Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Snap.do entfernen. Ich finde keine Lösungen!

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 12.04.2013, 22:18   #1
Daten
 
Snap.do entfernen. Ich finde keine Lösungen! - Frage

Snap.do entfernen. Ich finde keine Lösungen!



Liebes Team, ich habe mich eingehend über dieses Problem informiert, sei es Google oder eben auf dieser Plattform, habe aber keine Lösungen gefunden. Ich habe seit einiger Zeit ( 1 - 2 Monate ) Snap.do auf meinem Notebook. Ich weiß nicht, wie ich dieses Programm installiert habe. Ich habe unter Einstellungen bei Google probiert, es wegzukriegen, aber ohne Erfolg. Es kommt wieder und wieder. Systemeinstellungen/ Programme deinstallieren bring auch nichts, da ich Snap.do dort nicht finde. SpyHunter soll helfen, aber kostet es mich was und soll ich es herunterladen? Wie soll ich vorgehen?
Danke im Voraus

Alt 12.04.2013, 22:27   #2
aharonov
/// TB-Ausbilder
 
Snap.do entfernen. Ich finde keine Lösungen! - Standard

Snap.do entfernen. Ich finde keine Lösungen!



Hi,

Zitat:
Wie soll ich vorgehen?
Auf keinen Fall den SpyHunter herunterladen..


Schritt 1

Downloade dir bitte AdwCleaner und speichere es auf deinen Desktop.
  • Schliesse alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Klicke auf Löschen.
  • Bestätige jeweils mit Ok.
  • Dein Rechner wird neu gestartet, je nach Schwere der Infektion auch mehrmals - das ist normal. Nach dem Neustart öffnet sich eine Textdatei.
  • Poste mir den Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner[S1].txt.



Schritt 2

Lade dir bitte OTL (von Oldtimer) herunter und speichere es auf deinen Desktop.
  • Doppelklick auf die OTL.exe.
  • Unter Extra Registry, wähle bitte Use SafeList.
  • Setze den Haken bei Scan all Users.
  • Klicke nun auf Run Scan.
  • Wenn der Scan beendet ist, werden 2 Logfiles (OTL.txt und Extras.txt) erstellt.
  • Poste den Inhalt dieser Logfiles hier in den Thread.



Bitte poste in deiner nächsten Antwort:
  • Log von AdwCleaner
  • Logs von OTL
__________________

__________________

Alt 12.04.2013, 22:49   #3
Daten
 
Snap.do entfernen. Ich finde keine Lösungen! - Standard

Snap.do entfernen. Ich finde keine Lösungen!



Sind diese Programme kostenlos und seriös? Ich mein die Programme, die ich herunterladen muss/soll.

AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v2.200 - Datei am 12/04/2013 um 23:17:32 erstellt
# Aktualisiert am 02/04/2013 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzer : AMD - HP
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\AMD\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : DefaultTabUpdate
Gestoppt & Gelöscht : SrvUpdater

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\tcbhn.lnk
Datei Gelöscht : C:\Windows\Tasks\AmiUpdXp.job
Datei Gelöscht : C:\Windows\Tasks\GinyasBrowserCompanion Chrome Watcher.job
Datei Gelöscht : C:\Windows\Tasks\GinyasBrowserCompanion FireFox Watcher.job
Datei Gelöscht : C:\Windows\Tasks\GinyasBrowserCompanion Runner.job
Datei Gelöscht : C:\Windows\Tasks\GinyasBrowserCompanion Stats Report.job
Datei Gelöscht : C:\Windows\Tasks\GinyasBrowserCompanion Update Checker.job
Gelöscht mit Neustart : C:\Program Files (x86)\BrowserProtect
Gelöscht mit Neustart : C:\ProgramData\GinyasBrowserCompanion
Ordner Gelöscht : C:\Program Files (x86)\AddLyrics
Ordner Gelöscht : C:\Program Files (x86)\BrowserCompanion
Ordner Gelöscht : C:\Program Files (x86)\ChatZum Toolbar
Ordner Gelöscht : C:\Program Files (x86)\DealPly
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\BrowserProtect
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Ordner Gelöscht : C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf
Ordner Gelöscht : C:\Users\AMD\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\AMD\AppData\Local\Smartbar
Ordner Gelöscht : C:\Users\AMD\AppData\Local\SwvUpdater
Ordner Gelöscht : C:\Users\AMD\AppData\Local\Temp\Smartbar
Ordner Gelöscht : C:\Users\AMD\AppData\LocalLow\bbrs_002.tb
Ordner Gelöscht : C:\Users\AMD\AppData\LocalLow\Smartbar
Ordner Gelöscht : C:\Users\AMD\AppData\LocalLow\Softonic
Ordner Gelöscht : C:\Users\AMD\AppData\LocalLow\Toolbar4
Ordner Gelöscht : C:\Users\AMD\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\AMD\AppData\Roaming\BrowserCompanion
Ordner Gelöscht : C:\Users\AMD\AppData\Roaming\DealPly
Ordner Gelöscht : C:\Users\AMD\AppData\Roaming\DefaultTab
Ordner Gelöscht : C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\{ADFA33FD-16F5-4355-8504-DF4D664CFE83}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\DefaultTab
Schlüssel Gelöscht : HKCU\Software\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\Blabbers
Schlüssel Gelöscht : HKCU\Software\BrowserCompanion
Schlüssel Gelöscht : HKCU\Software\ChatZum Toolbar
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\DealPly
Schlüssel Gelöscht : HKCU\Software\Default Tab
Schlüssel Gelöscht : HKCU\Software\DefaultTab
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\SmartbarBackup
Schlüssel Gelöscht : HKCU\Software\SmartbarLog
Schlüssel Gelöscht : HKCU\Software\520dedfb538e846
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\BrowserCompanion
Schlüssel Gelöscht : HKLM\Software\ChatZum Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{20EDC024-43C5-423E-B7F5-FD93523E0D9F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7E8A36EA-2501-4ED3-A3C8-CFA9143FB169}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Toolbar.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\wit4ie.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.BandObjectAttribute
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.DockingPanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.IESmartBarBandObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarDisplayState
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\IESmartBar.SmartbarMenuForm
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Features\7E685771E24E83F4381D1DB5A45F7B41
Schlüssel Gelöscht : HKLM\Software\Classes\Installer\Products\7E685771E24E83F4381D1DB5A45F7B41
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\base64
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\chrome
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\prox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TBSB00001.IEToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TBSB00001.IEToolbar.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TBSB00001.TBSB00001
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TBSB00001.TBSB00001.3
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\tdataprotocol.CTData
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\tdataprotocol.CTData.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.BandObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.BandObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.ToolbarHelperObject.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.SearchProviderManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.XBTBPos00
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar3.XBTBPos00.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{6857AC4A-95B4-4E2C-B2D2-8A235FCCEF4A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\updatebho.TimerBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\updatebho.TimerBHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wit4ie.WitBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wit4ie.WitBHO.2
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\DealPly
Schlüssel Gelöscht : HKLM\Software\Default Tab
Schlüssel Gelöscht : HKLM\Software\GinyasBrowserCompanion
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\520dedfb538e846
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1BB22D38-A411-4B13-A746-C2A4F4EC7344}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D433A9D0-8267-40CB-8AD5-24F22FA5373F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ChatZum Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\GinyasBrowserCompanion
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1C888195-0160-4883-91B7-294C0CE2F277}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6B458F62-592F-4B25-8967-E6A350A59328}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{99ACA0F7-D864-45CB-8C40-FD42A077E7CA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FCC9CDD3-EFFF-11D1-A9F0-00A0244AC403}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Tarma Installer
Schlüssel Gelöscht : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Browser Infrastructure Helper]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{1BB22D38-A411-4B13-A746-C2A4F4EC7344}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16519

Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://feed.snap.do/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=DE&userid=e781cdda-9ee1-4c54-b4e8-13e5e5993f92&searchtype=hp&installDate=15/02/2013 --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Page] = hxxp://feed.snap.do/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=DE&userid=e781cdda-9ee1-4c54-b4e8-13e5e5993f92&searchtype=ds&q={searchTerms}&installDate=15/02/2013 --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Search Bar] = hxxp://feed.snap.do/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=DE&userid=e781cdda-9ee1-4c54-b4e8-13e5e5993f92&searchtype=ds&q={searchTerms}&installDate=15/02/2013 --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Search - Default_Search_URL] = hxxp://feed.snap.do/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=DE&userid=e781cdda-9ee1-4c54-b4e8-13e5e5993f92&searchtype=ds&q={searchTerms}&installDate=15/02/2013 --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Search - SearchAssistant] = hxxp://feed.snap.do/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=DE&userid=e781cdda-9ee1-4c54-b4e8-13e5e5993f92&searchtype=ds&q={searchTerms}&installDate=15/02/2013 --> hxxp://www.google.com
Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.snap.do/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=DE&userid=e781cdda-9ee1-4c54-b4e8-13e5e5993f92&searchtype=ds&q={searchTerms}&installDate=15/02/2013 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl - Default] = hxxp://feed.snap.do/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=DE&userid=e781cdda-9ee1-4c54-b4e8-13e5e5993f92&searchtype=ds&q={searchTerms}&installDate=15/02/2013 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Page] = hxxp://search.chatzum.com/?orig=HP&affid=61&cztbid=363967391 --> hxxp://www.google.com

-\\ Google Chrome v26.0.1410.64

Datei : C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gelöscht [l.2346] : homepage = "hxxp://feed.snap.do/?publisher=InternetTurboYB&dpid=InternetTurboYB&co=DE&userid=e78[...]

*************************

AdwCleaner[S1].txt - [26106 octets] - [12/04/2013 23:17:32]

########## EOF - C:\AdwCleaner[S1].txt - [26167 octets] ##########
         
--- --- ---
__________________

Alt 12.04.2013, 23:34   #4
aharonov
/// TB-Ausbilder
 
Snap.do entfernen. Ich finde keine Lösungen! - Standard

Snap.do entfernen. Ich finde keine Lösungen!



Zitat:
Sind diese Programme kostenlos und seriös? Ich mein die Programme, die ich herunterladen muss/soll.
Du musst nichts herunterladen. Aber wenn ich dir helfen soll, dann ist das the way to go.
Wir arbeiten hier nur mit kostenlosen und seriösen Programmen.
__________________
cheers,
Leo

Alt 13.04.2013, 00:12   #5
Daten
 
Snap.do entfernen. Ich finde keine Lösungen! - Standard

Snap.do entfernen. Ich finde keine Lösungen!



OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 12.04.2013 23:39:25 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\AMD\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16519)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,47 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 53,54% Memory free
4,10 Gb Paging File | 2,32 Gb Available in Paging File | 56,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448,57 Gb Total Space | 398,54 Gb Free Space | 88,85% Space Free | Partition Type: NTFS
Drive D: | 16,42 Gb Total Space | 2,10 Gb Free Space | 12,81% Space Free | Partition Type: NTFS
 
Computer Name: HP | User Name: AMD | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - File not found -- 
PRC - [2013.04.12 23:34:57 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\AMD\Downloads\OTL.exe
PRC - [2013.03.14 18:43:20 | 000,188,760 | ---- | M] () -- C:\Programme\Video downloader\ExtensionUpdaterService.exe
PRC - [2013.02.06 16:24:02 | 000,252,928 | ---- | M] () -- C:\Program Files (x86)\BrowserProtect\proxy\myProxy.exe
PRC - [2012.12.24 05:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\ccSvcHst.exe
PRC - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.08.13 12:08:08 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2012.08.13 12:08:08 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2012.07.27 19:21:26 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2012.07.09 13:40:02 | 000,580,512 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2012.07.09 13:40:02 | 000,035,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2012.06.13 14:32:04 | 000,222,720 | ---- | M] () -- C:\Program Files (x86)\EazelBar\ToolbarUpdaterService.exe
PRC - [2012.06.08 05:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2012.03.28 19:34:30 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2012.01.12 15:52:57 | 000,296,232 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
PRC - [2012.01.12 15:52:55 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
PRC - [2012.01.12 15:52:55 | 000,075,048 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
PRC - [2012.01.02 04:21:22 | 000,501,544 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
PRC - [2011.08.26 14:37:18 | 001,342,008 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
PRC - [2011.03.28 12:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2009.09.11 13:34:22 | 002,403,840 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
PRC - [2009.09.11 13:33:54 | 000,009,216 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
PRC - [2008.09.10 13:11:12 | 000,676,520 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe
PRC - [2008.09.10 13:11:10 | 000,016,040 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduamon.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.04.09 10:57:07 | 000,390,096 | ---- | M] () -- C:\Users\AMD\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
MOD - [2013.04.09 10:57:05 | 004,050,896 | ---- | M] () -- C:\Users\AMD\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013.04.09 10:56:15 | 000,598,480 | ---- | M] () -- C:\Users\AMD\AppData\Local\Google\Chrome\Application\26.0.1410.64\libglesv2.dll
MOD - [2013.04.09 10:56:14 | 000,124,368 | ---- | M] () -- C:\Users\AMD\AppData\Local\Google\Chrome\Application\26.0.1410.64\libegl.dll
MOD - [2013.04.09 10:56:13 | 001,606,096 | ---- | M] () -- C:\Users\AMD\AppData\Local\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
MOD - [2013.02.06 16:24:02 | 000,252,928 | ---- | M] () -- C:\Program Files (x86)\BrowserProtect\proxy\myProxy.exe
MOD - [2013.02.06 16:24:02 | 000,130,048 | ---- | M] () -- C:\Program Files (x86)\BrowserProtect\proxy\zlibwapi.dll
MOD - [2012.12.12 01:09:49 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2012.10.09 04:23:11 | 003,198,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012.10.09 04:23:11 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2012.10.09 04:23:11 | 000,258,048 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
MOD - [2012.09.28 23:41:48 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2012.09.14 00:04:14 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
MOD - [2012.09.14 00:04:06 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2012.08.10 17:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2012.07.27 01:08:38 | 002,972,672 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2012.07.27 01:08:38 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2012.07.27 01:08:38 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2012.07.27 01:08:38 | 000,385,024 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2012.07.27 01:08:38 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012.07.27 01:08:38 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2012.07.27 01:08:38 | 000,114,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2012.07.27 01:08:38 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MOD - [2012.07.26 05:19:14 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
MOD - [2012.06.08 12:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012.06.08 05:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2012.05.30 08:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\wincfi39.dll
MOD - [2012.01.02 04:21:17 | 000,374,056 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\CLNetMediaDMA.dll
MOD - [2008.09.10 13:11:12 | 000,676,520 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe
MOD - [2008.09.10 13:11:10 | 000,016,040 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduamon.exe
MOD - [2008.09.10 11:56:27 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducaps.dll
MOD - [2008.09.10 11:56:14 | 000,380,928 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduscw.dll
MOD - [2008.09.10 11:56:12 | 001,036,288 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduDRS.dll
MOD - [2008.09.10 11:40:31 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducnv4.dll
MOD - [2008.05.23 14:02:14 | 000,188,416 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdudatr.dll
MOD - [2008.01.16 10:24:34 | 000,020,992 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\DotNetChecker.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013.02.02 10:21:45 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013.01.10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013.01.10 01:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012.12.06 06:23:00 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2012.12.06 06:22:59 | 000,178,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2012.11.06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012.11.06 06:17:41 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2012.09.20 11:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012.09.20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012.09.20 08:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2012.08.23 17:18:14 | 004,412,872 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\Windows\SysNative\hasplms.exe -- (hasplms)
SRV:64bit: - [2012.08.10 16:24:28 | 000,029,600 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2012.08.09 08:45:58 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.08.08 11:36:06 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012.07.26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012.07.26 05:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012.07.26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012.07.26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012.07.26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012.07.26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012.07.26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012.07.26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012.07.26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012.07.26 05:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2012.07.26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012.07.26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2009.10.16 17:06:40 | 001,039,360 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxducoms.exe -- (lxdu_device)
SRV:64bit: - [2009.10.16 16:53:46 | 000,029,184 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxduserv.exe -- (lxduCATSCustConnectService)
SRV - [2013.03.29 20:52:42 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.14 18:43:20 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Programme\Video downloader\ExtensionUpdaterService.exe -- (Video downloader Updater)
SRV - [2013.02.14 10:05:56 | 000,055,296 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\BrowserProtect\srvBrowserProtect.exe -- (srvBrowserProtect)
SRV - [2013.02.07 14:04:30 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.24 05:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\ccSvcHst.exe -- (NIS)
SRV - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.11.06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012.08.10 17:53:44 | 000,085,504 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2012.07.26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012.07.26 05:18:41 | 000,408,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2012.07.26 05:17:52 | 000,060,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2012.07.21 18:30:36 | 000,321,536 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Programme\IDT\WDM\stacsv64.exe -- (STacSV)
SRV - [2012.07.14 03:02:16 | 002,451,456 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012.07.09 13:40:02 | 000,035,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2012.06.13 14:32:04 | 000,222,720 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\EazelBar\ToolbarUpdaterService.exe -- (Updater Service for EazelBar)
SRV - [2012.01.12 15:52:57 | 000,296,232 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe -- (CyberLink PowerDVD 12 Media Server Service)
SRV - [2012.01.12 15:52:55 | 000,087,336 | ---- | M] (CyberLink Corp.) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe -- (CLHNServiceForPowerDVD12)
SRV - [2012.01.12 15:52:55 | 000,075,048 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe -- (CyberLink PowerDVD 12 Media Server Monitor Service)
SRV - [2011.04.01 12:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.03.28 12:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2009.10.16 16:53:46 | 000,029,184 | ---- | M] () [Auto | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe -- (lxduCATSCustConnectService)
SRV - [2009.09.11 13:33:54 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2008.05.23 14:58:34 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxducoms.exe -- (lxdu_device)
SRV - [2005.11.17 14:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.02.07 06:09:56 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013.02.02 13:19:44 | 000,446,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013.02.02 09:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013.01.31 05:18:18 | 000,432,800 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1403000.024\symnets.sys -- (SymNetS)
DRV:64bit: - [2013.01.31 05:18:06 | 001,139,800 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\NISx64\1403000.024\symefa64.sys -- (SymEFA)
DRV:64bit: - [2013.01.29 03:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013.01.29 03:45:19 | 000,796,248 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1403000.024\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013.01.29 03:45:19 | 000,036,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1403000.024\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013.01.29 01:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013.01.22 04:15:33 | 000,493,656 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\NISx64\1403000.024\symds64.sys -- (SymDS)
DRV:64bit: - [2013.01.10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013.01.10 03:39:29 | 000,194,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2012.12.04 15:47:30 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012.11.27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012.11.20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012.11.16 04:22:01 | 000,224,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1403000.024\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012.11.16 04:18:04 | 000,168,096 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1403000.024\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2012.11.06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012.10.12 12:18:30 | 000,083,072 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\aksdf.sys -- (aksdf)
DRV:64bit: - [2012.10.12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.10.11 09:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012.10.11 09:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012.10.06 17:55:24 | 000,323,584 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\hardlock.sys -- (hardlock)
DRV:64bit: - [2012.09.20 09:55:33 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2012.09.20 09:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2012.09.20 09:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012.09.20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012.09.20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012.09.20 09:03:08 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2012.08.24 11:38:28 | 000,448,312 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012.08.24 11:38:28 | 000,043,832 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2012.08.24 11:38:26 | 000,041,272 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Smb_driver_AMDASF.sys -- (SmbDrv)
DRV:64bit: - [2012.08.10 16:24:28 | 000,042,400 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2012.08.10 16:24:28 | 000,029,600 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2012.08.09 10:03:32 | 010,283,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.08.09 07:48:20 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.08.07 12:51:18 | 000,141,256 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\aksfridge.sys -- (aksfridge)
DRV:64bit: - [2012.08.03 15:07:30 | 000,020,288 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\WirelessButtonDriver64.sys -- (WirelessButtonDriver)
DRV:64bit: - [2012.07.31 21:22:00 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012.07.31 10:04:12 | 000,690,832 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012.07.26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.07.26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012.07.26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012.07.26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012.07.26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012.07.26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012.07.26 07:00:55 | 000,283,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2012.07.26 07:00:55 | 000,077,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2012.07.26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012.07.26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012.07.26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012.07.26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012.07.26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012.07.26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012.07.26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012.07.26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012.07.26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012.07.26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012.07.26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012.07.26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012.07.26 06:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012.07.26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012.07.26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012.07.26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012.07.26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012.07.26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012.07.26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012.07.26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012.07.26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012.07.26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012.07.26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012.07.26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012.07.26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012.07.26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012.07.26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012.07.26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012.07.26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.07.26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012.07.26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012.07.26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012.07.26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012.07.26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012.07.26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012.07.24 11:35:12 | 000,079,528 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2012.07.24 11:35:12 | 000,026,280 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2012.07.24 09:44:02 | 003,618,304 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athw8x.sys -- (athr)
DRV:64bit: - [2012.07.21 18:30:36 | 000,540,160 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2012.07.18 06:59:12 | 000,098,472 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AtihdW86.sys -- (AtiHDAudioService)
DRV:64bit: - [2012.07.04 00:09:08 | 000,269,968 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:64bit: - [2012.06.25 11:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012.06.23 07:23:38 | 000,199,008 | ---- | M] (AppEx Networks Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\appexDrv.sys -- (APXACC)
DRV:64bit: - [2012.06.20 23:27:30 | 000,023,448 | R--- | M] (Symantec Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\NISx64\1403000.024\symelam.sys -- (SymELAM)
DRV:64bit: - [2012.06.19 16:07:50 | 000,057,000 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012.06.02 16:32:26 | 010,627,744 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.29 19:00:50 | 000,132,608 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2009.06.29 19:00:50 | 000,116,096 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ewusbfake.sys -- (hwusbfake)
DRV:64bit: - [2009.04.09 14:38:24 | 000,116,864 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2013.03.22 03:52:21 | 001,387,608 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20130322.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013.02.15 23:03:18 | 002,087,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20130412.003\ex64.sys -- (NAVEX15)
DRV - [2013.02.15 23:03:18 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013.02.15 23:03:18 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013.02.15 23:03:18 | 000,126,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20130412.003\eng64.sys -- (NAVENG)
DRV - [2013.02.14 08:05:36 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20130411.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012.01.11 23:57:42 | 000,146,928 | ---- | M] (CyberLink Corp.) [2013/02/18 18:32:23] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl -- ({329F96B6-DF1E-4328-BFDA-39EA953C1312})
DRV - [2011.10.27 08:18:45 | 000,082,928 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys -- (ntk_PowerDVD12)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT13/4
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
IE:64bit: - HKLM\..\SearchScopes\{28A1AFBC-2A66-4FD6-8237-7EAF11857F60}: "URL" = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.chatzum.com/?orig=DS&affid=61&cztbid=363967391&q={searchTerms}
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = 
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.chatzum.com/?orig=DS&affid=61&cztbid=363967391&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Skype.com/Skype Web Plugin: C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
FF - HKLM\Software\MozillaPlugins\@startpage24.com/npLin64;Version=4: C:\ProgramData\Startpage24\Plugin\firefox\plugins\nplink64.dll (Link64 GmbH)
FF - HKLM\Software\MozillaPlugins\@startpage24.com/npLin64c;Version=5: C:\ProgramData\Startpage24\Plugin\nplink64chrome.dll (Link64 GmbH)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\AMD\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\AMD\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@www.flatcast.com/FlatViewer 5.2: C:\Windows\DOWNLO~1\NpFv530.dll ()
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{77BEC163-D389-42c1-91A4-C758846296A5}: C:\PROGRAM FILES\VIDEO DOWNLOADER\FIREFOX [2013.03.29 20:43:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\ [2013.04.12 23:26:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFFPlgn\ [2013.02.15 15:57:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{EBD839AE-B08C-4fb7-859B-F54AF16C159F}: C:\Program Files (x86)\EazelBar\Firefox [2013.02.18 19:11:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ffext@startpage24: C:\ProgramData\Startpage24\Plugin\firefox [2013.02.21 22:20:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{77BEC163-D389-42c1-91A4-C758846296A5}: C:\Program Files\Video downloader\Firefox [2013.03.29 20:43:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\autolyrics@man-soft.net: C:\Program Files (x86)\AutoLyrics\FF\ [2013.03.03 13:16:26 | 000,000,000 | ---D | M]
 
