0863 4720  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:08:58.0963 4720  PolicyAgent - ok
14:08:59.0929 4720  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
14:09:00.0300 4720  Power - ok
14:09:00.0398 4720  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:09:00.0469 4720  PptpMiniport - ok
14:09:00.0529 4720  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
14:09:00.0598 4720  Processor - ok
14:09:00.0697 4720  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:09:01.0456 4720  ProfSvc - ok
14:09:01.0818 4720  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:09:01.0834 4720  ProtectedStorage - ok
14:09:02.0316 4720  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:09:02.0378 4720  Psched - ok
14:09:02.0584 4720  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
14:09:02.0628 4720  ql2300 - ok
14:09:03.0010 4720  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
14:09:03.0214 4720  ql40xx - ok
14:09:04.0807 4720  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
14:09:04.0915 4720  QWAVE - ok
14:09:04.0934 4720  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:09:04.0981 4720  QWAVEdrv - ok
14:09:06.0190 4720  [ A55E7D0D873B2C97585B3B5926AC6ADE ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
14:09:06.0768 4720  RapiMgr - ok
14:09:06.0828 4720  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:09:06.0895 4720  RasAcd - ok
14:09:06.0995 4720  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:09:07.0041 4720  RasAgileVpn - ok
14:09:07.0081 4720  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
14:09:07.0138 4720  RasAuto - ok
14:09:07.0195 4720  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:09:07.0769 4720  Rasl2tp - ok
14:09:08.0878 4720  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
14:09:08.0931 4720  RasMan - ok
14:09:09.0020 4720  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:09:09.0076 4720  RasPppoe - ok
14:09:09.0132 4720  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:09:09.0200 4720  RasSstp - ok
14:09:09.0283 4720  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:09:09.0713 4720  rdbss - ok
14:09:11.0106 4720  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
14:09:11.0140 4720  rdpbus - ok
14:09:11.0162 4720  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:09:11.0224 4720  RDPCDD - ok
14:09:11.0328 4720  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
14:09:11.0365 4720  RDPDR - ok
14:09:11.0449 4720  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:09:11.0509 4720  RDPENCDD - ok
14:09:11.0537 4720  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:09:11.0585 4720  RDPREFMP - ok
14:09:12.0516 4720  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:09:13.0220 4720  RdpVideoMiniport - ok
14:09:13.0315 4720  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:09:13.0366 4720  RDPWD - ok
14:09:13.0500 4720  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:09:13.0540 4720  rdyboost - ok
14:09:13.0600 4720  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:09:13.0662 4720  RemoteAccess - ok
14:09:13.0748 4720  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:09:13.0816 4720  RemoteRegistry - ok
14:09:15.0233 4720  [ 06A49B7BDC36CFBF97DD90804F833369 ] RichVideo       C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
14:09:15.0257 4720  RichVideo - ok
14:09:15.0321 4720  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:09:15.0393 4720  RpcEptMapper - ok
14:09:15.0437 4720  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
14:09:15.0486 4720  RpcLocator - ok
14:09:15.0646 4720  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
14:09:15.0685 4720  RpcSs - ok
14:09:16.0142 4720  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:09:17.0660 4720  rspndr - ok
14:09:17.0806 4720  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
14:09:17.0852 4720  s3cap - ok
14:09:17.0874 4720  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
14:09:17.0890 4720  SamSs - ok
14:09:17.0922 4720  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:09:17.0955 4720  sbp2port - ok
14:09:18.0041 4720  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:09:18.0104 4720  SCardSvr - ok
14:09:18.0158 4720  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:09:18.0219 4720  scfilter - ok
14:09:18.0376 4720  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
14:09:18.0448 4720  Schedule - ok
14:09:18.0489 4720  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:09:18.0523 4720  SCPolicySvc - ok
14:09:18.0575 4720  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:09:18.0626 4720  SDRSVC - ok
14:09:18.0689 4720  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:09:18.0737 4720  secdrv - ok
14:09:18.0800 4720  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
14:09:18.0868 4720  seclogon - ok
14:09:18.0920 4720  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
14:09:18.0967 4720  SENS - ok
14:09:19.0002 4720  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:09:19.0063 4720  SensrSvc - ok
14:09:19.0130 4720  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
14:09:19.0157 4720  Serenum - ok
14:09:19.0214 4720  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:09:19.0257 4720  Serial - ok
14:09:19.0308 4720  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
14:09:19.0364 4720  sermouse - ok
14:09:19.0419 4720  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
14:09:19.0472 4720  SessionEnv - ok
14:09:19.0526 4720  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:09:19.0587 4720  sffdisk - ok
14:09:19.0625 4720  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:09:19.0676 4720  sffp_mmc - ok
14:09:19.0695 4720  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:09:19.0738 4720  sffp_sd - ok
14:09:19.0774 4720  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
14:09:19.0849 4720  sfloppy - ok
14:09:19.0908 4720  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:09:19.0987 4720  SharedAccess - ok
14:09:20.0111 4720  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:09:20.0182 4720  ShellHWDetection - ok
14:09:20.0230 4720  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:09:20.0255 4720  SiSRaid2 - ok
14:09:20.0276 4720  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
14:09:20.0330 4720  SiSRaid4 - ok
14:09:20.0554 4720  [ DDAA5F4A6B958FC313EBD02DD925752F ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:09:20.0581 4720  SkypeUpdate - ok
14:09:20.0637 4720  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:09:20.0694 4720  Smb - ok
14:09:20.0795 4720  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:09:20.0819 4720  SNMPTRAP - ok
14:09:21.0068 4720  [ 5177D14A78E60FD61DCFC6B388E7E971 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
14:09:21.0100 4720  Sony PC Companion - ok
14:09:21.0128 4720  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:09:21.0142 4720  spldr - ok
14:09:21.0329 4720  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
14:09:21.0378 4720  Spooler - ok
14:09:22.0210 4720  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
14:09:22.0316 4720  sppsvc - ok
14:09:22.0367 4720  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:09:22.0434 4720  sppuinotify - ok
14:09:22.0520 4720  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:09:22.0591 4720  srv - ok
14:09:22.0700 4720  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:09:22.0746 4720  srv2 - ok
14:09:22.0794 4720  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:09:22.0833 4720  srvnet - ok
14:09:22.0984 4720  [ F4F1E1FF6986FE8914525AF751EA3EAC ] sscdbus         C:\Windows\system32\DRIVERS\sscdbus.sys
14:09:23.0019 4720  sscdbus - ok
14:09:23.0070 4720  [ 5447690D2CFE1BDE1BE3A5A5A3E2F796 ] sscdmdfl        C:\Windows\system32\DRIVERS\sscdmdfl.sys
14:09:23.0090 4720  sscdmdfl - ok
14:09:23.0188 4720  [ BFDA292053AEB76A0C1D63B2279D5138 ] sscdmdm         C:\Windows\system32\DRIVERS\sscdmdm.sys
14:09:23.0243 4720  sscdmdm - ok
14:09:23.0372 4720  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:09:23.0479 4720  SSDPSRV - ok
14:09:23.0521 4720  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:09:23.0586 4720  SstpSvc - ok
14:09:23.0703 4720  [ EF806D212D34B0E173BAEB3564D53E37 ] ss_bbus         C:\Windows\system32\DRIVERS\ss_bbus.sys
14:09:23.0759 4720  ss_bbus - ok
14:09:23.0852 4720  [ 08B1B34ABEBEB6AC2DEA06900C56411E ] ss_bmdfl        C:\Windows\system32\DRIVERS\ss_bmdfl.sys
14:09:23.0881 4720  ss_bmdfl - ok
14:09:23.0938 4720  [ 71A9DA6BEAA4CB54DFB827FB78600A5D ] ss_bmdm         C:\Windows\system32\DRIVERS\ss_bmdm.sys
14:09:23.0979 4720  ss_bmdm - ok
14:09:24.0179 4720  [ 0632004181860960CF6E10DE8DDEF78B ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:09:24.0215 4720  Stereo Service - ok
14:09:24.0275 4720  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
14:09:24.0301 4720  stexstor - ok
14:09:24.0531 4720  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
14:09:24.0586 4720  stisvc - ok
14:09:24.0642 4720  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
14:09:24.0655 4720  storflt - ok
14:09:24.0708 4720  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
14:09:24.0738 4720  storvsc - ok
14:09:25.0176 4720  [ 3FB1D84D673B4A9AF3856C8843C7A464 ] StumbleUponUpdater C:\Users\Judith\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe
14:09:25.0180 4720  StumbleUponUpdater ( UnsignedFile.Multi.Generic ) - warning
14:09:25.0180 4720  StumbleUponUpdater - detected UnsignedFile.Multi.Generic (1)
14:09:25.0229 4720  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:09:25.0242 4720  swenum - ok
14:09:25.0387 4720  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
14:09:25.0442 4720  swprv - ok
14:09:25.0464 4720  Synth3dVsc - ok
14:09:25.0710 4720  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
14:09:26.0269 4720  SysMain - ok
14:09:26.0312 4720  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:09:26.0370 4720  TabletInputService - ok
14:09:26.0450 4720  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:09:26.0523 4720  TapiSrv - ok
14:09:26.0571 4720  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
14:09:26.0645 4720  TBS - ok
14:09:26.0882 4720  [ B62A953F2BF3922C8764A29C34A22899 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:09:26.0935 4720  Tcpip - ok
14:09:27.0046 4720  [ B62A953F2BF3922C8764A29C34A22899 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:09:27.0083 4720  TCPIP6 - ok
14:09:27.0145 4720  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:09:27.0182 4720  tcpipreg - ok
14:09:27.0236 4720  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:09:27.0286 4720  TDPIPE - ok
14:09:27.0356 4720  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:09:27.0408 4720  TDTCP - ok
14:09:27.0462 4720  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:09:27.0525 4720  tdx - ok
14:09:27.0581 4720  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:09:27.0595 4720  TermDD - ok
14:09:27.0773 4720  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
14:09:27.0852 4720  TermService - ok
14:09:28.0015 4720  [ 48D9D00C2E0E72C3D4F52772C80355F6 ] TFsExDisk       C:\Windows\System32\Drivers\TFsExDisk.sys
14:09:28.0039 4720  TFsExDisk - ok
14:09:28.0105 4720  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
14:09:28.0162 4720  Themes - ok
14:09:28.0225 4720  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
14:09:28.0261 4720  THREADORDER - ok
14:09:28.0371 4720  [ DBCC20C02E8A3E43B03C304A4E40A84F ] TPM             C:\Windows\system32\drivers\tpm.sys
14:09:28.0400 4720  TPM - ok
14:09:28.0439 4720  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
14:09:28.0504 4720  TrkWks - ok
14:09:28.0643 4720  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:09:28.0711 4720  TrustedInstaller - ok
14:09:28.0776 4720  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:09:28.0822 4720  tssecsrv - ok
14:09:28.0853 4720  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:09:28.0897 4720  TsUsbFlt - ok
14:09:28.0901 4720  tsusbhub - ok
14:09:29.0038 4720  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:09:29.0099 4720  tunnel - ok
14:09:29.0160 4720  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
14:09:29.0186 4720  uagp35 - ok
14:09:29.0268 4720  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:09:29.0349 4720  udfs - ok
14:09:29.0407 4720  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:09:29.0449 4720  UI0Detect - ok
14:09:29.0481 4720  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:09:29.0504 4720  uliagpkx - ok
14:09:29.0597 4720  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
14:09:29.0646 4720  umbus - ok
14:09:29.0679 4720  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
14:09:29.0730 4720  UmPass - ok
14:09:29.0787 4720  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll
14:09:29.0845 4720  UmRdpService - ok
14:09:30.0129 4720  [ 8B802B483CBDE06F62DBC04DC7AFAF8E ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
14:09:30.0158 4720  UMVPFSrv - ok
14:09:30.0827 4720  [ D47E82866A6FF02DAE9CEDF127C4BEE0 ] UNS             C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe
14:09:30.0893 4720  UNS - ok
14:09:30.0997 4720  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
14:09:31.0078 4720  upnphost - ok
14:09:31.0164 4720  [ FBD861E69E1F583BEC906FCD04E4F84E ] upperdev        C:\Windows\system32\DRIVERS\usbser_lowerfltx64.sys
14:09:31.0241 4720  upperdev - ok
14:09:31.0365 4720  [ AA33FC47ED58C34E6E9261E4F850B7EB ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
14:09:31.0396 4720  USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning
14:09:31.0396 4720  USBAAPL64 - detected UnsignedFile.Multi.Generic (1)
14:09:31.0461 4720  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
14:09:31.0496 4720  usbaudio - ok
14:09:31.0536 4720  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:09:31.0588 4720  usbccgp - ok
14:09:31.0684 4720  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:09:31.0730 4720  usbcir - ok
14:09:31.0794 4720  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
14:09:31.0853 4720  usbehci - ok
14:09:31.0923 4720  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:09:31.0970 4720  usbhub - ok
14:09:31.0986 4720  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:09:32.0034 4720  usbohci - ok
14:09:32.0128 4720  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:09:32.0168 4720  usbprint - ok
14:09:32.0194 4720  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
14:09:32.0224 4720  usbscan - ok
14:09:32.0282 4720  [ 4ACEE387FA8FD39F83564FCD2FC234F2 ] usbser          C:\Windows\system32\DRIVERS\usbser.sys
14:09:32.0355 4720  usbser - ok
14:09:32.0435 4720  [ 0FBB0080B287BBCBF5C7076E3D74A35C ] UsbserFilt      C:\Windows\system32\DRIVERS\usbser_lowerfltjx64.sys
14:09:32.0492 4720  UsbserFilt - ok
14:09:32.0530 4720  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:09:32.0586 4720  USBSTOR - ok
14:09:32.0610 4720  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
14:09:32.0652 4720  usbuhci - ok
14:09:32.0757 4720  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
14:09:32.0815 4720  usbvideo - ok
14:09:32.0886 4720  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
14:09:32.0949 4720  UxSms - ok
14:09:32.0970 4720  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
14:09:32.0986 4720  VaultSvc - ok
14:09:33.0054 4720  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:09:33.0068 4720  vdrvroot - ok
14:09:33.0222 4720  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
14:09:33.0290 4720  vds - ok
14:09:33.0380 4720  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:09:33.0414 4720  vga - ok
14:09:33.0435 4720  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:09:33.0499 4720  VgaSave - ok
14:09:33.0529 4720  VGPU - ok
14:09:33.0580 4720  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:09:33.0607 4720  vhdmp - ok
14:09:33.0961 4720  [ DB88CA4F876C7DCAEEC29BAB9E31FFC1 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
14:09:34.0004 4720  VIAHdAudAddService - ok
14:09:34.0032 4720  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:09:34.0068 4720  viaide - ok
14:09:34.0105 4720  [ 86EA3E79AE350FEA5331A1303054005F ] vmbus           C:\Windows\system32\drivers\vmbus.sys
14:09:34.0140 4720  vmbus - ok
14:09:34.0166 4720  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
14:09:34.0220 4720  VMBusHID - ok
14:09:34.0241 4720  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:09:34.0265 4720  volmgr - ok
14:09:34.0338 4720  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:09:34.0372 4720  volmgrx - ok
14:09:34.0466 4720  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:09:34.0493 4720  volsnap - ok
14:09:35.0198 4720  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
14:09:35.0274 4720  vsmraid - ok
14:09:35.0574 4720  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
14:09:35.0650 4720  VSS - ok
14:09:35.0674 4720  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
14:09:35.0733 4720  vwifibus - ok
14:09:35.0841 4720  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
14:09:35.0906 4720  W32Time - ok
14:09:35.0938 4720  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
14:09:35.0978 4720  WacomPen - ok
14:09:36.0058 4720  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:09:36.0119 4720  WANARP - ok
14:09:36.0159 4720  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:09:36.0192 4720  Wanarpv6 - ok
14:09:36.0573 4720  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
14:09:36.0619 4720  wbengine - ok
14:09:36.0670 4720  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:09:36.0705 4720  WbioSrvc - ok
14:09:36.0916 4720  [ 8BDA6DB43AA54E8BB5E0794541DDC209 ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
14:09:36.0948 4720  WcesComm - ok
14:09:37.0073 4720  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:09:37.0112 4720  wcncsvc - ok
14:09:37.0140 4720  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:09:37.0193 4720  WcsPlugInService - ok
14:09:37.0231 4720  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
14:09:37.0258 4720  Wd - ok
14:09:37.0482 4720  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:09:37.0522 4720  Wdf01000 - ok
14:09:37.0544 4720  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:09:37.0591 4720  WdiServiceHost - ok
14:09:37.0599 4720  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:09:37.0620 4720  WdiSystemHost - ok
14:09:37.0706 4720  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
14:09:37.0761 4720  WebClient - ok
14:09:37.0859 4720  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:09:37.0930 4720  Wecsvc - ok
14:09:37.0959 4720  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:09:38.0019 4720  wercplsupport - ok
14:09:38.0078 4720  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:09:38.0130 4720  WerSvc - ok
14:09:38.0181 4720  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:09:38.0236 4720  WfpLwf - ok
14:09:38.0256 4720  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:09:38.0281 4720  WIMMount - ok
14:09:38.0358 4720  WinDefend - ok
14:09:38.0364 4720  WinHttpAutoProxySvc - ok
14:09:38.0593 4720  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:09:38.0663 4720  Winmgmt - ok
14:09:38.0973 4720  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
14:09:39.0047 4720  WinRM - ok
14:09:39.0153 4720  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
14:09:39.0206 4720  WinUsb - ok
14:09:39.0486 4720  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:09:39.0559 4720  Wlansvc - ok
14:09:39.0614 4720  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:09:39.0661 4720  WmiAcpi - ok
14:09:39.0725 4720  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:09:39.0743 4720  wmiApSrv - ok
14:09:39.0813 4720  WMPNetworkSvc - ok
14:09:39.0892 4720  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:09:39.0947 4720  WPCSvc - ok
14:09:40.0025 4720  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:09:40.0054 4720  WPDBusEnum - ok
14:09:40.0094 4720  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:09:40.0163 4720  ws2ifsl - ok
14:09:40.0190 4720  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
14:09:40.0238 4720  wscsvc - ok
14:09:40.0242 4720  WSearch - ok
14:09:40.0870 4720  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:09:40.0928 4720  wuauserv - ok
14:09:40.0979 4720  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:09:41.0022 4720  WudfPf - ok
14:09:41.0165 4720  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:09:41.0218 4720  WUDFRd - ok
14:09:41.0269 4720  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:09:41.0328 4720  wudfsvc - ok
14:09:41.0429 4720  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:09:41.0465 4720  WwanSvc - ok
14:09:41.0525 4720  ================ Scan global ===============================
14:09:41.0600 4720  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:09:41.0735 4720  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
14:09:41.0770 4720  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
14:09:41.0831 4720  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:09:41.0971 4720  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:09:41.0990 4720  [Global] - ok
14:09:41.0991 4720  ================ Scan MBR ==================================
14:09:42.0013 4720  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:09:46.0174 4720  \Device\Harddisk0\DR0 - ok
14:09:46.0196 4720  [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk1\DR1
14:09:46.0682 4720  \Device\Harddisk1\DR1 - ok
14:09:46.0685 4720  ================ Scan VBR ==================================
14:09:46.0713 4720  [ DDCC59EF278F7DE6678D973D5D830E81 ] \Device\Harddisk0\DR0\Partition1
14:09:46.0738 4720  \Device\Harddisk0\DR0\Partition1 - ok
14:09:46.0756 4720  [ B4147B8D609F6124CFD3483E4427D904 ] \Device\Harddisk0\DR0\Partition2
14:09:46.0781 4720  \Device\Harddisk0\DR0\Partition2 - ok
14:09:46.0806 4720  [ CF2B159744DA1FA93ED8F4800CF0C3BD ] \Device\Harddisk0\DR0\Partition3
14:09:46.0859 4720  \Device\Harddisk0\DR0\Partition3 - ok
14:09:46.0861 4720  [ B550849DEDDC1B0101E7E8D59762AFEF ] \Device\Harddisk1\DR1\Partition1
14:09:46.0863 4720  \Device\Harddisk1\DR1\Partition1 - ok
14:09:46.0863 4720  ============================================================
14:09:46.0863 4720  Scan finished
14:09:46.0863 4720  ============================================================
14:09:46.0877 4168  Detected object count: 6
14:09:46.0877 4168  Actual detected object count: 6
14:10:20.0393 4168  hpqcxs08 ( UnsignedFile.Multi.Generic ) - skipped by user
14:10:20.0393 4168  hpqcxs08 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:10:20.0395 4168  hpqddsvc ( UnsignedFile.Multi.Generic ) - skipped by user
14:10:20.0395 4168  hpqddsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:10:20.0396 4168  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:10:20.0396 4168  Net Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:10:20.0398 4168  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
14:10:20.0398 4168  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:10:20.0399 4168  StumbleUponUpdater ( UnsignedFile.Multi.Generic ) - skipped by user
14:10:20.0399 4168  StumbleUponUpdater ( UnsignedFile.Multi.Generic ) - User select action: Skip 
14:10:20.0401 4168  USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user
14:10:20.0401 4168  USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 15.02.2013, 13:40   #11
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Delta Search lässt sich nicht entfernen - Standard

