Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Windows7 Explorer funktioniert nicht mehr

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 10.06.2013, 14:20   #1
Tobillix
 
Windows7 Explorer funktioniert nicht mehr - Icon32

Windows7 Explorer funktioniert nicht mehr



Hallo,
bei mir stürtzt immer der Explorer ab, wenn ich bsp. Bilder übertragen möchte vielleicht Kontexmenü als auslöser für den Absturz. Da ich ihn geöffnet stehen lassen kann ohne zu arbeiten entsteht kein Fehler.
Ich habe ein 64 bit System Windows 7 Home Edition. Habe Fehlerhafte Systemdateien gefunden über cmd im Startmenü und dann den Befehl scannow ausführen lassen.

Antwort:
Der Windows Resourcenschutz hat beschädigte Dateien gefunden und konnte einige der beschädigten Datein nicht reparieren. Details finden sie in der Datei "CBS.Log" <windir\Logs\CBS\CBS.log>, zB. "C:\windows\logs\CBS\CBS.log"

Wie gehe ich hier weiter richtig vor? Kann ja nicht in den Explorer weil der immer abstürzt bis ich mich durchgeklickt habe?!!!

Dankeschön im Voraus!

Alt 11.06.2013, 14:57   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows7 Explorer funktioniert nicht mehr - Standard

Windows7 Explorer funktioniert nicht mehr



Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner, sind die jemals fündig geworden?

Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!


Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________

__________________

Alt 11.06.2013, 20:58   #3
Tobillix
 
Windows7 Explorer funktioniert nicht mehr - Standard

Windows7 Explorer funktioniert nicht mehr



Nur noch Avira die hat folgende Datei

ADWARE/installcore.gen

unter Quarantäne gestellt. Hoffe aber nicht dass das ein Virus ist.

Habe sonst kein Virenprogramm.

Hatte auch Jahrelang keine PC Probleme weil ich immer XP benutzte das war super!!! Jetzt seit ca einem Jahr hab ich mir einen Lappi zugelegt da war dass 7er Windows drauf auch ohne CD wie des ja aktuell so ist und

Aber tja etz muss ich irgendwie diesen Explorer wieder in Gang bekommen, ansonsten läuft ja alles gestern ist mir der Mozilla mal kurz flöten gegangen war eine Meldung konnte Protokoll nicht schreiben... Aber läuft jetzt wieder....

Hast du irgendwelche Ideen wie ich diesen Fehler besser analisieren kann?! Bin kein PC-Checker nur Serienmäßiger bediener und Googler :-)

Thx
__________________

Alt 11.06.2013, 22:45   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows7 Explorer funktioniert nicht mehr - Standard

Windows7 Explorer funktioniert nicht mehr



Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.
  • Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.

  • Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.

  • Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!

  • Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!

  • Die Logs der aufgegebenen Tools wie zB Malwarebytes sind immer zu posten - egal ob ein Fund dabei war oder nicht!

  • Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.


Erstmal eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles hier in CODE-Tags in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 12.06.2013, 07:57   #5
Tobillix
 
Windows7 Explorer funktioniert nicht mehr - Standard

Windows7 Explorer funktioniert nicht mehr



Hallo Cosinus,
hab gleich schon die erste Frage. Wo bekomme ich das OLC Programm her, hab mir das TuneUP und TeamViewer Programm heruntergeladen und Installiert.... Oder ist OLC mit TuneUp gemeint aber habe hier eine andere Plattform

Tschuldige das OTL Programm

Wer lesen kann ist klar im Vorteil :-)

OTL link gefunden :-)

Oje was da alles steht

OTL Logfile:
Code:
ATTFilter
OTL logfile created on: 12.06.2013 09:14:05 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Tobillix\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,91 Gb Total Physical Memory | 2,07 Gb Available Physical Memory | 52,99% Memory free
7,81 Gb Paging File | 5,92 Gb Available in Paging File | 75,83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,24 Gb Total Space | 69,29 Gb Free Space | 58,11% Space Free | Partition Type: NTFS
Drive D: | 153,85 Gb Total Space | 48,21 Gb Free Space | 31,34% Space Free | Partition Type: NTFS
Drive E: | 7,13 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive H: | 698,64 Gb Total Space | 198,90 Gb Free Space | 28,47% Space Free | Partition Type: NTFS
 
Computer Name: TOBILLIX-PC | User Name: Tobillix | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Tobillix\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Program Files\VLC\vlc.exe (VideoLAN)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Protected Search\ProtectedSearch.exe (Simplygen)
PRC - C:\Program Files\Mozillafirefo9crome\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files\Mozillafirefo9crome\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe (ASUS)
PRC - C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
PRC - C:\Windows\SysWOW64\ACEngSvr.exe (ASUSTeK)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
PRC - C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe ()
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
PRC - C:\Windows\SysWOW64\BRSVC01A.EXE (brother Industries Ltd)
PRC - C:\Windows\SysWOW64\BRSS01A.EXE (brother Industries Ltd)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\af525b4bec3b9941b7be8ffbf813da80\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f878765b06a1d56b04f4bd23a9c60985\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7eac0dbe9aa20b55e37235f8ee030e6b\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll ()
MOD - C:\Program Files\VLC\libvlccore.dll ()
MOD - C:\Program Files\VLC\plugins\gui\libqt4_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\codec\libpng_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\audio_output\libwaveout_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\audio_output\libaout_directx_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\codec\libdts_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\codec\libcdg_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\codec\liblibass_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\codec\libtheora_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\codec\libmpeg_audio_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\codec\liba52_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\codec\libaes3_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\codec\libvorbis_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\codec\libschroedinger_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\codec\libopus_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\codec\liblpcm_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\codec\libspudec_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\codec\libavcodec_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\codec\libfaad_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\codec\libflac_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\codec\libfluidsynth_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\codec\libspeex_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\control\libhotkeys_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\codec\libaraw_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\control\libglobalhotkeys_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\video_filter\libyuvp_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\audio_mixer\libfloat32_mixer_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\video_filter\libswscale_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\lua\liblua_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\video_filter\libscale_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\audio_filter\libsamplerate_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\audio_filter\libaudio_format_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\audio_filter\libconverter_fixed_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\audio_filter\libdtstospdif_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\audio_filter\libugly_resampler_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\audio_filter\liba52tospdif_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\meta_engine\libtaglib_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\audio_filter\libscaletempo_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\misc\libxml_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\mmx\libi420_rgb_mmx_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\mmx\libi420_yuy2_mmx_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\mmx\libi422_yuy2_mmx_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\mmxext\libmemcpymmxext_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\text_renderer\libfreetype_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\video_chroma\libi420_rgb_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\video_chroma\libi422_i420_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\access\libdshow_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\sse2\libi420_rgb_sse2_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\video_output\libdirect3d_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\video_output\libdirectx_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\sse2\libi420_yuy2_sse2_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\sse2\libi422_yuy2_sse2_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\access\libaccess_vdr_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\access\libdvdnav_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\access\liblibbluray_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\access\libzip_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\access\libfilesystem_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\access\libaccess_bd_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\access\libstream_filter_rar_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\demux\libplaylist_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\demux\libavi_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\demux\libmp4_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\stream_filter\libstream_filter_dash_plugin.dll ()
MOD - C:\Program Files\VLC\plugins\stream_filter\libstream_filter_httplive_plugin.dll ()
MOD - C:\Program Files\VLC\libvlc.dll ()
MOD - C:\Program Files\VLC\plugins\stream_filter\libstream_filter_record_plugin.dll ()
MOD - C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\libcef.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\302207b4fa3083899fd8ab4db98cecc5\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll ()
MOD - C:\Program Files\Mozillafirefo9crome\mozjs.dll ()
MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll ()
MOD - C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll ()
MOD - C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\Common Files\microsoft shared\virtualization handler\OfficeVirt.exe ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (TeamViewer8) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (TuneUp.UtilitiesSvc) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe (TuneUp Software)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (BrYNSvc) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (ASUS InstantOn) -- C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe (ASUS)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Brother XP spl Service) -- C:\Windows\SysWOW64\BRSVC01A.EXE (brother Industries Ltd)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (Ser2pl) -- C:\Windows\SysNative\drivers\ser2pl64.sys (Prolific Technology Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc)
DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (TuneUpUtilitiesDrv) -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys (TuneUp Software)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-1136809362-2212667915-2443606012-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-search.com/?affID=119293&tt=gc_&babsrc=HP_ss&mntrId=248486D53D120BDE
IE - HKU\S-1-5-21-1136809362-2212667915-2443606012-1001\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&affID=119293&tt=gc_&babsrc=SP_ss&mntrId=248486D53D120BDE
IE - HKU\S-1-5-21-1136809362-2212667915-2443606012-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..extensions.enabledAddons: testpilot@labs.mozilla.com:1.2.2
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozillafirefo9crome\components [2012.06.04 12:43:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozillafirefo9crome\plugins [2011.12.08 18:08:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.23 13:13:12 | 000,000,000 | ---D | M]
 
[2011.12.08 17:55:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobillix\AppData\Roaming\mozilla\Extensions
[2013.05.29 19:31:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobillix\AppData\Roaming\mozilla\Firefox\Profiles\tu3kxf86.default\extensions
[2012.01.20 15:25:03 | 000,000,000 | ---D | M] (Wincore Mediabar) -- C:\Users\Tobillix\AppData\Roaming\mozilla\Firefox\Profiles\tu3kxf86.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
[2012.11.16 15:07:36 | 000,000,000 | ---D | M] (DownTango Launcher) -- C:\Users\Tobillix\AppData\Roaming\mozilla\Firefox\Profiles\tu3kxf86.default\extensions\{411beae9-8c58-477c-8903-201536f61512}
[2012.09.15 10:19:06 | 000,621,521 | ---- | M] () (No name found) -- C:\Users\Tobillix\AppData\Roaming\mozilla\firefox\profiles\tu3kxf86.default\extensions\testpilot@labs.mozilla.com.xpi
[2013.05.29 19:06:26 | 000,006,503 | ---- | M] () -- C:\Users\Tobillix\AppData\Roaming\mozilla\firefox\profiles\tu3kxf86.default\searchplugins\babylon.xml
[2013.05.29 19:06:33 | 000,001,294 | ---- | M] () -- C:\Users\Tobillix\AppData\Roaming\mozilla\firefox\profiles\tu3kxf86.default\searchplugins\delta.xml
 