[2013.02.15 22:20:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\AMD\AppData\Local\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\AMD\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\AMD\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Flatcast Viewer Plugin 5.3.0.784 (Enabled) = C:\Users\AMD\AppData\Roaming\Mozilla\plugins\NpFv530.dll
CHR - plugin: Skype Web Plugin (Enabled) = C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Startpage24 Startpage (Enabled) = C:\ProgramData\Startpage24\Plugin\firefox\plugins\nplink64.dll
CHR - plugin: Startpage24 Startpage (Enabled) = C:\ProgramData\Startpage24\Plugin\nplink64chrome.dll
CHR - plugin: Google Update (Enabled) = C:\Users\AMD\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Startpage24 Extension = C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghjedieekahkckccfclnacnooabafgjg\0.3_0\
CHR - Extension: Norton Identity Protection = C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.2.10_0\
CHR - Extension: Google Mail = C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Auto Lyrics = C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkcdkfohdadbjmlfejhncigcbfkiaamf\1.110_0\
 
O1 HOSTS File: ([2013.02.24 10:29:22 | 000,000,895 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.google-analytics.com
O1 - Hosts: 127.0.0.1 google-analytics.com
O2:64bit: - BHO: (Video downloader) - {77BEC163-D389-42c1-91A4-C758846296A5} - C:\Programme\Video downloader\Extension64.dll ()
O2:64bit: - BHO: (EazelBar Helper) - {FE478DC2-E4AD-4197-8F80-5E456BEBC57F} - C:\Program Files (x86)\EazelBar\Toolbar64.dll ()
O2 - BHO: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Video downloader) - {77BEC163-D389-42c1-91A4-C758846296A5} - C:\Programme\Video downloader\Extension32.dll ()
O2 - BHO: (Startpage24 Browser Helper) - {BBD43808-9D13-4B0B-B023-178FD1FAE442} - C:\ProgramData\Startpage24\Plugin\link64_plugin.dll (Link64 GmbH)
O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Programme\Lexmark Printable Web\bho.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Auto Lyrics) - {DAEB9E85-4694-4F9B-85CB-2F28987872D7} - C:\Program Files (x86)\AutoLyrics\autolrcs.dll (Mansoft Union)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O2 - BHO: (EazelBar Helper) - {FE478DC2-E4AD-4197-8F80-5E456BEBC57F} - C:\Program Files (x86)\EazelBar\Toolbar32.dll ()
O3:64bit: - HKLM\..\Toolbar: (EazelBar) - {EBD839AE-B08C-4fb7-859B-F54AF16C159F} - C:\Program Files (x86)\EazelBar\Toolbar64.dll ()
O3 - HKLM\..\Toolbar: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (EazelBar) - {EBD839AE-B08C-4fb7-859B-F54AF16C159F} - C:\Program Files (x86)\EazelBar\Toolbar32.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll ()
O4:64bit: - HKLM..\Run: [lxduamon] C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduamon.exe ()
O4:64bit: - HKLM..\Run: [lxdumon.exe] C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [Lexmark 5600-6600 Series] C:\Program Files (x86)\Lexmark 5600-6600 Series\fm3032.exe ()
O4 - HKLM..\Run: [MobileConnect] C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [PowerDVD12Agent] C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PowerDVD12DMREngine] C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe (CyberLink)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [BrowserMask] C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe (Microsoft)
O4 - HKCU..\Run: [Driver Pro] C:\Program Files (x86)\Driver Pro\DPLauncher.exe (PC Utilities Pro)
O4 - Startup: C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MultiSkypeLauncher.lnk = C:\Program Files (x86)\MultiSkypeLauncher\MultiSkypeLauncher.exe (IM-history)
O4 - Startup: C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F561} hxxp://download.flatcast.net/objects/NpFv530.dll (Flatcast Viewer 5.3)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1C586592-6EAF-4C19-9872-AF5FFA65C43D}: DhcpNameServer = 139.7.30.126 139.7.30.125
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{46EA0735-FC39-49DE-96DB-6485C85FD43E}: DhcpNameServer = 40.20.1.201 40.20.1.203
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{83C82F9C-609E-4ABC-80F2-5C97022DD01D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CB937A27-6165-4ECF-B9DC-135084409E1F}: DhcpNameServer = 139.7.30.126 139.7.30.125
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\startpage24 - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\startpage24 {879506D7-73DF-8D45-BBDD-123467926D12} - C:\ProgramData\Startpage24\Plugin\link64_plugin.dll (Link64 GmbH)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{021262b5-776e-11e2-be73-38eaa7db6372}\Shell - "" = AutoRun
O33 - MountPoints2\{021262b5-776e-11e2-be73-38eaa7db6372}\Shell\AutoRun\command - "" = "F:\setup_vmc_lite.exe" /checkApplicationPresence
O33 - MountPoints2\{02126400-776e-11e2-be73-38eaa7db6372}\Shell - "" = AutoRun
O33 - MountPoints2\{02126400-776e-11e2-be73-38eaa7db6372}\Shell\AutoRun\command - "" = "F:\setup_vmc_lite.exe" /checkApplicationPresence
O33 - MountPoints2\{021264be-776e-11e2-be73-38eaa7db6372}\Shell - "" = AutoRun
O33 - MountPoints2\{021264be-776e-11e2-be73-38eaa7db6372}\Shell\AutoRun\command - "" = "F:\setup_vmc_lite.exe" /checkApplicationPresence
O33 - MountPoints2\{e7682d96-77a2-11e2-be74-38eaa7db6372}\Shell - "" = AutoRun
O33 - MountPoints2\{e7682d96-77a2-11e2-be74-38eaa7db6372}\Shell\AutoRun\command - "" = "F:\setup_vmc_lite.exe" /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.04.06 14:06:13 | 000,000,000 | ---D | C] -- C:\Users\AMD\Documents\MAGIX Downloads
[2013.04.06 14:06:12 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Roaming\MAGIX
[2013.04.06 14:05:03 | 001,233,920 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4.dll
[2013.04.06 14:05:03 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4r.dll
[2013.04.06 14:05:03 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml4a.dll
[2013.04.06 14:05:02 | 000,487,424 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLAV32.dll
[2013.04.06 14:05:02 | 000,430,080 | ---- | C] (MAGIX AG) -- C:\Windows\SysWow64\MXRestore.exe
[2013.04.06 14:05:02 | 000,188,416 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLRES32.dll
[2013.04.06 14:05:02 | 000,163,840 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLDEV32.dll
[2013.04.06 14:05:02 | 000,151,552 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLDRV32.dll
[2013.04.06 14:05:02 | 000,114,688 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLCDA32.dll
[2013.04.06 14:05:02 | 000,094,208 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLCPY32.dll
[2013.04.06 14:05:02 | 000,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLPTL32.dll
[2013.04.06 14:05:02 | 000,061,440 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLCDF32.dll
[2013.04.06 14:05:02 | 000,057,344 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLTPO32.dll
[2013.04.06 14:05:02 | 000,053,248 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLPRJ32.dll
[2013.04.06 14:05:02 | 000,053,248 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLIO32.dll
[2013.04.06 14:05:02 | 000,049,152 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLPRF32.dll
[2013.04.06 14:05:02 | 000,045,056 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLIMG32.dll
[2013.04.06 14:05:02 | 000,040,960 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLRD32.dll
[2013.04.06 14:05:02 | 000,036,864 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLPNT32.dll
[2013.04.06 14:05:02 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\STRING32.dll
[2013.04.06 14:05:02 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLMSC32.dll
[2013.04.06 14:05:02 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLISO32.dll
[2013.04.06 14:05:02 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLDIR32.dll
[2013.04.06 14:05:02 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\TTIC32.dll
[2013.04.06 14:05:02 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\TTI32.dll
[2013.04.06 14:05:02 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLIX.dll
[2013.04.06 14:04:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
[2013.04.06 14:04:44 | 000,000,000 | ---D | C] -- C:\Users\AMD\Documents\MAGIX_MusicMaker15_for_MySpace
[2013.04.06 14:04:27 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2013.04.06 14:03:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MAGIX
[2013.04.06 14:02:48 | 000,700,416 | ---- | C] (MAGIX AG) -- C:\Windows\SysWow64\mgxoschk.dll
[2013.04.06 14:02:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\MAGIX
[2013.04.04 17:02:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightworks
[2013.04.04 17:02:05 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Local\SafeNet Sentinel
[2013.04.04 17:02:05 | 000,000,000 | ---D | C] -- C:\ProgramData\SafeNet Sentinel
[2013.04.04 17:01:50 | 000,083,072 | ---- | C] (SafeNet Inc.) -- C:\Windows\SysNative\drivers\aksdf.sys
[2013.04.04 17:01:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Aladdin Shared
[2013.04.04 17:01:45 | 004,412,872 | ---- | C] (SafeNet Inc.) -- C:\Windows\SysNative\hasplms.exe
[2013.04.04 17:01:45 | 004,412,872 | ---- | C] (SafeNet Inc.) -- C:\Windows\SysNative\aksllmtp.exe
[2013.04.04 17:01:44 | 000,141,256 | ---- | C] (SafeNet Inc.) -- C:\Windows\SysNative\drivers\aksfridge.sys
[2013.04.04 17:01:40 | 000,323,584 | ---- | C] (SafeNet Inc.) -- C:\Windows\SysNative\drivers\hardlock.sys
[2013.04.04 17:01:29 | 000,198,088 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysWow64\hlvdd.dll
[2013.04.04 17:00:51 | 004,178,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\D3DX9_41.dll
[2013.04.04 17:00:50 | 000,517,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XAudio2_4.dll
[2013.04.04 17:00:45 | 000,022,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\X3DAudio1_6.dll
[2013.04.04 16:59:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lightworks
[2013.04.04 16:51:22 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Roaming\Audacity
[2013.04.04 16:50:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity
[2013.04.04 16:37:10 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Local\HPConnectedMusic
[2013.04.04 16:25:29 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Local\fontconfig
[2013.04.04 16:25:26 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Local\gegl-0.2
[2013.04.04 16:25:26 | 000,000,000 | ---D | C] -- C:\Users\AMD\.gimp-2.8
[2013.04.04 16:22:46 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2013.04.03 19:29:19 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.03.30 18:56:23 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Roaming\MultiSkypeLauncher
[2013.03.30 18:53:16 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MultiSkypeLauncher
[2013.03.30 18:53:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MultiSkypeLauncher
[2013.03.30 14:50:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock
[2013.03.30 14:50:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RocketDock
[2013.03.29 22:21:35 | 000,000,000 | ---D | C] -- C:\Users\AMD\Documents\Youcam
[2013.03.29 20:43:48 | 000,000,000 | ---D | C] -- C:\Program Files\Video downloader
[2013.03.29 01:38:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2013.03.29 01:38:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2013.03.29 01:38:07 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Roaming\DVDVideoSoft
[2013.03.29 01:38:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2013.03.26 20:42:29 | 000,230,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdFilter.sys
[2013.03.26 20:42:28 | 000,035,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdBoot.sys
[2013.03.26 20:14:40 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Westermann Multimedia
[2013.03.26 20:11:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Westermann
[2013.03.25 23:45:49 | 000,000,000 | ---D | C] -- C:\Users\AMD\Documents\German Truck Simulator
[2013.03.25 23:42:33 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\German Truck Simulator
[2013.03.25 23:42:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\German Truck Simulator
[2013.03.25 23:42:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\German Truck Simulator
[2013.03.25 19:01:11 | 000,000,000 | ---D | C] -- C:\Users\AMD\Documents\Abelssoft
[2013.03.25 18:52:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2013.03.25 18:52:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Song Downloader
[2013.03.25 18:52:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YouTube Song Downloader
[2013.03.25 18:07:25 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Roaming\Nico Mak Computing
[2013.03.25 18:07:18 | 000,019,840 | ---- | C] (WinZip Computing, S.L.(WinZip Computing)) -- C:\Windows\SysNative\roboot64.exe
[2013.03.25 18:07:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinZip Registry Optimizer
[2013.03.25 18:05:22 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Roaming\uTorrent
[2013.03.20 00:23:06 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\usb8023.sys
[2013.03.18 13:37:45 | 000,493,056 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\LXDUwupd.dll
[2013.03.18 13:37:45 | 000,019,112 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysNative\LXDUwupd.exe
[2013.03.18 13:37:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 5600-6600 Series
[2013.03.18 13:37:11 | 000,126,976 | ---- | C] (Lexmark International Inc.) -- C:\Windows\SysWow64\lxdulnks.dll
[2013.03.18 13:37:10 | 000,983,121 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\lxdugf.dll
[2013.03.18 13:37:10 | 000,524,288 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxduutil.dll
[2013.03.18 13:37:10 | 000,200,704 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxduinsb.dll
[2013.03.18 13:37:10 | 000,176,128 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxduins.dll
[2013.03.18 13:37:10 | 000,147,456 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxdujswr.dll
[2013.03.18 13:37:10 | 000,114,688 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxduinsr.dll
[2013.03.18 13:37:10 | 000,036,864 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxducur.dll
[2013.03.18 13:37:09 | 000,090,112 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxducub.dll
[2013.03.18 13:37:09 | 000,081,920 | ---- | C] (Lexmark International, Inc.) -- C:\Windows\SysWow64\lxducu.dll
[2013.03.18 13:37:07 | 000,077,906 | ---- | C] (Lexmark International) -- C:\Windows\SysWow64\LXDUcfg.dll
[2013.03.18 13:37:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lexmark 5600-6600 Series
[2013.03.18 13:35:30 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark 5600-6600 Series