Delta Search lässt sich nicht entfernen



Unauffällig

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 15.02.2013, 14:02   #12
Lesserclown
 
Delta Search lässt sich nicht entfernen - Standard

Delta Search lässt sich nicht entfernen



Code:
ATTFilter
# AdwCleaner v2.112 - Datei am 15/02/2013 um 14:47:36 erstellt
# Aktualisiert am 10/02/2013 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzer : Judith - JUDITH-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Judith\Desktop\adwcleaner0.exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : IB Updater

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\avg-secure-search.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Datei Gelöscht : C:\Users\Judith\AppData\Roaming\Mozilla\Firefox\Profiles\v84h9s76.default\searchplugins\delta.xml
Datei Gelöscht : C:\Users\Judith\AppData\Roaming\Mozilla\Firefox\Profiles\v84h9s76.default\searchplugins\MyStart Search.xml
Datei Gelöscht : C:\Users\Judith\AppData\Roaming\Mozilla\Firefox\Profiles\v84h9s76.default\searchplugins\Plusnetwork.xml
Ordner Gelöscht : C:\Program Files (x86)\AVG Secure Search
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\Perion
Ordner Gelöscht : C:\Program Files\IB Updater
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\InstallMate
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\Judith\AppData\Local\APN
Ordner Gelöscht : C:\Users\Judith\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Ordner Gelöscht : C:\Users\Judith\AppData\LocalLow\AVG Security Toolbar
Ordner Gelöscht : C:\Users\Judith\AppData\LocalLow\boost_interprocess
Ordner Gelöscht : C:\Users\Judith\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Judith\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Judith\AppData\Roaming\BrowserCompanion
Ordner Gelöscht : C:\Users\Judith\AppData\Roaming\Mozilla\Firefox\Profiles\v84h9s76.default\ConduitCommon
Ordner Gelöscht : C:\Users\Judith\AppData\Roaming\Mozilla\Firefox\Profiles\v84h9s76.default\extensions\bbrs_002@blabbers.com

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\1ClickDownload
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403A-B9D2-65C292C39087}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403A-B9D2-65C292C39087}
Schlüssel Gelöscht : HKCU\Software\PIP
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\5d2d88bbc6eea41
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Conduit.Engine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2438727
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2724386
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2724407
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\IB Updater
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\Software\ImInstaller
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_winrar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_winrar_RASMANCS
Schlüssel Gelöscht : HKLM\Software\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\5d2d88bbc6eea41
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Tarma Installer
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16464

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-search.com/?affID=119776&babsrc=HP_ss&mntrId=646b8b60000000000000bcaec54621d0 --> hxxp://www.google.com

-\\ Mozilla Firefox v18.0.2 (de)

Datei : C:\Users\Judith\AppData\Roaming\Mozilla\Firefox\Profiles\v84h9s76.default\prefs.js

C:\Users\Judith\AppData\Roaming\Mozilla\Firefox\Profiles\v84h9s76.default\user.js ... Gelöscht !