========== Chrome  ==========
 
CHR - default_search_provider: Delta Search (Enabled)
CHR - default_search_provider: search_url = hxxp://www.delta-search.com/?q={searchTerms}&affID=119293&tt=gc_&babsrc=SP_ss&mntrId=248486D53D120BDE
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.delta-search.com/?affID=119293&tt=gc_&babsrc=HP_ss&mntrId=248486D53D120BDE
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Tobillix\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google-Suche = C:\Users\Tobillix\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Google Mail = C:\Users\Tobillix\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2 - BHO: (Wincore Mediabar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Users\Tobillix\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll ()
O2 - BHO: (DownTango Launcher) - {e327b07a-0e11-4fd4-bef2-b2c5605b59c6} - C:\Users\Tobillix\AppData\Roaming\DownTangoFTToolbar\DownTangoFTToolbar.dll (Simplytech Ltd.)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Wincore Mediabar) - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - C:\Users\Tobillix\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll ()
O3 - HKLM\..\Toolbar: (DownTango Launcher) - {e327b07a-0e11-4fd4-bef2-b2c5605b59c6} - C:\Users\Tobillix\AppData\Roaming\DownTangoFTToolbar\DownTangoFTToolbar.dll (Simplytech Ltd.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - Startup: C:\Users\Tobillix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-1136809362-2212667915-2443606012-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D9FB8A97-64B7-46D0-BCAF-B10735B25125}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1B2404B-6A93-4894-867E-985A2BA1157C}: DhcpNameServer = 192.168.3.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - Unable to obtain root file information for disk H:\
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.11 22:10:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamViewer
[2013.06.11 22:02:32 | 000,035,104 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\TURegOpt.exe
[2013.06.11 22:02:31 | 000,026,400 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\authuitu.dll
[2013.06.11 22:02:31 | 000,021,792 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\authuitu.dll
[2013.06.11 22:02:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013
[2013.06.11 22:02:12 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\TuneUp Software
[2013.06.11 22:02:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TuneUp Utilities 2013
[2013.06.11 22:01:28 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2013.06.11 22:00:45 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013.06.11 22:00:45 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013.06.10 13:52:44 | 000,000,000 | ---D | C] -- C:\LocalDumps
[2013.05.30 01:55:44 | 000,083,160 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.05.29 19:55:09 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\Avira
[2013.05.29 19:49:34 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.05.29 19:49:34 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.05.29 19:49:34 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.05.29 19:49:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013.05.29 19:49:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2013.05.29 19:35:35 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.05.29 19:06:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Babylon
[2013.05.29 19:06:20 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\Babylon
[2013.05.29 19:06:18 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\GoforFiles
[2013.05.29 18:58:04 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\SpeedMaxPc
[2013.05.29 18:58:04 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\DriverCure
[2013.05.29 18:57:56 | 000,000,000 | ---D | C] -- C:\ProgramData\SpeedMaxPc
[2013.05.29 18:34:47 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Local\Downloaded Installations
[2013.05.29 18:34:15 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\Zip Opener Packages
[2013.05.29 18:34:11 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\DSite
[2013.05.29 18:34:10 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\DealPly
[2013.05.29 18:34:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Tarma Installer
[2013.05.29 15:38:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Easy
[2013.05.29 15:38:24 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Easy
[2013.05.29 15:38:04 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Local\Programs
[2013.05.23 19:46:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.05.23 19:44:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.05.23 19:44:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013.05.23 19:43:39 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2013.05.23 19:43:39 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013.05.23 19:43:39 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013.05.23 19:43:38 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2013.05.23 19:43:38 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013.05.23 19:43:38 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2013.05.23 19:43:38 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2013.05.23 19:43:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2013.05.23 19:43:38 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2013.05.23 19:43:37 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013.05.23 19:43:37 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013.05.23 19:43:37 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2013.05.23 19:43:37 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013.05.23 19:43:37 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013.05.23 19:43:37 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2013.05.23 19:43:37 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2013.05.23 19:43:37 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2013.05.23 19:43:37 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2013.05.23 19:43:37 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2013.05.23 19:43:37 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2013.05.23 19:43:37 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013.05.23 19:43:37 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2013.05.23 19:43:36 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013.05.23 19:43:36 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013.05.23 19:43:35 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013.05.23 19:40:29 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013.05.23 19:40:27 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2013.05.23 19:40:27 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2013.05.23 19:31:01 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\vlc
[2013.05.23 13:26:51 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\Systweak
[2013.05.23 13:26:50 | 000,018,832 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe
[2013.05.23 13:26:44 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\Canneverbe Limited
[2013.05.23 13:26:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2013.05.23 13:26:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDBurnerXP
[2013.05.23 13:13:22 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\Thunderbird
[2013.05.23 13:13:22 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Local\Thunderbird
[2013.05.23 13:13:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013.05.23 12:48:05 | 000,057,344 | ---- | C] (brother Industries Ltd) -- C:\Windows\SysWow64\BRSVC01A.EXE
[2013.05.23 12:48:05 | 000,045,056 | ---- | C] (brother Industries Ltd) -- C:\Windows\SysWow64\BRSS01A.EXE
[2013.05.23 11:19:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother Personal Utilities
[2013.05.23 10:54:09 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark
[2013.05.22 14:37:21 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\ControlCenter4
[2013.05.22 14:33:42 | 000,000,000 | ---D | C] -- C:\Brother
[2013.05.22 14:33:40 | 000,000,000 | ---D | C] -- C:\ProgramData\ControlCenter4
[2013.05.22 14:33:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Browny02
[2013.05.22 14:32:55 | 000,245,760 | ---- | C] (brother) -- C:\Windows\SysWow64\NSSearch.dll
[2013.05.22 14:32:55 | 000,005,632 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2L.dll
[2013.05.22 14:32:55 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2S.dll
[2013.05.22 14:32:54 | 000,073,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2.dll
[2013.05.22 14:32:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Brother
[2013.05.22 14:32:49 | 000,180,224 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysWow64\BroSNMP.dll
[2013.05.22 14:29:20 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\InstallShield
[2013.05.22 12:07:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
[2013.05.22 12:07:26 | 000,316,928 | ---- | C] (brother) -- C:\Windows\SysNative\NSSRH64.dll
[2013.05.22 12:07:26 | 000,084,480 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\BrNetSti.dll
[2013.05.22 12:07:26 | 000,058,880 | ---- | C] (Brother Industries,Ltd.) -- C:\Windows\SysNative\BrWiaNCp.dll
[2013.05.22 12:07:26 | 000,054,272 | R--- | C] (Brother Industries,Ltd) -- C:\Windows\SysNative\Brnsplg.dll
[2013.05.22 12:07:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ControlCenter4
[2013.05.22 12:01:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother
[2013.05.15 08:06:19 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.05.15 08:06:19 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.05.15 08:06:18 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.05.15 08:06:17 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.05.15 08:06:17 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.05.15 08:06:17 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.05.15 08:06:17 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.05.15 08:06:17 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.05.15 08:06:17 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.05.15 08:06:17 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.05.15 08:06:17 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.05.15 08:06:17 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.05.15 08:06:14 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.05.15 08:06:14 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.05.15 08:06:13 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.05.15 07:52:23 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys
[2013.05.15 07:52:23 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll
[2013.05.15 07:52:09 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll
[2013.05.15 07:52:08 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll
[2013.05.15 07:52:07 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll
[2013.05.15 07:52:07 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe
[2013.05.15 07:51:56 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.12 08:39:00 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.12 08:32:29 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.12 08:32:22 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.11 22:10:38 | 000,001,168 | ---- | M] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.06.11 22:02:29 | 000,002,215 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2013.06.11 22:02:29 | 000,002,195 | ---- | M] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
[2013.06.11 21:04:33 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.11 21:04:33 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.11 20:56:33 | 3145,826,304 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.11 09:48:19 | 001,531,014 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.06.11 09:48:19 | 000,666,256 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.06.11 09:48:19 | 000,628,098 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.06.11 09:48:19 | 000,134,178 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.06.11 09:48:19 | 000,110,560 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.06.10 21:58:56 | 000,045,056 | ---- | M] () -- C:\Windows\SysWow64\acovcnt.exe
[2013.06.08 00:43:00 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\ASUS SmartLogon Console Sensor.job
[2013.05.30 14:18:51 | 000,002,046 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2013.05.30 14:18:35 | 000,001,240 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2013.05.30 01:55:19 | 000,083,160 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.05.29 19:47:57 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.05.29 19:47:57 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.05.29 19:47:57 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.05.29 19:35:36 | 000,000,824 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.05.29 14:10:24 | 000,001,059 | ---- | M] () -- C:\Users\Tobillix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.05.29 14:10:11 | 000,001,033 | ---- | M] () -- C:\Users\Tobillix\Desktop\Dropbox.lnk
[2013.05.24 12:32:08 | 000,080,962 | ---- | M] () -- C:\Users\Tobillix\Desktop\MotivationsschreibenMH.pdf
[2013.05.24 12:24:16 | 000,288,597 | ---- | M] () -- C:\Users\Tobillix\Desktop\MeisterbriefArbeitszeugniss.pdf
[2013.05.24 12:15:53 | 000,005,052 | ---- | M] () -- C:\Users\Tobillix\AppData\Local\recently-used.xbel
[2013.05.24 12:03:05 | 000,092,813 | ---- | M] () -- C:\Users\Tobillix\Desktop\LebenslaufBild2013.pdf
[2013.05.24 09:45:07 | 000,084,822 | ---- | M] () -- C:\Users\Tobillix\Desktop\ArbeitszeugnisHTG.jpg
[2013.05.24 09:43:54 | 000,102,919 | ---- | M] () -- C:\Users\Tobillix\Desktop\Meister1.jpg
[2013.05.24 09:38:01 | 000,074,880 | ---- | M] () -- C:\Users\Tobillix\Desktop\Lebenslauf2013.pdf
[2013.05.23 19:30:50 | 000,000,742 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.05.23 19:25:43 | 000,001,142 | ---- | M] () -- C:\Users\Tobillix\Desktop\ASUS Produktregistrierung.lnk
[2013.05.23 13:26:34 | 000,001,955 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2013.05.23 13:13:15 | 000,002,092 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2013.05.23 12:48:08 | 000,000,184 | ---- | M] () -- C:\Windows\SysWow64\brsvc01a.bsi
[2013.05.23 12:48:08 | 000,000,030 | ---- | M] () -- C:\Windows\SysWow64\brss01a.ini
[2013.05.23 12:48:01 | 000,000,055 | ---- | M] () -- C:\Windows\SysWow64\BRDPJ140W.DAT
[2013.05.19 18:35:42 | 000,247,887 | ---- | M] () -- C:\Users\Tobillix\Desktop\Strangfeld.jpg
[2013.05.15 21:22:41 | 000,277,352 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
 
========== Files Created - No Company Name ==========
 
[2013.06.11 22:10:38 | 000,001,180 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk
[2013.06.11 22:10:38 | 000,001,168 | ---- | C] () -- C:\Users\Public\Desktop\TeamViewer 8.lnk
[2013.06.11 22:02:29 | 000,002,215 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp 1-Klick-Wartung.lnk
[2013.06.11 22:02:29 | 000,002,207 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk
[2013.06.11 22:02:29 | 000,002,195 | ---- | C] () -- C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk
[2013.06.08 00:43:00 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\ASUS SmartLogon Console Sensor.job
[2013.05.29 19:35:36 | 000,000,824 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.05.24 12:32:06 | 000,080,962 | ---- | C] () -- C:\Users\Tobillix\Desktop\MotivationsschreibenMH.pdf
[2013.05.24 12:24:14 | 000,288,597 | ---- | C] () -- C:\Users\Tobillix\Desktop\MeisterbriefArbeitszeugniss.pdf
[2013.05.24 12:15:53 | 000,005,052 | ---- | C] () -- C:\Users\Tobillix\AppData\Local\recently-used.xbel
[2013.05.24 12:03:03 | 000,092,813 | ---- | C] () -- C:\Users\Tobillix\Desktop\LebenslaufBild2013.pdf
[2013.05.24 09:58:24 | 000,247,887 | ---- | C] () -- C:\Users\Tobillix\Desktop\Strangfeld.jpg
[2013.05.24 09:45:07 | 000,084,822 | ---- | C] () -- C:\Users\Tobillix\Desktop\ArbeitszeugnisHTG.jpg
[2013.05.24 09:43:53 | 000,102,919 | ---- | C] () -- C:\Users\Tobillix\Desktop\Meister1.jpg
[2013.05.24 09:37:58 | 000,074,880 | ---- | C] () -- C:\Users\Tobillix\Desktop\Lebenslauf2013.pdf
[2013.05.23 19:30:50 | 000,000,742 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.05.23 19:25:43 | 000,001,142 | ---- | C] () -- C:\Users\Tobillix\Desktop\ASUS Produktregistrierung.lnk
[2013.05.23 13:26:34 | 000,001,955 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2013.05.23 13:26:34 | 000,001,905 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2013.05.23 13:13:14 | 000,002,092 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2013.05.23 12:48:08 | 000,000,184 | ---- | C] () -- C:\Windows\SysWow64\brsvc01a.bsi
[2013.05.23 12:48:08 | 000,000,030 | ---- | C] () -- C:\Windows\SysWow64\brss01a.ini
[2013.05.23 11:18:07 | 000,000,060 | R--- | C] () -- C:\Program Files (x86)\BRINST.INI
[2013.05.22 14:53:54 | 000,000,055 | ---- | C] () -- C:\Windows\SysWow64\BRDPJ140W.DAT
[2013.05.22 12:07:26 | 000,143,360 | R--- | C] () -- C:\Windows\SysNative\BrSNMP64.dll
[2013.03.29 16:33:23 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012.12.14 02:42:30 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012.12.14 02:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.12.14 02:42:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012.12.08 15:40:48 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012.11.16 15:07:30 | 000,015,432 | ---- | C] () -- C:\Windows\Launcher.exe
[2012.08.04 10:03:57 | 000,495,616 | ---- | C] () -- C:\Windows\SysWow64\D3DX8ab.dll
[2012.02.28 20:28:25 | 000,164,234 | ---- | C] () -- C:\Windows\FlyChart Uninstaller.exe
[2012.02.12 21:20:35 | 001,557,912 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.01.20 15:28:12 | 000,027,648 | ---- | C] () -- C:\Users\Tobillix\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.01 16:07:58 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\acovcnt.exe
[2011.09.16 10:21:16 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011.09.16 10:20:27 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.09.16 10:20:19 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.09.16 10:20:13 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011.04.13 04:48:48 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:41099CE9

< End of report >
         
--- --- ---

[/code]

Die 2te Liste

OTL EXTRAS Logfile:
Code:
ATTFilter
OTL Extras logfile created on: 12.06.2013 09:14:05 - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Tobillix\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16576)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,91 Gb Total Physical Memory | 2,07 Gb Available Physical Memory | 52,99% Memory free
7,81 Gb Paging File | 5,92 Gb Available in Paging File | 75,83% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,24 Gb Total Space | 69,29 Gb Free Space | 58,11% Space Free | Partition Type: NTFS
Drive D: | 153,85 Gb Total Space | 48,21 Gb Free Space | 31,34% Space Free | Partition Type: NTFS
Drive E: | 7,13 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive H: | 698,64 Gb Total Space | 198,90 Gb Free Space | 28,47% Space Free | Partition Type: NTFS
 