[2013.03.18 11:54:17 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Local\ElevatedDiagnostics
[2013.03.18 00:33:16 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark Toolbar
[2013.03.17 23:39:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.03.17 23:37:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.03.17 23:37:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013.03.17 18:52:10 | 010,115,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\twinui.dll
[2013.03.17 18:52:05 | 008,856,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\twinui.dll
[2013.03.17 18:52:00 | 002,302,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013.03.17 18:52:00 | 002,146,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\actxprxy.dll
[2013.03.17 18:52:00 | 002,033,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013.03.17 18:52:00 | 000,069,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\pdc.sys
[2013.03.17 13:39:43 | 003,966,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.03.17 13:39:42 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.03.17 13:39:41 | 000,907,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\uxtheme.dll
[2013.03.17 13:39:41 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.03.17 13:39:41 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.03.17 13:39:41 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.03.17 13:39:40 | 000,854,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.03.17 13:39:40 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.03.17 13:39:40 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\UXInit.dll
[2013.03.17 13:39:40 | 000,050,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.03.17 13:39:40 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\UXInit.dll
[2013.03.17 13:39:40 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.03.17 13:37:47 | 000,468,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MFMediaEngine.dll
[2013.03.17 13:37:47 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MFMediaEngine.dll
[2013.03.17 12:59:11 | 013,643,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.UI.Xaml.dll
[2013.03.17 12:59:09 | 010,792,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.UI.Xaml.dll
[2013.03.17 12:59:07 | 005,977,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013.03.17 12:59:02 | 005,090,816 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013.03.17 12:59:00 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\duser.dll
[2013.03.17 12:59:00 | 000,543,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wlroamextension.dll
[2013.03.17 12:58:58 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WWanAPI.dll
[2013.03.17 12:58:58 | 000,467,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\netprofmsvc.dll
[2013.03.17 12:58:58 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SettingSync.dll
[2013.03.17 12:58:58 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncsi.dll
[2013.03.17 12:58:58 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\Windows.Networking.Connectivity.dll
[2013.03.17 12:58:57 | 000,731,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013.03.17 12:58:57 | 000,446,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\USBHUB3.SYS
[2013.03.17 12:58:57 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wlroamextension.dll
[2013.03.17 12:58:57 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\WWanAPI.dll
[2013.03.17 12:58:57 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SettingSync.dll
[2013.03.17 12:58:57 | 000,329,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\storport.sys
[2013.03.17 12:58:57 | 000,260,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\hotspotauth.dll
[2013.03.17 12:58:57 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\XpsRasterService.dll
[2013.03.17 12:58:57 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mbsmsapi.dll
[2013.03.17 12:58:57 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\Windows.Networking.Connectivity.dll
[2013.03.17 12:58:57 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mbsmsapi.dll
[2013.03.17 12:58:57 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\XpsRasterService.dll
[2013.03.17 12:58:57 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\taskkill.exe
[2013.03.17 12:58:57 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tasklist.exe
[2013.03.17 12:58:57 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\taskkill.exe
[2013.03.17 12:58:57 | 000,061,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\crashdmp.sys
[2013.03.17 12:58:57 | 000,037,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys
[2013.03.17 12:58:56 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wpd_ci.dll
[2013.03.17 12:58:56 | 000,082,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\hidclass.sys
[2013.03.17 12:58:56 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tasklist.exe
[2013.03.17 12:58:53 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlmproxy.dll
[2013.03.17 12:58:53 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\nlmsprep.dll
[2013.03.16 21:29:44 | 001,690,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\GdiPlus.dll
[2013.03.16 21:29:44 | 001,437,184 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\GdiPlus.dll
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.04.12 23:37:00 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4168891922-4078455343-2189293659-1002UA.job
[2013.04.12 23:36:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.12 23:29:54 | 001,949,368 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.12 23:29:54 | 000,830,120 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.04.12 23:29:54 | 000,774,720 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.12 23:29:54 | 000,188,224 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.04.12 23:29:54 | 000,158,234 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.12 23:25:57 | 000,000,402 | ---- | M] () -- C:\Windows\tasks\Auto Lyrics Update.job
[2013.04.12 23:23:56 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.12 23:21:54 | 000,344,208 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.12 23:21:36 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.04.12 23:21:03 | 2981,527,552 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.12 23:18:16 | 000,000,158 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013.04.12 23:16:58 | 000,002,668 | ---- | M] () -- C:\Users\AMD\Desktop\Google Chrome.lnk
[2013.04.12 23:15:00 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\WpsUpdateTask_AMD.job
[2013.04.11 19:37:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4168891922-4078455343-2189293659-1002Core.job
[2013.04.06 14:05:11 | 000,007,119 | ---- | M] () -- C:\Windows\mgxoschk.ini
[2013.04.04 19:42:02 | 000,001,477 | ---- | M] () -- C:\Users\AMD\AppData\Local\recently-used.xbel
[2013.03.30 18:53:17 | 000,001,189 | ---- | M] () -- C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MultiSkypeLauncher.lnk
[2013.03.18 13:40:27 | 000,182,891 | ---- | M] () -- C:\Windows\SysNative\LexFiles.ulf
[2013.03.18 13:38:54 | 000,001,104 | ---- | M] () -- C:\Users\Public\Desktop\Lexmark Productivity Studio - 5600-6600 Series.LNK
[2013.03.18 00:39:36 | 000,000,649 | ---- | M] () -- C:\ProgramData\cl1578181498.xml
[2013.03.17 21:38:14 | 000,014,127 | ---- | M] () -- C:\Users\AMD\Documents\untitled_1.odt
[2013.03.17 21:38:14 | 000,011,558 | ---- | M] () -- C:\Users\AMD\Documents\untitled_0_1.odt
[2013.03.14 23:45:37 | 000,074,682 | ---- | M] () -- C:\Users\AMD\Documents\Krankheitsbestätigung.pdf
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.04.12 23:17:54 | 000,000,158 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013.04.10 11:42:11 | 000,002,619 | ---- | C] () -- C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
[2013.04.06 14:05:02 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll
[2013.04.06 14:05:02 | 000,014,182 | ---- | C] () -- C:\Windows\SysWow64\DLLAV32.lib
[2013.04.06 14:03:30 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2013.04.06 14:02:48 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2013.04.04 19:42:02 | 000,001,477 | ---- | C] () -- C:\Users\AMD\AppData\Local\recently-used.xbel
[2013.04.04 16:50:53 | 000,001,023 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2013.04.03 19:29:19 | 000,002,668 | ---- | C] () -- C:\Users\AMD\Desktop\Google Chrome.lnk
[2013.04.03 19:27:32 | 000,001,118 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4168891922-4078455343-2189293659-1002UA.job
[2013.04.03 19:27:30 | 000,001,066 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4168891922-4078455343-2189293659-1002Core.job
[2013.03.30 18:53:16 | 000,001,189 | ---- | C] () -- C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MultiSkypeLauncher.lnk
[2013.03.29 20:52:43 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.24 20:01:10 | 000,344,208 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.03.18 13:38:54 | 000,001,104 | ---- | C] () -- C:\Users\Public\Desktop\Lexmark Productivity Studio - 5600-6600 Series.LNK
[2013.03.18 13:37:52 | 000,000,044 | ---- | C] () -- C:\Windows\SysNative\lxdurwrd.ini
[2013.03.18 13:37:11 | 000,389,120 | ---- | C] () -- C:\Windows\SysWow64\LXDUinst.dll
[2013.03.18 13:37:11 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduinpa.dll
[2013.03.18 13:37:11 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduiesc.dll
[2013.03.18 13:37:11 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\lxducomx.dll
[2013.03.18 13:37:10 | 000,651,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdupmui.dll
[2013.03.18 13:37:09 | 001,069,056 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduserv.dll
[2013.03.18 13:37:09 | 000,851,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduusb1.dll
[2013.03.18 13:37:09 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdulmpm.dll
[2013.03.18 13:37:08 | 000,765,952 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducomc.dll
[2013.03.18 13:37:08 | 000,679,936 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduhbn3.dll
[2013.03.18 13:37:08 | 000,594,600 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducoms.exe
[2013.03.18 13:37:08 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducomm.dll
[2013.03.18 13:37:08 | 000,369,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducfg.exe
[2013.03.18 13:37:08 | 000,328,360 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduih.exe
[2013.03.18 13:37:07 | 000,680,960 | ---- | C] ( ) -- C:\Windows\SysNative\LXDUhcp.dll
[2013.03.18 13:37:07 | 000,594,432 | ---- | C] () -- C:\Windows\SysNative\LXDUinst.dll
[2013.03.18 13:37:07 | 000,001,867 | ---- | C] () -- C:\Windows\SysWow64\lxdu.loc
[2013.03.18 13:36:56 | 000,182,891 | ---- | C] () -- C:\Windows\SysNative\LexFiles.ulf
[2013.03.18 11:59:57 | 000,300,032 | ---- | C] () -- C:\Windows\SysNative\lxdugrd.dll
[2013.03.18 11:59:36 | 000,521,216 | ---- | C] ( ) -- C:\Windows\SysNative\lxduih.exe
[2013.03.18 11:59:35 | 001,661,952 | ---- | C] ( ) -- C:\Windows\SysNative\lxduserv.dll
[2013.03.18 11:59:35 | 001,338,368 | ---- | C] ( ) -- C:\Windows\SysNative\lxduusb1.dll
[2013.03.18 11:59:35 | 001,291,264 | ---- | C] ( ) -- C:\Windows\SysNative\lxducomc.dll
[2013.03.18 11:59:35 | 001,039,360 | ---- | C] ( ) -- C:\Windows\SysNative\lxducoms.exe
[2013.03.18 11:59:35 | 000,987,648 | ---- | C] ( ) -- C:\Windows\SysNative\lxdupmui.dll
[2013.03.18 11:59:35 | 000,897,024 | ---- | C] ( ) -- C:\Windows\SysNative\lxdulmpm.dll
[2013.03.18 11:59:35 | 000,580,608 | ---- | C] ( ) -- C:\Windows\SysNative\lxducomm.dll
[2013.03.18 11:59:35 | 000,548,352 | ---- | C] ( ) -- C:\Windows\SysNative\lxduinpa.dll
[2013.03.18 11:59:35 | 000,513,024 | ---- | C] ( ) -- C:\Windows\SysNative\lxduiesc.dll
[2013.03.18 11:59:34 | 001,091,584 | ---- | C] ( ) -- C:\Windows\SysNative\lxduhbn3.dll
[2013.03.18 11:59:34 | 000,610,304 | ---- | C] ( ) -- C:\Windows\SysNative\lxducfg.exe
[2013.03.18 00:39:36 | 000,000,649 | ---- | C] () -- C:\ProgramData\cl1578181498.xml
[2013.03.17 22:32:46 | 000,014,127 | ---- | C] () -- C:\Users\AMD\Documents\untitled_1.odt
[2013.03.17 22:32:46 | 000,011,558 | ---- | C] () -- C:\Users\AMD\Documents\untitled_0_1.odt
[2013.03.14 23:45:36 | 000,074,682 | ---- | C] () -- C:\Users\AMD\Documents\Krankheitsbestätigung.pdf
[2013.02.24 21:51:46 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013.02.17 18:17:07 | 001,036,288 | ---- | C] () -- C:\Windows\SysWow64\lxdudrs.dll
[2013.02.17 18:17:07 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\lxducaps.dll
[2013.02.17 18:10:15 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\lxducnv4.dll
[2013.02.15 21:58:21 | 000,000,306 | RHS- | C] () -- C:\Users\AMD\ntuser.pol
[2012.08.24 12:24:47 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.08.09 08:10:22 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.08.09 08:10:22 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.08.04 00:40:09 | 000,916,510 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012.07.25 22:22:54 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2012.07.25 22:22:54 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2012.07.25 22:22:54 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2012.05.10 17:35:16 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011.09.13 16:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009.06.16 14:25:02 | 000,121,512 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
 
========== ZeroAccess Check ==========
 
[2012.08.24 12:49:27 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.01.10 01:23:07 | 019,791,360 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.01.10 01:26:23 | 017,560,576 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:373E1720

< End of report >
         
--- --- ---


Alt 13.04.2013, 00:15   #6
Daten
 
Snap.do entfernen. Ich finde keine Lösungen! - Standard

Snap.do entfernen. Ich finde keine Lösungen!



OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 12.04.2013 23:39:25 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\AMD\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16519)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,47 Gb Total Physical Memory | 1,86 Gb Available Physical Memory | 53,54% Memory free
4,10 Gb Paging File | 2,32 Gb Available in Paging File | 56,63% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448,57 Gb Total Space | 398,54 Gb Free Space | 88,85% Space Free | Partition Type: NTFS
Drive D: | 16,42 Gb Total Space | 2,10 Gb Free Space | 12,81% Space Free | Partition Type: NTFS
 