Gelöscht : user_pref("CT2438727..clientLogIsEnabled", false);
Gelöscht : user_pref("CT2438727..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gelöscht : user_pref("CT2438727..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gelöscht : user_pref("CT2438727.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Gelöscht : user_pref("CT2438727.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gelöscht : user_pref("CT2438727.AppTrackingLastCheckTime", "Mon Apr 23 2012 17:32:33 GMT+0200");
Gelöscht : user_pref("CT2438727.CT2438727", "CT2438727");
Gelöscht : user_pref("CT2438727.CommunitiesChangesLastCheckTime", "0");
Gelöscht : user_pref("CT2438727.CurrentServerDate", "16-7-2012");
Gelöscht : user_pref("CT2438727.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2438727.DialogsGetterLastCheckTime", "Mon Jul 16 2012 22:54:15 GMT+0200");
Gelöscht : user_pref("CT2438727.DownloadReferralCookieData", "{\"BannerName\":\"\",\"BannerTypeId\":\"\",\"Bann[...]
Gelöscht : user_pref("CT2438727.FirstServerDate", "2-7-2011");
Gelöscht : user_pref("CT2438727.FirstTime", true);
Gelöscht : user_pref("CT2438727.FirstTimeFF3", true);
Gelöscht : user_pref("CT2438727.FixPageNotFoundErrors", false);
Gelöscht : user_pref("CT2438727.GroupingInvalidateCache", false);
Gelöscht : user_pref("CT2438727.GroupingLastCheckTime", "0");
Gelöscht : user_pref("CT2438727.GroupingLastServerUpdateTime", "0");
Gelöscht : user_pref("CT2438727.GroupingServerCheckInterval", 1440);
Gelöscht : user_pref("CT2438727.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gelöscht : user_pref("CT2438727.HasUserGlobalKeys", true);
Gelöscht : user_pref("CT2438727.HomePageProtectorEnabled", false);
Gelöscht : user_pref("CT2438727.Initialize", true);
Gelöscht : user_pref("CT2438727.InitializeCommonPrefs", true);
Gelöscht : user_pref("CT2438727.InstallationAndCookieDataSentCount", 3);
Gelöscht : user_pref("CT2438727.InstalledDate", "Sat Jul 02 2011 22:36:37 GMT+0200");
Gelöscht : user_pref("CT2438727.InvalidateCache", false);
Gelöscht : user_pref("CT2438727.IsAlertDBUpdated", true);
Gelöscht : user_pref("CT2438727.IsGrouping", false);
Gelöscht : user_pref("CT2438727.IsInitSetupIni", true);
Gelöscht : user_pref("CT2438727.IsMulticommunity", false);
Gelöscht : user_pref("CT2438727.IsOpenThankYouPage", true);
Gelöscht : user_pref("CT2438727.IsOpenUninstallPage", true);
Gelöscht : user_pref("CT2438727.IsProtectorsInit", true);
Gelöscht : user_pref("CT2438727.LanguagePackLastCheckTime", "Mon Jul 16 2012 22:54:15 GMT+0200");
Gelöscht : user_pref("CT2438727.LanguagePackReloadIntervalMM", 1440);
Gelöscht : user_pref("CT2438727.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gelöscht : user_pref("CT2438727.LastLogin_3.10.0.1", "Wed Apr 18 2012 07:24:02 GMT+0200");
Gelöscht : user_pref("CT2438727.LastLogin_3.12.0.7", "Mon Apr 30 2012 12:41:57 GMT+0200");
Gelöscht : user_pref("CT2438727.LastLogin_3.12.2.3", "Wed May 30 2012 13:52:06 GMT+0200");
Gelöscht : user_pref("CT2438727.LastLogin_3.13.0.6", "Mon Jul 16 2012 22:54:07 GMT+0200");
Gelöscht : user_pref("CT2438727.LastLogin_3.5.0.12", "Wed Aug 17 2011 12:45:22 GMT+0200");
Gelöscht : user_pref("CT2438727.LastLogin_3.6.0.10", "Tue Sep 27 2011 20:25:42 GMT+0200");
Gelöscht : user_pref("CT2438727.LastLogin_3.7.0.6", "Mon Nov 07 2011 10:13:05 GMT+0100");
Gelöscht : user_pref("CT2438727.LastLogin_3.8.0.8", "Wed Dec 07 2011 20:44:11 GMT+0100");
Gelöscht : user_pref("CT2438727.LastLogin_3.8.1.0", "Wed Jan 11 2012 11:02:49 GMT+0100");
Gelöscht : user_pref("CT2438727.LastLogin_3.9.0.3", "Thu Mar 08 2012 13:46:02 GMT+0100");
Gelöscht : user_pref("CT2438727.LatestVersion", "3.14.1.0");
Gelöscht : user_pref("CT2438727.Locale", "en");
Gelöscht : user_pref("CT2438727.MCDetectTooltipHeight", "83");
Gelöscht : user_pref("CT2438727.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gelöscht : user_pref("CT2438727.MCDetectTooltipWidth", "295");
Gelöscht : user_pref("CT2438727.MyStuffEnabledAtInstallation", true);
Gelöscht : user_pref("CT2438727.OriginalFirstVersion", "3.5.0.12");
Gelöscht : user_pref("CT2438727.RadioLastCheckTime", "0");
Gelöscht : user_pref("CT2438727.RadioLastUpdateIPServer", "0");
Gelöscht : user_pref("CT2438727.RadioLastUpdateServer", "0");
Gelöscht : user_pref("CT2438727.SearchBoxWidth", 100);
Gelöscht : user_pref("CT2438727.SearchEngineBeforeUnload", "MyStart Search");
Gelöscht : user_pref("CT2438727.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT243[...]
Gelöscht : user_pref("CT2438727.SearchInNewTabEnabled", true);
Gelöscht : user_pref("CT2438727.SearchInNewTabIntervalMM", 1440);
Gelöscht : user_pref("CT2438727.SearchInNewTabLastCheckTime", "Mon Jul 16 2012 22:54:07 GMT+0200");
Gelöscht : user_pref("CT2438727.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gelöscht : user_pref("CT2438727.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
Gelöscht : user_pref("CT2438727.SearchInNewTabUserEnabled", false);
Gelöscht : user_pref("CT2438727.SearchProtectorEnabled", false);
Gelöscht : user_pref("CT2438727.SearchProtectorToolbarDisabled", false);
Gelöscht : user_pref("CT2438727.ServiceMapLastCheckTime", "Mon Jul 16 2012 22:54:07 GMT+0200");
Gelöscht : user_pref("CT2438727.SettingsLastCheckTime", "Mon Jul 16 2012 22:54:05 GMT+0200");
Gelöscht : user_pref("CT2438727.SettingsLastUpdate", "1342352416");
Gelöscht : user_pref("CT2438727.ThirdPartyComponentsInterval", 504);
Gelöscht : user_pref("CT2438727.ThirdPartyComponentsLastCheck", "Wed May 02 2012 14:50:42 GMT+0200");
Gelöscht : user_pref("CT2438727.ThirdPartyComponentsLastUpdate", "1331805997");
Gelöscht : user_pref("CT2438727.ToolbarShrinkedFromSetup", false);
Gelöscht : user_pref("CT2438727.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2438727");
Gelöscht : user_pref("CT2438727.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Gelöscht : user_pref("CT2438727.UserID", "UN92521983350592780");
Gelöscht : user_pref("CT2438727.ValidationData_Search", 1);
Gelöscht : user_pref("CT2438727.ValidationData_Toolbar", 2);
Gelöscht : user_pref("CT2438727.alertChannelId", "832836");
Gelöscht : user_pref("CT2438727.backendstorage.currentgame", "6661726D");
Gelöscht : user_pref("CT2438727.components.1000034", false);
Gelöscht : user_pref("CT2438727.components.1000082", false);
Gelöscht : user_pref("CT2438727.components.1000234", false);
Gelöscht : user_pref("CT2438727.components.1000515", false);
Gelöscht : user_pref("CT2438727.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Gelöscht : user_pref("CT2438727.globalFirstTimeInfoLastCheckTime", "Tue May 22 2012 12:49:18 GMT+0200");
Gelöscht : user_pref("CT2438727.homepageProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2438727.initDone", true);
Gelöscht : user_pref("CT2438727.isAppTrackingManagerOn", true);
Gelöscht : user_pref("CT2438727.myStuffEnabled", true);
Gelöscht : user_pref("CT2438727.myStuffPublihserMinWidth", 400);
Gelöscht : user_pref("CT2438727.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gelöscht : user_pref("CT2438727.myStuffServiceIntervalMM", 1440);
Gelöscht : user_pref("CT2438727.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gelöscht : user_pref("CT2438727.oldAppsList", "129017707048431316,129017707048587567,111,129509324767711885,129[...]
Gelöscht : user_pref("CT2438727.revertSettingsEnabled", true);
Gelöscht : user_pref("CT2438727.searchProtectorDialogDelayInSec", 10);
Gelöscht : user_pref("CT2438727.searchProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2438727.testingCtid", "");
Gelöscht : user_pref("CT2438727.toolbarAppMetaDataLastCheckTime", "Mon Jul 16 2012 22:54:15 GMT+0200");
Gelöscht : user_pref("CT2438727.toolbarContextMenuLastCheckTime", "Tue May 22 2012 12:49:18 GMT+0200");
Gelöscht : user_pref("CT2438727.usagesFlag", 2);
Gelöscht : user_pref("CT2724386..clientLogIsEnabled", true);
Gelöscht : user_pref("CT2724386..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gelöscht : user_pref("CT2724386..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gelöscht : user_pref("CT2724386.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Gelöscht : user_pref("CT2724386.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gelöscht : user_pref("CT2724386.BrowserCompStateIsOpen_129464706887642629", true);
Gelöscht : user_pref("CT2724386.BrowserCompStateIsOpen_129723002078767475", true);
Gelöscht : user_pref("CT2724386.CTID", "CT2724386");
Gelöscht : user_pref("CT2724386.CurrentServerDate", "12-3-2012");
Gelöscht : user_pref("CT2724386.DSInstall", false);
Gelöscht : user_pref("CT2724386.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2724386.DialogsGetterLastCheckTime", "Mon Mar 12 2012 21:12:19 GMT+0100");
Gelöscht : user_pref("CT2724386.DownloadReferralCookieData", "");
Gelöscht : user_pref("CT2724386.FirstServerDate", "12-3-2012");
Gelöscht : user_pref("CT2724386.FirstTime", true);
Gelöscht : user_pref("CT2724386.FirstTimeFF3", true);
Gelöscht : user_pref("CT2724386.FixPageNotFoundErrors", false);
Gelöscht : user_pref("CT2724386.GroupingServerCheckInterval", 1440);
Gelöscht : user_pref("CT2724386.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gelöscht : user_pref("CT2724386.HPInstall", false);
Gelöscht : user_pref("CT2724386.HasUserGlobalKeys", true);
Gelöscht : user_pref("CT2724386.Initialize", true);
Gelöscht : user_pref("CT2724386.InitializeCommonPrefs", true);
Gelöscht : user_pref("CT2724386.InstallationAndCookieDataSentCount", 1);
Gelöscht : user_pref("CT2724386.InstallationId", "ConduitNSISIntegration");
Gelöscht : user_pref("CT2724386.InstallationType", "ConduitXPEIntegration");
Gelöscht : user_pref("CT2724386.InstalledDate", "Mon Mar 12 2012 21:12:13 GMT+0100");
Gelöscht : user_pref("CT2724386.InvalidateCache", false);
Gelöscht : user_pref("CT2724386.IsGrouping", false);
Gelöscht : user_pref("CT2724386.IsInitSetupIni", true);
Gelöscht : user_pref("CT2724386.IsMulticommunity", false);
Gelöscht : user_pref("CT2724386.IsOpenThankYouPage", false);
Gelöscht : user_pref("CT2724386.IsOpenUninstallPage", true);
Gelöscht : user_pref("CT2724386.LanguagePackLastCheckTime", "Mon Mar 12 2012 21:12:24 GMT+0100");
Gelöscht : user_pref("CT2724386.LanguagePackReloadIntervalMM", 1440);
Gelöscht : user_pref("CT2724386.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gelöscht : user_pref("CT2724386.LastLogin_3.10.0.1", "Mon Mar 12 2012 21:12:27 GMT+0100");
Gelöscht : user_pref("CT2724386.LatestVersion", "3.10.0.1");
Gelöscht : user_pref("CT2724386.Locale", "en");
Gelöscht : user_pref("CT2724386.MCDetectTooltipHeight", "83");
Gelöscht : user_pref("CT2724386.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gelöscht : user_pref("CT2724386.MCDetectTooltipWidth", "295");
Gelöscht : user_pref("CT2724386.MyStuffEnabledAtInstallation", true);
Gelöscht : user_pref("CT2724386.OriginalFirstVersion", "3.10.0.1");
Gelöscht : user_pref("CT2724386.RadioLastCheckTime", "Mon Mar 12 2012 21:12:27 GMT+0100");
Gelöscht : user_pref("CT2724386.RadioLastUpdateIPServer", "3");
Gelöscht : user_pref("CT2724386.RadioLastUpdateServer", "129249036863500000");
Gelöscht : user_pref("CT2724386.RadioShrinkedFromSetup", false);
Gelöscht : user_pref("CT2724386.SearchCaption", "IncrediMail MediaBar 2 Customized Web Search");
Gelöscht : user_pref("CT2724386.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("CT2724386.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT272[...]
Gelöscht : user_pref("CT2724386.SearchInNewTabEnabled", true);
Gelöscht : user_pref("CT2724386.SearchInNewTabIntervalMM", 1440);
Gelöscht : user_pref("CT2724386.SearchInNewTabLastCheckTime", "Mon Mar 12 2012 21:12:27 GMT+0100");
Gelöscht : user_pref("CT2724386.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gelöscht : user_pref("CT2724386.SendProtectorDataViaLogin", true);
Gelöscht : user_pref("CT2724386.ServiceMapLastCheckTime", "Mon Mar 12 2012 21:12:07 GMT+0100");
Gelöscht : user_pref("CT2724386.SettingsLastCheckTime", "Mon Mar 12 2012 21:12:07 GMT+0100");
Gelöscht : user_pref("CT2724386.SettingsLastUpdate", "1331474260");
Gelöscht : user_pref("CT2724386.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2724386&SearchSource=13");
Gelöscht : user_pref("CT2724386.ThirdPartyComponentsInterval", 504);
Gelöscht : user_pref("CT2724386.ThirdPartyComponentsLastCheck", "Mon Mar 12 2012 21:12:07 GMT+0100");
Gelöscht : user_pref("CT2724386.ThirdPartyComponentsLastUpdate", "1312887586");
Gelöscht : user_pref("CT2724386.ToolbarShrinkedFromSetup", false);
Gelöscht : user_pref("CT2724386.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2724386");
Gelöscht : user_pref("CT2724386.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Gelöscht : user_pref("CT2724386.UserID", "UN71817324039339910");
Gelöscht : user_pref("CT2724386.WeatherNetwork", "");
Gelöscht : user_pref("CT2724386.WeatherPollDate", "Mon Mar 12 2012 21:12:27 GMT+0100");
Gelöscht : user_pref("CT2724386.WeatherUnit", "C");
Gelöscht : user_pref("CT2724386.alertChannelId", "1116652");
Gelöscht : user_pref("CT2724386.autoDisableScopes", 0);
Gelöscht : user_pref("CT2724386.backendstorage.hxxp://api10_thetrafficstat_net.pid2", "366365653837316161326238[...]
Gelöscht : user_pref("CT2724386.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Gelöscht : user_pref("CT2724386.globalFirstTimeInfoLastCheckTime", "Mon Mar 12 2012 21:12:17 GMT+0100");
Gelöscht : user_pref("CT2724386.homepageProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2724386.initDone", true);
Gelöscht : user_pref("CT2724386.isAppTrackingManagerOn", true);
Gelöscht : user_pref("CT2724386.isFirstRadioInstallation", false);
Gelöscht : user_pref("CT2724386.myStuffEnabled", true);
Gelöscht : user_pref("CT2724386.myStuffPublihserMinWidth", 400);
Gelöscht : user_pref("CT2724386.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gelöscht : user_pref("CT2724386.myStuffServiceIntervalMM", 1440);
Gelöscht : user_pref("CT2724386.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gelöscht : user_pref("CT2724386.navigateToUrlOnSearch", false);
Gelöscht : user_pref("CT2724386.revertSettingsEnabled", false);
Gelöscht : user_pref("CT2724386.searchProtectorDialogDelayInSec", 10);
Gelöscht : user_pref("CT2724386.searchProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2724386.testingCtid", "");
Gelöscht : user_pref("CT2724386.toolbarAppMetaDataLastCheckTime", "Mon Mar 12 2012 21:12:13 GMT+0100");
Gelöscht : user_pref("CT2724386.toolbarContextMenuLastCheckTime", "Mon Mar 12 2012 21:12:27 GMT+0100");
Gelöscht : user_pref("CT2724386.usagesFlag", 1);
Gelöscht : user_pref("CT2724407..clientLogIsEnabled", true);
Gelöscht : user_pref("CT2724407..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gelöscht : user_pref("CT2724407..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gelöscht : user_pref("CT2724407.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gelöscht : user_pref("CT2724407.CTID", "CT2724407");
Gelöscht : user_pref("CT2724407.CurrentServerDate", "2-7-2011");
Gelöscht : user_pref("CT2724407.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2724407.DialogsGetterLastCheckTime", "Sat Jul 02 2011 17:30:27 GMT+0200");
Gelöscht : user_pref("CT2724407.DownloadReferralCookieData", "");
Gelöscht : user_pref("CT2724407.FirstServerDate", "2-7-2011");
Gelöscht : user_pref("CT2724407.FirstTime", true);
Gelöscht : user_pref("CT2724407.FirstTimeFF3", true);
Gelöscht : user_pref("CT2724407.FixPageNotFoundErrors", false);
Gelöscht : user_pref("CT2724407.GroupingServerCheckInterval", 1440);
Gelöscht : user_pref("CT2724407.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gelöscht : user_pref("CT2724407.HasUserGlobalKeys", true);
Gelöscht : user_pref("CT2724407.Initialize", true);
Gelöscht : user_pref("CT2724407.InitializeCommonPrefs", true);
Gelöscht : user_pref("CT2724407.InstallationAndCookieDataSentCount", 1);
Gelöscht : user_pref("CT2724407.InstallationType", "UnknownIntegration");
Gelöscht : user_pref("CT2724407.InstalledDate", "Sat Jul 02 2011 17:30:28 GMT+0200");
Gelöscht : user_pref("CT2724407.InvalidateCache", false);
Gelöscht : user_pref("CT2724407.IsGrouping", false);
Gelöscht : user_pref("CT2724407.IsInitSetupIni", true);
Gelöscht : user_pref("CT2724407.IsMulticommunity", false);
Gelöscht : user_pref("CT2724407.IsOpenThankYouPage", false);
Gelöscht : user_pref("CT2724407.IsOpenUninstallPage", true);
Gelöscht : user_pref("CT2724407.LanguagePackLastCheckTime", "Sat Jul 02 2011 17:30:31 GMT+0200");
Gelöscht : user_pref("CT2724407.LanguagePackReloadIntervalMM", 1440);
Gelöscht : user_pref("CT2724407.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gelöscht : user_pref("CT2724407.LastLogin_3.5.0.12", "Sat Jul 02 2011 17:30:27 GMT+0200");
Gelöscht : user_pref("CT2724407.LatestVersion", "3.3.5.1");
Gelöscht : user_pref("CT2724407.Locale", "de");
Gelöscht : user_pref("CT2724407.MCDetectTooltipHeight", "83");
Gelöscht : user_pref("CT2724407.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gelöscht : user_pref("CT2724407.MCDetectTooltipWidth", "295");
Gelöscht : user_pref("CT2724407.MyStuffEnabledAtInstallation", true);
Gelöscht : user_pref("CT2724407.OriginalFirstVersion", "3.5.0.12");
Gelöscht : user_pref("CT2724407.RadioIsPodcast", false);
Gelöscht : user_pref("CT2724407.RadioLastCheckTime", "Sat Jul 02 2011 17:30:30 GMT+0200");
Gelöscht : user_pref("CT2724407.RadioLastUpdateIPServer", "3");
Gelöscht : user_pref("CT2724407.RadioLastUpdateServer", "129249047784100000");
Gelöscht : user_pref("CT2724407.RadioMediaID", "21080119");
Gelöscht : user_pref("CT2724407.RadioMediaType", "Media Player");
Gelöscht : user_pref("CT2724407.RadioMenuSelectedID", "EBRadioMenu_CT272440721080119");
Gelöscht : user_pref("CT2724407.RadioShrinkedFromSetup", false);
Gelöscht : user_pref("CT2724407.RadioStationName", "Royal-Radio%20");
Gelöscht : user_pref("CT2724407.RadioStationURL", "");
Gelöscht : user_pref("CT2724407.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("CT2724407.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT272[...]
Gelöscht : user_pref("CT2724407.SearchInNewTabEnabled", true);
Gelöscht : user_pref("CT2724407.SearchInNewTabIntervalMM", 1440);
Gelöscht : user_pref("CT2724407.SearchInNewTabLastCheckTime", "Sat Jul 02 2011 17:30:29 GMT+0200");
Gelöscht : user_pref("CT2724407.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gelöscht : user_pref("CT2724407.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gelöscht : user_pref("CT2724407.ServiceMapLastCheckTime", "Sat Jul 02 2011 17:30:26 GMT+0200");
Gelöscht : user_pref("CT2724407.SettingsLastCheckTime", "Sat Jul 02 2011 17:30:26 GMT+0200");
Gelöscht : user_pref("CT2724407.SettingsLastUpdate", "1306530423");
Gelöscht : user_pref("CT2724407.ThirdPartyComponentsInterval", 504);
Gelöscht : user_pref("CT2724407.ThirdPartyComponentsLastCheck", "Sat Jul 02 2011 17:30:26 GMT+0200");
Gelöscht : user_pref("CT2724407.ThirdPartyComponentsLastUpdate", "1255344657");
Gelöscht : user_pref("CT2724407.ToolbarShrinkedFromSetup", false);
Gelöscht : user_pref("CT2724407.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2724407");
Gelöscht : user_pref("CT2724407.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,OurTo[...]
Gelöscht : user_pref("CT2724407.UserID", "UN29425266179568044");
Gelöscht : user_pref("CT2724407.WeatherNetwork", "");
Gelöscht : user_pref("CT2724407.WeatherPollDate", "Sat Jul 02 2011 17:30:30 GMT+0200");
Gelöscht : user_pref("CT2724407.WeatherUnit", "C");
Gelöscht : user_pref("CT2724407.alertChannelId", "1116673");
Gelöscht : user_pref("CT2724407.generalConfigFromLogin", "{\"SocialDomains\":\"social.conduit.com;apps.conduit.[...]
Gelöscht : user_pref("CT2724407.globalFirstTimeInfoLastCheckTime", "Sat Jul 02 2011 17:30:28 GMT+0200");
Gelöscht : user_pref("CT2724407.homepageProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2724407.initDone", true);
Gelöscht : user_pref("CT2724407.isAppTrackingManagerOn", true);
Gelöscht : user_pref("CT2724407.isFirstRadioInstallation", false);
Gelöscht : user_pref("CT2724407.myStuffEnabled", true);
Gelöscht : user_pref("CT2724407.myStuffPublihserMinWidth", 400);
Gelöscht : user_pref("CT2724407.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gelöscht : user_pref("CT2724407.myStuffServiceIntervalMM", 1440);
Gelöscht : user_pref("CT2724407.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gelöscht : user_pref("CT2724407.searchProtectorDialogDelayInSec", 10);
Gelöscht : user_pref("CT2724407.searchProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2724407.testingCtid", "");
Gelöscht : user_pref("CT2724407.toolbarAppMetaDataLastCheckTime", "Sat Jul 02 2011 17:30:27 GMT+0200");
Gelöscht : user_pref("CT2724407.toolbarContextMenuLastCheckTime", "Sat Jul 02 2011 17:30:31 GMT+0200");
Gelöscht : user_pref("CT2724407.usagesFlag", 1);
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2438727/CT2438727[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2724386/CT2724386[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1116673/1112377/DE", "\"0\"[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/832836/828639/DE", "\"0\"")[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2438727", [...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2724386", [...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2724407", [...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.5.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.6.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.9.[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2438727",[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2724386",[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2724407",[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2438727&octid=[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2438727/CT2438727[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2724407/CT2724407[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/27/243/CT2438727/Images/Blank.png", "\"2[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de", "\"634[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"b24[...]
Gelöscht : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Judith\\AppData\\Roaming\\Mozilla\\[...]
Gelöscht : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.2.3");
Gelöscht : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://mystart.incredimail.com//?loc=ff_[...]
Gelöscht : user_pref("CommunityToolbar.ToolbarsList", "CT2724407,CT2438727,CT2724386");
Gelöscht : user_pref("CommunityToolbar.ToolbarsList2", "CT2724407,CT2438727,CT2724386");
Gelöscht : user_pref("CommunityToolbar.ToolbarsList4", "CT2724407,CT2438727,CT2724386");
Gelöscht : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Mon Mar 12 2012 21:12:23 GMT+0100");
Gelöscht : user_pref("CommunityToolbar.globalUserId", "48072bec-d4d8-4fea-8c3f-f3bea346c167");
Gelöscht : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
Gelöscht : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
Gelöscht : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2724386");
Gelöscht : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Tue May 22 2012 12:49:1[...]
Gelöscht : user_pref("CommunityToolbar.notifications.alertEnabled", false);
Gelöscht : user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);
Gelöscht : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sat Jul 02 2011 22:36:43 GMT+020[...]
Gelöscht : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gelöscht : user_pref("CommunityToolbar.notifications.locale", "en");
Gelöscht : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
Gelöscht : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Tue May 22 2012 12:49:16 GMT+0200");
Gelöscht : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
Gelöscht : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
Gelöscht : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gelöscht : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
Gelöscht : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
Gelöscht : user_pref("CommunityToolbar.notifications.userId", "fe3a4fce-4827-44db-8ef0-cfae4f4ce82f");
Gelöscht : user_pref("CommunityToolbar.originalHomepage", "hxxp://de-de.facebook.com/");
Gelöscht : user_pref("CommunityToolbar.originalSearchEngine", "AVG Secure Search");
Gelöscht : user_pref("extensions.BabylonToolbar_i.newTab", true);
Gelöscht : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.delta-search.com/?affID=119776&babsrc[...]