Computer Name: TOBILLIX-PC | User Name: Tobillix | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_USERS\S-1-5-21-1136809362-2212667915-2443606012-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozillafirefo9crome\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Directory [AddToPlaylistVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01030C6F-5837-45D1-AB3A-AF3B197B0371}" = lport=138 | protocol=17 | dir=in | app=system | 
"{05398B0F-DF21-49B9-89E4-B94DDDA8C53D}" = lport=445 | protocol=6 | dir=in | app=system | 
"{39B40135-DE6F-4B1E-9392-C4560374AEAF}" = rport=138 | protocol=17 | dir=out | app=system | 
"{3DAC7D07-F950-4220-A07F-13FC0C5E7B8A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{3F84BB46-FA1B-46B3-AB3D-6926B1478FF5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{41265FCC-C8FD-4637-940D-81D93E5445B1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{46F89CE4-032C-4BD7-BEDB-59B3E6118BE6}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{506984D9-DE61-4E40-9679-2D3BDE5A3CB8}" = lport=8182 | protocol=6 | dir=in | name=java(tm) platform se binary | 
"{58ECAC34-358A-4996-93D8-9D0BABF621B1}" = rport=139 | protocol=6 | dir=out | app=system | 
"{5987CD0D-9C68-4205-B53B-786670C44BBA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{5CDE0E7C-DC47-4771-A849-8CFDF593D83B}" = rport=445 | protocol=6 | dir=out | app=system | 
"{5FB1DCF9-E80F-4A2A-8C19-A83037B4128F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{64D0CF8C-460F-4A0F-AB60-885D07254789}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{6B34172A-84C3-432B-983E-F72E92DEBC66}" = rport=137 | protocol=17 | dir=out | app=system | 
"{6D86BBA6-660B-4EA4-9C85-ADBCBF533D55}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{81BD1620-B145-459B-8294-89DC76E8572F}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{8CCF1862-7DD5-4479-8C75-816B63D5AE7E}" = lport=137 | protocol=17 | dir=in | app=system | 
"{9B30EEB1-3357-4F0D-9BF8-C740440D33FA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{9C2BC9E1-B81A-486E-9D96-F0C8E6502C49}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{A119C4FF-3AE3-40BB-B5D7-933C3DF80772}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A72233AF-337A-40D3-BCE9-4CBCFF8C6B0B}" = lport=5353 | protocol=17 | dir=in | name=java(tm) platform se binary | 
"{AEB556A1-0EA9-45B1-AB3B-1429C2598C19}" = lport=139 | protocol=6 | dir=in | app=system | 
"{B236816B-FE21-4E85-B060-05EA7B258844}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner | 
"{B827E1C7-5A7A-484C-9653-2FE388A8B888}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{CE94DC46-31D2-4A19-B634-FEC5BF51E233}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{D93049F5-5267-4C4D-A6BA-5B5AE2B511E7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{EB06DDCA-ED3D-4019-BA93-9DF325F55A05}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{ED7C6FB1-EE29-4727-BB8A-EF35088F3FF3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{033045E6-3034-4B01-869B-6FFA6C747C1A}" = dir=in | app=c:\program files (x86)\protected search\protectedsearch.exe | 
"{05F6FBB2-DD36-4430-8819-7D0B9000596F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{15B67990-8F2C-4858-B36B-9DAB9B2D53DD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{21791D02-FAEF-44B5-9008-A6E644E256D3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{25BDD843-A815-48A8-A216-66D065687049}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{33CF9B4C-8342-46D1-A9F3-2C0C6F8B2889}" = protocol=58 | dir=in | app=system | 
"{35C70914-1B53-4C3C-A6C8-88156D2BEC37}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | 
"{380CD1BF-3256-4C1D-B497-5243B0F35003}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{462639D2-B49D-4052-A9AD-AC2CA7C0F9A4}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{49FDBA42-E06F-4D2F-A541-4AE21FD4B217}" = protocol=17 | dir=in | app=c:\users\tobillix\imesh applications\mediabar\datamngr\toolbar\dtuser.exe | 
"{4EC18E60-0161-47A0-A4BF-01067E3A153D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{50D76052-134E-46DB-AF8E-63827F883C0F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{573A2FE5-57C0-42F8-8975-5BAB012E4E67}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{5CE34F28-6F4F-42EE-BAE2-9BCCF93766E1}" = dir=out | app=c:\program files (x86)\protected search\protectedsearch.exe | 
"{603B5352-9F25-450C-931F-5AB21B9D9B30}" = dir=out | app=c:\program files (x86)\protected search\protectedsearch.exe | 
"{628AA317-31C9-44E2-8A42-F7F802557474}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{64EF058B-DF0B-47FA-839E-D8F61DF5DFC8}" = protocol=6 | dir=in | app=c:\users\tobillix\imesh applications\imesh\imesh.exe | 
"{7034917E-CA98-4BB5-AB89-3416A22A23EE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{712E01E0-C950-42FF-9219-DFC7341EC893}" = protocol=6 | dir=in | app=c:\users\tobillix\imesh applications\mediabar\datamngr\toolbar\dtuser.exe | 
"{73D0E9DF-4E46-41D4-B48B-9FE7EF4C98B7}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
"{74D4C5A4-04C8-44BE-B791-DE225CBB5EBA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{75EA3C65-0DDD-4326-98AC-21F0076CC5B6}" = protocol=6 | dir=out | app=system | 
"{781B43D5-A1EC-46D6-8565-3EC613235D80}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{7CB2FC95-AB79-4E83-BCC5-6633D5C8E5BD}" = protocol=17 | dir=in | app=c:\users\tobillix\appdata\roaming\dropbox\bin\dropbox.exe | 
"{8929D0FC-ADAF-4CD9-B260-45AA1D96C81A}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
"{8EF01BA1-D1F6-4D73-AADB-AB5E81F83EF1}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{913350F3-00D4-4B9F-9C8D-F30D7A0F8754}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{9158D9CA-0426-473E-A2B2-582527DBDD60}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe | 
"{9D830397-6E89-423D-A1F7-196B8BA4E3C1}" = protocol=17 | dir=in | app=c:\users\tobillix\imesh applications\imesh\imesh.exe | 
"{A52B226D-7E37-4AC4-9E9F-7D446241EC18}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{A599F84E-5119-4485-8AA3-7C9408CF907C}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe | 
"{AE90F868-2056-4724-9677-E62210637C89}" = protocol=6 | dir=in | app=c:\users\tobillix\appdata\roaming\dropbox\bin\dropbox.exe | 
"{B78C6051-5848-4568-BD2B-7E008D5BC9E3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{BE3E0709-A3B0-40C0-8F87-EA82E1C91D54}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{CC5B74B6-49A5-4E7A-B36E-39D95F00FFAD}" = protocol=6 | dir=in | app=c:\users\tobillix\imesh applications\imesh\imesh.exe | 
"{D0CA002B-4ECB-4DD7-80CF-22540258D827}" = protocol=17 | dir=in | app=c:\users\tobillix\imesh applications\imesh\imesh.exe | 
"{D8BF7B41-9685-43FD-B1C5-3C2F26BCA8CE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{EE82D5BF-4B83-4999-809A-5D98E38A1CCD}" = dir=in | app=c:\program files (x86)\protected search\protectedsearch.exe | 
"{F273DB03-3C4C-4D95-9B90-D4E369103FEB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{FA5DBE5C-113F-4A75-BB37-A38EA4402287}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"TCP Query User{5BD44DEA-8C93-4C43-8D98-4F0E76E6C4D8}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe | 
"TCP Query User{9C1D6887-417E-439B-9C69-47B9E8A22CAB}C:\program files\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\vlc\vlc.exe | 
"TCP Query User{C8E107EB-06FC-4848-8342-2413F6EDB566}C:\users\tobillix\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\tobillix\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{41AEA62B-C521-43F9-9C0B-8DAF6892DC38}C:\users\tobillix\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\tobillix\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{5050D132-3565-4248-860A-13B4321645BC}C:\program files\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\vlc\vlc.exe | 
"UDP Query User{EBA5D961-39F4-4620-9730-99E7731A6B84}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0F696557-180C-4813-A754-5D43969B0691}" = Windows Live Family Safety
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{169C77B7-69C9-4648-9DD0-72B152AF269F}" = Windows Live Family Safety
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{289809B1-078A-49F3-83D0-7E51715B3915}" = Windows Live Family Safety
"{33B98264-A889-4913-A0CA-C364A75032B3}" = ASUS Power4Gear Hybrid
"{3946328A-5B3A-434C-A22B-64CF6652FBAD}" = Windows Live Family Safety
"{401C50F6-B443-43EE-8F27-A80DB19B03FD}" = Windows Live Family Safety
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7734509D-A1F7-4A5E-AF9D-77CD17AE41AF}" = Windows Live Family Safety
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{9210D7A2-DC28-43F6-92F9-E6CD4C729F7B}" = Windows Live Family Safety
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B22C8566-D522-4B40-A7AF-525F5A70D832}" = Windows Live Family Safety
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CB7935EF-43EE-4C0F-AC02-B0E4DD5DAC17}" = Windows Live Family Safety
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"{FE4BE0BD-1EDB-4D24-9614-847B3C472887}" = Windows Live Family Safety
"CCleaner" = CCleaner
"GIMP-2_is1" = GIMP 2.8.2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Registry Easy_is1" = Registry Easy v5.6
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = Sonic Focus
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{0ED38503-B69A-44B4-98BE-21BFF284A9B6}" = Brother Driver Deployment Wizard
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2FF959E3-FFE4-46C4-96DA-03F26BCFEFCC}" = Brother MFL-Pro Suite DCP-J140W
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{341697D8-9923-445E-B42A-529E5A99CB7A}" = syncables desktop SE
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{4555BB9E-E715-4260-A178-E8EFD2B653E3}" = Alcor Micro USB Card Reader
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5F6E678A-7E61-448A-86CB-BC2AD1E04138}" = Windows Live Messenger
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}" = Windows Live Messenger
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{709E38A9-7F80-4598-96CC-44B0D553FECE}" = Windows Live Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{749F674B-2674-47E8-879C-5626A06B2A91}" = InstantOn for NB
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763}" = iMesh
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C4BC5A5F-4A97-47CC-99C3-AB8E10572AFE}" = Wireless Console 3
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}" = ASUS FancyStart
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"3GP Media Player_is1" = 3GP Media Player 1.0.1
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AmUStor" = Alcor Micro USB Card Reader
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"ASUS_Screensaver" = ASUS_Screensaver
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVS Screen Capture_is1" = AVS Screen Capture version 2.0.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor_is1" = AVS Video Editor 6
"AVS Video Recorder_is1" = AVS Video Recorder 2.5
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"FlyChart" = FlyChart
"Google Chrome" = Google Chrome
"iMesh" = iMesh
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"IrfanView" = IrfanView (remove only)
"MaxPunkte_is1" = MaxPunkte Ver. 6.3.x
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"Mozilla Thunderbird 17.0.6 (x86 de)" = Mozilla Thunderbird 17.0.6 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"TeamViewer 8" = TeamViewer 8
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"VLC media player" = VLC media player 2.0.6
"Winamp" = Winamp
"Wincore MediaBar" = Wincore MediaBar
"WinLiveSuite" = Windows Live Essentials
"World of Goo" = World of Goo
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1136809362-2212667915-2443606012-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"2418080180.www.pcspeedup.com" = PCSpeedUp
"Dropbox" = Dropbox
"Swiss Casino" = Swiss Casino
"Winamp Detect" = Winamp Erkennungs-Plug-in
"Zip Opener Packages" = Zip Opener Packages
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 12.03.2013 02:41:27 | Computer Name = Tobillix-PC | Source = CVHSVC | ID = 100
Description = Nur zur Information.  (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
 DownloadLatest Failed: 
 
Error - 12.03.2013 03:54:09 | Computer Name = Tobillix-PC | Source = CVHSVC | ID = 100
Description = Nur zur Information.  (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
 DownloadLatest Failed: 
 
Error - 12.03.2013 08:41:22 | Computer Name = Tobillix-PC | Source = CVHSVC | ID = 100
Description = Nur zur Information.  (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
 DownloadLatest Failed: 
 
Error - 14.03.2013 04:48:40 | Computer Name = Tobillix-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 12.0.0.4493,
 Zeitstempel: 0x4f9207d9  Name des fehlerhaften Moduls: mozglue.dll, Version: 12.0.0.4493,
 Zeitstempel: 0x4f91f34c  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0000374b  ID des fehlerhaften
 Prozesses: 0x22a8  Startzeit der fehlerhaften Anwendung: 0x01ce2090af3640a5  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Mozillafirefo9crome\firefox.exe  Pfad des
 fehlerhaften Moduls: C:\Program Files\Mozillafirefo9crome\mozglue.dll  Berichtskennung:
 f73c00b2-8c83-11e2-95c4-5404a626a7d2
 