Computer Name: HP | User Name: AMD | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1A9D9098-E9FC-42BE-AE80-2C2F7A695983}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{358CB21A-DD59-4A0C-8F07-FC0D1C1F6833}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{47D301DE-8E3D-46F0-947F-6D3AD7583B63}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{4D6CB209-1CC4-46EE-9394-95B9BB5990A4}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{5924B4A9-9450-42AB-B509-AF692C73FF3F}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{6BD8D55F-4F68-40F6-92D0-85C1F82E5F1C}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{751BD699-8F96-47E5-B1E7-9454C109755D}" = lport=138 | protocol=17 | dir=in | app=system | 
"{80AB5E7E-B71B-465E-B164-D8B6CD4C4213}" = rport=138 | protocol=17 | dir=out | app=system | 
"{82A43C92-A2AF-456E-9D41-3E96287FC32B}" = lport=137 | protocol=17 | dir=in | app=system | 
"{85F6AA74-4970-4A54-B8F7-69B3B612E658}" = rport=139 | protocol=6 | dir=out | app=system | 
"{8BB2C1F9-4F82-4AF1-A905-5645BDF67CA0}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{9A13F1E1-77D0-4C4E-A4C0-4F99FD8DEEF1}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{9CCC895A-2293-4D45-BC5F-4799F92A6A99}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{A01AC305-9D87-4906-B7A2-EA8AFD421132}" = lport=139 | protocol=6 | dir=in | app=system | 
"{A6DD4156-14B5-4349-A15E-3863E0D1A6D6}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{AA66789E-22E6-4515-A097-EA1B270371EF}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{B1DBD610-9440-4500-B702-8D144AC5EE94}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{E33318E7-D2F9-4465-AB84-774FC1C80C5E}" = rport=137 | protocol=17 | dir=out | app=system | 
"{E7DA2E4E-CF7B-4763-A1D3-599FB3158B2F}" = rport=445 | protocol=6 | dir=out | app=system | 
"{EE2DC825-357A-4EA7-BF6C-24EF7AA73071}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{F030E18A-04F6-4EDF-9298-96DA3111AE4B}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{F0FE342A-8EB2-4F9C-B5A1-AFA276BF2F9C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{F9FED3E2-F53B-405F-A83F-FA6B97B24957}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{FB26D492-2165-41DC-BF63-FA04354D99B0}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{FF47E97B-86B4-4838-843D-EB3BFD33F395}" = lport=445 | protocol=6 | dir=in | app=system | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{02386611-BB52-4C58-81B2-9BB24E36D59D}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} | 
"{02D511CE-20A8-4CFA-BB6C-A4EB1DA97F28}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{03161487-D29E-4448-A221-E62669E658AC}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{0A32D0BC-1A7E-459E-AAF2-36635BB8E238}" = protocol=6 | dir=in | app=c:\program files (x86)\msn messenger\msnmsgr.exe | 
"{0CA855D2-4305-48A5-86DF-A46C89B72D5E}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{0D8078B2-191E-41AE-A27F-C5EEDE1EE036}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\movie\powerdvd cinema\powerdvdcinema12.exe | 
"{11C20CAF-4835-4D4F-974D-0BC8C9515C2D}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12agent.exe | 
"{191487FE-D290-4C6D-BE29-896BB8402A76}" = dir=out | name=windows_ie_ac_001 | 
"{1C63C70D-5675-43BB-BD8A-13E2202073E6}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 5600-6600 series\lxdufax.exe | 
"{20738497-B654-4833-B977-C81DC0B77AD6}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{24162DA9-B9F2-48EB-9A91-FC03C8C4921D}" = dir=out | name=skype | 
"{2B521CA3-C6B4-4803-B67F-1B4C710C3F00}" = dir=in | name=kindle | 
"{31E172E5-BC35-449A-8945-6FD05FD51D64}" = dir=in | name=ebay | 
"{39F5E7DA-D488-400D-A317-86F17A98920E}" = dir=in | app=c:\windows\system32\hasplms.exe | 
"{3AC048E4-5970-4692-A66F-25399D92328D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{3E70A288-C93E-4468-A4BE-A2C825258300}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} | 
"{41FBF5BF-D2CD-4484-9F58-1525040227E6}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxducoms.exe | 
"{4400F7C6-D2CA-4D90-A60D-7B2977A0D47F}" = dir=in | app=c:\users\amd\appdata\local\microsoft\skydrive\skydrive.exe | 
"{44B30E23-87C1-41F7-AB0A-47DC0066691C}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} | 
"{45A916A4-F8FB-4487-B0E9-D796D483F556}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12.exe | 
"{462F99F1-D7C0-4E1A-9D96-B2F30497F76C}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{4661DB78-26DE-43CE-9C38-BC7287A25C87}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{4670F6A8-5581-4A2F-8B08-CAC9AB68F7A2}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxducoms.exe | 
"{47CA98EE-6317-4519-95C2-091977802F5F}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{4DBAF439-F67E-4963-8A74-937118BA099E}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dmr\powerdvd12dmrengine.exe | 
"{522F33DA-7785-482C-874E-68EC384E73E8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{541A36C5-FE63-42C3-9D2E-0B0285A8E501}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} | 
"{56C137EA-F1D0-4275-95A6-C77ED8D1C819}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} | 
"{5770A021-6299-4D4E-9D62-D1A9F1FC3B1F}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} | 
"{586CF18A-7338-409E-B2E0-154005FC6FF8}" = dir=out | name=hp registration | 
"{5B37932A-5F45-4FB1-969A-1F9B34146B86}" = dir=out | name=hp connected photo powered by snapfish | 
"{5B6E46CA-D45D-454C-B504-E6EBA84E9757}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 5600-6600 series\lxduamon.exe | 
"{60382E62-3F7F-42EF-A530-7D900BA03523}" = protocol=17 | dir=in | app=c:\program files (x86)\msn messenger\msnmsgr.exe | 
"{6757693A-E0CD-4E33-B562-D61322BFD585}" = protocol=17 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdupswx.exe | 
"{68263388-1E77-4D7E-AEDA-C641DF550C30}" = protocol=6 | dir=in | app=c:\program files (x86)\msn messenger\msnmsgr.exe | 
"{68751FDE-1BB0-495A-B7A3-4250AC3719AB}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} | 
"{69006A16-FCBC-45ED-A653-64E1DC87ADBF}" = protocol=17 | dir=in | app=c:\program files (x86)\msn messenger\msnmsgr.exe | 
"{6AC75E96-7961-4F97-A157-DB4BB00B4DE5}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 5600-6600 series\lxdufax.exe | 
"{6C4C1563-FFB4-4F07-BF04-77870DE629BD}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{6CE3098B-8C03-46B5-917A-7C306E7552C7}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\kernel\dms\clmsserverpdvd12.exe | 
"{6E8A0F94-5EF7-4D16-87D8-3552CB119699}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} | 
"{6EAD3CB5-DAE2-4ECD-A5F8-FFE5FA608B2B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{6EB9AB67-37F5-4F6A-8BB7-CCA51DAF1983}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{722922C7-A344-4CED-B29A-730B27C199A7}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} | 
"{7B434BDC-BB1C-4E57-932C-A8601C19B3B6}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{7C32113B-96D7-4C6B-8F47-E6B6CF02A8D6}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{7D165BFA-E7D1-41FB-B29A-A38EB6A5C2CF}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 
"{7E56A8E7-A2DE-4A4B-BE95-DFF2A0D9A4F4}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} | 
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{81C0D551-6493-446E-A9F3-20340A14F480}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe | 
"{89C2093D-606B-444E-8807-95A19F62750F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{8D0A1E8F-5C85-4E4C-A35C-B13A45A4A7FC}" = protocol=6 | dir=in | app=c:\program files (x86)\lexmark 5600-6600 series\frun.exe | 
"{90CEE412-7AE4-48D7-B8E4-476184931B18}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{92A0DC8B-EF26-44FF-A622-FCD327EE8068}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{945390AF-4A20-410B-9EAA-9A1E8E236A79}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{9827D4F6-6F5C-4950-AD53-552107ABA5B4}" = dir=in | app=c:\program files (x86)\skypewebplugin\skypewebplugin.exe | 
"{A1FFBD94-BCD1-4E11-951A-94A1AE906B4F}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{A31ABFCA-3A20-42BF-86D1-95E657662735}" = dir=out | name=norton studio | 
"{A3662C8C-B742-40FE-8706-C0CBA96B002E}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} | 
"{A3CAC52A-EF6F-4741-A359-E7F2D97D257D}" = dir=out | name=kindle | 
"{A4513009-10CD-4D4C-8555-437C9CEA565C}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 5600-6600 series\frun.exe | 
"{A98CB131-D708-4CC4-BB1A-4E25C8759F24}" = protocol=6 | dir=in | app=c:\program files (x86)\msn messenger\msnmsgr.exe | 
"{AE3C4B14-68FB-402D-B18C-C980F8395020}" = protocol=6 | dir=out | app=system | 
"{AFD26D94-B68A-49BE-B76F-EBA1CAAD6D5A}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{B9B95AF7-8383-4068-8C38-8DBA56859D20}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} | 
"{B9E82FA9-6B23-425F-A46F-F775B943EF27}" = dir=out | name=getting started with windows 8 | 
"{BA8C0997-D6F7-497C-B7D0-7163046AEAEE}" = protocol=6 | dir=in | app=c:\windows\system32\lxducoms.exe | 
"{BACC3EFF-09C0-4C47-AD57-8293978D1B1C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{BB04132A-56F3-49EA-B0D3-6A3AD35B085A}" = protocol=6 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe | 
"{BEC1EDA2-F3C1-4432-A66C-0BD30766FDEB}C:\Program Files (x86)\BrowserProtect\proxy\myProxy.exe" = protocol=6 | dir=in | app=c:\program files (x86)\browserprotect\proxy\myproxy.exe | 
"{C4CE7621-D451-4E2B-9282-081A8DAF9609}" = dir=out | name=ebay | 
"{CE1268B2-BE3F-4B90-BCDE-02E30FD272BA}" = protocol=17 | dir=in | app=c:\program files (x86)\lexmark 5600-6600 series\lxduamon.exe | 
"{D04D52CB-80DE-400B-8F96-5D1741AB9DD7}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} | 
"{D4A7FF9B-9479-4975-B753-39BAC4A75EE5}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{DA21575C-6C42-4155-9B03-DDCBEBEF0B3B}" = protocol=17 | dir=in | app=c:\windows\system32\lxducoms.exe | 
"{DED9711B-C01A-4C84-B783-B25AF1CFE396}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{E024CF18-093A-486B-B80B-65B0C59793C1}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe | 
"{E3592848-13FC-4DE4-B9A8-5E304C203E35}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{E49893B3-0B6F-4376-9D8E-A2592AA59893}" = protocol=6 | dir=in | app=c:\windows\system32\spool\drivers\x64\3\lxdupswx.exe | 
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} | 
"{E7DF2A35-2595-4E62-BF26-B4BE1EB3A688}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} | 
"{F0F50457-F05E-47AC-92CB-0104B3E1690F}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 
"{F7C2424D-BCDB-460A-A02B-5F96C1F8AF2A}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd12\powerdvd12ml.exe | 
"{F99F29B0-3023-4D38-8312-D13FF366AA30}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} | 
"{FA587081-7117-48D1-8FD9-C9BD70E04A66}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{FB0609D1-7D20-4B87-8E8F-185F503BACE3}" = protocol=17 | dir=in | app=c:\program files (x86)\msn messenger\msnmsgr.exe | 
"{FDBD956D-0F67-49EB-ABC6-E580F25BE25A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{FE8E24DC-B463-4789-8607-A4BA8404AFE7}" = protocol=17 | dir=in | app=c:\program files (x86)\abbyy finereader 6.0 sprint\scan\scanman6.exe | 
"{FFB8311E-EB27-4A2F-BFB7-D7BE938FD174}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"TCP Query User{4090D77F-CD98-4419-B5AB-82C2F0928D05}C:\program files (x86)\browserprotect\proxy\myproxy.exe" = protocol=6 | dir=in | app=c:\program files (x86)\browserprotect\proxy\myproxy.exe | 
"UDP Query User{7FB512B7-079C-493F-B690-90F9B85B1EE2}C:\program files (x86)\browserprotect\proxy\myproxy.exe" = protocol=17 | dir=in | app=c:\program files (x86)\browserprotect\proxy\myproxy.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08F2724F-3B6A-91BD-E63F-1B9F8463D097}" = AMD Accelerated Video Transcoding
"{0FA995CC-C849-4755-B14B-5404CC75DC24}" = Energy Star
"{14D155F8-40FC-F843-30C6-8776BF5CEBAA}" = AMD Fuel
"{260090FD-0FA6-46A2-A19F-A566FDC401E8}" = Aero QLaunch Pro
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}" = HP Postscript Converter
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{77BEC163-D389-42c1-91A4-C758846296A5}_is1" = Video downloader 2.0.0.430
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A257DDD7-AFD4-ABEA-0F67-9C3930091B19}" = ccc-utility64
"{D01E0B82-7D6E-F9AC-9A7D-C6076264F419}" = AMD Catalyst Install Manager
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319
"{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}" = HP Registration Service
"{E7EB0FFE-B5E3-4163-A2A1-DD329380664A}" = HP 3D DriveGuard
"{E9EED4AE-682B-4501-9574-D09A21717599}_is1" = AMD Quick Stream
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{F6822EFD-3F7D-4B35-8845-757A26AEC8E2}" = Windows Live MIME IFilter
"Blender" = Blender
"GIMP-2_is1" = GIMP 2.8.4
"Lexmark 5600-6600 Series" = Lexmark 5600-6600 Series
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{097CB5A1-D19E-F62A-6400-91DBF8D97B17}" = CCC Help Turkish
"{0C57987A-A03A-4B95-A309-D23F78F406CA}" = HP Utility Center
"{0DCCD5F4-29E7-4AA0-8C1D-F8E1503B91F4}" = Catalyst Control Center - Branding
"{0EF2A1AF-6F24-FD4B-3140-3656CC9A6BEC}" = CCC Help Italian
"{1017A80C-6F09-4548-A84D-EDD6AC9525F0}" = Lexmark Symbolleiste
"{11230C68-9248-D3B8-A0C5-0461D8C0691E}" = CCC Help Dutch
"{15F3A6F5-06AE-4332-AE3E-21CD0416827A}" = Windows Live Mail
"{16B7BDA1-B967-4D2D-8B27-E12727C28350}" = HP CoolSense
"{18DE31AE-70D0-43A7-9E3C-2ED7283ECE8A}" = HP Documentation
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1
"{29A6A747-07ED-DB5E-AD38-5F66B06E8888}" = CCC Help Russian
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{2BE3A1BC-D155-1D32-9080-685C54689C34}" = CCC Help Korean
"{2F413B34-8C18-328C-E68C-0332AB527CFF}" = CCC Help Czech
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{3C3DCD2B-6FC7-41BF-BB80-40A936E1A785}" = Windows Live Writer
"{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie
"{3D062C86-0CCA-8F10-A575-3564BD50372C}" = Catalyst Control Center Graphics Previews Common
"{3E2D81D1-5FEE-6E90-2E0C-B8C15F05237A}" = CCC Help Norwegian
"{400C31E4-796F-4E86-8FDC-C3C4FACC6847}" = Junk Mail filter update
"{4281435C-AD1D-4C8A-B9C0-3961C11EF142}_is1" = YouTube Song Downloader
"{449CE12D-E2C7-4B97-B19E-55D163EA9435}" = Bing Bar
"{46037DC7-F927-46DF-935F-D6F122BDD34B}_is1" = Connected Music powered by Universal Music Group version 1.0
"{47B3FDA1-E7F2-D3C3-0970-B9916C5530F3}" = AMD VISION Engine Control Center
"{4862344A-A39C-4897-ACD4-A1BED5163C5A}" = CyberLink PhotoDirector
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.2
"{4ED7050C-9332-4FB2-AB07-E94F25A53D39}" = HP Quick Launch
"{528AB81B-D65A-4AB0-A2B6-82B51A087D01}" = HP Recovery Manager
"{5CBA9A98-4CAE-92DC-4662-A77268EE1D04}" = CCC Help English
"{5F1C0CF4-49C6-B096-0F72-AA2C319BBEE0}" = CCC Help German
"{608FB285-F572-48DE-AE44-28ABFF3F6BF9}" = Internet Turbo
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{650AA9FB-CA49-A284-8E13-F3732CC20D9A}" = Catalyst Control Center Localization All
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6DF0DAF1-BED0-F5BB-B96E-10AA15DF65E7}" = CCC Help Swedish
"{6F03FF16-24BF-4887-9EBA-280CF7657A54}" = COMPUTERBILD-Abzockschutz
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.0.0
"{70854FE6-3BF1-4C69-94D0-BEB821102E34}" = Windows Live Mail
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73AD6CBA-D50D-F30C-E579-14389FF41D1D}" = Catalyst Control Center InstallProxy
"{745A24D1-CFF4-45BA-8690-2AD15DA790C4}" = Skype Web Plugin
"{79A64F98-1796-4FA2-B5FF-C90F83D8BACD}" = Vodafone Mobile Connect Lite
"{7AF962CF-7018-C589-8439-EA7C9F2FA200}" = CCC Help Danish
"{7BB80D45-4024-2E0C-FC0D-45A319CD3F99}" = CCC Help Thai
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8913AC02-67B8-4B52-91B2-BBA7B9C265B5}" = Windows Live Writer Resources
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{941DE69D-6CEE-4171-8F1F-3D7E352AA498}" = HP Wireless Button Driver
"{94BB4B4F-BD6D-4166-A580-F868C8384CA6}" = HP Software Framework
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office
"{95A762D1-99E7-F428-99B3-E3CC636C48D9}" = CCC Help Hungarian
"{96DAE3D0-5008-F1FC-186D-0B364071C98C}" = CCC Help French
"{97C79BEC-43F7-4BD8-A6A7-85C0257E488A}" = Windows Live Writer
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B42457E-3781-7293-5643-C722BA43397E}" = CCC Help Greek
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E2BCF78-EDAD-A8BC-123D-10E0D9234753}" = CCC Help Chinese Traditional
"{9FEDC691-A307-D525-7D71-EDB97240CFF3}" = CCC Help Chinese Standard
"{AB1F1677-926B-894A-A890-56A3FCD9794B}" = CCC Help Finnish
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{ACC5984D-6859-874C-B939-058DED2692FA}" = CCC Help Portuguese
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AE364ACC-B9DF-466B-B4EA-AEECD0CD581E}" = Windows Live Messenger
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{B8019B54-F9BE-490A-9619-6D06F18F129F}" = HP Support Assistant
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C3A32068-8AB1-4327-BB16-BED9C6219DC7}" = Qualcomm Atheros Driver Installation Program
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C458E818-0B4F-C961-AFDF-29F172EE5A1B}" = CCC Help Spanish
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D2C146B1-948D-47EF-8387-5D1C6B980F7C}" = Windows Live Writer
"{D2C5E510-BE6D-42CC-9F61-E4F939078474}" = Lexmark 
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E175B925-538F-6D69-A9C9-4D0699648752}" = CCC Help Japanese
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E46BF405-4ADF-36F4-A0EA-EF4CDF1A21E6}" = CCC Help Polish
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F2235E5E-7881-4293-9B6F-04B2609FBFF0}" = Windows Live Messenger
"{F78B5B4F-075A-4C81-AA27-E707861EB5B7}_is1" = AntiBrowserSpy
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Ashampoo Burning Studio 2013_is1" = Ashampoo Burning Studio 2013 v.11.0.5
"Audacity_is1" = Audacity 2.0.3
"autolyrics@man-soft.net" = Auto Lyrics
"BrowserProtect" = BrowserProtect
"Driver Pro_is1" = Driver Pro v3.0
"EazelBar" = EazelBar
"Firebird SQL Server D" = Firebird SQL Server - MAGIX Edition
"Free Audio Converter_is1" = Free Audio Converter version 5.0.23.320
"German Truck Simulator" = German Truck Simulator 1.00
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}" = CyberLink PhotoDirector
"InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" = CyberLink PowerDVD 12
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"Kingsoft Office" = Kingsoft Office 2012 (8.1.0.3333)
"KLiteCodecPack_is1" = K-Lite Codec Pack 6.0.4 (Basic)
"MAGIX Music Maker for MySpace D" = MAGIX Music Maker for MySpace 15.0.1.8 (D)
"MultiSkypeLauncher" = MultiSkypeLauncher (remove only)
"NIS" = Norton Internet Security
"RocketDock_is1" = RocketDock 1.3.5
"SoftwareUpdater" = SoftwareUpdater
"StartHPConnectedMusic" = HP Connected Music (Meridian - installer)
"Startpage24" = Startpage24
"WinLiveSuite" = Windows Live Essentials
 
========== HKEY_CURRENT_USER Uninstall List ==========
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79c60d07-63bb-40e2-8e4c-572f350a3cac}" = Internet Turbo Engine
"Google Chrome" = Google Chrome
"HPConnectedMusic" = HP Connected Music (Meridian - player)
"Karibu1" = Westermann Karibu 1
"SkyDriveSetup.exe" = Microsoft SkyDrive
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 08.04.2013 15:40:19 | Computer Name = HP | Source = ATIeRecord | ID = 16391
Description = ATI EEU maximum number of session has been surpassed
 
Error - 08.04.2013 15:40:24 | Computer Name = HP | Source = ATIeRecord | ID = 16391
Description = ATI EEU maximum number of session has been surpassed
 
Error - 08.04.2013 15:40:24 | Computer Name = HP | Source = ATIeRecord | ID = 16391
Description = ATI EEU maximum number of session has been surpassed
 
Error - 08.04.2013 15:40:25 | Computer Name = HP | Source = ATIeRecord | ID = 16391
Description = ATI EEU maximum number of session has been surpassed
 
Error - 08.04.2013 15:40:41 | Computer Name = HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
 
Error - 08.04.2013 15:40:41 | Computer Name = HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 15631
 
Error - 08.04.2013 15:40:41 | Computer Name = HP | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 15631
 
Error - 08.04.2013 23:35:59 | Computer Name = HP | Source = ATIeRecord | ID = 16391
Description = ATI EEU maximum number of session has been surpassed
 
Error - 08.04.2013 23:36:08 | Computer Name = HP | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: tbhcn.exe, Version: 1.0.0.9, Zeitstempel:
 0x5121f458  Name des fehlerhaften Moduls: ntdll.dll, Version: 6.2.9200.16420, Zeitstempel:
 0x505aaa82  Ausnahmecode: 0xc0000374  Fehleroffset: 0x000da94f  ID des fehlerhaften Prozesses:
 0x1e4  Startzeit der fehlerhaften Anwendung: 0x01ce34d35a111cad  Pfad der fehlerhaften
 Anwendung: C:\ProgramData\GinyasBrowserCompanion\tbhcn.exe  Pfad des fehlerhaften
 Moduls: C:\Windows\SYSTEM32\ntdll.dll  Berichtskennung: 9d5b6fa5-a0c6-11e2-be89-38eaa7db6372
Vollständiger
 Name des fehlerhaften Pakets:   Anwendungs-ID, die relativ zum fehlerhaften Paket
 ist: 
 
Error - 08.04.2013 23:38:43 | Computer Name = HP | Source = MsiInstaller | ID = 10005
Description = 
 
[ System Events ]
Error - 24.03.2013 11:24:30 | Computer Name = HP | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
 von Dienst hpqwmiex erreicht.
 