-\\ Google Chrome v24.0.1312.57

Datei : C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gelöscht [l.20] : urls_to_restore_on_startup = [ "hxxp://www.facebook.com/", "hxxp://www.delta-search.com/?a[...]
Gelöscht [l.2981] : urls_to_restore_on_startup = [ "hxxp://www.facebook.com/", "hxxp://www.delta-search.com/?affI[...]

*************************

AdwCleaner[S1].txt - [38149 octets] - [15/02/2013 14:47:36]

########## EOF - C:\AdwCleaner[S1].txt - [38210 octets] ##########
         

Alt 15.02.2013, 14:40   #13
Lesserclown
 
Delta Search lässt sich nicht entfernen - Standard

Delta Search lässt sich nicht entfernen



Code:
ATTFilter
OTL logfile created on: 15.02.2013 15:04:12 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Judith\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,94 Gb Total Physical Memory | 1,75 Gb Available Physical Memory | 44,42% Memory free
7,87 Gb Paging File | 5,46 Gb Available in Paging File | 69,40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 244,04 Gb Total Space | 100,08 Gb Free Space | 41,01% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 50,37 Gb Free Space | 21,63% Space Free | Partition Type: NTFS
Drive E: | 221,62 Gb Total Space | 162,63 Gb Free Space | 73,38% Space Free | Partition Type: NTFS
 
Computer Name: JUDITH-PC | User Name: Judith | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Judith\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Users\Judith\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe ()
PRC - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\AMT\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Judith\AppData\Local\Google\Chrome\User Data\PepperFlash\11.6.602.167\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe File not found
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (LBTServ) -- C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Sony PC Companion) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe (Avanquest Software)
SRV - (StumbleUponUpdater) -- C:\Users\Judith\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe ()
SRV - (UMVPFSrv) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (ITDirectorService) -- C:\Program Files (x86)\Intel\IntelITDirector\itdirectorservice.exe (Intel Corporation)
SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\AMT\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (LUsbFilt) -- C:\Windows\SysNative\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LEqdUsb) -- C:\Windows\SysNative\drivers\LEqdUsb.sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidEqd) -- C:\Windows\SysNative\drivers\LHidEqd.sys (Logitech, Inc.)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc)
DRV:64bit: - (sscdmdm) -- C:\Windows\SysNative\drivers\sscdmdm.sys (MCCI Corporation)
DRV:64bit: - (sscdbus) -- C:\Windows\SysNative\drivers\sscdbus.sys (MCCI Corporation)
DRV:64bit: - (sscdmdfl) -- C:\Windows\SysNative\drivers\sscdmdfl.sys (MCCI Corporation)
DRV:64bit: - (ss_bmdm) -- C:\Windows\SysNative\drivers\ss_bmdm.sys (MCCI Corporation)
DRV:64bit: - (ss_bbus) -- C:\Windows\SysNative\drivers\ss_bbus.sys (MCCI)
DRV:64bit: - (ss_bmdfl) -- C:\Windows\SysNative\drivers\ss_bmdfl.sys (MCCI Corporation)
DRV:64bit: - (e1kexpress) -- C:\Windows\SysNative\drivers\e1k62x64.sys (Intel Corporation)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (LgBttPort) -- C:\Windows\SysNative\drivers\lgbtpt64.sys (LG Electronics Inc.)
DRV:64bit: - (LGVMODEM) -- C:\Windows\SysNative\drivers\lgvmdm64.sys (LG Electronics Inc.)
DRV:64bit: - (lgbusenum) -- C:\Windows\SysNative\drivers\lgbtbs64.sys (LG Electronics Inc.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (CMIUCR) -- C:\Windows\SysNative\drivers\cmiucr_x64.SYS (C-Media Corporation)
DRV - (GEARAspiWDM) -- C:\Windows\SysWOW64\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5C 5D 4E 33 BE 38 CC 01  [binary data]
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - No CLSID value found
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\..\URLSearchHook: {990af1c2-5a27-4460-8149-ecc6bc122af3} - No CLSID value found
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - No CLSID value found
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\..\SearchScopes,DefaultScope = {F59E500D-2897-496E-8A56-5E7A011482B3}
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\..\SearchScopes\{F59E500D-2897-496E-8A56-5E7A011482B3}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7GGNI_deDE478
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=110.171.33.200:3128
 
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1006\..\SearchScopes,DefaultScope = 
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Delta Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.facebook.de"
FF - prefs.js..extensions.enabledAddons: uss-button%40uploadscreenshot.com:1.9.1
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.13
FF - prefs.js..extensions.enabledAddons: stealthyextension%40gmail.com:2.5
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
FF - prefs.js..network.proxy.ftp: "186.113.26.38"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.http: "186.113.26.38"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "186.113.26.38"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "186.113.26.38"
FF - prefs.js..network.proxy.ssl_port: 3128
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Judith\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll File not found
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.07.02 18:11:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.22 20:19:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.11.14 13:36:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.07 10:30:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.07 10:30:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.07 10:30:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.07 10:30:15 | 000,000,000 | ---D | M]
 
[2012.05.23 18:25:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\Extensions
[2012.05.23 18:25:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\Extensions\songbird@songbirdnest.com
[2013.02.15 14:47:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\Firefox\Profiles\v84h9s76.default\extensions
[2013.01.11 21:15:34 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Judith\AppData\Roaming\mozilla\Firefox\Profiles\v84h9s76.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.06.25 13:19:21 | 000,053,803 | ---- | M] () (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\firefox\profiles\v84h9s76.default\extensions\extension@hidemyass.com.xpi
[2013.02.10 11:14:36 | 000,185,839 | ---- | M] () (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\firefox\profiles\v84h9s76.default\extensions\stealthyextension@gmail.com.xpi
[2011.12.23 17:21:07 | 000,021,356 | ---- | M] () (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\firefox\profiles\v84h9s76.default\extensions\uss-button@uploadscreenshot.com.xpi
[2013.01.06 13:49:42 | 000,220,411 | ---- | M] () (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\firefox\profiles\v84h9s76.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2013.02.01 18:12:20 | 000,817,973 | ---- | M] () (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\firefox\profiles\v84h9s76.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.02.09 13:05:30 | 000,002,112 | ---- | M] () -- C:\Users\Judith\AppData\Roaming\mozilla\firefox\profiles\v84h9s76.default\searchplugins\wot-safe-search.xml
[2013.02.07 10:30:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.02.07 10:30:04 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.02.07 10:30:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.11.14 13:36:07 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2013.02.07 10:30:31 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.27 17:16:15 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.17 09:30:22 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.27 17:16:15 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.27 17:16:15 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.27 17:16:15 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.27 17:16:15 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - Extension: avast! WebRep = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Skype Click to Call = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: StumbleUpon = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgifblbjgdjhcelbanblbhkhmbnnmhfg\3.97.1_0\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HistoryTriggerBHO Class) - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll (LG Electronics)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (StumbleUpon) - {DB616CFF-D989-48A8-9C85-E2A8D56AB2CA} - C:\Users\Judith\AppData\LocalLow\StumbleUpon\IE\StumbleUpon.dll (StumbleUpon Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Cmiboot] C:\Windows\cmiboot.exe ()
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jaureg.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3006580132-100186128-2252486993-1001..\Run: [D42659CBA0ACC3E92A7AF83417BF9DCB240A87C1._service_run] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-3006580132-100186128-2252486993-1001..\Run: [LG LinkAir]  File not found
O4 - HKU\S-1-5-21-3006580132-100186128-2252486993-1006..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3006580132-100186128-2252486993-1006..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 10.2.0)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 1.7.0_09)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 10.13.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash/cabs/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5BFA4620-F0FC-4F48-9877-80EB9BDEF57E}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll) -  File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.02.06 18:06:29 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{4818e502-a491-11e1-9ec0-bcaec54621d0}\Shell - "" = AutoRun
O33 - MountPoints2\{4818e502-a491-11e1-9ec0-bcaec54621d0}\Shell\AutoRun\command - "" = J:\setup.exe
O33 - MountPoints2\{a58f08d9-a4e4-11e0-bbc3-bcaec54621d0}\Shell - "" = AutoRun
O33 - MountPoints2\{a58f08d9-a4e4-11e0-bbc3-bcaec54621d0}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\L\Shell - "" = AutoRun
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.15 10:24:04 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Judith\Desktop\aswMBR.exe
[2013.02.13 22:39:31 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.02.13 22:39:31 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.02.13 22:39:27 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.02.13 22:39:25 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.02.13 22:39:25 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.02.13 22:39:23 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.02.13 22:39:23 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.02.13 22:39:22 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.02.13 22:39:16 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.02.13 22:39:14 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.02.13 22:39:14 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.02.13 22:39:13 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.02.13 22:39:04 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.02.13 22:39:02 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.02.13 22:39:02 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.02.13 14:16:29 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.02.13 14:16:24 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.02.13 14:16:22 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.02.13 14:15:42 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.02.13 14:15:34 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.02.13 14:15:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.02.13 14:15:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.02.13 14:15:33 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.02.13 14:15:28 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.02.13 14:15:03 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013.02.11 21:12:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013.02.11 21:11:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013.02.10 20:11:48 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2013.02.10 20:11:41 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\TestApp
[2013.02.09 11:45:22 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\hdvidcodec.com
[2013.02.09 11:45:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\hdvidcodec.com
[2013.02.07 10:30:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.02.05 20:46:34 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Logishrd
[2013.02.04 10:45:50 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.02.04 10:44:33 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.02.04 10:44:33 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.02.04 10:44:33 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.01.16 11:21:03 | 013,085,120 | ---- | C] (Microsoft Corporation) -- C:\Users\Judith\Silverlight_x64.exe
[2011.11.08 19:15:50 | 014,598,944 | ---- | C] (Mozilla) -- C:\Users\Judith\Firefox_Setup_8.0.exe
[2011.11.02 20:15:20 | 017,197,344 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\Judith\jre-6u29-windows-x64.exe
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.15 15:17:00 | 000,000,314 | ---- | M] () -- C:\Windows\tasks\DMEPeriodicTask.job
[2013.02.15 15:14:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3006580132-100186128-2252486993-1001UA.job
[2013.02.15 15:13:17 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.15 14:59:54 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.15 14:59:54 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.15 14:51:28 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.15 14:50:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.15 14:50:14 | 3169,345,536 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.15 14:46:03 | 000,587,671 | ---- | M] () -- C:\Users\Judith\Desktop\adwcleaner0.exe
[2013.02.15 14:44:02 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.15 13:13:43 | 000,000,512 | ---- | M] () -- C:\Users\Judith\Desktop\MBR.dat
[2013.02.15 10:52:22 | 606,847,829 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.02.15 10:24:59 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Judith\Desktop\aswMBR.exe
[2013.02.14 18:14:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3006580132-100186128-2252486993-1001Core.job
[2013.02.14 12:23:55 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.02.14 12:23:55 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.02.14 12:23:55 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.02.14 12:23:55 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.02.14 12:23:55 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.02.13 23:27:14 | 000,328,648 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.02.13 20:49:06 | 000,024,255 | ---- | M] () -- C:\Users\Judith\gmer.zip
[2013.02.13 20:46:54 | 000,007,061 | ---- | M] () -- C:\Users\Judith\gmer.7z
[2013.02.11 21:50:03 | 000,000,710 | ---- | M] () -- C:\Windows\wininit.ini
[2013.02.11 20:59:05 | 000,050,477 | ---- | M] () -- C:\Users\Judith\Desktop\Defogger.exe
[2013.02.11 20:45:47 | 000,000,000 | ---- | M] () -- C:\Users\Judith\defogger_reenable
[2013.02.09 11:44:00 | 000,214,344 | ---- | M] () -- C:\Users\Judith\hdplugin_firefox.exe
[2013.02.08 20:42:11 | 000,001,031 | ---- | M] () -- C:\Users\Judith\Desktop\PhotoScape.lnk
[2013.02.08 16:13:48 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.02.08 16:13:48 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.02.06 20:36:05 | 000,036,352 | ---- | M] () -- C:\Users\Judith\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.02.04 10:44:20 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.02.04 10:42:40 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.02.04 10:42:38 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.02.04 10:42:32 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.02.04 10:41:56 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll
[2013.02.04 10:41:55 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.02.03 10:47:11 | 000,002,413 | ---- | M] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2013.02.03 10:46:32 | 000,000,831 | ---- | M] () -- C:\Users\Judith\Desktop\LGMobile Support Tool.lnk
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.02.15 14:43:40 | 000,587,671 | ---- | C] () -- C:\Users\Judith\Desktop\adwcleaner0.exe
[2013.02.15 13:13:43 | 000,000,512 | ---- | C] () -- C:\Users\Judith\Desktop\MBR.dat
[2013.02.13 23:21:23 | 606,847,829 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013.02.13 20:48:09 | 000,024,255 | ---- | C] () -- C:\Users\Judith\gmer.zip
[2013.02.13 20:46:54 | 000,007,061 | ---- | C] () -- C:\Users\Judith\gmer.7z
[2013.02.11 21:49:00 | 000,000,710 | ---- | C] () -- C:\Windows\wininit.ini
[2013.02.11 20:45:47 | 000,000,000 | ---- | C] () -- C:\Users\Judith\defogger_reenable
[2013.02.11 20:44:28 | 000,050,477 | ---- | C] () -- C:\Users\Judith\Desktop\Defogger.exe
[2013.02.09 11:43:38 | 000,214,344 | ---- | C] () -- C:\Users\Judith\hdplugin_firefox.exe
[2013.02.03 10:46:32 | 000,000,831 | ---- | C] () -- C:\Users\Judith\Desktop\LGMobile Support Tool.lnk
[2013.01.11 15:27:39 | 000,260,248 | ---- | C] () -- C:\Windows\SysWow64\QMO.dll
[2013.01.11 15:27:39 | 000,092,312 | ---- | C] () -- C:\Windows\SysWow64\QMOCameraDll.dll
[2013.01.10 21:19:22 | 000,018,404 | ---- | C] () -- C:\Users\Judith\030 (2).crx
[2013.01.05 17:19:54 | 000,015,665 | ---- | C] () -- C:\Users\Judith\Robi´s Regeln
[2013.01.04 18:20:47 | 009,128,288 | ---- | C] () -- C:\Users\Judith\lg_e730_optimus_sol.pdf
[2013.01.04 11:09:26 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2013.01.04 11:09:26 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2012.12.01 12:25:02 | 000,395,405 | ---- | C] () -- C:\Users\Judith\DHL-Marke-445LRRPKS3.ps
[2012.11.22 22:40:06 | 000,000,043 | ---- | C] () -- C:\Users\Judith\gsview32.ini
[2012.11.22 22:37:55 | 000,000,043 | ---- | C] () -- C:\Users\Judith\gsview64.ini
[2012.08.05 16:15:22 | 000,095,461 | ---- | C] () -- C:\Users\Judith\Steuererklärung 2011.elfo
[2012.07.29 13:09:43 | 000,003,240 | ---- | C] () -- C:\Users\Judith\ESt2011.elfo
[2012.07.29 12:30:09 | 000,013,105 | ---- | C] () -- C:\Users\Judith\ESt2011_DAMIECKI_ROBERT_und_DAMIECKI_JUDITH.elfo
[2012.03.28 10:50:16 | 000,181,808 | ---- | C] () -- C:\Users\Judith\Damiecki-Kuendigung-2011-12-31.pdf
[2012.02.14 21:40:27 | 000,114,580 | ---- | C] () -- C:\Users\Judith\cc_20120214_214014.reg
[2012.02.05 13:57:38 | 000,015,097 | ---- | C] () -- C:\Users\Judith\Judith´s Bewerbungsunterlagen.odt
[2011.11.16 15:04:17 | 000,000,021 | ---- | C] () -- C:\Windows\progman.ini
[2011.11.16 14:58:44 | 131,084,288 | ---- | C] () -- C:\Users\Judith\DBFahrplaninfo.exe
[2011.09.27 20:19:51 | 000,082,466 | ---- | C] () -- C:\Users\Judith\Dankbar.pdf
[2011.09.19 12:49:39 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2011.09.19 12:49:39 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2011.09.07 19:11:29 | 000,286,659 | ---- | C] () -- C:\Users\Judith\Eidesstattliche Erklärung.pdf
[2011.08.29 16:34:12 | 000,000,279 | ---- | C] () -- C:\Windows\HAUSDRCKINST.INI
[2011.08.29 16:26:04 | 000,080,896 | ---- | C] () -- C:\Windows\cadkasdeinst01.exe
[2011.07.20 12:19:46 | 000,036,352 | ---- | C] () -- C:\Users\Judith\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.20 12:19:42 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011.07.05 10:27:29 | 000,000,343 | ---- | C] () -- C:\Windows\lgfwup.ini
[2011.07.02 19:05:22 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2011.07.02 19:05:22 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2011.07.02 18:53:09 | 000,025,875 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2011.07.02 18:51:39 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011.07.02 18:51:36 | 000,020,270 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2011.07.02 17:46:38 | 000,179,470 | ---- | C] () -- C:\Windows\hpoins38.dat
[2011.04.01 04:07:02 | 010,877,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2011.04.01 04:07:02 | 000,102,744 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011.04.01 04:06:56 | 000,331,608 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:F4BE8180