Error - 15.03.2013 06:40:38 | Computer Name = Tobillix-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 12.0.0.4493,
 Zeitstempel: 0x4f9207d9  Name des fehlerhaften Moduls: mozglue.dll, Version: 12.0.0.4493,
 Zeitstempel: 0x4f91f34c  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0000374b  ID des fehlerhaften
 Prozesses: 0xe8  Startzeit der fehlerhaften Anwendung: 0x01ce2163a48e9cea  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Mozillafirefo9crome\firefox.exe  Pfad des
 fehlerhaften Moduls: C:\Program Files\Mozillafirefo9crome\mozglue.dll  Berichtskennung:
 c5dde83f-8d5c-11e2-991b-5404a626a7d2
 
Error - 16.03.2013 14:49:52 | Computer Name = Tobillix-PC | Source = CVHSVC | ID = 100
Description = Nur zur Information.  (Patch task for {90140011-0066-0407-0000-0000000FF1CE}):
 DownloadLatest Failed: 
 
Error - 10.04.2013 04:33:59 | Computer Name = Tobillix-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 12.0.0.4493,
 Zeitstempel: 0x4f9207d9  Name des fehlerhaften Moduls: xul.dll, Version: 12.0.0.4493,
 Zeitstempel: 0x4f92069e  Ausnahmecode: 0xc0000005  Fehleroffset: 0x001115b8  ID des fehlerhaften
 Prozesses: 0x131c  Startzeit der fehlerhaften Anwendung: 0x01ce35b4718751b5  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Mozillafirefo9crome\firefox.exe  Pfad des
 fehlerhaften Moduls: C:\Program Files\Mozillafirefo9crome\xul.dll  Berichtskennung:
 634b86ed-a1b9-11e2-832a-5404a626a7d2
 
Error - 15.04.2013 01:56:57 | Computer Name = Tobillix-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: firefox.exe, Version: 12.0.0.4493,
 Zeitstempel: 0x4f9207d9  Name des fehlerhaften Moduls: xul.dll, Version: 12.0.0.4493,
 Zeitstempel: 0x4f92069e  Ausnahmecode: 0xc0000005  Fehleroffset: 0x001115b8  ID des fehlerhaften
 Prozesses: 0x3e38  Startzeit der fehlerhaften Anwendung: 0x01ce399dffd3ecb6  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Mozillafirefo9crome\firefox.exe  Pfad des
 fehlerhaften Moduls: C:\Program Files\Mozillafirefo9crome\xul.dll  Berichtskennung:
 47592a27-a591-11e2-a5b0-5404a626a7d2
 
Error - 11.05.2013 08:07:06 | Computer Name = Tobillix-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: vlc.exe, Version: 1.1.11.0, Zeitstempel:
 0x4e1edf37  Name des fehlerhaften Moduls: vlc.exe, Version: 1.1.11.0, Zeitstempel:
 0x4e1edf37  Ausnahmecode: 0xc0000005  Fehleroffset: 0x0000174c  ID des fehlerhaften Prozesses:
 0x3fb0  Startzeit der fehlerhaften Anwendung: 0x01ce4e3e4e365b96  Pfad der fehlerhaften
 Anwendung: C:\Program Files\VLC\vlc.exe  Pfad des fehlerhaften Moduls: C:\Program
 Files\VLC\vlc.exe  Berichtskennung: 4bb706c9-ba33-11e2-90c3-5404a626a7d2
 
Error - 15.05.2013 15:07:10 | Computer Name = Tobillix-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: TiResumeSrv.exe, Version: 3.0.0.1345,
 Zeitstempel: 0x4c931937  Name des fehlerhaften Moduls: TiResumeSrv.exe, Version: 
3.0.0.1345, Zeitstempel: 0x4c931937  Ausnahmecode: 0xc0000005  Fehleroffset: 0x000000000000360a
ID
 des fehlerhaften Prozesses: 0x83c  Startzeit der fehlerhaften Anwendung: 0x01ce50cdce95adb0
Pfad
 der fehlerhaften Anwendung: C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe
Pfad
 des fehlerhaften Moduls: C:\Program Files\Trend Micro\Titanium\TiResumeSrv.exe  Berichtskennung:
 a486d9ee-bd92-11e2-9eae-5404a626a7d2
 
[ System Events ]
Error - 08.06.2013 19:43:41 | Computer Name = Tobillix-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 10.06.2013 06:04:55 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Google Update-Dienst (gupdate) erreicht.
 
Error - 10.06.2013 06:04:55 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1053
 
Error - 10.06.2013 16:00:47 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Google Update-Dienst (gupdate) erreicht.
 
Error - 10.06.2013 16:00:47 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1053
 
Error - 11.06.2013 03:46:18 | Computer Name = Tobillix-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
 
Error - 11.06.2013 14:57:21 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem
 Fehler beendet: %%-1073473535.
 
Error - 11.06.2013 14:57:21 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt:
 Neustart des Diensts.
 
Error - 11.06.2013 14:59:20 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Google Update-Dienst (gupdate) erreicht.
 
Error - 11.06.2013 14:59:20 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1053
 
 
< End of report >
         
--- --- ---

Das sieht nach arbeit aus!!! Thx


Alt 12.06.2013, 09:28   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows7 Explorer funktioniert nicht mehr - Standard

Windows7 Explorer funktioniert nicht mehr



Rootkitscan mit GMER

Bitte lade dir GMER Rootkit Scanner GMER herunter: (Dateiname zufällig)
  • Schließe alle anderen Programme, deaktiviere deinen Virenscanner und trenne den Rechner vom Internet bevor du GMER startest.
  • Sollte sich nach dem Start ein Fenster mit folgender Warnung öffnen:
    WARNING !!!
    GMER has found system modification, which might have been caused by ROOTKIT activity.
    Do you want to fully scan your system ?
    Unbedingt auf "No" klicken.
  • Entferne rechts den Haken bei: IAT/EAT und Show All
  • Setze den Haken bei Quickscan und entferne ihn bei allen anderen Laufwerken.
  • Starte den Scan mit "Scan".
  • Mache nichts am Computer während der Scan läuft.
  • Wenn der Scan fertig ist klicke auf Save und speichere die Logfile unter Gmer.txt auf deinem Desktop. Mit "Ok" wird GMER beendet.
Antiviren-Programm und sonstige Scanner wieder einschalten, bevor Du ins Netz gehst!


Tauchen Probleme auf?
  • Probiere alternativ den abgesicherten Modus.
  • Erhältst du einen Bluescreen, dann entferne den Haken vor Devices.


Anschließend bitte MBAR ausführen:

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers
__________________
--> Windows7 Explorer funktioniert nicht mehr

Alt 12.06.2013, 18:30   #7
Tobillix
 
Windows7 Explorer funktioniert nicht mehr - Standard

Windows7 Explorer funktioniert nicht mehr



Hi also wieder ein Schritt weiter :-)

1ne Maleware gefunden mal sehen ob sich noch was findet, 2ter Scan von Mbar läuft noch. Soll ich dir das Ergebnis von GMER auch posten bzw die txt-Datei?...


Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.06.0.1003
www.malwarebytes.org

Database version: v2013.06.12.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16576
Tobillix :: TOBILLIX-PC [administrator]

12.06.2013 19:00:16
mbar-log-2013-06-12 (19-00-16).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUM | P2P
Scan options disabled: Deep Anti-Rootkit Scan | PUP
Objects scanned: 232361
Time elapsed: 14 minute(s), 39 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
c:\Windows\SysWOW64\D3DX8ab.dll (Trojan.FakeAlert) -> Delete on reboot.

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Hi Also bei dem 2ten Scan wurde nichts mehr gefunden. Hier nochmal die GMER Datei. Entschuldige für die Reihenfolge.

Code:
ATTFilter
GMER 2.1.19163 - hxxp://www.gmer.net
Rootkit scan 2013-06-12 18:47:05
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 ST932032 rev.0003 298,09GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\Tobillix\AppData\Local\Temp\kwlyrkod.sys


---- User code sections - GMER 2.1 ----

.text   C:\Windows\AsScrPro.exe[2628] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                  0000000075c31465 2 bytes [C3, 75]
.text   C:\Windows\AsScrPro.exe[2628] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                 0000000075c314bb 2 bytes [C3, 75]
.text   ...                                                                                                                                                    * 2
.text   C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\Dropbox.exe[2940] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69                                0000000075c31465 2 bytes [C3, 75]
.text   C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\Dropbox.exe[2940] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155                               0000000075c314bb 2 bytes [C3, 75]
.text   ...                                                                                                                                                    * 2
.text   C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3764] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69   0000000075c31465 2 bytes [C3, 75]
.text   C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[3764] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155  0000000075c314bb 2 bytes [C3, 75]
.text   ...                                                                                                                                                    * 2

---- Threads - GMER 2.1 ----

Thread   [1704:1720]                                                                                                                                           00000000776c3e45
Thread   [1704:1724]                                                                                                                                           0000000075137587
Thread   [1704:1740]                                                                                                                                           000000007303c59c
Thread   [1704:1752]                                                                                                                                           000000007303c59c
Thread   [1704:1820]                                                                                                                                           000000007303c59c
Thread   [1704:1824]                                                                                                                                           00000000776c2e25
Thread   [1704:1860]                                                                                                                                           000000007303c41c
Thread   [1704:3848]                                                                                                                                           0000000072dbe2db
Thread   [1704:3852]                                                                                                                                           000000007303c59c
Thread   [1704:3856]                                                                                                                                           000000007303c41c
Thread   [1704:3860]                                                                                                                                           000000007303c41c
Thread   [1704:3868]                                                                                                                                           000000007303c41c
Thread   [1704:3988]                                                                                                                                           000000007303c41c
Thread   [1704:4012]                                                                                                                                           000000007303c41c
Thread   [1704:4024]                                                                                                                                           000000007303c41c
Thread   [1704:4028]                                                                                                                                           000000007303c59c
Thread   [1704:4032]                                                                                                                                           000000007303c41c
Thread   [1704:4040]                                                                                                                                           000000007303c41c
Thread   [1704:4052]                                                                                                                                           000000007303c41c
Thread   [1704:4056]                                                                                                                                           000000007303c41c
Thread   [1704:4064]                                                                                                                                           000000007303c41c
Thread   [1704:4076]                                                                                                                                           000000007303c41c
Thread   [1704:4080]                                                                                                                                           000000007303c41c
Thread   [1704:4084]                                                                                                                                           000000007303c41c
Thread   [1704:4088]                                                                                                                                           000000007303c41c
Thread   [1704:2564]                                                                                                                                           000000007303c41c
Thread   [1704:2176]                                                                                                                                           000000007303c41c
Thread   [1704:2172]                                                                                                                                           000000007303c59c
Thread   [1704:3156]                                                                                                                                           000000006ecc8df0
Thread   [1704:3152]                                                                                                                                           000000006ecc8df0
Thread   [1704:3200]                                                                                                                                           000000006ecc8df0
Thread   [1704:3196]                                                                                                                                           000000006ecc4e70
Thread   [1704:3944]                                                                                                                                           000000007303c59c
Thread   [1704:5068]                                                                                                                                           000000007303c59c
Thread  C:\Windows\System32\svchost.exe [5348:4604]                                                                                                            000007feed2c9688

---- Registry - GMER 2.1 ----

Reg     HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\0025d3b2962e                                                                            
Reg     HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\0025d3b2962e (not active ControlSet)                                                        

---- EOF - GMER 2.1 ----
         
Leider immer noch Explorerabsturz...

Was hat mein PC noch für Bauchschmerzen?

Thx

Alt 12.06.2013, 22:08   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows7 Explorer funktioniert nicht mehr - Standard

Windows7 Explorer funktioniert nicht mehr



Dann bitte jetzt Combofix ausführen:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 13.06.2013, 07:13   #9
Tobillix
 
Windows7 Explorer funktioniert nicht mehr - Standard

Windows7 Explorer funktioniert nicht mehr



Hi, habe Combofix ausgeführt und alles deaktiviert. Windows Update und TeamViewer haben sich während der ausführung gemeldet, hat das Programm aber nicht weiter irritiert bzw. kamen keine Fehlermeldungen.

Die Datei war in C:\ComboFix\combofix.txt hoffe ist auch Ok vom Speicherort her?