Error - 24.03.2013 14:02:22 | Computer Name = HP | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 lxduCATSCustConnectService erreicht.
 
Error - 24.03.2013 14:02:22 | Computer Name = HP | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lxduCATSCustConnectService" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 25.03.2013 12:32:54 | Computer Name = HP | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 lxduCATSCustConnectService erreicht.
 
Error - 25.03.2013 12:32:54 | Computer Name = HP | Source = Service Control Manager | ID = 7000
Description = Der Dienst "lxduCATSCustConnectService" wurde aufgrund folgenden Fehlers
 nicht gestartet:   %%1053
 
Error - 25.03.2013 12:33:39 | Computer Name = HP | Source = DCOM | ID = 10016
Description = 
 
Error - 25.03.2013 12:33:39 | Computer Name = HP | Source = DCOM | ID = 10016
Description = 
 
Error - 28.03.2013 19:40:42 | Computer Name = HP | Source = DCOM | ID = 10010
Description = 
 
Error - 29.03.2013 09:39:52 | Computer Name = HP | Source = DCOM | ID = 10010
Description = 
 
Error - 29.03.2013 09:40:49 | Computer Name = HP | Source = DCOM | ID = 10010
Description = 
 
 
< End of report >
         
--- --- ---


Darf ich die Programme jetzt schließen? Soll auf irgendetwas achten?

Alt 13.04.2013, 00:28   #7
aharonov
/// TB-Ausbilder
 
Snap.do entfernen. Ich finde keine Lösungen! - Standard

Snap.do entfernen. Ich finde keine Lösungen!



Hallo,

ja, den AdwCleaner und OTL kannst du schliessen. Wir sind aber noch nicht ganz fertig.
Siehst du noch irgendwo etwas von snap.do?


Schritt 1

Lade SystemLook (von jpshortstuff) herunter und speichere das Tool auf dem Desktop.
  • Doppelklicke auf die SystemLook_x64.exe, um das Tool zu starten.
    Vista und Win7 User: Rechtsklick und "als Administrator starten".
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

    Code:
    ATTFilter
    :filefind
    *eazel*
    
    :folderfind
    *eazel*
    
    :regfind
    eazel
             
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen. Poste diese in deinen Thread.
  • Das Log-File wird auch auf dem Desktop als SystemLook.txt gespeichert.



Bitte poste in deiner nächsten Antwort:
  • Log von SystemLook
__________________
cheers,
Leo

Alt 13.04.2013, 01:05   #8
Daten
 
Snap.do entfernen. Ich finde keine Lösungen! - Standard

Snap.do entfernen. Ich finde keine Lösungen!



Ja, ich sehe Snap.do. Wenn ich einen neuen Tab öffne, sieht man oben snap.do. Mit Rechtsklick kann man das löschen, obs aber dann ganz weggeht? Soll ich es löschen?

Alt 13.04.2013, 01:11   #9
aharonov
/// TB-Ausbilder
 
Snap.do entfernen. Ich finde keine Lösungen! - Standard

Snap.do entfernen. Ich finde keine Lösungen!



In welchem Browser? Im Chrome?
Mach bitte auch noch den obigen Scan, der geht schnell.
__________________
cheers,
Leo

Alt 13.04.2013, 01:16   #10
Daten
 
Snap.do entfernen. Ich finde keine Lösungen! - Standard

Snap.do entfernen. Ich finde keine Lösungen!



SystemLook 30.07.11 by jpshortstuff
Log created at 01:07 on 13/04/2013 by AMD
Administrator - Elevation successful

========== filefind ==========

Searching for "*eazel*"
No files found.

========== folderfind ==========

Searching for "*eazel*"
C:\Program Files (x86)\EazelBar d------ [17:11 18/02/2013]

========== regfind ==========

Searching for "eazel"
[HKEY_CURRENT_USER\Software\EazelBar]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBD839AE-B08C-4fb7-859B-F54AF16C159F}]
@="EazelBar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBD839AE-B08C-4fb7-859B-F54AF16C159F}\InprocServer32]
@="C:\Program Files (x86)\EazelBar\Toolbar64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EE4282F6-CA16-4ba9-BC8C-197F1D07E426}\InprocServer32]
@="C:\Program Files (x86)\EazelBar\Toolbar64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE478DC2-E4AD-4197-8F80-5E456BEBC57F}]
@="EazelBar Helper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE478DC2-E4AD-4197-8F80-5E456BEBC57F}\InprocServer32]
@="C:\Program Files (x86)\EazelBar\Toolbar64.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{EBD839AE-B08C-4fb7-859B-F54AF16C159F}]
@="EazelBar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{EBD839AE-B08C-4fb7-859B-F54AF16C159F}\InprocServer32]
@="C:\Program Files (x86)\EazelBar\Toolbar32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{EE4282F6-CA16-4ba9-BC8C-197F1D07E426}\InprocServer32]
@="C:\Program Files (x86)\EazelBar\Toolbar32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{FE478DC2-E4AD-4197-8F80-5E456BEBC57F}]
@="EazelBar Helper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{FE478DC2-E4AD-4197-8F80-5E456BEBC57F}\InprocServer32]
@="C:\Program Files (x86)\EazelBar\Toolbar32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EBD839AE-B08C-4fb7-859B-F54AF16C159F}"="EazelBar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE478DC2-E4AD-4197-8F80-5E456BEBC57F}]
@="EazelBar Helper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\EazelBar]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\EazelBar]
"Path"="C:\Program Files (x86)\EazelBar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{EBD839AE-B08C-4fb7-859B-F54AF16C159F}"="EazelBar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE478DC2-E4AD-4197-8F80-5E456BEBC57F}]
@="EazelBar Helper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\EazelBar]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\EazelBar]
"DisplayName"="EazelBar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\EazelBar]
"DisplayVersion"="EazelBar 1.1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\EazelBar]
"Publisher"="EazelBar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\EazelBar]
"URLInfoAbout"="hxxp://search.eazel.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\EazelBar]
"DisplayIcon"="C:\Program Files (x86)\EazelBar\uninstall.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\EazelBar]
"UninstallString"="C:\Program Files (x86)\EazelBar\uninstall.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Mozilla\Firefox\Extensions]
"{EBD839AE-B08C-4fb7-859B-F54AF16C159F}"="C:\Program Files (x86)\EazelBar\Firefox"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Vittalia\AxtanInstaller\versions\659705]
"PartnerKeyword"="EAZELDE"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{EBD839AE-B08C-4fb7-859B-F54AF16C159F}]
@="EazelBar"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{EBD839AE-B08C-4fb7-859B-F54AF16C159F}\InprocServer32]
@="C:\Program Files (x86)\EazelBar\Toolbar32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{EE4282F6-CA16-4ba9-BC8C-197F1D07E426}\InprocServer32]
@="C:\Program Files (x86)\EazelBar\Toolbar32.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{FE478DC2-E4AD-4197-8F80-5E456BEBC57F}]
@="EazelBar Helper"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{FE478DC2-E4AD-4197-8F80-5E456BEBC57F}\InprocServer32]
@="C:\Program Files (x86)\EazelBar\Toolbar32.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Updater Service for EazelBar]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Updater Service for EazelBar]
"ImagePath"="C:\Program Files (x86)\EazelBar\ToolbarUpdaterService.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Updater Service for EazelBar]
"DisplayName"="Updater Service for EazelBar"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Updater Service for EazelBar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Updater Service for EazelBar]
"ImagePath"="C:\Program Files (x86)\EazelBar\ToolbarUpdaterService.exe"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Updater Service for EazelBar]
"DisplayName"="Updater Service for EazelBar"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\EazelBar]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://search.eazel.com?id=FC80225D0B214945841FC1FC28EC5A06"
[HKEY_USERS\S-1-5-21-4168891922-4078455343-2189293659-1002\Software\EazelBar]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-18\Software\EazelBar]
[HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://search.eazel.com?id=FC80225D0B214945841FC1FC28EC5A06"

Searching for " "
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\PhotoPrintingWizard\Lexmark 5600-6600 Series (Network)]
"PrintCapabilites"="<?xml version="1.0"?>
<psf:PrintCapabilities version="1" xmlns:xsl="hxxp://www.w3.org/1999/XSL/Transform" xmlns:xs="hxxp://www.w3.org/2001/XMLSchema" xmlns:xsd="hxxp://www.w3.org/2001/XMLSchema" xmlns:xsi="hxxp://www.w3.org/2001/XMLSchema-instance" xmlnssk="hxxp://schemas.microsoft.com/windows/2003/08/printing/printschemakeywords" xmlnssf="hxxp://schemas.microsoft.com/windows/2003/08/printing/printschemaframework" xmlns:cfg="hxxp://schemas.lexmark.com/2006/01/config" xmlns:lps="hxxp://schemas.lexmark.com/2006/01/lexmarkprintschema"><psf:Feature name="psk:JobCollateAllDocuments">
<psf:Option name="psk:Collated">
<psf:Property name="lpsefault"/>
<psf:Property name="lpsMValue">
<psf:Value xsi:type="xs:integer">1</psf:Value>
</psf:Property>
<psf:Property name="pskisplayName"><psf:Value xsi:type="xs:string">Ein</psf:Value></psf:Propert
[HKEY_LOCAL_MACHINE\HARDWARE\DEVICEMAP\Scsi\Scsi Port 0\Scsi Bus 1\Target Id 0\Logical Unit Id 0]
"SerialNumber"="SGC3524864 "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell]
"ConfigXML"=" <PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" Enabled="true" > <InitializationParameters> <Param Name="PSVersion" Value="3.0"/> </InitializationParameters> <Resources> <Resource ResourceUri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" SupportsOptions="true" ExactMatch="true"> <Security xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/> <Capability Type="Shell"/> </Reso
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell.Workflow]
"ConfigXML"=" <PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell.workflow" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" UseSharedProcess="true" ProcessIdleTimeoutSec="28800" RunAsUser="" RunAsPassword="" AutoRestart="false" Enabled="true" > <InitializationParameters> <Param Name="PSVersion" Value="3.0"/> <Param Name="AssemblyName" Value="Microsoft.PowerShell.Workflow.ServiceCore, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL"/> <Param Name="PSSessionConfigurationTypeName" Value="Microsoft.PowerShell.Workflow.PSWorkflowSessionConfiguration"/> <Param Name="SessionConfigurationData" Value="
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell32]
"ConfigXML"="<PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell32" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" Architecture="32" Enabled="true" > <InitializationParameters> <Param Name="PSVersion" Value="3.0"/> </InitializationParameters> <Resources> <Resource ResourceUri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell32" SupportsOptions="true" ExactMatch="true"> <Security xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell32" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/>
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\LexmarkInkjet\App List Manager]
"AppList"=" <APP>
<FRIENDLY_NAME>Acrobat Reader</FRIENDLY_NAME>
<PATH>C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe</PATH>
<DEFAULT_FILE_TYPE>PDF</DEFAULT_FILE_TYPE>
<SUPPORTED_FILE_TYPES>PDF</SUPPORTED_FILE_TYPES>
</APP>
<APP>
<FRIENDLY_NAME>Internet Expl.</FRIENDLY_NAME>
<PATH>C:\Program Files\Internet Explorer\IEXPLORE.EXE</PATH>
<DEFAULT_FILE_TYPE>JPG</DEFAULT_FILE_TYPE>
<SUPPORTED_FILE_TYPES>JPG</SUPPORTED_FILE_TYPES>
</APP>
<APP>
<FRIENDLY_NAME>MS Paint</FRIENDLY_NAME>
<PATH>C:\Windows\system32\mspaint.exe</PATH>
<DEFAULT_FILE_TYPE>BMP</DEFAULT_FILE_TYPE>
<SUPPORTED_FILE_TYPES>BMP,TIF,JPG</SUPPORTED_FILE_TYPES>
</APP>
<APP>
<FRIENDLY_NAME>Editor</FRIENDLY_NAME>
<PATH>C:\Windows\system32\NOTEPAD.EXE</PATH>
<DEFAULT_
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_&PROD_&REV_8.07#02FF6FC9662908&0#]
"DeviceDesc"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_&PROD_U1&REV_1.0#356810034061400&0#]
"DeviceDesc"="U1 "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_&PROD_&REV_8.07#02FF6FC9662908&0#]
"DeviceDesc"=" "
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\WpdBusEnumRoot\UMB\2&37c186b&1&STORAGE#VOLUME#_??_USBSTOR#DISK&VEN_&PROD_U1&REV_1.0#356810034061400&0 #]
"DeviceDesc"="U1 "
[HKEY_USERS\S-1-5-21-4168891922-4078455343-2189293659-1002\Software\Microsoft\Windows\CurrentVersion\Explorer\PhotoPrintingWizard\Lexmark 5600-6600 Series (Network)]
"PrintCapabilites"="<?xml version="1.0"?>
<psf:PrintCapabilities version="1" xmlns:xsl="hxxp://www.w3.org/1999/XSL/Transform" xmlns:xs="hxxp://www.w3.org/2001/XMLSchema" xmlns:xsd="hxxp://www.w3.org/2001/XMLSchema" xmlns:xsi="hxxp://www.w3.org/2001/XMLSchema-instance" xmlnssk="hxxp://schemas.microsoft.com/windows/2003/08/printing/printschemakeywords" xmlnssf="hxxp://schemas.microsoft.com/windows/2003/08/printing/printschemaframework" xmlns:cfg="hxxp://schemas.lexmark.com/2006/01/config" xmlns:lps="hxxp://schemas.lexmark.com/2006/01/lexmarkprintschema"><psf:Feature name="psk:JobCollateAllDocuments">
<psf:Option name="psk:Collated">
<psf:Property name="lpsefault"/>
<psf:Property name="lpsMValue">
<psf:Value xsi:type="xs:integer">1</psf:Value>
</psf:Property>
<psf:Property name="pskisplayName"><psf:Value xsi:type=

-= EOF =-

habe ichs falsch gemacht? Soll ich nochmal posten? Ja, im Chrome!

ich glaube, ich hab das 2 mal gepostet. Stimmt das?

Alt 13.04.2013, 01:26   #11
aharonov
/// TB-Ausbilder
 
Snap.do entfernen. Ich finde keine Lösungen! - Standard

Snap.do entfernen. Ich finde keine Lösungen!



Hallo,

nein, alles richtig gemacht.


Schritt 1
  • Öffne Google Chrome.
  • Klicke rechts oben auf Google Chrome anpassen.
  • Wähle Einstellungen.
  • Unter Beim Start > Wähle "Bestimmte Seite oder Seiten öffnen" aus und klicke auf Seiten festlegen.
  • Gib die gewünschte Startseite ein und bestätige mit Ok.
  • Schliesse den Google Chrome.



Schritt 2
  • Gehe zu Start --> Systemsteuerung und öffne Programme und Funktionen.
  • Suche und deinstalliere dort der folgenden Eintrag:
    • EazelBar
  • Schliesse das Fenster wieder und führe einen Neustart durch, wenn das gefordert wurde.