< End of report >
         

Code:
ATTFilter
OTL Extras logfile created on: 15.02.2013 15:04:12 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Judith\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,94 Gb Total Physical Memory | 1,75 Gb Available Physical Memory | 44,42% Memory free
7,87 Gb Paging File | 5,46 Gb Available in Paging File | 69,40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 244,04 Gb Total Space | 100,08 Gb Free Space | 41,01% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 50,37 Gb Free Space | 21,63% Space Free | Partition Type: NTFS
Drive E: | 221,62 Gb Total Space | 162,63 Gb Free Space | 73,38% Space Free | Partition Type: NTFS
 
Computer Name: JUDITH-PC | User Name: Judith | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3006580132-100186128-2252486993-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05C5BFC2-973C-440B-BA4C-9CC3286B1E81}" = lport=1900 | protocol=17 | dir=in | name=creative centrale udp port | 
"{0A91F1C9-2FB4-4836-BAF1-7F8A1FAD6316}" = lport=138 | protocol=17 | dir=in | app=system | 
"{0BFCA55E-A7A3-4827-9561-E5575F2F4584}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{1077AC99-DB24-425F-8D6C-9930431907C3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{16607C6A-C184-4BBE-8EA3-ED38D011DF93}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{1E686632-F6E2-4DAF-B59F-E1847D5CF60F}" = rport=445 | protocol=6 | dir=out | app=system | 
"{2B61F2BD-D183-41CF-8001-35209F747DEE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{3DC054C9-A672-4E1B-B9BB-D9A38FD4A968}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{465DF792-C40D-43F4-9CC7-5E0B5FFABC36}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{55F3E72A-0C0B-4EAD-B71C-661A2902E9D5}" = rport=138 | protocol=17 | dir=out | app=system | 
"{6692C6BF-612E-4854-A085-611442ED5EC3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{692B44DE-18E0-4913-90FE-2C32CD410E6B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{7341A120-48C0-4301-B61A-57F399DBBD21}" = lport=137 | protocol=17 | dir=in | app=system | 
"{7508068F-CCB1-44E8-9DFE-7C36569BA475}" = rport=137 | protocol=17 | dir=out | app=system | 
"{7877D775-954E-486A-8C8B-C3EB35913B8B}" = lport=2869 | protocol=6 | dir=in | name=creative centrale tcp port 1 | 
"{7B3F121A-34BD-4BDF-822E-FD737EB04A0F}" = lport=445 | protocol=6 | dir=in | app=system | 
"{815AFBD1-1409-4D86-9F0F-3AD574A2E6DC}" = rport=139 | protocol=6 | dir=out | app=system | 
"{83BBB54D-A82B-4266-9580-50514594A259}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{930BB248-35E4-4118-AE48-2CD035DD5301}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{B3E47331-9AB2-4CE4-98F7-D479AEFC7080}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{B5A893D7-9DBA-4014-BDFE-30A0532CB042}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{C6616AAC-5B13-4D02-BBA4-15A35AEB2445}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{CA739A12-D845-498A-8A7C-2BF361E30DDB}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{CAA622A3-5AD8-4ADF-AD09-10E8B16A80E0}" = lport=rpc | protocol=6 | dir=in | svc=ktmrm | app=%systemroot%\system32\svchost.exe | 
"{CF724C93-50C4-45C5-9DB9-71F8F1DA94DF}" = lport=139 | protocol=6 | dir=in | app=system | 
"{E1687C00-87A4-4CF6-8835-4884F9DB373C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe | 
"{E5732D7F-4C4C-49EC-B3FB-6119412937CB}" = lport=2861 | protocol=6 | dir=in | name=creative centrale tcp port 2 | 
"{F3DFABD6-64A9-4AB0-93D5-8BFCFCBF2435}" = lport=2869 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01867CCB-16D6-4B21-B289-7B36771C79BF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{037618AB-FA0E-40F1-ACE5-4EDB38262386}" = protocol=17 | dir=in | app=c:\program files (x86)\creative\creative centrale\ctupnpfn.exe | 
"{0CC4E486-CF20-408A-9D97-DA53D564E968}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | 
"{1337C5D2-5360-444F-ABDE-D26460A91A57}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{13EF770B-9CA3-4862-BBA7-F1F5CB355313}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{173EBBBE-0231-4823-A5AD-9CD9617D29E2}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{1D8CC487-8E13-4AC6-9551-9B2095D3E4E0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{2312AF46-ECAA-4DCB-8677-591ADDA4AB47}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | 
"{26CEDD0A-3A4F-4C0E-9B75-D6080C83221F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{2CBDF76A-48DA-43FB-8594-B83079C70D49}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{3A7EC653-1AC3-46DB-A3DE-F123619B5183}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{3BD80137-7537-475A-8600-6DF43960F034}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | 
"{3D507E6C-27BB-4569-B085-5A38AAA570F4}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{47355017-06C0-46B0-90D6-22C57C8000C0}" = protocol=6 | dir=in | app=c:\program files (x86)\cyberlink\powerdvd\powerdvd.exe | 
"{496F54D4-17CD-4DE0-BE9A-E29C38DC2FBB}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe | 
"{5B3C4102-1EA9-478D-B0F0-4799C12311F7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{6339966E-AB11-43A7-9E66-0A23B849C3CC}" = protocol=6 | dir=in | app=c:\program files (x86)\cyberlink\powerdvd\powerdvd.exe | 
"{68324CB0-5B1A-41A7-9B79-843182052117}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{6A3E7245-BB49-4A0C-840A-80754311D320}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{6B41D040-CD0C-4C7E-AE00-D251C524100D}" = protocol=17 | dir=in | app=c:\program files (x86)\cyberlink\powerdvd\powerdvd.exe | 
"{6D2FD848-5B01-4929-8558-54C3A5A69467}" = protocol=6 | dir=out | app=%systemroot%\system32\msdtc.exe | 
"{7338FCB0-9D16-4EC0-AC7D-D3220E00403B}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe | 
"{74543671-D5A6-40EB-BADE-D5C9404E591B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | 
"{76ADA4AF-BF1E-41F8-B5DA-66325B70495A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | 
"{76F361FD-7EE1-4EC5-A9A1-50C07901CC81}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{7A5572D2-2167-49BE-AE8C-03186096EE85}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{8C2D77D6-B04B-482B-89C9-8F20332B63C2}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe | 
"{92E0AF25-70A7-495B-8351-70E26E57BAC8}" = protocol=6 | dir=out | app=system | 
"{93BEA3F3-BD61-4B9D-8457-09B22C86BCAC}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{9531F9AF-50D9-4AC1-B17D-87F1EA0C1BB6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | 
"{959095C8-BD9D-46D9-B3E8-527640DD86D1}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{9F9F2416-9253-4E14-AA0A-C9516CA65077}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | 
"{A29CA1CF-A6CB-4106-99E8-8FAE4C11DB1B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | 
"{A310569E-9D18-4A33-937F-AE7CE24C2450}" = protocol=6 | dir=in | app=%systemroot%\system32\msdtc.exe | 
"{A9DDCB57-6406-48E9-A2CB-47734F8EF61E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{AA761CB2-5A81-4204-A313-86212F251D30}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe | 
"{AC5FBCD7-CF90-4FF5-B671-E2498247320F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | 
"{B2A12861-B132-4A35-B93B-0AAF581652B4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B4B74290-9A98-4216-BAA9-A21EABC584CF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{B679AA71-ADEC-4303-A773-ABD794BFF5E4}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{B9512087-A3E4-4988-8AED-C7ED5CEDE4D1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | 
"{B9BE9AEE-415D-4D2C-8D4A-DF29B4A493C1}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe | 
"{BC29FFA4-06DF-4E53-BAFD-7F334D7C54C0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | 
"{BCA211FA-2801-40A7-99ED-CE37411DBDAA}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{BCB79DE3-12BD-4ACD-BECB-F2E2CB5B5A3F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | 
"{C1C1482A-828F-486C-914C-AD0236FB638A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | 
"{C363558C-5A77-4FC3-8FFF-484C4B84AF62}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{C5E02EDA-A3A7-486A-8ADD-DCD53DB1E5A8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{CC2660BA-D776-4D8E-A2C4-091A6DDDBE87}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{CE877526-621D-4A21-B0FA-D25118920356}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{D12F7A8E-2BEF-4B3D-99B2-086B4174172B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{D4366EEB-A27A-4E85-9F70-46DDA804F755}" = protocol=6 | dir=in | app=c:\program files (x86)\creative\creative centrale\ctupnpfn.exe | 
"{D9C14292-6F97-4BBA-B15E-8A3FA12C6233}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{E455E72B-9799-4C61-A0DC-81475A59A4B2}" = protocol=17 | dir=in | app=c:\program files (x86)\cyberlink\powerdvd\powerdvd.exe | 
"{E7D4DACA-4272-4C6A-93B6-8E854D43B49B}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{E961CA42-F5C3-4BFC-A047-8D9D3B7B74A9}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{ED178956-E8AC-474E-AD09-EE821B23A14A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{F8C49C4F-2CE1-40BA-B6C3-6ACF321D0E9F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{FA10AA31-FB3E-4510-B13F-39DCAA3035E2}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"TCP Query User{4B5A5CDA-E511-42AB-9D85-2CAFD040C7A7}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe | 
"TCP Query User{A784C922-0B36-4C60-AEF6-2C631661D993}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | 
"TCP Query User{B015AD5B-9A24-43DC-807E-2FB7253DA798}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | 
"TCP Query User{BEF6EC48-D4B9-486E-8D9F-1F281E0FA836}C:\program files (x86)\route 66\route 66 sync\sync9loader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\route 66\route 66 sync\sync9loader.exe | 
"TCP Query User{F8F5373C-CF2C-4A92-B8EA-6299057D9C80}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"UDP Query User{230B7691-A4AB-4791-B88E-844B5270D465}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | 
"UDP Query User{5D021506-73C7-41A4-8911-10BB464FC01D}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"UDP Query User{C6084709-10B1-4C21-B883-2774807257DB}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe | 
"UDP Query User{DEF0994E-BF11-4EDD-A5EF-7F3D2A4F2A31}C:\program files (x86)\route 66\route 66 sync\sync9loader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\route 66\route 66 sync\sync9loader.exe | 
"UDP Query User{FD8F0E7D-D82F-4535-9338-B7A80C826D91}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{11107A2A-AD44-4BC8-ABB5-E88E63BCA785}" = Intel(R) Network Connections 14.8.43.0
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4807" = CanoScan LiDE 200 Scanner Driver
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416029FF}" = Java(TM) 6 Update 29 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417002FF}" = Java(TM) 7 Update 2 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{61CF2C86-8E46-4210-A115-E4D6C65AF369}" = HP Photosmart B109a-m All-In-One Driver Software 13.0 Rel .6
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{64A3A4F4-B792-11D6-A78A-00B0D0170020}" = Java(TM) SE Development Kit 7 Update 2 (64-bit)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"C-Media Card Reader Driver USB2.0" = C-Media Card Reader Driver USB2.0
"HECI" = Intel(R) Management Engine Interface
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"MESOL" = Intel® Active-Management-Technologie
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"PROSetDX" = Intel(R) Network Connections 14.8.43.0
"Recuva" = Recuva
"Shop for HP Supplies" = Shop for HP Supplies
"sp6" = Logitech SetPoint 6.32
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{12451AF7-EFF8-4B5B-8255-282D7CC7CAEE}" = OviMPlatform
"{144B4BF4-16CA-4FD3-A547-8A8107EF40D7}" = SA23xx Device Manager
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{17D26CDD-B87C-412B-92F0-2D5DD4313522}" = Facebook Messenger 2.1.4651.0
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}" = Cool & Quiet
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24EE4523-711A-4BD1-95EA-F73A8A6950D3}" = Audials TV
"{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{2CC53A53-44F4-4667-8584-2FFC9ACB2242}" = Ovi Desktop Sync Engine
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F7A9E82-5A85-4119-A8A5-7D840A0F76DC}" = Photo Notifier and Animation Creator
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{567C9882-843D-4188-A181-00E2CC3E1031}" = LG Burning Tools
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update
"{63E3C41E-BEC7-4788-8D45-A796CD55A07B}" = Intel(R) IT Director
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{656FDFA4-C7C6-40D9-99F7-F6F331412AEF}" = WarrantyExtension
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = LG CyberLink PowerDVD 7.0
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B63B2922B174135AFC0E1377DD81EC2}" = 
"{80FE5490-E9DD-4AE9-8537-3EB5EFB606FC}" = PS_AIO_06_B109a-m_SW_Min
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1" = ClipGrab 3.2.0.9
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9EC9754D-CA34-4293-B5DB-3BD245A88A43}" = ArcSoft MediaImpression
"{A15F32A1-164E-4C40-82D4-DD57D0D26530}" = Audials
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Deutsch
"{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = LG CyberLink PowerBackup
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF20390E-5ADD-4CB0-BF9D-EDF6E7891AD9}" = B109a-m
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = LG CyberLink PowerProducer
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{C8842F80-0E07-4424-916D-9F6B6A9968E4}" = IncrediMail
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.115
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{FBA0CA60-8BF2-4381-B819-74F020E165A9}" = LG USB WML Modem Driver
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.83
"avast" = avast! Free Antivirus
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonSolutionMenu" = Canon Utilities Solution Menu
"DB Fahrplaninformation 2012" = DB Fahrplaninformation 2012
"DivX Setup" = DivX-Setup
"ElsterFormular für Privatanwender 12.2.2.6665p" = ElsterFormular für Privatanwender
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FormatFactory" = FormatFactory 3.00
"FreeHideIP" = Free Hide IP
"Google Chrome" = Google Chrome
"IncrediMail" = IncrediMail 2.5
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"LG PC Suite IV" = LG PC Suite IV
"Mozilla Firefox 18.0.2 (x86 de)" = Mozilla Firefox 18.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Philips Songbird" = Philips Songbird
"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator
"PhotoScape" = PhotoScape
"Picasa 3" = Picasa 3
"Revo Uninstaller" = Revo Uninstaller 1.94
"VLC media player" = VLC media player 2.0.5
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 26.07.2012 01:33:47 | Computer Name = Judith-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 12122
 
Error - 26.07.2012 01:33:47 | Computer Name = Judith-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 12122
 
Error - 26.07.2012 01:33:49 | Computer Name = Judith-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 26.07.2012 01:33:49 | Computer Name = Judith-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 13229
 
Error - 26.07.2012 01:33:49 | Computer Name = Judith-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 13229
 
Error - 26.07.2012 01:33:50 | Computer Name = Judith-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 26.07.2012 01:33:50 | Computer Name = Judith-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 14290
 
Error - 26.07.2012 01:33:50 | Computer Name = Judith-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 14290
 
Error - 26.07.2012 05:18:41 | Computer Name = Judith-PC | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 734    Startzeit: 01cd6aebfd9dd04e    Endzeit: 0    Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID:
 ca2a2a18-d702-11e1-9205-bcaec54621d0  
 
Error - 26.07.2012 06:18:34 | Computer Name = Judith-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
 (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in  Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt stehende Komponenten:.
Komponente
 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
[ System Events ]
Error - 14.02.2013 02:27:23 | Computer Name = Judith-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Intel(R) IT Director erreicht.
 
Error - 14.02.2013 02:27:23 | Computer Name = Judith-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Intel(R) IT Director" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 14.02.2013 05:17:54 | Computer Name = Judith-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 15.02.2013 01:46:40 | Computer Name = Judith-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst ShellHWDetection erreicht.
 
Error - 15.02.2013 05:52:49 | Computer Name = Judith-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?15.?02.?2013 um 10:50:49 unerwartet heruntergefahren.
 
Error - 15.02.2013 05:52:57 | Computer Name = JUDITH-PC | Source = BugCheck | ID = 1001
Description = 
 
Error - 15.02.2013 08:57:53 | Computer Name = Judith-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Intel(R) IT Director erreicht.
 
Error - 15.02.2013 08:57:53 | Computer Name = Judith-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Intel(R) IT Director" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 15.02.2013 09:51:44 | Computer Name = Judith-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Intel(R) IT Director erreicht.
 