Code:
ATTFilter
ComboFix 13-06-12.02 - Tobillix 13.06.2013   7:44:32.1.2 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4000.1787 [GMT 2:00]
ausgeführt von:: C:\Users\Tobillix\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
SP: Avira Desktop *Disabled/Updated* {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}


((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))


C:\ProgramData\FullRemove.exe
H:\autorun.inf


(((((((((((((((((((((((   Dateien erstellt von 2013-05-13 bis 2013-06-13  ))))))))))))))))))))))))))))))


2013-06-13 05:53:19 . 2013-06-13 05:53:19	--------	d-----w-	C:\Users\Default\AppData\Local\temp
2013-06-13 05:44:41 . 2013-06-13 05:44:41	76232	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{38A50C08-DAC7-43A6-9376-BD66FD851464}\offreg.dll
2013-06-12 17:00:10 . 2013-06-12 17:51:18	--------	d-----w-	C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2013-06-12 16:59:23 . 2013-06-12 16:59:23	--------	d-----w-	C:\ProgramData\Malwarebytes
2013-06-11 20:10:34 . 2013-06-11 20:10:34	--------	d-----w-	C:\Program Files (x86)\TeamViewer
2013-06-11 20:02:32 . 2013-01-28 12:19:32	35104	----a-w-	C:\Windows\system32\TURegOpt.exe
2013-06-11 20:02:31 . 2013-01-28 12:19:28	26400	----a-w-	C:\Windows\system32\authuitu.dll
2013-06-11 20:02:31 . 2013-01-28 12:19:28	21792	----a-w-	C:\Windows\SysWow64\authuitu.dll
2013-06-11 20:02:12 . 2013-06-11 20:02:12	--------	d-----w-	C:\Users\Tobillix\AppData\Roaming\TuneUp Software
2013-06-11 20:02:04 . 2013-06-11 20:02:30	--------	d-----w-	C:\Program Files (x86)\TuneUp Utilities 2013
2013-06-11 20:01:28 . 2013-06-11 20:02:12	--------	d-----w-	C:\ProgramData\TuneUp Software
2013-06-11 20:00:45 . 2013-06-11 20:07:38	--------	d-sh--w-	C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
2013-06-11 20:00:45 . 2013-06-11 20:00:45	--------	d--h--w-	C:\ProgramData\Common Files
2013-06-11 07:10:13 . 2013-05-13 06:37:50	9460464	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{38A50C08-DAC7-43A6-9376-BD66FD851464}\mpengine.dll
2013-06-10 11:52:44 . 2013-06-10 11:52:44	--------	d-----w-	C:\LocalDumps
2013-05-29 23:55:44 . 2013-05-29 23:55:19	83160	----a-w-	C:\Windows\system32\drivers\avnetflt.sys
2013-05-29 17:55:09 . 2013-05-29 17:55:09	--------	d-----w-	C:\Users\Tobillix\AppData\Roaming\Avira
2013-05-29 17:49:34 . 2013-05-29 17:47:57	28600	----a-w-	C:\Windows\system32\drivers\avkmgr.sys
2013-05-29 17:49:34 . 2013-05-29 17:47:57	130016	----a-w-	C:\Windows\system32\drivers\avipbb.sys
2013-05-29 17:49:34 . 2013-05-29 17:47:57	100712	----a-w-	C:\Windows\system32\drivers\avgntflt.sys
2013-05-29 17:49:32 . 2013-05-29 17:49:32	--------	d-----w-	C:\ProgramData\Avira
2013-05-29 17:49:32 . 2013-05-29 17:49:32	--------	d-----w-	C:\Program Files (x86)\Avira
2013-05-29 17:35:35 . 2013-05-29 17:35:36	--------	d-----w-	C:\Program Files\CCleaner
2013-05-29 17:06:21 . 2013-05-29 17:06:21	--------	d-----w-	C:\ProgramData\Babylon
2013-05-29 17:06:20 . 2013-05-29 17:06:20	--------	d-----w-	C:\Users\Tobillix\AppData\Roaming\Babylon
2013-05-29 17:06:18 . 2013-05-29 17:07:21	--------	d-----w-	C:\Users\Tobillix\AppData\Roaming\GoforFiles
2013-05-29 16:58:04 . 2013-05-29 16:58:04	--------	d-----w-	C:\Users\Tobillix\AppData\Roaming\SpeedMaxPc
2013-05-29 16:58:04 . 2013-05-29 16:58:04	--------	d-----w-	C:\Users\Tobillix\AppData\Roaming\DriverCure
2013-05-29 16:57:56 . 2013-05-29 17:31:19	--------	d-----w-	C:\ProgramData\SpeedMaxPc
2013-05-29 16:34:47 . 2013-06-11 20:07:38	--------	d-----w-	C:\Users\Tobillix\AppData\Local\Downloaded Installations
2013-05-29 16:34:15 . 2013-05-29 18:04:28	--------	d-----w-	C:\Users\Tobillix\AppData\Roaming\Zip Opener Packages
2013-05-29 16:34:11 . 2013-05-29 16:34:11	--------	d-----w-	C:\Users\Tobillix\AppData\Roaming\DSite
2013-05-29 16:34:10 . 2013-05-29 16:34:10	--------	d-----w-	C:\Users\Tobillix\AppData\Roaming\DealPly
2013-05-29 16:34:08 . 2013-05-29 17:22:08	--------	d-----w-	C:\ProgramData\Tarma Installer
2013-05-29 13:38:24 . 2013-05-29 13:44:59	--------	d-----w-	C:\Program Files\Registry Easy
2013-05-29 13:38:04 . 2013-05-29 13:38:04	--------	d-----w-	C:\Users\Tobillix\AppData\Local\Programs
2013-05-23 17:44:34 . 2013-05-24 19:12:03	--------	d-----w-	C:\Program Files\Microsoft Silverlight
2013-05-23 17:44:34 . 2013-05-24 19:11:58	--------	d-----w-	C:\Program Files (x86)\Microsoft Silverlight
2013-05-23 17:40:30 . 2012-08-24 18:05:03	340992	----a-w-	C:\Windows\system32\schannel.dll
2013-05-23 17:40:29 . 2012-08-24 18:13:17	154480	----a-w-	C:\Windows\system32\drivers\ksecpkg.sys
2013-05-23 17:40:29 . 2012-08-24 18:09:34	458712	----a-w-	C:\Windows\system32\drivers\cng.sys
2013-05-23 17:40:29 . 2012-08-24 18:03:09	1448448	----a-w-	C:\Windows\system32\lsasrv.dll
2013-05-23 17:40:29 . 2012-08-24 16:57:40	247808	----a-w-	C:\Windows\SysWow64\schannel.dll
2013-05-23 17:40:29 . 2012-08-24 16:57:40	22016	----a-w-	C:\Windows\SysWow64\secur32.dll
2013-05-23 17:40:29 . 2012-08-24 16:53:35	96768	----a-w-	C:\Windows\SysWow64\sspicli.dll
2013-05-23 17:40:27 . 2012-05-04 11:00:43	366592	----a-w-	C:\Windows\system32\qdvd.dll
2013-05-23 17:40:27 . 2012-05-04 09:59:54	514560	----a-w-	C:\Windows\SysWow64\qdvd.dll
2013-05-23 17:31:01 . 2013-06-13 05:39:54	--------	d-----w-	C:\Users\Tobillix\AppData\Roaming\vlc
2013-05-23 11:26:51 . 2013-05-23 11:54:10	--------	d-----w-	C:\Users\Tobillix\AppData\Roaming\Systweak
2013-05-23 11:26:50 . 2012-06-05 11:34:28	18832	----a-w-	C:\Windows\system32\roboot64.exe
2013-05-23 11:26:44 . 2013-05-23 11:26:44	--------	d-----w-	C:\Users\Tobillix\AppData\Roaming\Canneverbe Limited
2013-05-23 11:26:44 . 2013-05-23 11:26:44	--------	d-----w-	C:\ProgramData\Canneverbe Limited
2013-05-23 11:26:32 . 2013-05-23 11:26:34	--------	d-----w-	C:\Program Files (x86)\CDBurnerXP
2013-05-23 11:13:22 . 2013-05-23 11:13:22	--------	d-----w-	C:\Users\Tobillix\AppData\Roaming\Thunderbird
2013-05-23 11:13:22 . 2013-05-23 11:13:22	--------	d-----w-	C:\Users\Tobillix\AppData\Local\Thunderbird
2013-05-23 11:13:10 . 2013-05-23 11:13:12	--------	d-----w-	C:\Program Files (x86)\Mozilla Thunderbird
2013-05-23 10:48:05 . 2002-04-11 22:00:00	57344	----a-w-	C:\Windows\SysWow64\BRSVC01A.EXE
2013-05-23 10:48:05 . 2001-12-12 22:01:00	45056	----a-w-	C:\Windows\SysWow64\BRSS01A.EXE
2013-05-23 09:19:36 . 2004-04-18 21:40:42	69715	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\ctor.dll
2013-05-23 09:19:36 . 2004-04-18 21:39:58	266240	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iscript.dll
2013-05-23 09:19:36 . 2004-04-18 21:39:28	172032	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iuser.dll
2013-05-22 12:32:54 . 2010-03-15 17:45:10	73728	------w-	C:\Windows\SysWow64\BrDctF2.dll
2013-05-22 12:32:49 . 2010-09-29 15:07:36	180224	------w-	C:\Windows\SysWow64\BroSNMP.dll
2013-05-22 12:29:20 . 2013-05-22 12:29:20	--------	d-----w-	C:\Users\Tobillix\AppData\Roaming\InstallShield
2013-05-22 10:07:26 . 2013-05-22 12:33:40	--------	d-----w-	C:\Program Files (x86)\ControlCenter4
2013-05-22 10:07:26 . 2012-07-20 05:56:22	54272	------r-	C:\Windows\system32\Brnsplg.dll
2013-05-22 10:07:26 . 2012-05-15 05:58:05	84480	----a-w-	C:\Windows\system32\BrNetSti.dll
2013-05-22 10:07:26 . 2012-05-15 04:01:39	58880	----a-w-	C:\Windows\system32\BrWiaNCp.dll
2013-05-22 10:07:26 . 2012-03-19 04:09:53	316928	----a-w-	C:\Windows\system32\NSSRH64.dll
2013-05-22 10:07:26 . 2005-04-22 04:36:42	143360	------r-	C:\Windows\system32\BrSNMP64.dll
2013-05-22 10:01:19 . 2013-05-22 10:02:45	--------	d-----w-	C:\ProgramData\Brother
2013-05-15 05:52:23 . 2013-04-10 06:01:54	265064	----a-w-	C:\Windows\system32\drivers\dxgmms1.sys
2013-05-15 05:52:23 . 2013-04-10 06:01:53	983400	----a-w-	C:\Windows\system32\drivers\dxgkrnl.sys
2013-05-15 05:52:23 . 2011-02-03 11:25:18	144384	----a-w-	C:\Windows\system32\cdd.dll
2013-05-15 05:52:10 . 2013-02-27 05:52:56	14172672	----a-w-	C:\Windows\system32\shell32.dll
2013-05-15 05:52:09 . 2013-02-27 05:48:00	1930752	----a-w-	C:\Windows\system32\authui.dll
2013-05-15 05:52:08 . 2013-02-27 05:52:55	197120	----a-w-	C:\Windows\system32\shdocvw.dll
2013-05-15 05:52:07 . 2013-02-27 06:02:44	111448	----a-w-	C:\Windows\system32\consent.exe
2013-05-15 05:52:07 . 2013-02-27 05:47:10	70144	----a-w-	C:\Windows\system32\appinfo.dll
2013-05-15 05:52:07 . 2013-02-27 04:49:24	1796096	----a-w-	C:\Windows\SysWow64\authui.dll
2013-05-15 05:51:56 . 2013-03-19 05:53:58	48640	----a-w-	C:\Windows\system32\wwanprotdim.dll
2013-05-15 05:51:56 . 2013-03-19 05:53:58	230400	----a-w-	C:\Windows\system32\wwansvc.dll
2013-05-15 05:51:55 . 2013-04-10 03:30:50	3153920	----a-w-	C:\Windows\system32\win32k.sys
.