Schritt 3
  • Starte bitte die OTL.exe.
  • Kopiere nun den folgenden Inhalt aus der Codebox in die Textbox.
    Wichtig: Falls du deinen Benutzernamen im Log unkenntlich gemacht hast (z.B. durch ***), dann mach das hier wieder rückgängig.
Code:
ATTFilter
:OTL
O2 - BHO: (EazelBar Helper) - {FE478DC2-E4AD-4197-8F80-5E456BEBC57F} - C:\Program Files (x86)\EazelBar\Toolbar32.dll ()
O3:64bit: - HKLM\..\Toolbar: (EazelBar) - {EBD839AE-B08C-4fb7-859B-F54AF16C159F} - C:\Program Files (x86)\EazelBar\Toolbar64.dll ()
O3 - HKLM\..\Toolbar: (EazelBar) - {EBD839AE-B08C-4fb7-859B-F54AF16C159F} - C:\Program Files (x86)\EazelBar\Toolbar32.dll ()
O2:64bit: - BHO: (EazelBar Helper) - {FE478DC2-E4AD-4197-8F80-5E456BEBC57F} - C:\Program Files (x86)\EazelBar\Toolbar64.dll ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{EBD839AE-B08C-4fb7-859B-F54AF16C159F}: C:\Program Files (x86)\EazelBar\Firefox [2013.02.18 19:11:41 | 000,000,000 | ---D | M]
SRV - [2012.06.13 14:32:04 | 000,222,720 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\EazelBar\ToolbarUpdaterService.exe -- (Updater Service for EazelBar)
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.chatzum.com/?orig=DS&affid=61&cztbid=363967391&q={searchTerms}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://search.chatzum.com/?orig=DS&affid=61&cztbid=363967391&q={searchTerms}
MOD - [2013.02.06 16:24:02 | 000,252,928 | ---- | M] () -- C:\Program Files (x86)\BrowserProtect\proxy\myProxy.exe
MOD - [2013.02.06 16:24:02 | 000,130,048 | ---- | M] () -- C:\Program Files (x86)\BrowserProtect\proxy\zlibwapi.dll
SRV - [2013.02.14 10:05:56 | 000,055,296 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\BrowserProtect\srvBrowserProtect.exe -- (srvBrowserProtect)

:files
C:\Program Files (x86)\BrowserProtect
C:\ProgramData\GinyasBrowserCompanion
C:\Program Files (x86)\EazelBar

:reg
[-HKEY_CURRENT_USER\Software\EazelBar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\EazelBar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBD839AE-B08C-4fb7-859B-F54AF16C159F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE478DC2-E4AD-4197-8F80-5E456BEBC57F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{EBD839AE-B08C-4fb7-859B-F54AF16C159F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{FE478DC2-E4AD-4197-8F80-5E456BEBC57F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{EBD839AE-B08C-4fb7-859B-F54AF16C159F}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\EazelBar]

:commands
[emptytemp]
         
  • Schliesse nun bitte alle anderen Programme.
  • Klicke jetzt auf den Fix Button.
  • OTL kann gegebenfalls einen Neustart verlangen. Diesen bitte zulassen.
  • Nach dem Neustart findest du ein Textdokument auf deinem Desktop.
    (Auch zu finden unter C:\_OTL\MovedFiles\<date_time>.log)
  • Kopiere nun dessen Inhalt hier in deinen Thread.



Schritt 4

Starte bitte die OTL.exe.
  • Setze den Haken bei Scan all Users.
  • Drücke auf den Quick Scan Button.
  • Poste den Inhalt von OTL.txt hier in den Thread.



Bitte poste in deiner nächsten Antwort:
  • Fixlog von OTL
  • Log von OTL
__________________
cheers,
Leo

Alt 13.04.2013, 01:53   #12
Daten
 
Snap.do entfernen. Ich finde keine Lösungen! - Standard

Snap.do entfernen. Ich finde keine Lösungen!



All processes killed
========== OTL ==========
Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE478DC2-E4AD-4197-8F80-5E456BEBC57F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE478DC2-E4AD-4197-8F80-5E456BEBC57F}\ not found.
File C:\Program Files (x86)\EazelBar\Toolbar32.dll not found.
64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EBD839AE-B08C-4fb7-859B-F54AF16C159F} not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBD839AE-B08C-4fb7-859B-F54AF16C159F}\ not found.
File C:\Program Files (x86)\EazelBar\Toolbar64.dll not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{EBD839AE-B08C-4fb7-859B-F54AF16C159F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBD839AE-B08C-4fb7-859B-F54AF16C159F}\ not found.
File C:\Program Files (x86)\EazelBar\Toolbar32.dll not found.
64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FE478DC2-E4AD-4197-8F80-5E456BEBC57F}\ not found.
64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE478DC2-E4AD-4197-8F80-5E456BEBC57F}\ not found.
File C:\Program Files (x86)\EazelBar\Toolbar64.dll not found.
Registry value HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{EBD839AE-B08C-4fb7-859B-F54AF16C159F} not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBD839AE-B08C-4fb7-859B-F54AF16C159F}\ not found.
File C:\Program Files (x86)\EazelBar\Firefox not found.
Error: No service named Updater Service for EazelBar was found to stop!
Service\Driver key Updater Service for EazelBar not found.
File C:\Program Files (x86)\EazelBar\ToolbarUpdaterService.exe not found.
Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\ not found.
Releasing module C:\Program Files (x86)\BrowserProtect\proxy\myProxy.exe
C:\Program Files (x86)\BrowserProtect\proxy\myProxy.exe moved successfully.
Releasing module C:\Program Files (x86)\BrowserProtect\proxy\zlibwapi.dll
C:\Program Files (x86)\BrowserProtect\proxy\zlibwapi.dll moved successfully.
Error: Unable to stop service srvBrowserProtect!
Registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srvBrowserProtect deleted successfully.
C:\Program Files (x86)\BrowserProtect\srvBrowserProtect.exe moved successfully.
========== FILES ==========
C:\Program Files (x86)\BrowserProtect\proxy folder moved successfully.
C:\Program Files (x86)\BrowserProtect folder moved successfully.
C:\ProgramData\GinyasBrowserCompanion folder moved successfully.
File\Folder C:\Program Files (x86)\EazelBar not found.
========== REGISTRY ==========
Registry key HKEY_CURRENT_USER\Software\EazelBar\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\EazelBar\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBD839AE-B08C-4fb7-859B-F54AF16C159F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBD839AE-B08C-4fb7-859B-F54AF16C159F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE478DC2-E4AD-4197-8F80-5E456BEBC57F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE478DC2-E4AD-4197-8F80-5E456BEBC57F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{EBD839AE-B08C-4fb7-859B-F54AF16C159F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBD839AE-B08C-4fb7-859B-F54AF16C159F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{FE478DC2-E4AD-4197-8F80-5E456BEBC57F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{FE478DC2-E4AD-4197-8F80-5E456BEBC57F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\CLSID\{EBD839AE-B08C-4fb7-859B-F54AF16C159F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{EBD839AE-B08C-4fb7-859B-F54AF16C159F}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\EazelBar\ not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AMD
->Temp folder emptied: 891109163 bytes
->Temporary Internet Files folder emptied: 358703234 bytes
->Google Chrome cache emptied: 396535886 bytes
->Flash cache emptied: 2554 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 47850992 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 1.616,00 mb


OTL by OldTimer - Version 3.2.69.0 log created on 04132013_014224

Files\Folders moved on Reboot...
File move failed. C:\Users\AMD\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat scheduled to be moved on reboot.
File move failed. C:\Windows\temp\CLDigitalHome\CLMS_AGENT_LOG1.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\TmpFile1 scheduled to be moved on reboot.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 13.04.2013 01:56:03 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\AMD\Downloads
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16519)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,47 Gb Total Physical Memory | 2,03 Gb Available Physical Memory | 58,35% Memory free
4,10 Gb Paging File | 2,42 Gb Available in Paging File | 59,11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 448,57 Gb Total Space | 400,21 Gb Free Space | 89,22% Space Free | Partition Type: NTFS
Drive D: | 16,42 Gb Total Space | 2,10 Gb Free Space | 12,81% Space Free | Partition Type: NTFS
 
Computer Name: HP | User Name: AMD | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - File not found -- 
PRC - [2013.04.13 01:54:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\AMD\Downloads\OTL (2).exe
PRC - [2013.03.14 18:43:20 | 000,188,760 | ---- | M] () -- C:\Programme\Video downloader\ExtensionUpdaterService.exe
PRC - [2012.12.24 05:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\ccSvcHst.exe
PRC - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.08.13 12:08:08 | 010,376,704 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
PRC - [2012.08.13 12:08:08 | 010,368,512 | ---- | M] (OpenOffice.org) -- C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
PRC - [2012.07.27 19:21:26 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2012.07.09 13:40:02 | 000,580,512 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
PRC - [2012.07.09 13:40:02 | 000,035,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
PRC - [2012.06.08 05:34:06 | 000,111,120 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2012.03.28 19:34:30 | 000,091,432 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2012.01.12 15:52:57 | 000,296,232 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
PRC - [2012.01.12 15:52:55 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe
PRC - [2012.01.12 15:52:55 | 000,075,048 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
PRC - [2012.01.02 04:21:22 | 000,501,544 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe
PRC - [2011.08.26 14:37:18 | 001,342,008 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
PRC - [2011.03.28 12:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
PRC - [2009.09.11 13:34:22 | 002,403,840 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
PRC - [2009.09.11 13:33:54 | 000,009,216 | ---- | M] (Vodafone) -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
PRC - [2008.09.10 13:11:12 | 000,676,520 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2013.04.09 10:57:07 | 000,390,096 | ---- | M] () -- C:\Users\AMD\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
MOD - [2013.04.09 10:57:05 | 004,050,896 | ---- | M] () -- C:\Users\AMD\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
MOD - [2013.04.09 10:56:15 | 000,598,480 | ---- | M] () -- C:\Users\AMD\AppData\Local\Google\Chrome\Application\26.0.1410.64\libglesv2.dll
MOD - [2013.04.09 10:56:14 | 000,124,368 | ---- | M] () -- C:\Users\AMD\AppData\Local\Google\Chrome\Application\26.0.1410.64\libegl.dll
MOD - [2013.04.09 10:56:13 | 001,606,096 | ---- | M] () -- C:\Users\AMD\AppData\Local\Google\Chrome\Application\26.0.1410.64\ffmpegsumo.dll
MOD - [2012.12.12 01:09:49 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2012.10.09 04:23:11 | 003,198,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012.10.09 04:23:11 | 000,630,784 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
MOD - [2012.10.09 04:23:11 | 000,258,048 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
MOD - [2012.09.28 23:41:48 | 000,434,176 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll
MOD - [2012.09.14 00:04:14 | 004,550,656 | ---- | M] () -- C:\Windows\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
MOD - [2012.09.14 00:04:06 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2012.08.10 17:51:32 | 000,985,088 | ---- | M] () -- C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
MOD - [2012.07.27 01:08:38 | 002,972,672 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
MOD - [2012.07.27 01:08:38 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2012.07.27 01:08:38 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2012.07.27 01:08:38 | 000,385,024 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
MOD - [2012.07.27 01:08:38 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2012.07.27 01:08:38 | 000,261,632 | ---- | M] () -- C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
MOD - [2012.07.27 01:08:38 | 000,114,688 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
MOD - [2012.07.27 01:08:38 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MOD - [2012.07.26 05:19:14 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll
MOD - [2012.06.08 12:34:06 | 000,016,400 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2012.06.08 05:34:06 | 000,627,216 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2012.05.30 08:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\wincfi39.dll
MOD - [2012.01.02 04:21:17 | 000,374,056 | ---- | M] () -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\CLNetMediaDMA.dll
MOD - [2008.09.10 13:11:12 | 000,676,520 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe
MOD - [2008.09.10 11:56:27 | 000,081,920 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducaps.dll
MOD - [2008.09.10 11:56:14 | 000,380,928 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduscw.dll
MOD - [2008.09.10 11:56:12 | 001,036,288 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduDRS.dll
MOD - [2008.09.10 11:40:31 | 000,069,632 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxducnv4.dll
MOD - [2008.05.23 14:02:14 | 000,188,416 | ---- | M] () -- C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdudatr.dll
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2013.02.02 10:21:45 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013.01.10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013.01.10 01:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012.12.06 06:23:00 | 000,170,496 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2012.12.06 06:22:59 | 000,178,176 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2012.11.06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012.11.06 06:17:41 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2012.09.20 11:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012.09.20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012.09.20 08:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2012.08.23 17:18:14 | 004,412,872 | ---- | M] (SafeNet Inc.) [Auto | Running] -- C:\Windows\SysNative\hasplms.exe -- (hasplms)
SRV:64bit: - [2012.08.10 16:24:28 | 000,029,600 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV:64bit: - [2012.08.09 08:45:58 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2012.08.08 11:36:06 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2012.07.26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012.07.26 05:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012.07.26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012.07.26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012.07.26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012.07.26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012.07.26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012.07.26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012.07.26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012.07.26 05:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2012.07.26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012.07.26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2009.10.16 17:06:40 | 001,039,360 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysNative\lxducoms.exe -- (lxdu_device)
SRV:64bit: - [2009.10.16 16:53:46 | 000,029,184 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysNative\spool\DRIVERS\x64\3\\lxduserv.exe -- (lxduCATSCustConnectService)
SRV - [2013.03.29 20:52:42 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.03.14 18:43:20 | 000,188,760 | ---- | M] () [Auto | Running] -- C:\Programme\Video downloader\ExtensionUpdaterService.exe -- (Video downloader Updater)
SRV - [2013.02.07 14:04:30 | 000,161,384 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.12.24 05:33:29 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\ccSvcHst.exe -- (NIS)
SRV - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.11.06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012.08.10 17:53:44 | 000,085,504 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2012.07.26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012.07.26 05:18:41 | 000,408,064 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2012.07.26 05:17:52 | 000,060,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2012.07.21 18:30:36 | 000,321,536 | ---- | M] (IDT, Inc.) [Auto | Running] -- C:\Programme\IDT\WDM\stacsv64.exe -- (STacSV)
SRV - [2012.07.14 03:02:16 | 002,451,456 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012.07.09 13:40:02 | 000,035,232 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe -- (HPWMISVC)
SRV - [2012.01.12 15:52:57 | 000,296,232 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe -- (CyberLink PowerDVD 12 Media Server Service)
SRV - [2012.01.12 15:52:55 | 000,087,336 | ---- | M] (CyberLink Corp.) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe -- (CLHNServiceForPowerDVD12)
SRV - [2012.01.12 15:52:55 | 000,075,048 | ---- | M] (CyberLink) [Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe -- (CyberLink PowerDVD 12 Media Server Monitor Service)
SRV - [2011.04.01 12:14:30 | 000,183,560 | ---- | M] (Microsoft Corporation.) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE -- (BBSvc)
SRV - [2011.03.28 12:21:16 | 000,249,648 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE -- (SeaPort)
SRV - [2009.10.16 16:53:46 | 000,029,184 | ---- | M] () [Auto | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\\lxduserv.exe -- (lxduCATSCustConnectService)
SRV - [2009.09.11 13:33:54 | 000,009,216 | ---- | M] (Vodafone) [Auto | Running] -- C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe -- (VMCService)
SRV - [2008.05.23 14:58:34 | 000,594,600 | ---- | M] ( ) [Auto | Running] -- C:\Windows\SysWOW64\lxducoms.exe -- (lxdu_device)
SRV - [2005.11.17 14:18:52 | 001,527,900 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\MAGIX\Common\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2013.02.07 06:09:56 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013.02.02 13:19:44 | 000,446,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013.02.02 09:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013.01.31 05:18:18 | 000,432,800 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1403000.024\symnets.sys -- (SymNetS)
DRV:64bit: - [2013.01.31 05:18:06 | 001,139,800 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\NISx64\1403000.024\symefa64.sys -- (SymEFA)
DRV:64bit: - [2013.01.29 03:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013.01.29 03:45:19 | 000,796,248 | ---- | M] (Symantec Corporation) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1403000.024\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013.01.29 03:45:19 | 000,036,952 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1403000.024\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013.01.29 01:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013.01.22 04:15:33 | 000,493,656 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\NISx64\1403000.024\symds64.sys -- (SymDS)
DRV:64bit: - [2013.01.10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013.01.10 03:39:29 | 000,194,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2012.12.04 15:47:30 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2012.11.27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012.11.20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012.11.16 04:22:01 | 000,224,416 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1403000.024\ironx64.sys -- (SymIRON)
DRV:64bit: - [2012.11.16 04:18:04 | 000,168,096 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1403000.024\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2012.11.06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012.10.12 12:18:30 | 000,083,072 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\aksdf.sys -- (aksdf)
DRV:64bit: - [2012.10.12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.10.11 09:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012.10.11 09:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012.10.06 17:55:24 | 000,323,584 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\hardlock.sys -- (hardlock)
DRV:64bit: - [2012.09.20 09:55:33 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2012.09.20 09:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2012.09.20 09:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012.09.20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012.09.20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012.09.20 09:03:08 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2012.08.24 11:38:28 | 000,448,312 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2012.08.24 11:38:28 | 000,043,832 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2012.08.24 11:38:26 | 000,041,272 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\Smb_driver_AMDASF.sys -- (SmbDrv)
DRV:64bit: - [2012.08.10 16:24:28 | 000,042,400 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2012.08.10 16:24:28 | 000,029,600 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2012.08.09 10:03:32 | 010,283,520 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2012.08.09 07:48:20 | 000,368,640 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2012.08.07 12:51:18 | 000,141,256 | ---- | M] (SafeNet Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\aksfridge.sys -- (aksfridge)
DRV:64bit: - [2012.08.03 15:07:30 | 000,020,288 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\WirelessButtonDriver64.sys -- (WirelessButtonDriver)
DRV:64bit: - [2012.07.31 21:22:00 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012.07.31 10:04:12 | 000,690,832 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2012.07.26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.07.26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012.07.26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012.07.26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012.07.26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012.07.26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012.07.26 07:00:55 | 000,283,888 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2012.07.26 07:00:55 | 000,077,552 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2012.07.26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012.07.26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012.07.26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012.07.26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012.07.26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012.07.26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012.07.26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012.07.26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012.07.26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012.07.26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012.07.26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012.07.26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012.07.26 06:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012.07.26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012.07.26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012.07.26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012.07.26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012.07.26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012.07.26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012.07.26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012.07.26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012.07.26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012.07.26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012.07.26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012.07.26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012.07.26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012.07.26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012.07.26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012.07.26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.07.26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012.07.26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012.07.26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012.07.26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012.07.26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012.07.26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012.07.24 11:35:12 | 000,079,528 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2012.07.24 11:35:12 | 000,026,280 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2012.07.24 09:44:02 | 003,618,304 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athw8x.sys -- (athr)
DRV:64bit: - [2012.07.21 18:30:36 | 000,540,160 | ---- | M] (IDT, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\stwrt64.sys -- (STHDA)
DRV:64bit: - [2012.07.18 06:59:12 | 000,098,472 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\AtihdW86.sys -- (AtiHDAudioService)
DRV:64bit: - [2012.07.04 00:09:08 | 000,269,968 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:64bit: - [2012.06.25 11:24:50 | 000,092,536 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2012.06.23 07:23:38 | 000,199,008 | ---- | M] (AppEx Networks Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\appexDrv.sys -- (APXACC)
DRV:64bit: - [2012.06.20 23:27:30 | 000,023,448 | R--- | M] (Symantec Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\NISx64\1403000.024\symelam.sys -- (SymELAM)
DRV:64bit: - [2012.06.19 16:07:50 | 000,057,000 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012.06.02 16:32:26 | 010,627,744 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.29 19:00:50 | 000,132,608 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2009.06.29 19:00:50 | 000,116,096 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ewusbfake.sys -- (hwusbfake)
DRV:64bit: - [2009.04.09 14:38:24 | 000,116,864 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ewusbmdm.sys -- (hwdatacard)
DRV - [2013.03.22 03:52:21 | 001,387,608 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20130322.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013.02.15 23:03:18 | 002,087,664 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20130412.016\ex64.sys -- (NAVEX15)
DRV - [2013.02.15 23:03:18 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013.02.15 23:03:18 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013.02.15 23:03:18 | 000,126,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20130412.016\eng64.sys -- (NAVENG)
DRV - [2013.02.14 08:05:36 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20130411.001\IDSviA64.sys -- (IDSVia64)
DRV - [2012.01.11 23:57:42 | 000,146,928 | ---- | M] (CyberLink Corp.) [2013/02/18 18:32:23] [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Common\NavFilter\000.fcl -- ({329F96B6-DF1E-4328-BFDA-39EA953C1312})
DRV - [2011.10.27 08:18:45 | 000,082,928 | ---- | M] (Cyberlink Corp.) [Kernel | Auto | Running] -- C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys -- (ntk_PowerDVD12)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPNOT13/4
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
IE:64bit: - HKLM\..\SearchScopes\{28A1AFBC-2A66-4FD6-8237-7EAF11857F60}: "URL" = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPNTDF
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = 
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.eazel.com?id=FC80225D0B214945841FC1FC28EC5A06
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.eazel.com?id=FC80225D0B214945841FC1FC28EC5A06
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://startpage24.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://startpage24.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPNOT13/4
IE - HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com
IE - HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com
IE - HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Skype.com/Skype Web Plugin: C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll (Skype)
FF - HKLM\Software\MozillaPlugins\@startpage24.com/npLin64;Version=4: C:\ProgramData\Startpage24\Plugin\firefox\plugins\nplink64.dll (Link64 GmbH)
FF - HKLM\Software\MozillaPlugins\@startpage24.com/npLin64c;Version=5: C:\ProgramData\Startpage24\Plugin\nplink64chrome.dll (Link64 GmbH)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\AMD\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\AMD\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@www.flatcast.com/FlatViewer 5.2: C:\Windows\DOWNLO~1\NpFv530.dll ()
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{77BEC163-D389-42c1-91A4-C758846296A5}: C:\PROGRAM FILES\VIDEO DOWNLOADER\FIREFOX [2013.03.29 20:43:52 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\ [2013.04.12 23:26:12 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFFPlgn\ [2013.02.15 15:57:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ffext@startpage24: C:\ProgramData\Startpage24\Plugin\firefox [2013.02.21 22:20:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{77BEC163-D389-42c1-91A4-C758846296A5}: C:\Program Files\Video downloader\Firefox [2013.03.29 20:43:52 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\autolyrics@man-soft.net: C:\Program Files (x86)\AutoLyrics\FF\ [2013.03.03 13:16:26 | 000,000,000 | ---D | M]
 