Error - 15.02.2013 09:51:44 | Computer Name = Judith-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Intel(R) IT Director" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
 
< End of report >
         

Alt 15.02.2013, 14:42   #14
Lesserclown
 
Delta Search lässt sich nicht entfernen - Standard

Delta Search lässt sich nicht entfernen



Code:
ATTFilter
OTL logfile created on: 15.02.2013 15:04:12 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Judith\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,94 Gb Total Physical Memory | 1,75 Gb Available Physical Memory | 44,42% Memory free
7,87 Gb Paging File | 5,46 Gb Available in Paging File | 69,40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 244,04 Gb Total Space | 100,08 Gb Free Space | 41,01% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 50,37 Gb Free Space | 21,63% Space Free | Partition Type: NTFS
Drive E: | 221,62 Gb Total Space | 162,63 Gb Free Space | 73,38% Space Free | Partition Type: NTFS
 
Computer Name: JUDITH-PC | User Name: Judith | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Judith\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Program Files\AVAST Software\Avast\AvastUI.exe (AVAST Software)
PRC - C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
PRC - C:\Users\Judith\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe ()
PRC - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
PRC - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
PRC - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
PRC - C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\AMT\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Users\Judith\AppData\Local\Google\Chrome\User Data\PepperFlash\11.6.602.167\pepflashplayer.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\pdf.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\libglesv2.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\libegl.dll ()
MOD - C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ffmpegsumo.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (avast! Firewall) -- C:\Program Files\AVAST Software\Avast\afwServ.exe File not found
SRV:64bit: - (avast! Antivirus) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe (AVAST Software)
SRV:64bit: - (LBTServ) -- C:\Program Files\Common Files\logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Sony PC Companion) -- C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe (Avanquest Software)
SRV - (StumbleUponUpdater) -- C:\Users\Judith\AppData\LocalLow\StumbleUpon\IE\StumbleUponUpdater.exe ()
SRV - (UMVPFSrv) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe (Logitech Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ACDaemon) -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (ArcSoft Inc.)
SRV - (ITDirectorService) -- C:\Program Files (x86)\Intel\IntelITDirector\itdirectorservice.exe (Intel Corporation)
SRV - (PMBDeviceInfoProvider) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (Sony Corporation)
SRV - (UNS) -- C:\Program Files (x86)\Common Files\Intel\Privacy Icon\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\AMT\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (IJPLMSVC) -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE ()
SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation)
SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (aswTdi) -- C:\Windows\SysNative\drivers\aswTdi.sys (AVAST Software)
DRV:64bit: - (aswSnx) -- C:\Windows\SysNative\drivers\aswSnx.sys (AVAST Software)
DRV:64bit: - (aswSP) -- C:\Windows\SysNative\drivers\aswSP.sys (AVAST Software)
DRV:64bit: - (aswMonFlt) -- C:\Windows\SysNative\drivers\aswMonFlt.sys (AVAST Software)
DRV:64bit: - (aswFsBlk) -- C:\Windows\SysNative\drivers\aswFsBlk.sys (AVAST Software)
DRV:64bit: - (aswRdr) -- C:\Windows\SysNative\drivers\aswRdr2.sys (AVAST Software)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation)
DRV:64bit: - (aswKbd) -- C:\Windows\SysNative\drivers\aswKbd.sys (AVAST Software)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (LUsbFilt) -- C:\Windows\SysNative\drivers\LUsbFilt.sys (Logitech, Inc.)
DRV:64bit: - (LMouFilt) -- C:\Windows\SysNative\drivers\LMouFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LEqdUsb) -- C:\Windows\SysNative\drivers\LEqdUsb.sys (Logitech, Inc.)
DRV:64bit: - (LHidFilt) -- C:\Windows\SysNative\drivers\LHidFilt.Sys (Logitech, Inc.)
DRV:64bit: - (LHidEqd) -- C:\Windows\SysNative\drivers\LHidEqd.sys (Logitech, Inc.)
DRV:64bit: - (UsbserFilt) -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys (Nokia)
DRV:64bit: - (upperdev) -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys (Nokia)
DRV:64bit: - (nmwcdc) -- C:\Windows\SysNative\drivers\ccdcmbox64.sys (Nokia)
DRV:64bit: - (nmwcd) -- C:\Windows\SysNative\drivers\ccdcmbx64.sys (Nokia)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (LVUVC64) -- C:\Windows\SysNative\drivers\lvuvc64.sys (Logitech Inc.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (TFsExDisk) -- C:\Windows\SysNative\drivers\TFsExDisk.sys (Teruten Inc)
DRV:64bit: - (sscdmdm) -- C:\Windows\SysNative\drivers\sscdmdm.sys (MCCI Corporation)
DRV:64bit: - (sscdbus) -- C:\Windows\SysNative\drivers\sscdbus.sys (MCCI Corporation)
DRV:64bit: - (sscdmdfl) -- C:\Windows\SysNative\drivers\sscdmdfl.sys (MCCI Corporation)
DRV:64bit: - (ss_bmdm) -- C:\Windows\SysNative\drivers\ss_bmdm.sys (MCCI Corporation)
DRV:64bit: - (ss_bbus) -- C:\Windows\SysNative\drivers\ss_bbus.sys (MCCI)
DRV:64bit: - (ss_bmdfl) -- C:\Windows\SysNative\drivers\ss_bmdfl.sys (MCCI Corporation)
DRV:64bit: - (e1kexpress) -- C:\Windows\SysNative\drivers\e1k62x64.sys (Intel Corporation)
DRV:64bit: - (VIAHdAudAddService) -- C:\Windows\SysNative\drivers\viahduaa.sys (VIA Technologies, Inc.)
DRV:64bit: - (LgBttPort) -- C:\Windows\SysNative\drivers\lgbtpt64.sys (LG Electronics Inc.)
DRV:64bit: - (LGVMODEM) -- C:\Windows\SysNative\drivers\lgvmdm64.sys (LG Electronics Inc.)
DRV:64bit: - (lgbusenum) -- C:\Windows\SysNative\drivers\lgbtbs64.sys (LG Electronics Inc.)
DRV:64bit: - (MTsensor) -- C:\Windows\SysNative\drivers\ASACPI.sys ()
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (CMIUCR) -- C:\Windows\SysNative\drivers\cmiucr_x64.SYS (C-Media Corporation)
DRV - (GEARAspiWDM) -- C:\Windows\SysWOW64\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (TFsExDisk) -- C:\Windows\SysWOW64\drivers\TFsExDisk.Sys (Teruten Inc)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 5C 5D 4E 33 BE 38 CC 01  [binary data]
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\..\URLSearchHook: {7b13ec3e-999a-4b70-b9cb-2617b8323822} - No CLSID value found
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\..\URLSearchHook: {990af1c2-5a27-4460-8149-ecc6bc122af3} - No CLSID value found
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\..\URLSearchHook: {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - No CLSID value found
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\..\SearchScopes,DefaultScope = {F59E500D-2897-496E-8A56-5E7A011482B3}
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\..\SearchScopes\{F59E500D-2897-496E-8A56-5E7A011482B3}: "URL" = hxxp://www.google.de/search?q={searchTerms}&rlz=1I7GGNI_deDE478
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=110.171.33.200:3128
 
IE - HKU\S-1-5-21-3006580132-100186128-2252486993-1006\..\SearchScopes,DefaultScope = 
 
========== FireFox ==========
 
FF - prefs.js..browser.search.selectedEngine: "Delta Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "www.facebook.de"
FF - prefs.js..extensions.enabledAddons: uss-button%40uploadscreenshot.com:1.9.1
FF - prefs.js..extensions.enabledAddons: wrc%40avast.com:7.0.1474
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.13
FF - prefs.js..extensions.enabledAddons: stealthyextension%40gmail.com:2.5
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:18.0.2
FF - prefs.js..network.proxy.ftp: "186.113.26.38"
FF - prefs.js..network.proxy.ftp_port: 3128
FF - prefs.js..network.proxy.http: "186.113.26.38"
FF - prefs.js..network.proxy.http_port: 3128
FF - prefs.js..network.proxy.no_proxies_on: "localhost, 127.0.0.1, stealthy.co"
FF - prefs.js..network.proxy.share_proxy_settings: true
FF - prefs.js..network.proxy.socks: "186.113.26.38"
FF - prefs.js..network.proxy.socks_port: 3128
FF - prefs.js..network.proxy.ssl: "186.113.26.38"
FF - prefs.js..network.proxy.ssl_port: 3128
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Content Upload Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Content Uploader\npUpload.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Player\npDivxPlayerPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.13.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.13.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\facebook.com/fbDesktopPlugin: C:\Users\Judith\AppData\Local\Facebook\Messenger\2.1.4651.0\npFbDesktopPlugin.dll File not found
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{336D0C35-8A85-403a-B9D2-65C292C39087}: C:\PROGRAM FILES\IB UPDATER\FIREFOX
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2011.07.02 18:11:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011.12.22 20:19:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\wrc@avast.com: C:\Program Files\AVAST Software\Avast\WebRep\FF [2012.11.14 13:36:07 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.07 10:30:31 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.07 10:30:15 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{CCB7D94B-CA92-4E3F-B79D-ADE0F07ADC74}: C:\Program Files (x86)\Nokia\Nokia Ovi Suite\Connectors\Thunderbird Connector\ThunderbirdExtension\
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.02.07 10:30:31 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 18.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.02.07 10:30:15 | 000,000,000 | ---D | M]
 
[2012.05.23 18:25:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\Extensions
[2012.05.23 18:25:21 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\Extensions\songbird@songbirdnest.com
[2013.02.15 14:47:49 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\Firefox\Profiles\v84h9s76.default\extensions
[2013.01.11 21:15:34 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Judith\AppData\Roaming\mozilla\Firefox\Profiles\v84h9s76.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2012.06.25 13:19:21 | 000,053,803 | ---- | M] () (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\firefox\profiles\v84h9s76.default\extensions\extension@hidemyass.com.xpi
[2013.02.10 11:14:36 | 000,185,839 | ---- | M] () (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\firefox\profiles\v84h9s76.default\extensions\stealthyextension@gmail.com.xpi
[2011.12.23 17:21:07 | 000,021,356 | ---- | M] () (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\firefox\profiles\v84h9s76.default\extensions\uss-button@uploadscreenshot.com.xpi
[2013.01.06 13:49:42 | 000,220,411 | ---- | M] () (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\firefox\profiles\v84h9s76.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}.xpi
[2013.02.01 18:12:20 | 000,817,973 | ---- | M] () (No name found) -- C:\Users\Judith\AppData\Roaming\mozilla\firefox\profiles\v84h9s76.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013.02.09 13:05:30 | 000,002,112 | ---- | M] () -- C:\Users\Judith\AppData\Roaming\mozilla\firefox\profiles\v84h9s76.default\searchplugins\wot-safe-search.xml
[2013.02.07 10:30:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.02.07 10:30:04 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013.02.07 10:30:05 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.11.14 13:36:07 | 000,000,000 | ---D | M] (avast! WebRep) -- C:\PROGRAM FILES\AVAST SOFTWARE\AVAST\WEBREP\FF
[2013.02.07 10:30:31 | 000,262,552 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.07.27 17:16:15 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.17 09:30:22 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.07.27 17:16:15 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.27 17:16:15 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.27 17:16:15 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.27 17:16:15 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - Extension: avast! WebRep = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda\7.0.1474_0\
CHR - Extension: Skype Click to Call = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: StumbleUpon = C:\Users\Judith\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgifblbjgdjhcelbanblbhkhmbnnmhfg\3.97.1_0\
 