((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

2013-06-13 05:34:16 . 2011-12-21 21:04:18	75825640	----a-w-	C:\Windows\system32\MRT.exe
2013-06-12 17:17:49 . 2011-12-01 14:07:58	45056	----a-w-	C:\Windows\SysWow64\acovcnt.exe
2013-05-14 07:46:29 . 2010-06-24 18:33:56	22240	----a-w-	C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2013-05-02 00:06:08 . 2011-12-22 15:53:13	278800	------w-	C:\Windows\system32\MpSigStub.exe
2013-04-13 05:49:23 . 2013-05-15 05:52:21	135168	----a-w-	C:\Windows\apppatch\AppPatch64\AcXtrnal.dll
2013-04-13 05:49:19 . 2013-05-15 05:52:21	350208	----a-w-	C:\Windows\apppatch\AppPatch64\AcLayers.dll
2013-04-13 05:49:19 . 2013-05-15 05:52:21	308736	----a-w-	C:\Windows\apppatch\AppPatch64\AcGenral.dll
2013-04-13 05:49:19 . 2013-05-15 05:52:21	111104	----a-w-	C:\Windows\apppatch\AppPatch64\acspecfc.dll
2013-04-13 04:45:16 . 2013-05-15 05:52:21	474624	----a-w-	C:\Windows\apppatch\AcSpecfc.dll
2013-04-13 04:45:15 . 2013-05-15 05:52:21	2176512	----a-w-	C:\Windows\apppatch\AcGenral.dll
2013-04-12 14:45:08 . 2013-04-25 08:09:56	1656680	----a-w-	C:\Windows\system32\drivers\ntfs.sys
2013-04-05 01:03:17 . 2013-04-05 01:03:17	97280	----a-w-	C:\Windows\system32\mshtmled.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17	92160	----a-w-	C:\Windows\system32\SetIEInstalledDate.exe
2013-04-05 01:03:17 . 2013-04-05 01:03:17	905728	----a-w-	C:\Windows\system32\mshtmlmedia.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17	81408	----a-w-	C:\Windows\system32\icardie.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17	762368	----a-w-	C:\Windows\system32\ieapfltr.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17	73728	----a-w-	C:\Windows\SysWow64\SetIEInstalledDate.exe
2013-04-05 01:03:17 . 2013-04-05 01:03:17	719360	----a-w-	C:\Windows\SysWow64\mshtmlmedia.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17	62976	----a-w-	C:\Windows\system32\pngfilt.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17	61952	----a-w-	C:\Windows\SysWow64\tdc.ocx
2013-04-05 01:03:17 . 2013-04-05 01:03:17	599552	----a-w-	C:\Windows\system32\vbscript.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17	523264	----a-w-	C:\Windows\SysWow64\vbscript.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17	52224	----a-w-	C:\Windows\system32\msfeedsbs.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17	51200	----a-w-	C:\Windows\system32\imgutil.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17	48640	----a-w-	C:\Windows\SysWow64\mshtmler.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17	48640	----a-w-	C:\Windows\system32\mshtmler.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17	452096	----a-w-	C:\Windows\system32\dxtmsft.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17	441856	----a-w-	C:\Windows\system32\html.iec
2013-04-05 01:03:17 . 2013-04-05 01:03:17	38400	----a-w-	C:\Windows\SysWow64\imgutil.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17	361984	----a-w-	C:\Windows\SysWow64\html.iec
2013-04-05 01:03:17 . 2013-04-05 01:03:17	281600	----a-w-	C:\Windows\system32\dxtrans.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17	27648	----a-w-	C:\Windows\system32\licmgr10.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17	270848	----a-w-	C:\Windows\system32\iedkcs32.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17	247296	----a-w-	C:\Windows\system32\webcheck.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17	235008	----a-w-	C:\Windows\system32\url.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17	23040	----a-w-	C:\Windows\SysWow64\licmgr10.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17	226304	----a-w-	C:\Windows\system32\elshyph.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17	216064	----a-w-	C:\Windows\system32\msls31.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17	197120	----a-w-	C:\Windows\system32\msrating.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17	185344	----a-w-	C:\Windows\SysWow64\elshyph.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17	173568	----a-w-	C:\Windows\system32\ieUnatt.exe
2013-04-05 01:03:17 . 2013-04-05 01:03:17	167424	----a-w-	C:\Windows\system32\iexpress.exe
2013-04-05 01:03:17 . 2013-04-05 01:03:17	158720	----a-w-	C:\Windows\SysWow64\msls31.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17	1509376	----a-w-	C:\Windows\system32\inetcpl.cpl
2013-04-05 01:03:17 . 2013-04-05 01:03:17	150528	----a-w-	C:\Windows\SysWow64\iexpress.exe
2013-04-05 01:03:17 . 2013-04-05 01:03:17	149504	----a-w-	C:\Windows\system32\occache.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17	144896	----a-w-	C:\Windows\system32\wextract.exe
2013-04-05 01:03:17 . 2013-04-05 01:03:17	1441280	----a-w-	C:\Windows\SysWow64\inetcpl.cpl
2013-04-05 01:03:17 . 2013-04-05 01:03:17	1400416	----a-w-	C:\Windows\system32\ieapfltr.dat
2013-04-05 01:03:17 . 2013-04-05 01:03:17	138752	----a-w-	C:\Windows\SysWow64\wextract.exe
2013-04-05 01:03:17 . 2013-04-05 01:03:17	13824	----a-w-	C:\Windows\system32\mshta.exe
2013-04-05 01:03:17 . 2013-04-05 01:03:17	137216	----a-w-	C:\Windows\SysWow64\ieUnatt.exe
2013-04-05 01:03:17 . 2013-04-05 01:03:17	136192	----a-w-	C:\Windows\system32\iepeers.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17	135680	----a-w-	C:\Windows\system32\IEAdvpack.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17	12800	----a-w-	C:\Windows\SysWow64\mshta.exe
2013-04-05 01:03:17 . 2013-04-05 01:03:17	12800	----a-w-	C:\Windows\system32\msfeedssync.exe
2013-04-05 01:03:17 . 2013-04-05 01:03:17	110592	----a-w-	C:\Windows\SysWow64\IEAdvpack.dll
2013-04-05 01:03:17 . 2013-04-05 01:03:17	1054720	----a-w-	C:\Windows\system32\MsSpellCheckingFacility.exe
2013-04-05 01:03:17 . 2013-04-05 01:03:17	102912	----a-w-	C:\Windows\system32\inseng.dll
2013-04-05 01:03:16 . 2013-04-05 01:03:16	77312	----a-w-	C:\Windows\system32\tdc.ocx
2013-03-19 06:04:06 . 2013-04-10 03:05:40	5550424	----a-w-	C:\Windows\system32\ntoskrnl.exe
2013-03-19 05:46:56 . 2013-04-10 03:05:36	43520	----a-w-	C:\Windows\system32\csrsrv.dll
2013-03-19 05:04:13 . 2013-04-10 03:05:37	3968856	----a-w-	C:\Windows\SysWow64\ntkrnlpa.exe
2013-03-19 05:04:10 . 2013-04-10 03:05:37	3913560	----a-w-	C:\Windows\SysWow64\ntoskrnl.exe
2013-03-19 04:47:50 . 2013-04-10 03:05:36	6656	----a-w-	C:\Windows\SysWow64\apisetschema.dll
2013-03-19 03:06:33 . 2013-04-10 03:05:36	112640	----a-w-	C:\Windows\system32\smss.exe


((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))


*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]
2011-10-30 08:46:38	89008	----a-w-	C:\Users\Tobillix\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{e327b07a-0e11-4fd4-bef2-b2c5605b59c6}]
2012-10-30 07:20:04	1030728	----a-w-	C:\Users\Tobillix\AppData\Roaming\DownTangoFTToolbar\DownTangoFTToolbar.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{28387537-e3f9-4ed7-860c-11e69af4a8a0}"= "C:\Users\Tobillix\IMESHA~1\MediaBar\Datamngr\ToolBar\wincoreimdtx.dll" [2011-10-30 08:46:38 89008]
"{e327b07a-0e11-4fd4-bef2-b2c5605b59c6}"= "C:\Users\Tobillix\AppData\Roaming\DownTangoFTToolbar\DownTangoFTToolbar.dll" [2012-10-30 07:20:04 1030728]

[HKEY_CLASSES_ROOT\clsid\{28387537-e3f9-4ed7-860c-11e69af4a8a0}]

[HKEY_CLASSES_ROOT\clsid\{e327b07a-0e11-4fd4-bef2-b2c5605b59c6}]
[HKEY_CLASSES_ROOT\wtb.Band.1]
[HKEY_CLASSES_ROOT\TypeLib\{a85e31f1-a6ce-4ace-a560-ec01271b7f55}]
[HKEY_CLASSES_ROOT\wtb.Band]

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45:20	130736	----a-w-	C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45:20	130736	----a-w-	C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45:20	130736	----a-w-	C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE" [2011-04-13 02:47:41 2018032]
"ASUSWebStorage"="C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe" [2011-02-23 09:49:46 731472]
"SonicMasterTray"="C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe" [2010-07-10 05:45:00 984400]
"ATKOSD2"="C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2011-07-21 22:49:10 5716608]
"ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2010-10-07 21:05:14 170624]
"HControlUser"="C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 17:29:42 105016]
"Wireless Console 3"="C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe" [2011-09-09 05:10:06 2317312]
"UpdateLBPShortCut"="C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" [2009-05-20 05:16:16 222504]
"UpdateP2GoShortCut"="C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 05:16:16 222504]
"ControlCenter4"="C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe" [2012-09-06 19:06:40 143360]
"BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe" [2012-06-06 13:31:56 3076096]
"avgnt"="C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2013-05-29 17:47:00 345312]

C:\Users\Tobillix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Nuance PDF Reader-reminder"="C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS;C:\Windows\SYSNATIVE\drivers\AmUStor.SYS [x]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe;C:\Program Files (x86)\Browny02\BrYNSvc.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys;C:\Windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;C:\Windows\system32\DRIVERS\SiSG664.sys;C:\Windows\SYSNATIVE\DRIVERS\SiSG664.sys [x]
R3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys;C:\Windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys;C:\Windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;C:\Windows\system32\Wat\WatAdminSvc.exe;C:\Windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WSDScan;WSD-Scanunterstützung durch UMB;C:\Windows\system32\DRIVERS\WSDScan.sys;C:\Windows\SYSNATIVE\DRIVERS\WSDScan.sys [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 avkmgr;avkmgr;C:\Windows\system32\DRIVERS\avkmgr.sys;C:\Windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AFBAgent;AFBAgent;C:\Windows\system32\FBAgent.exe;C:\Windows\SYSNATIVE\FBAgent.exe [x]
S2 AntiVirSchedulerService;Avira Planer;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 ASMMAP64;ASMMAP64;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 ASUS InstantOn;ASUS InstantOn Service;C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe;C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe [x]
S2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE;C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [x]
S2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [x]
S2 TeamViewer8;TeamViewer 8;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\system32\DRIVERS\asmthub3.sys;C:\Windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\system32\DRIVERS\asmtxhci.sys;C:\Windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\system32\DRIVERS\IntcDAud.sys;C:\Windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys;C:\Windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys;C:\Windows\SYSNATIVE\DRIVERS\Sftfslh.sys [x]
S3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys;C:\Windows\SYSNATIVE\DRIVERS\Sftplaylh.sys [x]
S3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys;C:\Windows\SYSNATIVE\DRIVERS\Sftredirlh.sys [x]
S3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys;C:\Windows\SYSNATIVE\DRIVERS\Sftvollh.sys [x]
S3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [x]
S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys;C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [x]


--- Andere Dienste/Treiber im Speicher ---

*NewlyCreated* - TUNEUPUTILITIESDRV

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-04-12 02:09:36	1642448	----a-w-	C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\Installer\chrmstp.exe

Inhalt des "geplante Tasks" Ordners

2013-06-07 C:\Windows\Tasks\ASUS SmartLogon Console Sensor.job
- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe [2010-11-15 17:42:12 . 2010-11-15 17:42:12]

2013-06-13 C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-28 20:44:08 . 2012-02-28 20:44:03]

2013-06-13 C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-28 20:44:08 . 2012-02-28 20:44:03]


--------- X64 Entries -----------


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2010-09-02 08:41:02	220160	----a-w-	C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2010-09-02 08:41:02	220160	----a-w-	C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSShellExt64.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45:20	164016	----a-w-	C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45:20	164016	----a-w-	C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45:20	164016	----a-w-	C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-17 14:45:20	164016	----a-w-	C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2011-03-21 08:07:02 361984]
"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" [2011-08-16 07:02:12 2277480]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2012-12-14 00:42:14 172144]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2012-12-14 00:42:10 399984]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2012-12-14 00:42:14 441968]

------- Zusätzlicher Suchlauf -------

uLocal Page = C:\Windows\system32\blank.htm
uStart Page = hxxp://www.delta-search.com/?affID=119293&tt=gc_&babsrc=HP_ss&mntrId=248486D53D120BDE
mLocal Page = C:\Windows\SysWOW64\blank.htm
IE: {{2d8ee268-8d7a-4996-b80b-8999ce8c7fe2} - {e327b07a-0e11-4fd4-bef2-b2c5605b59c6} - C:\Users\Tobillix\AppData\Roaming\DownTangoFTToolbar\DownTangoFTToolbar.dll
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - C:\Users\Tobillix\AppData\Roaming\Mozilla\Firefox\Profiles\tu3kxf86.default\
FF - user.js: extensions.shownSelectionUI - true

- - - - Entfernte verwaiste Registrierungseinträge - - - -

Toolbar-Locked - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
HKLM-Run-SynTPEnh - C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
HKLM-Run-SynAsusAcpi - C:\Program Files (x86)\Synaptics\SynTP\SynAsusAcpi.exe
AddRemove-ASUS_Screensaver - C:\Windows\system32\ASUS_Screensaver.scr
AddRemove-iMesh - C:\ProgramData\{2721288C-D579-41A6-AB11-232EA93F33BE}\iMesh_V11_de_Setup.exe
AddRemove-{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763} - C:\ProgramData\{2721288C-D579-41A6-AB11-232EA93F33BE}\iMesh_V11_de_Setup.exe
AddRemove-2418080180.www.pcspeedup.com - C:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\Silverlight.Configuration.exe
AddRemove-Zip Opener Packages - C:\Users\Tobillix\AppData\Roaming\Zip Opener Packages\uninstaller.exe
         
Ein Problem was ich nun noch habe, aktuell bringt meine Grafikkarte kein Signal an meinen externen Bildschirm und das Laptopformat hat sich auch 4:3 umgestellt, evtl. behebt sich dies nach einem 2ten Neustart?!!!!!!!