[2013.02.15 22:20:49 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
 
========== Chrome  ==========
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter}
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\AMD\AppData\Local\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\AMD\AppData\Local\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\AMD\AppData\Local\Google\Chrome\Application\26.0.1410.64\pdf.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
CHR - plugin: Flatcast Viewer Plugin 5.3.0.784 (Enabled) = C:\Users\AMD\AppData\Roaming\Mozilla\plugins\NpFv530.dll
CHR - plugin: Skype Web Plugin (Enabled) = C:\Program Files (x86)\SkypeWebPlugin\npSkypeWebPlugin.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Startpage24 Startpage (Enabled) = C:\ProgramData\Startpage24\Plugin\firefox\plugins\nplink64.dll
CHR - plugin: Startpage24 Startpage (Enabled) = C:\ProgramData\Startpage24\Plugin\nplink64chrome.dll
CHR - plugin: Google Update (Enabled) = C:\Users\AMD\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\windows\SysWOW64\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll
CHR - Extension: Google Docs = C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\
CHR - Extension: Google Drive = C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google-Suche = C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Startpage24 Extension = C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghjedieekahkckccfclnacnooabafgjg\0.3_0\
CHR - Extension: Norton Identity Protection = C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.2.10_0\
CHR - Extension: Google Mail = C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Auto Lyrics = C:\Users\AMD\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkcdkfohdadbjmlfejhncigcbfkiaamf\1.110_0\
 
O1 HOSTS File: ([2013.02.24 10:29:22 | 000,000,895 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.google-analytics.com
O1 - Hosts: 127.0.0.1 google-analytics.com
O2:64bit: - BHO: (Video downloader) - {77BEC163-D389-42c1-91A4-C758846296A5} - C:\Programme\Video downloader\Extension64.dll ()
O2 - BHO: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll ()
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (Video downloader) - {77BEC163-D389-42c1-91A4-C758846296A5} - C:\Programme\Video downloader\Extension32.dll ()
O2 - BHO: (Startpage24 Browser Helper) - {BBD43808-9D13-4B0B-B023-178FD1FAE442} - C:\ProgramData\Startpage24\Plugin\link64_plugin.dll (Link64 GmbH)
O2 - BHO: (Lexmark ) - {D2C5E510-BE6D-42CC-9F61-E4F939078474} - C:\Programme\Lexmark Printable Web\bho.dll ()
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (Auto Lyrics) - {DAEB9E85-4694-4F9B-85CB-2F28987872D7} - C:\Program Files (x86)\AutoLyrics\autolrcs.dll (Mansoft Union)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll ()
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.0.36\coIEPlg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\..\Toolbar\WebBrowser: (Lexmark Symbolleiste) - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Programme\Lexmark Toolbar\toolband.dll ()
O4:64bit: - HKLM..\Run: [lxduamon] C:\Program Files (x86)\Lexmark 5600-6600 Series\lxduamon.exe ()
O4:64bit: - HKLM..\Run: [lxdumon.exe] C:\Program Files (x86)\Lexmark 5600-6600 Series\lxdumon.exe ()
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [CLVirtualDrive] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe (CyberLink Corp.)
O4 - HKLM..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [Lexmark 5600-6600 Series] C:\Program Files (x86)\Lexmark 5600-6600 Series\fm3032.exe ()
O4 - HKLM..\Run: [MobileConnect] C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe (Vodafone)
O4 - HKLM..\Run: [PowerDVD12Agent] C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe (CyberLink Corp.)
O4 - HKLM..\Run: [PowerDVD12DMREngine] C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMR\PowerDVD12DMREngine.exe (CyberLink)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKU\S-1-5-21-4168891922-4078455343-2189293659-1002..\Run: [BrowserMask] C:\Program Files (x86)\AntiBrowserSpy\AntiBrowserSpyBrowserMaske.exe (Microsoft)
O4 - HKU\S-1-5-21-4168891922-4078455343-2189293659-1002..\Run: [Driver Pro] C:\Program Files (x86)\Driver Pro\DPLauncher.exe (PC Utilities Pro)
O4 - Startup: C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MultiSkypeLauncher.lnk = C:\Program Files (x86)\MultiSkypeLauncher\MultiSkypeLauncher.exe (IM-history)
O4 - Startup: C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-4168891922-4078455343-2189293659-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {E55FD215-A32E-43FE-A777-A7E8F165F561} hxxp://download.flatcast.net/objects/NpFv530.dll (Flatcast Viewer 5.3)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1C586592-6EAF-4C19-9872-AF5FFA65C43D}: DhcpNameServer = 139.7.30.126 139.7.30.125
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{46EA0735-FC39-49DE-96DB-6485C85FD43E}: DhcpNameServer = 40.20.1.201 40.20.1.203
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{83C82F9C-609E-4ABC-80F2-5C97022DD01D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{CB937A27-6165-4ECF-B9DC-135084409E1F}: DhcpNameServer = 139.7.30.126 139.7.30.125
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\startpage24 - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.dll File not found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\startpage24 {879506D7-73DF-8D45-BBDD-123467926D12} - C:\ProgramData\Startpage24\Plugin\link64_plugin.dll (Link64 GmbH)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{021262b5-776e-11e2-be73-38eaa7db6372}\Shell - "" = AutoRun
O33 - MountPoints2\{021262b5-776e-11e2-be73-38eaa7db6372}\Shell\AutoRun\command - "" = "F:\setup_vmc_lite.exe" /checkApplicationPresence
O33 - MountPoints2\{02126400-776e-11e2-be73-38eaa7db6372}\Shell - "" = AutoRun
O33 - MountPoints2\{02126400-776e-11e2-be73-38eaa7db6372}\Shell\AutoRun\command - "" = "F:\setup_vmc_lite.exe" /checkApplicationPresence
O33 - MountPoints2\{021264be-776e-11e2-be73-38eaa7db6372}\Shell - "" = AutoRun
O33 - MountPoints2\{021264be-776e-11e2-be73-38eaa7db6372}\Shell\AutoRun\command - "" = "F:\setup_vmc_lite.exe" /checkApplicationPresence
O33 - MountPoints2\{e7682d96-77a2-11e2-be74-38eaa7db6372}\Shell - "" = AutoRun
O33 - MountPoints2\{e7682d96-77a2-11e2-be74-38eaa7db6372}\Shell\AutoRun\command - "" = "F:\setup_vmc_lite.exe" /checkApplicationPresence
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.04.13 01:42:24 | 000,000,000 | ---D | C] -- C:\_OTL
[2013.04.06 14:06:13 | 000,000,000 | ---D | C] -- C:\Users\AMD\Documents\MAGIX Downloads
[2013.04.06 14:06:12 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Roaming\MAGIX
[2013.04.06 14:05:02 | 000,487,424 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLAV32.dll
[2013.04.06 14:05:02 | 000,430,080 | ---- | C] (MAGIX AG) -- C:\Windows\SysWow64\MXRestore.exe
[2013.04.06 14:05:02 | 000,188,416 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLRES32.dll
[2013.04.06 14:05:02 | 000,163,840 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLDEV32.dll
[2013.04.06 14:05:02 | 000,151,552 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLDRV32.dll
[2013.04.06 14:05:02 | 000,114,688 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLCDA32.dll
[2013.04.06 14:05:02 | 000,094,208 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLCPY32.dll
[2013.04.06 14:05:02 | 000,065,536 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLPTL32.dll
[2013.04.06 14:05:02 | 000,061,440 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLCDF32.dll
[2013.04.06 14:05:02 | 000,057,344 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLTPO32.dll
[2013.04.06 14:05:02 | 000,053,248 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLPRJ32.dll
[2013.04.06 14:05:02 | 000,053,248 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLIO32.dll
[2013.04.06 14:05:02 | 000,049,152 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLPRF32.dll
[2013.04.06 14:05:02 | 000,045,056 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLIMG32.dll
[2013.04.06 14:05:02 | 000,040,960 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLRD32.dll
[2013.04.06 14:05:02 | 000,036,864 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLPNT32.dll
[2013.04.06 14:05:02 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\STRING32.dll
[2013.04.06 14:05:02 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLMSC32.dll
[2013.04.06 14:05:02 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLISO32.dll
[2013.04.06 14:05:02 | 000,032,768 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLDIR32.dll
[2013.04.06 14:05:02 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\TTIC32.dll
[2013.04.06 14:05:02 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\TTI32.dll
[2013.04.06 14:05:02 | 000,024,576 | ---- | C] (PoINT Software & Systems GmbH) -- C:\Windows\SysWow64\DLLIX.dll
[2013.04.06 14:04:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MAGIX
[2013.04.06 14:04:44 | 000,000,000 | ---D | C] -- C:\Users\AMD\Documents\MAGIX_MusicMaker15_for_MySpace
[2013.04.06 14:04:27 | 000,000,000 | ---D | C] -- C:\ProgramData\MAGIX
[2013.04.06 14:03:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MAGIX
[2013.04.06 14:02:48 | 000,700,416 | ---- | C] (MAGIX AG) -- C:\Windows\SysWow64\mgxoschk.dll
[2013.04.06 14:02:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\MAGIX
[2013.04.04 17:02:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightworks
[2013.04.04 17:02:05 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Local\SafeNet Sentinel
[2013.04.04 17:02:05 | 000,000,000 | ---D | C] -- C:\ProgramData\SafeNet Sentinel
[2013.04.04 17:01:50 | 000,083,072 | ---- | C] (SafeNet Inc.) -- C:\Windows\SysNative\drivers\aksdf.sys
[2013.04.04 17:01:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Aladdin Shared
[2013.04.04 17:01:45 | 004,412,872 | ---- | C] (SafeNet Inc.) -- C:\Windows\SysNative\hasplms.exe
[2013.04.04 17:01:45 | 004,412,872 | ---- | C] (SafeNet Inc.) -- C:\Windows\SysNative\aksllmtp.exe
[2013.04.04 17:01:44 | 000,141,256 | ---- | C] (SafeNet Inc.) -- C:\Windows\SysNative\drivers\aksfridge.sys
[2013.04.04 17:01:40 | 000,323,584 | ---- | C] (SafeNet Inc.) -- C:\Windows\SysNative\drivers\hardlock.sys
[2013.04.04 17:01:29 | 000,198,088 | ---- | C] (Aladdin Knowledge Systems Ltd.) -- C:\Windows\SysWow64\hlvdd.dll
[2013.04.04 16:59:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lightworks
[2013.04.04 16:51:22 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Roaming\Audacity
[2013.04.04 16:50:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Audacity
[2013.04.04 16:37:10 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Local\HPConnectedMusic
[2013.04.04 16:25:29 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Local\fontconfig
[2013.04.04 16:25:26 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Local\gegl-0.2
[2013.04.04 16:25:26 | 000,000,000 | ---D | C] -- C:\Users\AMD\.gimp-2.8
[2013.04.04 16:22:46 | 000,000,000 | ---D | C] -- C:\Program Files\GIMP 2
[2013.04.03 19:29:19 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2013.03.30 18:56:23 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Roaming\MultiSkypeLauncher
[2013.03.30 18:53:16 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MultiSkypeLauncher
[2013.03.30 18:53:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MultiSkypeLauncher
[2013.03.30 14:50:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RocketDock
[2013.03.30 14:50:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RocketDock
[2013.03.29 22:21:35 | 000,000,000 | ---D | C] -- C:\Users\AMD\Documents\Youcam
[2013.03.29 20:43:48 | 000,000,000 | ---D | C] -- C:\Program Files\Video downloader
[2013.03.29 01:38:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
[2013.03.29 01:38:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DVDVideoSoft
[2013.03.29 01:38:07 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Roaming\DVDVideoSoft
[2013.03.29 01:38:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDVideoSoft
[2013.03.26 20:14:40 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Westermann Multimedia
[2013.03.26 20:11:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Westermann
[2013.03.25 23:45:49 | 000,000,000 | ---D | C] -- C:\Users\AMD\Documents\German Truck Simulator
[2013.03.25 23:42:33 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\German Truck Simulator
[2013.03.25 23:42:33 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\German Truck Simulator
[2013.03.25 23:42:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\German Truck Simulator
[2013.03.25 19:01:11 | 000,000,000 | ---D | C] -- C:\Users\AMD\Documents\Abelssoft
[2013.03.25 18:52:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\K-Lite Codec Pack
[2013.03.25 18:52:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YouTube Song Downloader
[2013.03.25 18:52:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\YouTube Song Downloader
[2013.03.25 18:07:25 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Roaming\Nico Mak Computing
[2013.03.25 18:07:18 | 000,019,840 | ---- | C] (WinZip Computing, S.L.(WinZip Computing)) -- C:\Windows\SysNative\roboot64.exe
[2013.03.25 18:07:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WinZip Registry Optimizer
[2013.03.25 18:05:22 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Roaming\uTorrent
[2013.03.18 13:37:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lexmark 5600-6600 Series
[2013.03.18 13:37:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lexmark 5600-6600 Series
[2013.03.18 13:35:30 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark 5600-6600 Series
[2013.03.18 11:54:17 | 000,000,000 | ---D | C] -- C:\Users\AMD\AppData\Local\ElevatedDiagnostics
[2013.03.18 00:33:16 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark Toolbar
[2013.03.17 23:39:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.03.17 23:37:47 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.03.17 23:37:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2013.04.13 01:55:45 | 001,949,368 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.13 01:55:45 | 000,830,120 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.04.13 01:55:45 | 000,774,720 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.13 01:55:45 | 000,188,224 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.04.13 01:55:45 | 000,158,234 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.13 01:52:09 | 000,000,402 | ---- | M] () -- C:\Windows\tasks\Auto Lyrics Update.job
[2013.04.13 01:50:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.13 01:48:05 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.04.13 01:48:01 | 2981,527,552 | -HS- | M] () -- C:\hiberfil.sys
[2013.04.13 01:42:10 | 000,002,670 | ---- | M] () -- C:\Users\AMD\Desktop\Google Chrome.lnk
[2013.04.13 01:37:00 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4168891922-4078455343-2189293659-1002UA.job
[2013.04.13 01:36:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.13 01:15:03 | 000,000,376 | ---- | M] () -- C:\Windows\tasks\WpsUpdateTask_AMD.job
[2013.04.12 23:21:54 | 000,344,208 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.12 23:18:16 | 000,000,158 | ---- | M] () -- C:\Windows\DeleteOnReboot.bat
[2013.04.11 19:37:00 | 000,001,066 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4168891922-4078455343-2189293659-1002Core.job
[2013.04.06 14:05:11 | 000,007,119 | ---- | M] () -- C:\Windows\mgxoschk.ini
[2013.04.04 19:42:02 | 000,001,477 | ---- | M] () -- C:\Users\AMD\AppData\Local\recently-used.xbel
[2013.03.30 18:53:17 | 000,001,189 | ---- | M] () -- C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MultiSkypeLauncher.lnk
[2013.03.18 13:40:27 | 000,182,891 | ---- | M] () -- C:\Windows\SysNative\LexFiles.ulf
[2013.03.18 13:38:54 | 000,001,104 | ---- | M] () -- C:\Users\Public\Desktop\Lexmark Productivity Studio - 5600-6600 Series.LNK
[2013.03.18 00:39:36 | 000,000,649 | ---- | M] () -- C:\ProgramData\cl1578181498.xml
[2013.03.17 21:38:14 | 000,014,127 | ---- | M] () -- C:\Users\AMD\Documents\untitled_1.odt
[2013.03.17 21:38:14 | 000,011,558 | ---- | M] () -- C:\Users\AMD\Documents\untitled_0_1.odt
[2013.03.14 23:45:37 | 000,074,682 | ---- | M] () -- C:\Users\AMD\Documents\Krankheitsbestätigung.pdf
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
[7 C:\ProgramData\*.tmp files -> C:\ProgramData\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2013.04.12 23:17:54 | 000,000,158 | ---- | C] () -- C:\Windows\DeleteOnReboot.bat
[2013.04.10 11:42:11 | 000,002,619 | ---- | C] () -- C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
[2013.04.06 14:05:02 | 000,053,248 | ---- | C] () -- C:\Windows\SysWow64\mgxasio2.dll
[2013.04.06 14:05:02 | 000,014,182 | ---- | C] () -- C:\Windows\SysWow64\DLLAV32.lib
[2013.04.06 14:03:30 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll
[2013.04.06 14:02:48 | 000,007,119 | ---- | C] () -- C:\Windows\mgxoschk.ini
[2013.04.04 19:42:02 | 000,001,477 | ---- | C] () -- C:\Users\AMD\AppData\Local\recently-used.xbel
[2013.04.04 16:50:53 | 000,001,023 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
[2013.04.03 19:29:19 | 000,002,670 | ---- | C] () -- C:\Users\AMD\Desktop\Google Chrome.lnk
[2013.04.03 19:27:32 | 000,001,118 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4168891922-4078455343-2189293659-1002UA.job
[2013.04.03 19:27:30 | 000,001,066 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4168891922-4078455343-2189293659-1002Core.job
[2013.03.30 18:53:16 | 000,001,189 | ---- | C] () -- C:\Users\AMD\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MultiSkypeLauncher.lnk
[2013.03.29 20:52:43 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.03.24 20:01:10 | 000,344,208 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.03.18 13:38:54 | 000,001,104 | ---- | C] () -- C:\Users\Public\Desktop\Lexmark Productivity Studio - 5600-6600 Series.LNK
[2013.03.18 13:37:52 | 000,000,044 | ---- | C] () -- C:\Windows\SysNative\lxdurwrd.ini
[2013.03.18 13:37:11 | 000,389,120 | ---- | C] () -- C:\Windows\SysWow64\LXDUinst.dll
[2013.03.18 13:37:11 | 000,364,544 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduinpa.dll
[2013.03.18 13:37:11 | 000,339,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduiesc.dll
[2013.03.18 13:37:11 | 000,335,872 | ---- | C] () -- C:\Windows\SysWow64\lxducomx.dll
[2013.03.18 13:37:10 | 000,651,264 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdupmui.dll
[2013.03.18 13:37:09 | 001,069,056 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduserv.dll
[2013.03.18 13:37:09 | 000,851,968 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduusb1.dll
[2013.03.18 13:37:09 | 000,577,536 | ---- | C] ( ) -- C:\Windows\SysWow64\lxdulmpm.dll
[2013.03.18 13:37:08 | 000,765,952 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducomc.dll
[2013.03.18 13:37:08 | 000,679,936 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduhbn3.dll
[2013.03.18 13:37:08 | 000,594,600 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducoms.exe
[2013.03.18 13:37:08 | 000,376,832 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducomm.dll
[2013.03.18 13:37:08 | 000,369,320 | ---- | C] ( ) -- C:\Windows\SysWow64\lxducfg.exe
[2013.03.18 13:37:08 | 000,328,360 | ---- | C] ( ) -- C:\Windows\SysWow64\lxduih.exe
[2013.03.18 13:37:07 | 000,680,960 | ---- | C] ( ) -- C:\Windows\SysNative\LXDUhcp.dll
[2013.03.18 13:37:07 | 000,594,432 | ---- | C] () -- C:\Windows\SysNative\LXDUinst.dll
[2013.03.18 13:37:07 | 000,001,867 | ---- | C] () -- C:\Windows\SysWow64\lxdu.loc
[2013.03.18 13:36:56 | 000,182,891 | ---- | C] () -- C:\Windows\SysNative\LexFiles.ulf
[2013.03.18 11:59:57 | 000,300,032 | ---- | C] () -- C:\Windows\SysNative\lxdugrd.dll
[2013.03.18 11:59:36 | 000,521,216 | ---- | C] ( ) -- C:\Windows\SysNative\lxduih.exe
[2013.03.18 11:59:35 | 001,661,952 | ---- | C] ( ) -- C:\Windows\SysNative\lxduserv.dll
[2013.03.18 11:59:35 | 001,338,368 | ---- | C] ( ) -- C:\Windows\SysNative\lxduusb1.dll
[2013.03.18 11:59:35 | 001,291,264 | ---- | C] ( ) -- C:\Windows\SysNative\lxducomc.dll
[2013.03.18 11:59:35 | 001,039,360 | ---- | C] ( ) -- C:\Windows\SysNative\lxducoms.exe
[2013.03.18 11:59:35 | 000,987,648 | ---- | C] ( ) -- C:\Windows\SysNative\lxdupmui.dll
[2013.03.18 11:59:35 | 000,897,024 | ---- | C] ( ) -- C:\Windows\SysNative\lxdulmpm.dll
[2013.03.18 11:59:35 | 000,580,608 | ---- | C] ( ) -- C:\Windows\SysNative\lxducomm.dll
[2013.03.18 11:59:35 | 000,548,352 | ---- | C] ( ) -- C:\Windows\SysNative\lxduinpa.dll
[2013.03.18 11:59:35 | 000,513,024 | ---- | C] ( ) -- C:\Windows\SysNative\lxduiesc.dll
[2013.03.18 11:59:34 | 001,091,584 | ---- | C] ( ) -- C:\Windows\SysNative\lxduhbn3.dll
[2013.03.18 11:59:34 | 000,610,304 | ---- | C] ( ) -- C:\Windows\SysNative\lxducfg.exe
[2013.03.18 00:39:36 | 000,000,649 | ---- | C] () -- C:\ProgramData\cl1578181498.xml
[2013.03.17 22:32:46 | 000,014,127 | ---- | C] () -- C:\Users\AMD\Documents\untitled_1.odt
[2013.03.17 22:32:46 | 000,011,558 | ---- | C] () -- C:\Users\AMD\Documents\untitled_0_1.odt
[2013.03.14 23:45:36 | 000,074,682 | ---- | C] () -- C:\Users\AMD\Documents\Krankheitsbestätigung.pdf
[2013.02.24 21:51:46 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2013.02.17 18:17:07 | 001,036,288 | ---- | C] () -- C:\Windows\SysWow64\lxdudrs.dll
[2013.02.17 18:17:07 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\lxducaps.dll
[2013.02.17 18:10:15 | 000,069,632 | ---- | C] () -- C:\Windows\SysWow64\lxducnv4.dll
[2013.02.15 21:58:21 | 000,000,306 | RHS- | C] () -- C:\Users\AMD\ntuser.pol
[2012.08.24 12:24:47 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2012.08.09 08:10:22 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2012.08.09 08:10:22 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2012.08.04 00:40:09 | 000,916,510 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012.07.25 22:22:54 | 000,982,240 | ---- | C] () -- C:\Windows\SysWow64\igkrng500.bin
[2012.07.25 22:22:54 | 000,439,308 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng500.bin
[2012.07.25 22:22:54 | 000,092,356 | ---- | C] () -- C:\Windows\SysWow64\igfcg500m.bin
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2012.05.10 17:35:16 | 000,029,184 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
[2011.09.13 16:06:16 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2009.06.16 14:25:02 | 000,121,512 | R--- | C] () -- C:\ProgramData\DeviceManager.xml.rc4
 