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HistoryTriggerBHO Class) - {21A88CB9-84D2-4020-A2D1-B25A21034884} - C:\Program Files (x86)\LG Electronics\LG PC Suite IV\LinkAir\LinkAirBrowserHelper.dll (LG Electronics)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (StumbleUpon) - {DB616CFF-D989-48A8-9C85-E2A8D56AB2CA} - C:\Users\Judith\AppData\LocalLow\StumbleUpon\IE\StumbleUpon.dll (StumbleUpon Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No CLSID value found.
O3:64bit: - HKU\S-1-5-21-3006580132-100186128-2252486993-1001\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
O4:64bit: - HKLM..\Run: [Cmiboot] C:\Windows\cmiboot.exe ()
O4:64bit: - HKLM..\Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe (Microsoft Corporation)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [NPSStartup]  File not found
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files (x86)\Common Files\Java\Java Update\jaureg.exe (Sun Microsystems, Inc.)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3006580132-100186128-2252486993-1001..\Run: [D42659CBA0ACC3E92A7AF83417BF9DCB240A87C1._service_run] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
O4 - HKU\S-1-5-21-3006580132-100186128-2252486993-1001..\Run: [LG LinkAir]  File not found
O4 - HKU\S-1-5-21-3006580132-100186128-2252486993-1006..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-21-3006580132-100186128-2252486993-1006..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 10.2.0)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16:64bit: - DPF: {CAFEEFAC-0017-0000-0002-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_02-windows-i586.cab (Java Plug-in 1.7.0_02)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Reg Error: Value error.)
O16 - DPF: {CAFEEFAC-0017-0000-0009-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 1.7.0_09)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_09-windows-i586.cab (Java Plug-in 10.13.2)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash/cabs/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5BFA4620-F0FC-4F48-9877-80EB9BDEF57E}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261095~1.52\{c16c1~1\browse~1.dll) -  File not found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Program Files\Common Files\logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.02.06 18:06:29 | 000,000,000 | ---- | M] () - D:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{4818e502-a491-11e1-9ec0-bcaec54621d0}\Shell - "" = AutoRun
O33 - MountPoints2\{4818e502-a491-11e1-9ec0-bcaec54621d0}\Shell\AutoRun\command - "" = J:\setup.exe
O33 - MountPoints2\{a58f08d9-a4e4-11e0-bbc3-bcaec54621d0}\Shell - "" = AutoRun
O33 - MountPoints2\{a58f08d9-a4e4-11e0-bbc3-bcaec54621d0}\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O33 - MountPoints2\J\Shell - "" = AutoRun
O33 - MountPoints2\J\Shell\AutoRun\command - "" = J:\LaunchU3.exe -a
O33 - MountPoints2\K\Shell - "" = AutoRun
O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
O33 - MountPoints2\L\Shell - "" = AutoRun
O33 - MountPoints2\L\Shell\AutoRun\command - "" = L:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.02.15 10:24:04 | 004,732,416 | ---- | C] (AVAST Software) -- C:\Users\Judith\Desktop\aswMBR.exe
[2013.02.13 22:39:31 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2013.02.13 22:39:31 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2013.02.13 22:39:27 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.02.13 22:39:25 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.02.13 22:39:25 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2013.02.13 22:39:23 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2013.02.13 22:39:23 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2013.02.13 22:39:22 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2013.02.13 22:39:16 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2013.02.13 22:39:14 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.02.13 22:39:14 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2013.02.13 22:39:13 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.02.13 22:39:04 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.02.13 22:39:02 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.02.13 22:39:02 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2013.02.13 14:16:29 | 005,553,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2013.02.13 14:16:24 | 003,967,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2013.02.13 14:16:22 | 003,913,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2013.02.13 14:15:42 | 000,215,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\winsrv.dll
[2013.02.13 14:15:34 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\setup16.exe
[2013.02.13 14:15:34 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntvdm64.dll
[2013.02.13 14:15:34 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\instnm.exe
[2013.02.13 14:15:33 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wow32.dll
[2013.02.13 14:15:28 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\user.exe
[2013.02.13 14:15:03 | 000,288,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS
[2013.02.11 21:12:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy
[2013.02.11 21:11:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2013.02.10 20:11:48 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools
[2013.02.10 20:11:41 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\TestApp
[2013.02.09 11:45:22 | 000,000,000 | ---D | C] -- C:\Users\Judith\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\hdvidcodec.com
[2013.02.09 11:45:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\hdvidcodec.com
[2013.02.07 10:30:00 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2013.02.05 20:46:34 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\Logishrd
[2013.02.04 10:45:50 | 000,262,560 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.02.04 10:44:33 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.02.04 10:44:33 | 000,174,496 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.02.04 10:44:33 | 000,095,648 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.01.16 11:21:03 | 013,085,120 | ---- | C] (Microsoft Corporation) -- C:\Users\Judith\Silverlight_x64.exe
[2011.11.08 19:15:50 | 014,598,944 | ---- | C] (Mozilla) -- C:\Users\Judith\Firefox_Setup_8.0.exe
[2011.11.02 20:15:20 | 017,197,344 | ---- | C] (Sun Microsystems, Inc.) -- C:\Users\Judith\jre-6u29-windows-x64.exe
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.02.15 15:17:00 | 000,000,314 | ---- | M] () -- C:\Windows\tasks\DMEPeriodicTask.job
[2013.02.15 15:14:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3006580132-100186128-2252486993-1001UA.job
[2013.02.15 15:13:17 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.02.15 14:59:54 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.02.15 14:59:54 | 000,014,016 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.02.15 14:51:28 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.02.15 14:50:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.02.15 14:50:14 | 3169,345,536 | -HS- | M] () -- C:\hiberfil.sys
[2013.02.15 14:46:03 | 000,587,671 | ---- | M] () -- C:\Users\Judith\Desktop\adwcleaner0.exe
[2013.02.15 14:44:02 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.02.15 13:13:43 | 000,000,512 | ---- | M] () -- C:\Users\Judith\Desktop\MBR.dat
[2013.02.15 10:52:22 | 606,847,829 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2013.02.15 10:24:59 | 004,732,416 | ---- | M] (AVAST Software) -- C:\Users\Judith\Desktop\aswMBR.exe
[2013.02.14 18:14:00 | 000,000,910 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3006580132-100186128-2252486993-1001Core.job
[2013.02.14 12:23:55 | 001,498,742 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.02.14 12:23:55 | 000,654,150 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.02.14 12:23:55 | 000,616,032 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.02.14 12:23:55 | 000,130,022 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.02.14 12:23:55 | 000,106,412 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.02.13 23:27:14 | 000,328,648 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.02.13 20:49:06 | 000,024,255 | ---- | M] () -- C:\Users\Judith\gmer.zip
[2013.02.13 20:46:54 | 000,007,061 | ---- | M] () -- C:\Users\Judith\gmer.7z
[2013.02.11 21:50:03 | 000,000,710 | ---- | M] () -- C:\Windows\wininit.ini
[2013.02.11 20:59:05 | 000,050,477 | ---- | M] () -- C:\Users\Judith\Desktop\Defogger.exe
[2013.02.11 20:45:47 | 000,000,000 | ---- | M] () -- C:\Users\Judith\defogger_reenable
[2013.02.09 11:44:00 | 000,214,344 | ---- | M] () -- C:\Users\Judith\hdplugin_firefox.exe
[2013.02.08 20:42:11 | 000,001,031 | ---- | M] () -- C:\Users\Judith\Desktop\PhotoScape.lnk
[2013.02.08 16:13:48 | 000,697,712 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.02.08 16:13:48 | 000,074,096 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.02.06 20:36:05 | 000,036,352 | ---- | M] () -- C:\Users\Judith\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.02.04 10:44:20 | 000,095,648 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
[2013.02.04 10:42:40 | 000,262,560 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2013.02.04 10:42:38 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2013.02.04 10:42:32 | 000,174,496 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2013.02.04 10:41:56 | 000,861,088 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npdeployJava1.dll
[2013.02.04 10:41:55 | 000,782,240 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2013.02.03 10:47:11 | 000,002,413 | ---- | M] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2013.02.03 10:46:32 | 000,000,831 | ---- | M] () -- C:\Users\Judith\Desktop\LGMobile Support Tool.lnk
[1 C:\Windows\SysWow64\*.tmp files -> C:\Windows\SysWow64\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.02.15 14:43:40 | 000,587,671 | ---- | C] () -- C:\Users\Judith\Desktop\adwcleaner0.exe
[2013.02.15 13:13:43 | 000,000,512 | ---- | C] () -- C:\Users\Judith\Desktop\MBR.dat
[2013.02.13 23:21:23 | 606,847,829 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2013.02.13 20:48:09 | 000,024,255 | ---- | C] () -- C:\Users\Judith\gmer.zip
[2013.02.13 20:46:54 | 000,007,061 | ---- | C] () -- C:\Users\Judith\gmer.7z
[2013.02.11 21:49:00 | 000,000,710 | ---- | C] () -- C:\Windows\wininit.ini
[2013.02.11 20:45:47 | 000,000,000 | ---- | C] () -- C:\Users\Judith\defogger_reenable
[2013.02.11 20:44:28 | 000,050,477 | ---- | C] () -- C:\Users\Judith\Desktop\Defogger.exe
[2013.02.09 11:43:38 | 000,214,344 | ---- | C] () -- C:\Users\Judith\hdplugin_firefox.exe
[2013.02.03 10:46:32 | 000,000,831 | ---- | C] () -- C:\Users\Judith\Desktop\LGMobile Support Tool.lnk
[2013.01.11 15:27:39 | 000,260,248 | ---- | C] () -- C:\Windows\SysWow64\QMO.dll
[2013.01.11 15:27:39 | 000,092,312 | ---- | C] () -- C:\Windows\SysWow64\QMOCameraDll.dll
[2013.01.10 21:19:22 | 000,018,404 | ---- | C] () -- C:\Users\Judith\030 (2).crx
[2013.01.05 17:19:54 | 000,015,665 | ---- | C] () -- C:\Users\Judith\Robi´s Regeln
[2013.01.04 18:20:47 | 009,128,288 | ---- | C] () -- C:\Users\Judith\lg_e730_optimus_sol.pdf
[2013.01.04 11:09:26 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\CommonDL.dll
[2013.01.04 11:09:26 | 000,002,413 | ---- | C] () -- C:\Windows\SysWow64\lgAxconfig.ini
[2012.12.01 12:25:02 | 000,395,405 | ---- | C] () -- C:\Users\Judith\DHL-Marke-445LRRPKS3.ps
[2012.11.22 22:40:06 | 000,000,043 | ---- | C] () -- C:\Users\Judith\gsview32.ini
[2012.11.22 22:37:55 | 000,000,043 | ---- | C] () -- C:\Users\Judith\gsview64.ini
[2012.08.05 16:15:22 | 000,095,461 | ---- | C] () -- C:\Users\Judith\Steuererklärung 2011.elfo
[2012.07.29 13:09:43 | 000,003,240 | ---- | C] () -- C:\Users\Judith\ESt2011.elfo
[2012.07.29 12:30:09 | 000,013,105 | ---- | C] () -- C:\Users\Judith\ESt2011_DAMIECKI_ROBERT_und_DAMIECKI_JUDITH.elfo
[2012.03.28 10:50:16 | 000,181,808 | ---- | C] () -- C:\Users\Judith\Damiecki-Kuendigung-2011-12-31.pdf
[2012.02.14 21:40:27 | 000,114,580 | ---- | C] () -- C:\Users\Judith\cc_20120214_214014.reg
[2012.02.05 13:57:38 | 000,015,097 | ---- | C] () -- C:\Users\Judith\Judith´s Bewerbungsunterlagen.odt
[2011.11.16 15:04:17 | 000,000,021 | ---- | C] () -- C:\Windows\progman.ini
[2011.11.16 14:58:44 | 131,084,288 | ---- | C] () -- C:\Users\Judith\DBFahrplaninfo.exe
[2011.09.27 20:19:51 | 000,082,466 | ---- | C] () -- C:\Users\Judith\Dankbar.pdf
[2011.09.19 12:49:39 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2011.09.19 12:49:39 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2011.09.07 19:11:29 | 000,286,659 | ---- | C] () -- C:\Users\Judith\Eidesstattliche Erklärung.pdf
[2011.08.29 16:34:12 | 000,000,279 | ---- | C] () -- C:\Windows\HAUSDRCKINST.INI
[2011.08.29 16:26:04 | 000,080,896 | ---- | C] () -- C:\Windows\cadkasdeinst01.exe
[2011.07.20 12:19:46 | 000,036,352 | ---- | C] () -- C:\Users\Judith\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.20 12:19:42 | 000,000,069 | ---- | C] () -- C:\Windows\NeroDigital.ini
[2011.07.05 10:27:29 | 000,000,343 | ---- | C] () -- C:\Windows\lgfwup.ini
[2011.07.02 19:05:22 | 000,024,576 | R--- | C] () -- C:\Windows\SysWow64\AsIO.dll
[2011.07.02 19:05:22 | 000,013,440 | R--- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2011.07.02 18:53:09 | 000,025,875 | ---- | C] () -- C:\Windows\Ascd_log.ini
[2011.07.02 18:51:39 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2011.07.02 18:51:36 | 000,020,270 | ---- | C] () -- C:\Windows\Ascd_tmp.ini
[2011.07.02 17:46:38 | 000,179,470 | ---- | C] () -- C:\Windows\hpoins38.dat
[2011.04.01 04:07:02 | 010,877,272 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll
[2011.04.01 04:07:02 | 000,102,744 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe
[2011.04.01 04:06:56 | 000,331,608 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 132 bytes -> C:\ProgramData\Temp:F4BE8180

< End of report >
         

Code:
ATTFilter
OTL Extras logfile created on: 15.02.2013 15:04:12 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Judith\Downloads
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,94 Gb Total Physical Memory | 1,75 Gb Available Physical Memory | 44,42% Memory free
7,87 Gb Paging File | 5,46 Gb Available in Paging File | 69,40% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 244,04 Gb Total Space | 100,08 Gb Free Space | 41,01% Space Free | Partition Type: NTFS
Drive D: | 232,88 Gb Total Space | 50,37 Gb Free Space | 21,63% Space Free | Partition Type: NTFS
Drive E: | 221,62 Gb Total Space | 162,63 Gb Free Space | 73,38% Space Free | Partition Type: NTFS
 
Computer Name: JUDITH-PC | User Name: Judith | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
 
[HKEY_USERS\S-1-5-21-3006580132-100186128-2252486993-1001\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %windir%\system32\mshtml.dll,PrintHTML "%1"
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05C5BFC2-973C-440B-BA4C-9CC3286B1E81}" = lport=1900 | protocol=17 | dir=in | name=creative centrale udp port | 
"{0A91F1C9-2FB4-4836-BAF1-7F8A1FAD6316}" = lport=138 | protocol=17 | dir=in | app=system | 
"{0BFCA55E-A7A3-4827-9561-E5575F2F4584}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{1077AC99-DB24-425F-8D6C-9930431907C3}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{16607C6A-C184-4BBE-8EA3-ED38D011DF93}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{1E686632-F6E2-4DAF-B59F-E1847D5CF60F}" = rport=445 | protocol=6 | dir=out | app=system | 
"{2B61F2BD-D183-41CF-8001-35209F747DEE}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{3DC054C9-A672-4E1B-B9BB-D9A38FD4A968}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{465DF792-C40D-43F4-9CC7-5E0B5FFABC36}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{55F3E72A-0C0B-4EAD-B71C-661A2902E9D5}" = rport=138 | protocol=17 | dir=out | app=system | 
"{6692C6BF-612E-4854-A085-611442ED5EC3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{692B44DE-18E0-4913-90FE-2C32CD410E6B}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{7341A120-48C0-4301-B61A-57F399DBBD21}" = lport=137 | protocol=17 | dir=in | app=system | 
"{7508068F-CCB1-44E8-9DFE-7C36569BA475}" = rport=137 | protocol=17 | dir=out | app=system | 
"{7877D775-954E-486A-8C8B-C3EB35913B8B}" = lport=2869 | protocol=6 | dir=in | name=creative centrale tcp port 1 | 
"{7B3F121A-34BD-4BDF-822E-FD737EB04A0F}" = lport=445 | protocol=6 | dir=in | app=system | 
"{815AFBD1-1409-4D86-9F0F-3AD574A2E6DC}" = rport=139 | protocol=6 | dir=out | app=system | 
"{83BBB54D-A82B-4266-9580-50514594A259}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{930BB248-35E4-4118-AE48-2CD035DD5301}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{B3E47331-9AB2-4CE4-98F7-D479AEFC7080}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{B5A893D7-9DBA-4014-BDFE-30A0532CB042}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{C6616AAC-5B13-4D02-BBA4-15A35AEB2445}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{CA739A12-D845-498A-8A7C-2BF361E30DDB}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{CAA622A3-5AD8-4ADF-AD09-10E8B16A80E0}" = lport=rpc | protocol=6 | dir=in | svc=ktmrm | app=%systemroot%\system32\svchost.exe | 
"{CF724C93-50C4-45C5-9DB9-71F8F1DA94DF}" = lport=139 | protocol=6 | dir=in | app=system | 
"{E1687C00-87A4-4CF6-8835-4884F9DB373C}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | app=%systemroot%\system32\svchost.exe | 
"{E5732D7F-4C4C-49EC-B3FB-6119412937CB}" = lport=2861 | protocol=6 | dir=in | name=creative centrale tcp port 2 | 
"{F3DFABD6-64A9-4AB0-93D5-8BFCFCBF2435}" = lport=2869 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01867CCB-16D6-4B21-B289-7B36771C79BF}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 
"{037618AB-FA0E-40F1-ACE5-4EDB38262386}" = protocol=17 | dir=in | app=c:\program files (x86)\creative\creative centrale\ctupnpfn.exe | 
"{0CC4E486-CF20-408A-9D97-DA53D564E968}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgpc01.exe | 
"{1337C5D2-5360-444F-ABDE-D26460A91A57}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{13EF770B-9CA3-4862-BBA7-F1F5CB355313}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{173EBBBE-0231-4823-A5AD-9CD9617D29E2}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{1D8CC487-8E13-4AC6-9551-9B2095D3E4E0}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{2312AF46-ECAA-4DCB-8677-591ADDA4AB47}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | 
"{26CEDD0A-3A4F-4C0E-9B75-D6080C83221F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{2CBDF76A-48DA-43FB-8594-B83079C70D49}" = dir=in | app=c:\program files (x86)\hp\digital imaging\smart web printing\smartwebprintexe.exe | 
"{3A7EC653-1AC3-46DB-A3DE-F123619B5183}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{3BD80137-7537-475A-8600-6DF43960F034}" = dir=in | app=c:\program files (x86)\hp\hp software update\hpwucli.exe | 
"{3D507E6C-27BB-4569-B085-5A38AAA570F4}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 
"{47355017-06C0-46B0-90D6-22C57C8000C0}" = protocol=6 | dir=in | app=c:\program files (x86)\cyberlink\powerdvd\powerdvd.exe | 
"{496F54D4-17CD-4DE0-BE9A-E29C38DC2FBB}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe | 
"{5B3C4102-1EA9-478D-B0F0-4799C12311F7}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{6339966E-AB11-43A7-9E66-0A23B849C3CC}" = protocol=6 | dir=in | app=c:\program files (x86)\cyberlink\powerdvd\powerdvd.exe | 
"{68324CB0-5B1A-41A7-9B79-843182052117}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqgplgtupl.exe | 
"{6A3E7245-BB49-4A0C-840A-80754311D320}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{6B41D040-CD0C-4C7E-AE00-D251C524100D}" = protocol=17 | dir=in | app=c:\program files (x86)\cyberlink\powerdvd\powerdvd.exe | 
"{6D2FD848-5B01-4929-8558-54C3A5A69467}" = protocol=6 | dir=out | app=%systemroot%\system32\msdtc.exe | 
"{7338FCB0-9D16-4EC0-AC7D-D3220E00403B}" = dir=in | app=c:\program files (x86)\common files\hp\digital imaging\bin\hpqphotocrm.exe | 
"{74543671-D5A6-40EB-BADE-D5C9404E591B}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgh.exe | 
"{76ADA4AF-BF1E-41F8-B5DA-66325B70495A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqusgm.exe | 
"{76F361FD-7EE1-4EC5-A9A1-50C07901CC81}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{7A5572D2-2167-49BE-AE8C-03186096EE85}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{8C2D77D6-B04B-482B-89C9-8F20332B63C2}" = protocol=17 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe | 
"{92E0AF25-70A7-495B-8351-70E26E57BAC8}" = protocol=6 | dir=out | app=system | 
"{93BEA3F3-BD61-4B9D-8457-09B22C86BCAC}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{9531F9AF-50D9-4AC1-B17D-87F1EA0C1BB6}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpoews01.exe | 
"{959095C8-BD9D-46D9-B3E8-527640DD86D1}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{9F9F2416-9253-4E14-AA0A-C9516CA65077}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hposid01.exe | 
"{A29CA1CF-A6CB-4106-99E8-8FAE4C11DB1B}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2012\avgmfapx.exe | 
"{A310569E-9D18-4A33-937F-AE7CE24C2450}" = protocol=6 | dir=in | app=%systemroot%\system32\msdtc.exe | 
"{A9DDCB57-6406-48E9-A2CB-47734F8EF61E}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{AA761CB2-5A81-4204-A313-86212F251D30}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsvsvr.exe | 
"{AC5FBCD7-CF90-4FF5-B671-E2498247320F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqste08.exe | 
"{B2A12861-B132-4A35-B93B-0AAF581652B4}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{B4B74290-9A98-4216-BAA9-A21EABC584CF}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{B679AA71-ADEC-4303-A773-ABD794BFF5E4}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{B9512087-A3E4-4988-8AED-C7ED5CEDE4D1}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpfccopy.exe | 
"{B9BE9AEE-415D-4D2C-8D4A-DF29B4A493C1}" = protocol=6 | dir=in | app=c:\program files (x86)\samsung\samsung new pc studio\npsasvr.exe | 
"{BC29FFA4-06DF-4E53-BAFD-7F334D7C54C0}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqtra08.exe | 
"{BCA211FA-2801-40A7-99ED-CE37411DBDAA}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 
"{BCB79DE3-12BD-4ACD-BECB-F2E2CB5B5A3F}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpiscnapp.exe | 
"{C1C1482A-828F-486C-914C-AD0236FB638A}" = dir=in | app=c:\program files (x86)\hp\digital imaging\bin\hpqkygrp.exe | 
"{C363558C-5A77-4FC3-8FFF-484C4B84AF62}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{C5E02EDA-A3A7-486A-8ADD-DCD53DB1E5A8}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{CC2660BA-D776-4D8E-A2C4-091A6DDDBE87}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{CE877526-621D-4A21-B0FA-D25118920356}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 
"{D12F7A8E-2BEF-4B3D-99B2-086B4174172B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{D4366EEB-A27A-4E85-9F70-46DDA804F755}" = protocol=6 | dir=in | app=c:\program files (x86)\creative\creative centrale\ctupnpfn.exe | 
"{D9C14292-6F97-4BBA-B15E-8A3FA12C6233}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{E455E72B-9799-4C61-A0DC-81475A59A4B2}" = protocol=17 | dir=in | app=c:\program files (x86)\cyberlink\powerdvd\powerdvd.exe | 
"{E7D4DACA-4272-4C6A-93B6-8E854D43B49B}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 
"{E961CA42-F5C3-4BFC-A047-8D9D3B7B74A9}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{ED178956-E8AC-474E-AD09-EE821B23A14A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{F8C49C4F-2CE1-40BA-B6C3-6ACF321D0E9F}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{FA10AA31-FB3E-4510-B13F-39DCAA3035E2}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"TCP Query User{4B5A5CDA-E511-42AB-9D85-2CAFD040C7A7}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=6 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe | 
"TCP Query User{A784C922-0B36-4C60-AEF6-2C631661D993}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | 
"TCP Query User{B015AD5B-9A24-43DC-807E-2FB7253DA798}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | 
"TCP Query User{BEF6EC48-D4B9-486E-8D9F-1F281E0FA836}C:\program files (x86)\route 66\route 66 sync\sync9loader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\route 66\route 66 sync\sync9loader.exe | 
"TCP Query User{F8F5373C-CF2C-4A92-B8EA-6299057D9C80}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"UDP Query User{230B7691-A4AB-4791-B88E-844B5270D465}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe | 
"UDP Query User{5D021506-73C7-41A4-8911-10BB464FC01D}C:\program files (x86)\google\chrome\application\chrome.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe | 
"UDP Query User{C6084709-10B1-4C21-B883-2774807257DB}C:\program files (x86)\orbitdownloader\orbitnet.exe" = protocol=17 | dir=in | app=c:\program files (x86)\orbitdownloader\orbitnet.exe | 
"UDP Query User{DEF0994E-BF11-4EDD-A5EF-7F3D2A4F2A31}C:\program files (x86)\route 66\route 66 sync\sync9loader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\route 66\route 66 sync\sync9loader.exe | 
"UDP Query User{FD8F0E7D-D82F-4535-9338-B7A80C826D91}C:\program files (x86)\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files (x86)\mozilla firefox\plugin-container.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0E5D76AD-A3FB-48D5-8400-8903B10317D3}" = iTunes
"{11107A2A-AD44-4BC8-ABB5-E88E63BCA785}" = Intel(R) Network Connections 14.8.43.0
"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4807" = CanoScan LiDE 200 Scanner Driver
"{138A4072-9E64-46BD-B5F9-DB2BB395391F}" = LWS VideoEffects
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416029FF}" = Java(TM) 6 Update 29 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417002FF}" = Java(TM) 7 Update 2 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{55D55008-E5F6-47D6-B16F-B2A40D4D145F}" = 64 Bit HP CIO Components Installer
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{61CF2C86-8E46-4210-A115-E4D6C65AF369}" = HP Photosmart B109a-m All-In-One Driver Software 13.0 Rel .6
"{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}" = Windows Mobile-Gerätecenter
"{64A3A4F4-B792-11D6-A78A-00B0D0170020}" = Java(TM) SE Development Kit 7 Update 2 (64-bit)
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 310.70
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.11.3
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.18.0
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}" = Nokia Connectivity Cable Driver
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}" = Apple Mobile Device Support
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"C-Media Card Reader Driver USB2.0" = C-Media Card Reader Driver USB2.0
"HECI" = Intel(R) Management Engine Interface
"HP Imaging Device Functions" = HP Imaging Device Functions 13.0
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.5
"HP Solution Center & Imaging Support Tools" = HP Solution Center 13.0
"HPExtendedCapabilities" = HP Customer Participation Program 13.0
"MESOL" = Intel® Active-Management-Technologie
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"PROSetDX" = Intel(R) Network Connections 14.8.43.0
"Recuva" = Recuva
"Shop for HP Supplies" = Shop for HP Supplies
"sp6" = Logitech SetPoint 6.32
"TeamSpeak 3 Client" = TeamSpeak 3 Client
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{08610298-29AE-445B-B37D-EFBE05802967}" = LWS Pictures And Video
"{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}" = Scan
"{12451AF7-EFF8-4B5B-8255-282D7CC7CAEE}" = OviMPlatform
"{144B4BF4-16CA-4FD3-A547-8A8107EF40D7}" = SA23xx Device Manager
"{15634701-BACE-4449-8B25-1567DA8C9FD3}" = CameraHelperMsi
"{1651216E-E7AD-4250-92A1-FB8ED61391C9}" = LWS Help_main
"{174A3B31-4C43-43DD-866F-73C9DB887B48}" = LWS Twitter
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{17D26CDD-B87C-412B-92F0-2D5DD4313522}" = Facebook Messenger 2.1.4651.0
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1ADE1AA0-7F82-4BB1-B1BD-727DE438057B}" = Cool & Quiet
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"{20D4A895-748C-4D88-871C-FDB1695B0169}" = Platform
"{21A2F5EE-1DC5-488A-BE7E-E526F8C61488}" = DeviceDiscovery
"{21DF0294-6B9D-4741-AB6F-B2ABFBD2387E}" = LWS YouTube Plugin
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{24EE4523-711A-4BD1-95EA-F73A8A6950D3}" = Audials TV
"{26A24AE4-039D-4CA4-87B4-2F83217013FF}" = Java 7 Update 13
"{28E82311-8616-11E1-BEB0-B8AC6F97B88E}" = Google Earth
"{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}" = LG United Mobile Driver
"{2CC53A53-44F4-4667-8584-2FFC9ACB2242}" = Ovi Desktop Sync Engine
"{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}" = BufferChm
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3F7A9E82-5A85-4119-A8A5-7D840A0F76DC}" = Photo Notifier and Animation Creator
"{43CDF946-F5D9-4292-B006-BA0D92013021}" = WebReg
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}" = SolutionCenter
"{567C9882-843D-4188-A181-00E2CC3E1031}" = LG Burning Tools
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = ASUSUpdate
"{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{6179550A-3E7C-499E-BCC9-9E8113E0A285}" = LG ODD Auto Firmware Update
"{63E3C41E-BEC7-4788-8D45-A796CD55A07B}" = Intel(R) IT Director
"{63FF21C9-A810-464F-B60A-3111747B1A6D}" = GPBaseService2
"{656FDFA4-C7C6-40D9-99F7-F6F331412AEF}" = WarrantyExtension
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = LG CyberLink PowerDVD 7.0
"{68A10D12-0D0F-4212-BDE6-D87FAD32A8FA}" = SmartWebPrinting
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}" = HPSSupply
"{6BBA26E9-AB03-4FE7-831A-3535584CA002}" = Toolbox
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{6F76EC3C-34B1-436E-97FB-48C58D7BEDCD}" = LWS Gallery
"{7059BDA7-E1DB-442C-B7A1-6144596720A4}" = HP Update
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{71E66D3F-A009-44AB-8784-75E2819BA4BA}" = LWS Motion Detection
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}" = Avanquest update
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7B63B2922B174135AFC0E1377DD81EC2}" = 
"{80FE5490-E9DD-4AE9-8537-3EB5EFB606FC}" = PS_AIO_06_B109a-m_SW_Min
"{83C8FA3C-F4EA-46C4-8392-D3CE353738D6}" = LWS Launcher
"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5
"{8937D274-C281-42E4-8CDB-A0B2DF979189}" = LWS Webcam Software
"{8A1033B0-EF33-4FB5-97A1-C47A7DCDD7E6}_is1" = ClipGrab 3.2.0.9
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DAEA76B-E50F-4272-A595-0124E826553D}" = LWS WLM Plugin
"{9EC9754D-CA34-4293-B5DB-3BD245A88A43}" = ArcSoft MediaImpression
"{A15F32A1-164E-4C40-82D4-DD57D0D26530}" = Audials
"{A498D9EB-927B-459B-85D6-DD6EF8C2C564}" = erLT
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.5) - Deutsch
"{AC7EE5F1-0DE4-4256-8E43-92B73C8E6019}" = LG Bluetooth Drivers
"{ADD5DB49-72CF-11D8-9D75-000129760D75}" = LG CyberLink PowerBackup
"{AE8705FB-E13C-40A9-8A2D-68D6733FBFC2}" = Status
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF20390E-5ADD-4CB0-BF9D-EDF6E7891AD9}" = B109a-m
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}" = PMB
"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call
"{B7A0CE06-068E-11D6-97FD-0050BACBF861}" = LG CyberLink PowerProducer
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C43326F5-F135-4551-8270-7F7ABA0462E1}" = HPProductAssistant
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{C8842F80-0E07-4424-916D-9F6B6A9968E4}" = IncrediMail
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CCE825DB-347A-4004-A186-5F4A6FDD8547}" = Apple Application Support
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D40EB009-0499-459c-A8AF-C9C110766215}" = Logitech Webcam Software
"{DC0A5F99-FD66-433F-9D3A-05DCBA64BE42}" = TrayApp
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{EED027B7-0DB6-404B-8F45-6DFEE34A0441}" = LWS Video Mask Maker
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.115
"{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{FBA0CA60-8BF2-4381-B819-74F020E165A9}" = LG USB WML Modem Driver
"{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}" = Visual Studio 2008 x64 Redistributables
"{FF167195-9EE4-46C0-8CD7-FBA3457E88AB}" = LWS Facebook
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Ashampoo Burning Studio 6 FREE_is1" = Ashampoo Burning Studio 6 FREE v.6.83
"avast" = avast! Free Antivirus
"CANONIJPLM100" = Inkjet Printer/Scanner Extended Survey Program
"CanonSolutionMenu" = Canon Utilities Solution Menu
"DB Fahrplaninformation 2012" = DB Fahrplaninformation 2012
"DivX Setup" = DivX-Setup
"ElsterFormular für Privatanwender 12.2.2.6665p" = ElsterFormular für Privatanwender
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"FormatFactory" = FormatFactory 3.00
"FreeHideIP" = Free Hide IP
"Google Chrome" = Google Chrome
"IncrediMail" = IncrediMail 2.5
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = LG CyberLink YouCam
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = LG Power Tools
"InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}" = VIA Plattform-Geräte-Manager
"InstallShield_{F193FC0E-9E18-40FC-A974-509A1BDD240A}" = Samsung New PC Studio
"LG PC Suite IV" = LG PC Suite IV
"Mozilla Firefox 18.0.2 (x86 de)" = Mozilla Firefox 18.0.2 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 2.0" = Canon MP Navigator EX 2.0
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Philips Songbird" = Philips Songbird
"Photo Notifier and Animation Creator" = Photo Notifier and Animation Creator
"PhotoScape" = PhotoScape
"Picasa 3" = Picasa 3
"Revo Uninstaller" = Revo Uninstaller 1.94
"VLC media player" = VLC media player 2.0.5
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 26.07.2012 01:33:47 | Computer Name = Judith-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 12122
 
Error - 26.07.2012 01:33:47 | Computer Name = Judith-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 12122
 
Error - 26.07.2012 01:33:49 | Computer Name = Judith-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 26.07.2012 01:33:49 | Computer Name = Judith-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 13229
 
Error - 26.07.2012 01:33:49 | Computer Name = Judith-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 13229
 
Error - 26.07.2012 01:33:50 | Computer Name = Judith-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 26.07.2012 01:33:50 | Computer Name = Judith-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 14290
 
Error - 26.07.2012 01:33:50 | Computer Name = Judith-PC | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 14290
 
Error - 26.07.2012 05:18:41 | Computer Name = Judith-PC | Source = Application Hang | ID = 1002
Description = Programm Explorer.EXE, Version 6.1.7601.17567 kann nicht mehr unter
 Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf 
in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
 zu suchen.    Prozess-ID: 734    Startzeit: 01cd6aebfd9dd04e    Endzeit: 0    Anwendungspfad: C:\Windows\Explorer.EXE

Berichts-ID:
 ca2a2a18-d702-11e1-9205-bcaec54621d0  
 
Error - 26.07.2012 06:18:34 | Computer Name = Judith-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
 (x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in  Manifest- oder Richtliniendatei
 "" in Zeile .  Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
 mit  einer anderen, bereits aktiven Komponentenversion.  In Konflikt stehende Komponenten:.
Komponente
 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
[ System Events ]
Error - 14.02.2013 02:27:23 | Computer Name = Judith-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Intel(R) IT Director erreicht.
 
Error - 14.02.2013 02:27:23 | Computer Name = Judith-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Intel(R) IT Director" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 14.02.2013 05:17:54 | Computer Name = Judith-PC | Source = DCOM | ID = 10010
Description = 
 
Error - 15.02.2013 01:46:40 | Computer Name = Judith-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst ShellHWDetection erreicht.
 
Error - 15.02.2013 05:52:49 | Computer Name = Judith-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?15.?02.?2013 um 10:50:49 unerwartet heruntergefahren.
 
Error - 15.02.2013 05:52:57 | Computer Name = JUDITH-PC | Source = BugCheck | ID = 1001
Description = 
 
Error - 15.02.2013 08:57:53 | Computer Name = Judith-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Intel(R) IT Director erreicht.
 
Error - 15.02.2013 08:57:53 | Computer Name = Judith-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Intel(R) IT Director" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 15.02.2013 09:51:44 | Computer Name = Judith-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Intel(R) IT Director erreicht.
 
Error - 15.02.2013 09:51:44 | Computer Name = Judith-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Intel(R) IT Director" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
 
< End of report >
         

Alt 15.02.2013, 14:43   #15
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Delta Search lässt sich nicht entfernen - Standard

Delta Search lässt sich nicht entfernen



Sage mal, ist das rein zufällig ein Büro-/Firmen-PC? Oder ein Uni-Rechner?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu Delta Search lässt sich nicht entfernen
adblock, adobe, antivirus, autorun, bho, bonjour, defender, delta search, entfernen, error, explorer, firefox, flash player, format, google, helper, logfile, lässt sich nicht entfernen, mozilla, nvidia update, object, problem, registry, safer networking, scan, schutz, sich automatisch, software, suchmaschine, tarma, temp, windows



Ähnliche Themen: Delta Search lässt sich nicht entfernen


  1. Sonic Search lässt sich nicht entfernen!
    Log-Analyse und Auswertung - 14.11.2015 (29)
  2. Delta-Homes lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 19.01.2015 (4)
  3. search.snapdo lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 25.04.2014 (15)
  4. Hola Search lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 23.01.2014 (5)
  5. do-search lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 10.01.2014 (23)
  6. 1. delta search lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 19.09.2013 (22)
  7. Delta Search lässt sich nicht entfernen - MBAM findet Infizierungen
    Log-Analyse und Auswertung - 17.09.2013 (11)
  8. Delta Search lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 28.08.2013 (11)
  9. Delta Search lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 18.08.2013 (13)
  10. delta-force als startseite lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 04.07.2013 (5)
  11. Hola Search lässt sich nicht entfernen
    Log-Analyse und Auswertung - 26.06.2013 (5)
  12. Hola Search lässt sich nicht entfernen
    Log-Analyse und Auswertung - 30.05.2013 (12)
  13. Delta Search lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 27.05.2013 (7)
  14. Firefox "Neuer Tab": mixidj.delta-search.com, lässt sich nicht löschen
    Plagegeister aller Art und deren Bekämpfung - 27.04.2013 (24)
  15. Delta-Search lässt sich nicht löschen!
    Plagegeister aller Art und deren Bekämpfung - 12.04.2013 (7)
  16. Delta Search lässt sich nicht entfernen !
    Plagegeister aller Art und deren Bekämpfung - 29.03.2013 (8)
  17. Eazel search lässt sich nicht entfernen
    Plagegeister aller Art und deren Bekämpfung - 25.03.2013 (1)

Zum Thema Delta Search lässt sich nicht entfernen - Hallo liebe Helfer, ich habe mich hier angemeldet, weil ich im Netz nichts Brauchbares zu meinem Problem gefunden habe. Bin etwas eingeschüchtert von den ganzen Regeln hier und weiß nicht, - Delta Search lässt sich nicht entfernen...
Archiv
Du betrachtest: Delta Search lässt sich nicht entfernen auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.