========== ZeroAccess Check ==========
 
[2012.08.24 12:49:27 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.01.10 01:23:07 | 019,791,360 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.01.10 01:26:23 | 017,560,576 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013.02.17 18:22:04 | 000,000,000 | ---D | M] -- C:\Users\AMD\AppData\Roaming\5600-6600 Series
[2013.02.21 21:05:02 | 000,000,000 | ---D | M] -- C:\Users\AMD\AppData\Roaming\AntiBrowserSpy 2009
[2013.02.21 21:53:51 | 000,000,000 | ---D | M] -- C:\Users\AMD\AppData\Roaming\Ashampoo
[2013.04.04 20:30:15 | 000,000,000 | ---D | M] -- C:\Users\AMD\AppData\Roaming\Audacity
[2013.02.26 16:40:11 | 000,000,000 | ---D | M] -- C:\Users\AMD\AppData\Roaming\Blender Foundation
[2013.02.24 21:13:54 | 000,000,000 | ---D | M] -- C:\Users\AMD\AppData\Roaming\Driver Pro
[2013.03.29 01:38:29 | 000,000,000 | ---D | M] -- C:\Users\AMD\AppData\Roaming\DVDVideoSoft
[2013.02.21 20:43:46 | 000,000,000 | ---D | M] -- C:\Users\AMD\AppData\Roaming\Kingsoft
[2013.04.06 14:06:12 | 000,000,000 | ---D | M] -- C:\Users\AMD\AppData\Roaming\MAGIX
[2013.03.30 18:56:25 | 000,000,000 | ---D | M] -- C:\Users\AMD\AppData\Roaming\MultiSkypeLauncher
[2013.03.25 18:15:53 | 000,000,000 | ---D | M] -- C:\Users\AMD\AppData\Roaming\Nico Mak Computing
[2013.02.24 21:34:42 | 000,000,000 | ---D | M] -- C:\Users\AMD\AppData\Roaming\OpenOffice.org
[2013.02.21 22:07:54 | 000,000,000 | ---D | M] -- C:\Users\AMD\AppData\Roaming\Stardock
[2013.02.15 16:01:17 | 000,000,000 | ---D | M] -- C:\Users\AMD\AppData\Roaming\Synaptics
[2013.02.15 21:44:32 | 000,000,000 | ---D | M] -- C:\Users\AMD\AppData\Roaming\TuneUp Software
[2013.03.26 01:26:30 | 000,000,000 | ---D | M] -- C:\Users\AMD\AppData\Roaming\uTorrent
[2013.02.15 16:16:56 | 000,000,000 | ---D | M] -- C:\Users\AMD\AppData\Roaming\Vodafone
[2013.02.24 18:14:43 | 000,000,000 | ---D | M] -- C:\Users\AMD\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:373E1720

< End of report >
         
--- --- ---

Alt 13.04.2013, 02:22   #13
aharonov
/// TB-Ausbilder
 
Snap.do entfernen. Ich finde keine Lösungen! - Standard

Snap.do entfernen. Ich finde keine Lösungen!



Jep, gut. Ist snap.do jetzt ganz weg?


Schritt 1

Downloade dir bitte Malwarebytes Anti-Malware .
  • Installiere das Programm in den vorgegebenen Pfad.
  • Starte nun Malwarebytes Anti-Malware.
    Vista und Win7 User mit Rechtsklick "als Administrator starten".
  • Klicke auf Aktualisierung --> Suche nach Aktualisierung.
  • Wenn das Update beendet wurde, aktiviere im Reiter Suchlauf die Option Quick-Scan durchführen und drücke auf Scannen.
  • Wenn der Scan fertig ist, klicke auf Ergebnisse anzeigen.
  • Versichere dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
  • Poste das Logfile, welches sich in Notepad öffnet, hier in den Thread.
  • Nachträglich kannst du den Bericht unter dem Reiter Logdateien finden.



Schritt 2

Lade das Setup des ESET Online Scanners herunter und speichere es auf den Desktop.
  • Schliesse evtl. vorhandene externe Festplatten und USB-Sticks an den Rechner an.
  • Deaktiviere jetzt temporär für diesen Scan dein Antivirenprogramm und die Firewall.
    (Danach nicht vergessen, sie wieder einzuschalten.)
  • Starte nun die heruntergeladene esetsmartinstaller_enu.exe.
  • Setze den Haken bei Yes, I accept the Terms of Use und drücke Start.
  • Warte bis die Komponenten heruntergeladen sind.
  • Setze den Haken bei Scan archives.
  • Gehe sicher, dass bei Remove found Threats kein Haken gesetzt ist.
  • Drücke dann auf Start.
  • Die Signaturen werden heruntergeladen und der Scan startet automatisch.
    Hinweis: Dieser Scan kann unter Umständen ziemlich lange dauern!
  • Falls nach Beendigung des Scans Funde angezeigt werden, dann:
    • Drücke auf List of found threats.
    • Klicke dann auf Export to text file... und speichere die Textdatei als ESET.txt auf den Desktop.
    • Drücke danach auf << Back.
  • Schliesse nun den Scanner mit einem Klick auf Finish.
Poste bitte den Inhalt der ESET.txt oder teile mir mit, wenn es keine Funde gegeben hat.



Schritt 3

Downloade dir bitte SecurityCheck (Link 2).
  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
    Vista und Win7 User mit Rechtsklick "als Administrator starten"
  • Wenn der Scan beendet wurde, sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.



Bitte poste in deiner nächsten Antwort:
  • Log von MBAM
  • Log von ESET
  • Log von SecurityCheck
__________________
cheers,
Leo

Alt 13.04.2013, 02:43   #14
Daten
 
Snap.do entfernen. Ich finde keine Lösungen! - Standard

Snap.do entfernen. Ich finde keine Lösungen!



Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.04.12.14

Windows 8 x64 NTFS
Internet Explorer 10.0.9200.16519
AMD :: HP [Administrator]

Schutz: Aktiviert

13.04.2013 02:36:30
mbam-log-2013-04-13 (02-36-30).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 209350
Laufzeit: 4 Minute(n), 51 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)

bei der ersten Schritt habe ich das mit den "Ergebnissen anzeigen und dann alle löschen" nicht verstanden. Wo steht da Ergebnisse anzeigen?

soll ich mit der 2. Schritt beginnen oder muss ich da was löschen?

Alt 13.04.2013, 02:58   #15
aharonov
/// TB-Ausbilder
 
Snap.do entfernen. Ich finde keine Lösungen! - Standard

Snap.do entfernen. Ich finde keine Lösungen!



Zitat:
soll ich mit der 2. Schritt beginnen oder muss ich da was löschen?
Ja, mit Schritt 2 weitermachen. Du hast alles richtig gemacht. Da es keine Funde gab, kann natürlich auch nichts gelöscht werden.
__________________
cheers,
Leo

Antwort

Themen zu Snap.do entfernen. Ich finde keine Lösungen!
deinstalliere, deinstallieren, einiger, einstellungen, entferne, entfernen, formiert, gefunde, gen, google, herunterladen, installier, installiert, kommt wieder, kostet, lösungen, monate, nichts, probiert, problem, programm, programme, snap.do, spyhunter, vorgehen, wegzukriegen



Ähnliche Themen: Snap.do entfernen. Ich finde keine Lösungen!


  1. Bundespolizeivirus - ich finde keine .exe Datei!
    Plagegeister aller Art und deren Bekämpfung - 13.05.2012 (1)
  2. Vista Antivir 2012: Finde keine Lösung
    Plagegeister aller Art und deren Bekämpfung - 22.06.2011 (9)
  3. Youtube Lags.. Finde keine Lösung.
    Diskussionsforum - 18.03.2010 (1)
  4. WoW Account Hack, finde aber keine Schadsoftware
    Plagegeister aller Art und deren Bekämpfung - 24.12.2009 (1)
  5. Finde keine Treiber
    Netzwerk und Hardware - 19.08.2009 (1)
  6. Div. Probleme-finde keine Viren oä
    Plagegeister aller Art und deren Bekämpfung - 11.01.2009 (2)
  7. irshl32.dll finde keine infos
    Mülltonne - 12.11.2008 (0)
  8. hulfäääää.... maus friert bei livecd ein!!!!! ich kenne keine Lösungen........!
    Mülltonne - 07.10.2008 (1)
  9. ich finde keine treiber
    Netzwerk und Hardware - 20.08.2008 (5)
  10. Maus spinnt! Finde allein keine Lösung.
    Plagegeister aller Art und deren Bekämpfung - 20.07.2008 (0)
  11. Finde keine Info's zu Trojan.Inject
    Log-Analyse und Auswertung - 23.06.2008 (4)
  12. Finde keine Antworten
    Log-Analyse und Auswertung - 04.04.2008 (0)
  13. Gentee.b , finde keine Infos zu diesem Trojaner
    Plagegeister aller Art und deren Bekämpfung - 24.11.2006 (3)
  14. Firefox Highjacker - finde keine Hilfe
    Plagegeister aller Art und deren Bekämpfung - 03.11.2005 (2)
  15. Finde keine Lösung
    Log-Analyse und Auswertung - 20.04.2005 (2)
  16. TR/Click.Verzil.A.3 ??? Hilfe, ich finde keine..
    Plagegeister aller Art und deren Bekämpfung - 19.11.2004 (11)
  17. Finde keine Info über spy.Fakemon
    Plagegeister aller Art und deren Bekämpfung - 13.08.2004 (2)

Zum Thema Snap.do entfernen. Ich finde keine Lösungen! - Liebes Team, ich habe mich eingehend über dieses Problem informiert, sei es Google oder eben auf dieser Plattform, habe aber keine Lösungen gefunden. Ich habe seit einiger Zeit ( 1 - Snap.do entfernen. Ich finde keine Lösungen!...
Archiv
Du betrachtest: Snap.do entfernen. Ich finde keine Lösungen! auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.