What´s the next step? :-)

Ok Auflösungen sind wieder I.O nach neustart und erneutem Anstecken der Schnittstelle. Aber der Explorer crasht immer noch :-((((( kommt mir vor als ist das eine Zeitfrage jede Minute oder so vielleicht hilft das?

Alt 13.06.2013, 09:53   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows7 Explorer funktioniert nicht mehr - Standard

Windows7 Explorer funktioniert nicht mehr



aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
  • Starte die aswMBR.exe - (aswMBR.exe Anleitung)
    Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten".
  • Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen )
    Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
  • Klicke auf Scan.
  • Warte bitte bis Scan finished successfully im DOS-Fenster steht.
  • Drücke auf Save Log und speichere diese auf dem Desktop.
Poste mir die aswMBR.txt in deiner nächsten Antwort.

Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung

Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte der Scan abbrechen und das Programm abstürzen, dann teile mir das mit und wähle unter AV Scan die Einstellung (none).




TDSS-Killer

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 13.06.2013, 14:13   #11
Tobillix
 
Windows7 Explorer funktioniert nicht mehr - Standard

Windows7 Explorer funktioniert nicht mehr



Kann den Txt von TdSSKiller nicht finden :-(

Der Txt von mbar.

Code:
ATTFilter
aswMBR version 0.9.9.1771 Copyright(c) 2011 AVAST Software
Run date: 2013-06-13 14:42:07
-----------------------------
14:42:07.670    OS Version: Windows x64 6.1.7601 Service Pack 1
14:42:07.670    Number of processors: 2 586 0x2A07
14:42:07.670    ComputerName: TOBILLIX-PC  UserName: Tobillix
14:42:08.372    Initialize success
14:46:51.197    AVAST engine defs: 13061300
14:47:04.738    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
14:47:04.753    Disk 0 Vendor: ST932032 0003 Size: 305245MB BusType: 3
14:47:04.909    Disk 0 MBR read successfully
14:47:04.909    Disk 0 MBR scan
14:47:04.925    Disk 0 Windows 7 default MBR code
14:47:04.940    Disk 0 Partition 1 00     1C Hidd FAT32 LBA MSDOS5.0    25600 MB offset 2048
14:47:04.956    Disk 0 Partition 2 80 (A) 07    HPFS/NTFS NTFS       122098 MB offset 52430848
14:47:04.972    Disk 0 Partition - 00     0F Extended LBA            157545 MB offset 302487552
14:47:05.003    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS       157544 MB offset 302489600
14:47:05.159    Disk 0 scanning C:\Windows\system32\drivers
14:47:26.063    Service scanning
14:48:02.458    Modules scanning
14:48:02.473    Disk 0 trace - called modules:
14:48:02.551    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll 
14:48:02.567    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa8004c3a270]
14:48:02.567    3 CLASSPNP.SYS[fffff8800120143f] -> nt!IofCallDriver -> [0xfffffa8003ce6040]
14:48:02.582    5 ACPI.sys[fffff88000e1b7a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa8004741050]
14:48:03.534    AVAST engine scan C:\Windows
14:48:09.618    AVAST engine scan C:\Windows\system32
14:54:42.225    AVAST engine scan C:\Windows\system32\drivers
14:55:04.393    AVAST engine scan C:\Users\Tobillix
14:57:06.775    Disk 0 MBR has been saved successfully to "C:\Users\Tobillix\Desktop\MBR.dat"
14:57:06.790    The log file has been saved successfully to "C:\Users\Tobillix\Desktop\aswMBR.txt"
14:58:50.488    AVAST engine scan C:\ProgramData
15:00:10.266    Scan finished successfully
15:01:24.835    Disk 0 MBR has been saved successfully to "C:\Users\Tobillix\Desktop\MBR.dat"
15:01:24.850    The log file has been saved successfully to "C:\Users\Tobillix\Desktop\aswMBR.txt"
         
Jetzt den TdSSKiller:

Code:
ATTFilter
15:03:13.0124 3792  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
15:03:13.0280 3792  ============================================================
15:03:13.0280 3792  Current date / time: 2013/06/13 15:03:13.0280
15:03:13.0280 3792  SystemInfo:
15:03:13.0280 3792  
15:03:13.0280 3792  OS Version: 6.1.7601 ServicePack: 1.0
15:03:13.0280 3792  Product type: Workstation
15:03:13.0280 3792  ComputerName: TOBILLIX-PC
15:03:13.0280 3792  UserName: Tobillix
15:03:13.0280 3792  Windows directory: C:\Windows
15:03:13.0280 3792  System windows directory: C:\Windows
15:03:13.0280 3792  Running under WOW64
15:03:13.0280 3792  Processor architecture: Intel x64
15:03:13.0280 3792  Number of processors: 2
15:03:13.0280 3792  Page size: 0x1000
15:03:13.0280 3792  Boot type: Normal boot
15:03:13.0280 3792  ============================================================
15:03:14.0310 3792  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:03:14.0325 3792  Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 (698.64 Gb), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:03:23.0529 3792  ============================================================
15:03:23.0529 3792  \Device\Harddisk0\DR0:
15:03:23.0592 3792  MBR partitions:
15:03:23.0592 3792  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3200800, BlocksNum 0xEE79000
15:03:23.0623 3792  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1207A000, BlocksNum 0x133B4000
15:03:23.0623 3792  \Device\Harddisk1\DR1:
15:03:23.0638 3792  MBR partitions:
15:03:23.0638 3792  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x575452C2
15:03:23.0638 3792  ============================================================
15:03:23.0670 3792  C: <-> \Device\Harddisk0\DR0\Partition1
15:03:23.0716 3792  D: <-> \Device\Harddisk0\DR0\Partition2
15:03:23.0732 3792  H: <-> \Device\Harddisk1\DR1\Partition1
15:03:23.0732 3792  ============================================================
15:03:23.0732 3792  Initialize success
15:03:23.0732 3792  ============================================================
15:05:14.0898 1132  ============================================================
15:05:14.0898 1132  Scan started
15:05:14.0898 1132  Mode: Manual; SigCheck; TDLFS; 
15:05:14.0898 1132  ============================================================
15:05:15.0413 1132  ================ Scan system memory ========================
15:05:15.0413 1132  System memory - ok
15:05:15.0413 1132  ================ Scan services =============================
15:05:15.0600 1132  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:05:15.0756 1132  1394ohci - ok
15:05:15.0787 1132  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:05:15.0834 1132  ACPI - ok
15:05:15.0865 1132  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:05:15.0927 1132  AcpiPmi - ok
15:05:16.0005 1132  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
15:05:16.0052 1132  adp94xx - ok
15:05:16.0083 1132  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
15:05:16.0130 1132  adpahci - ok
15:05:16.0146 1132  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
15:05:16.0177 1132  adpu320 - ok
15:05:16.0224 1132  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:05:16.0349 1132  AeLookupSvc - ok
15:05:16.0411 1132  [ 6E79A119B0CE418FE44E0C824BF3F039 ] AFBAgent        C:\Windows\system32\FBAgent.exe
15:05:16.0489 1132  AFBAgent - ok
15:05:16.0536 1132  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
15:05:16.0614 1132  AFD - ok
15:05:16.0645 1132  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
15:05:16.0676 1132  agp440 - ok
15:05:16.0707 1132  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
15:05:16.0770 1132  ALG - ok
15:05:16.0801 1132  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:05:16.0832 1132  aliide - ok
15:05:16.0863 1132  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
15:05:16.0879 1132  amdide - ok
15:05:16.0895 1132  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
15:05:16.0957 1132  AmdK8 - ok
15:05:16.0957 1132  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
15:05:17.0004 1132  AmdPPM - ok
15:05:17.0051 1132  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:05:17.0082 1132  amdsata - ok
15:05:17.0113 1132  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
15:05:17.0144 1132  amdsbs - ok
15:05:17.0175 1132  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:05:17.0207 1132  amdxata - ok
15:05:17.0253 1132  [ 92A848F962DA91C631147D566414BB7E ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS
15:05:17.0285 1132  AmUStor - ok
15:05:17.0363 1132  [ D9A92E6DD41C5ADC045AE485026AA40C ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
15:05:17.0394 1132  AntiVirSchedulerService - ok
15:05:17.0425 1132  [ 66A7A38F7C439153B758548375EB9E5E ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
15:05:17.0441 1132  AntiVirService - ok
15:05:17.0519 1132  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
15:05:17.0628 1132  AppID - ok
15:05:17.0675 1132  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:05:17.0784 1132  AppIDSvc - ok
15:05:17.0831 1132  [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo         C:\Windows\System32\appinfo.dll
15:05:17.0893 1132  Appinfo - ok
15:05:17.0940 1132  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys
15:05:17.0971 1132  arc - ok
15:05:18.0002 1132  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys
15:05:18.0033 1132  arcsas - ok
15:05:18.0111 1132  [ 18E5C2F937F9DEB8C282DF66A3761925 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
15:05:18.0127 1132  ASLDRService - ok
15:05:18.0174 1132  [ 4C016FD76ED5C05E84CA8CAB77993961 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
15:05:18.0189 1132  ASMMAP64 - ok
15:05:18.0252 1132  [ 0AA7A996792FB0287B33A57A8093AE44 ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
15:05:18.0314 1132  asmthub3 - ok
15:05:18.0345 1132  [ 125DC3ABF5BFCCFE82AD17D078E0B9EC ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
15:05:18.0423 1132  asmtxhci - ok
15:05:18.0501 1132  [ 9836DDA9A33DACC7F40A672C47AD70D0 ] ASUS InstantOn  C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe
15:05:18.0533 1132  ASUS InstantOn - ok
15:05:18.0564 1132  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:05:18.0673 1132  AsyncMac - ok
15:05:18.0735 1132  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
15:05:18.0751 1132  atapi - ok
15:05:18.0876 1132  [ A5E770426D18F8EF332A593F3289DA91 ] athr            C:\Windows\system32\DRIVERS\athrx.sys
15:05:19.0032 1132  athr - ok
15:05:19.0079 1132  [ 7910158929571214A959D5A6D16DD9C0 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
15:05:19.0110 1132  ATKGFNEXSrv - ok
15:05:19.0157 1132  [ 41CEAFFCF3550785E59E3EC9BEE8D97A ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
15:05:19.0172 1132  ATKWMIACPIIO - ok
15:05:19.0235 1132  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:05:19.0344 1132  AudioEndpointBuilder - ok
15:05:19.0391 1132  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:05:19.0484 1132  AudioSrv - ok
15:05:19.0531 1132  [ 09E6069EF94B345061B4BD3CEBD974C8 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
15:05:19.0547 1132  avgntflt - ok
15:05:19.0578 1132  [ 488486DAD09A5B6C6DBB8B990A8B2307 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
15:05:19.0593 1132  avipbb - ok
15:05:19.0609 1132  [ 490FA25161BF3E51993EB724ECF0ACEB ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
15:05:19.0625 1132  avkmgr - ok
15:05:19.0671 1132  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:05:19.0734 1132  AxInstSV - ok
15:05:19.0796 1132  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
15:05:19.0843 1132  b06bdrv - ok
15:05:19.0890 1132  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:05:19.0937 1132  b57nd60a - ok
15:05:20.0015 1132  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:05:20.0046 1132  BDESVC - ok
15:05:20.0077 1132  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:05:20.0186 1132  Beep - ok
15:05:20.0264 1132  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
15:05:20.0373 1132  BFE - ok
15:05:20.0436 1132  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\system32\qmgr.dll
15:05:20.0576 1132  BITS - ok
15:05:20.0623 1132  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:05:20.0670 1132  blbdrive - ok
15:05:20.0732 1132  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:05:20.0779 1132  bowser - ok
15:05:20.0795 1132  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
15:05:20.0857 1132  BrFiltLo - ok
15:05:20.0888 1132  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
15:05:20.0951 1132  BrFiltUp - ok
15:05:20.0997 1132  [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
15:05:21.0091 1132  BridgeMP - ok
15:05:21.0107 1132  Brother XP spl Service - ok
15:05:21.0153 1132  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
15:05:21.0200 1132  Browser - ok
15:05:21.0231 1132  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:05:21.0294 1132  Brserid - ok
15:05:21.0294 1132  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:05:21.0341 1132  BrSerWdm - ok
15:05:21.0356 1132  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:05:21.0403 1132  BrUsbMdm - ok
15:05:21.0403 1132  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:05:21.0465 1132  BrUsbSer - ok
15:05:21.0528 1132  [ DB109DA005B6FE2A350C5DD7CA768DFD ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
15:05:21.0590 1132  BrYNSvc ( UnsignedFile.Multi.Generic ) - warning
15:05:21.0590 1132  BrYNSvc - detected UnsignedFile.Multi.Generic (1)
15:05:21.0653 1132  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
15:05:21.0731 1132  BthEnum - ok
15:05:21.0777 1132  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
15:05:21.0824 1132  BTHMODEM - ok
15:05:21.0855 1132  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
15:05:21.0918 1132  BthPan - ok
15:05:21.0965 1132  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
15:05:22.0043 1132  BTHPORT - ok
15:05:22.0105 1132  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
15:05:22.0214 1132  bthserv - ok
15:05:22.0245 1132  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
15:05:22.0292 1132  BTHUSB - ok
15:05:22.0511 1132  catchme - ok
15:05:22.0542 1132  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:05:22.0651 1132  cdfs - ok
15:05:22.0698 1132  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:05:22.0745 1132  cdrom - ok
15:05:22.0791 1132  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
15:05:22.0916 1132  CertPropSvc - ok
15:05:22.0963 1132  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys
15:05:23.0010 1132  circlass - ok
15:05:23.0057 1132  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
15:05:23.0103 1132  CLFS - ok
15:05:23.0181 1132  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:05:23.0228 1132  clr_optimization_v2.0.50727_32 - ok
15:05:23.0291 1132  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:05:23.0322 1132  clr_optimization_v2.0.50727_64 - ok
15:05:23.0415 1132  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:05:23.0493 1132  clr_optimization_v4.0.30319_32 - ok
15:05:23.0540 1132  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:05:23.0571 1132  clr_optimization_v4.0.30319_64 - ok
15:05:23.0603 1132  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:05:23.0665 1132  CmBatt - ok
15:05:23.0696 1132  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:05:23.0727 1132  cmdide - ok
15:05:23.0774 1132  [ AAFCB52FE0037207FB6FBEA070D25EFE ] CNG             C:\Windows\system32\Drivers\cng.sys
15:05:23.0852 1132  CNG - ok
15:05:23.0899 1132  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
15:05:23.0915 1132  Compbatt - ok
15:05:23.0946 1132  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
15:05:24.0008 1132  CompositeBus - ok
15:05:24.0039 1132  COMSysApp - ok
15:05:24.0164 1132  [ 815F3180B5117E42E422188E9CCC89C6 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
15:05:24.0227 1132  cphs - ok
15:05:24.0258 1132  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
15:05:24.0289 1132  crcdisk - ok
15:05:24.0351 1132  [ D8129C49798CBBFB2E4351D4B7B8EF9C ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:05:24.0398 1132  CryptSvc - ok
15:05:24.0507 1132  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
15:05:24.0570 1132  cvhsvc - ok
15:05:24.0632 1132  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:05:24.0773 1132  DcomLaunch - ok
15:05:24.0819 1132  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
15:05:24.0944 1132  defragsvc - ok
15:05:24.0991 1132  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:05:25.0100 1132  DfsC - ok
15:05:25.0147 1132  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:05:25.0209 1132  Dhcp - ok
15:05:25.0241 1132  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
15:05:25.0350 1132  discache - ok
15:05:25.0397 1132  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys
15:05:25.0428 1132  Disk - ok
15:05:25.0459 1132  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:05:25.0521 1132  Dnscache - ok
15:05:25.0568 1132  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:05:25.0693 1132  dot3svc - ok
15:05:25.0709 1132  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
15:05:25.0833 1132  DPS - ok
15:05:25.0865 1132  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:05:25.0927 1132  drmkaud - ok
15:05:26.0005 1132  [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:05:26.0083 1132  DXGKrnl - ok
15:05:26.0145 1132  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
15:05:26.0255 1132  EapHost - ok
15:05:26.0395 1132  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys
15:05:26.0567 1132  ebdrv - ok
15:05:26.0598 1132  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
15:05:26.0645 1132  EFS - ok
15:05:26.0738 1132  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:05:26.0863 1132  ehRecvr - ok
15:05:26.0894 1132  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
15:05:26.0972 1132  ehSched - ok
15:05:27.0019 1132  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
15:05:27.0081 1132  elxstor - ok
15:05:27.0081 1132  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:05:27.0128 1132  ErrDev - ok
15:05:27.0191 1132  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
15:05:27.0315 1132  EventSystem - ok
15:05:27.0347 1132  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
15:05:27.0471 1132  exfat - ok
15:05:27.0518 1132  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:05:27.0643 1132  fastfat - ok
15:05:27.0690 1132  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
15:05:27.0783 1132  Fax - ok
15:05:27.0815 1132  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys
15:05:27.0861 1132  fdc - ok
15:05:27.0908 1132  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
15:05:28.0033 1132  fdPHost - ok
15:05:28.0064 1132  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:05:28.0173 1132  FDResPub - ok
15:05:28.0205 1132  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:05:28.0236 1132  FileInfo - ok
15:05:28.0251 1132  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:05:28.0361 1132  Filetrace - ok
15:05:28.0376 1132  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
15:05:28.0423 1132  flpydisk - ok
15:05:28.0454 1132  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:05:28.0501 1132  FltMgr - ok
15:05:28.0563 1132  [ C4C183E6551084039EC862DA1C945E3D ] FontCache       C:\Windows\system32\FntCache.dll
15:05:28.0688 1132  FontCache - ok
15:05:28.0751 1132  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:05:28.0766 1132  FontCache3.0.0.0 - ok
15:05:28.0797 1132  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:05:28.0813 1132  FsDepends - ok
15:05:28.0860 1132  [ 6C06701BF1DB05405804D7EB610991CE ] fssfltr         C:\Windows\system32\DRIVERS\fssfltr.sys
15:05:28.0875 1132  fssfltr - ok
15:05:28.0985 1132  [ 4CE9DAC1518FF7E77BD213E6394B9D77 ] fsssvc          C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe
15:05:29.0156 1132  fsssvc - ok
15:05:29.0187 1132  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:05:29.0219 1132  Fs_Rec - ok
15:05:29.0250 1132  [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:05:29.0297 1132  fvevol - ok
15:05:29.0328 1132  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
15:05:29.0359 1132  gagp30kx - ok
15:05:29.0406 1132  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
15:05:29.0562 1132  gpsvc - ok
15:05:29.0655 1132  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:05:29.0687 1132  gupdate - ok
15:05:29.0718 1132  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:05:29.0733 1132  gupdatem - ok
15:05:29.0765 1132  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:05:29.0811 1132  hcw85cir - ok
15:05:29.0889 1132  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:05:29.0952 1132  HdAudAddService - ok
15:05:29.0999 1132  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
15:05:30.0045 1132  HDAudBus - ok
15:05:30.0061 1132  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
15:05:30.0092 1132  HidBatt - ok
15:05:30.0123 1132  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
15:05:30.0186 1132  HidBth - ok
15:05:30.0201 1132  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys
15:05:30.0248 1132  HidIr - ok
15:05:30.0279 1132  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\System32\hidserv.dll
15:05:30.0389 1132  hidserv - ok
15:05:30.0435 1132  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:05:30.0467 1132  HidUsb - ok
15:05:30.0482 1132  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:05:30.0607 1132  hkmsvc - ok
15:05:30.0654 1132  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:05:30.0701 1132  HomeGroupListener - ok
15:05:30.0747 1132  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:05:30.0810 1132  HomeGroupProvider - ok
15:05:30.0841 1132  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:05:30.0857 1132  HpSAMD - ok
15:05:30.0903 1132  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:05:31.0044 1132  HTTP - ok
15:05:31.0075 1132  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:05:31.0106 1132  hwpolicy - ok
15:05:31.0137 1132  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
15:05:31.0169 1132  i8042prt - ok
15:05:31.0247 1132  [ D7921D5A870B11CC1ADAB198A519D50A ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
15:05:31.0278 1132  iaStor - ok
15:05:31.0340 1132  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:05:31.0387 1132  iaStorV - ok
15:05:31.0465 1132  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:05:31.0605 1132  idsvc - ok
15:05:31.0808 1132  [ 348214F96642FD4FEF630DE021BA3540 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
15:05:32.0105 1132  igfx - ok
15:05:32.0136 1132  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
15:05:32.0167 1132  iirsp - ok
15:05:32.0214 1132  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
15:05:32.0339 1132  IKEEXT - ok
15:05:32.0510 1132  [ CB7DADEF3D83FE2C12655A0BDCBA99F2 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:05:32.0713 1132  IntcAzAudAddService - ok
15:05:32.0775 1132  [ FC727061C0F47C8059E88E05D5C8E381 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
15:05:32.0838 1132  IntcDAud - ok
15:05:32.0869 1132  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
15:05:32.0885 1132  intelide - ok
15:05:32.0916 1132  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:05:32.0963 1132  intelppm - ok
15:05:33.0009 1132  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:05:33.0134 1132  IPBusEnum - ok
15:05:33.0181 1132  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:05:33.0290 1132  IpFilterDriver - ok
15:05:33.0337 1132  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:05:33.0415 1132  iphlpsvc - ok
15:05:33.0415 1132  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:05:33.0477 1132  IPMIDRV - ok
15:05:33.0477 1132  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:05:33.0587 1132  IPNAT - ok
15:05:33.0633 1132  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:05:33.0680 1132  IRENUM - ok
15:05:33.0711 1132  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:05:33.0743 1132  isapnp - ok
15:05:33.0758 1132  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:05:33.0789 1132  iScsiPrt - ok
15:05:33.0836 1132  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:05:33.0867 1132  kbdclass - ok
15:05:33.0867 1132  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
15:05:33.0945 1132  kbdhid - ok
15:05:33.0992 1132  [ E63EF8C3271D014F14E2469CE75FECB4 ] kbfiltr         C:\Windows\system32\DRIVERS\kbfiltr.sys
15:05:34.0023 1132  kbfiltr - ok
15:05:34.0055 1132  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
15:05:34.0086 1132  KeyIso - ok
15:05:34.0117 1132  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:05:34.0148 1132  KSecDD - ok
15:05:34.0179 1132  [ 7EFB9333E4ECCE6AE4AE9D777D9E553E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:05:34.0211 1132  KSecPkg - ok
15:05:34.0242 1132  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:05:34.0351 1132  ksthunk - ok
15:05:34.0382 1132  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:05:34.0523 1132  KtmRm - ok
15:05:34.0569 1132  [ A4A9CA24E54E81C6C3E469EAEB4B3F42 ] L1C             C:\Windows\system32\DRIVERS\L1C62x64.sys
15:05:34.0601 1132  L1C - ok
15:05:34.0647 1132  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\System32\srvsvc.dll
15:05:34.0757 1132  LanmanServer - ok
15:05:34.0803 1132  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:05:34.0913 1132  LanmanWorkstation - ok
15:05:34.0959 1132  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:05:35.0069 1132  lltdio - ok
15:05:35.0115 1132  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:05:35.0240 1132  lltdsvc - ok
15:05:35.0271 1132  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:05:35.0365 1132  lmhosts - ok
15:05:35.0459 1132  [ 7F32D4C47A50E7223491E8FB9359907D ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
15:05:35.0505 1132  LMS - ok
15:05:35.0552 1132  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
15:05:35.0583 1132  LSI_FC - ok
15:05:35.0599 1132  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
15:05:35.0630 1132  LSI_SAS - ok
15:05:35.0646 1132  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
15:05:35.0677 1132  LSI_SAS2 - ok
15:05:35.0677 1132  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
15:05:35.0708 1132  LSI_SCSI - ok
15:05:35.0739 1132  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
15:05:35.0849 1132  luafv - ok
15:05:35.0911 1132  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:05:35.0958 1132  Mcx2Svc - ok
15:05:35.0973 1132  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys
15:05:36.0005 1132  megasas - ok
15:05:36.0036 1132  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
15:05:36.0083 1132  MegaSR - ok
15:05:36.0114 1132  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
15:05:36.0145 1132  MEIx64 - ok
15:05:36.0176 1132  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
15:05:36.0285 1132  MMCSS - ok
15:05:36.0317 1132  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
15:05:36.0426 1132  Modem - ok
15:05:36.0473 1132  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:05:36.0519 1132  monitor - ok
15:05:36.0551 1132  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:05:36.0582 1132  mouclass - ok
15:05:36.0644 1132  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:05:36.0691 1132  mouhid - ok
15:05:36.0722 1132  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:05:36.0753 1132  mountmgr - ok
15:05:36.0800 1132  [ BA7BC321BFEF85B525A9417693B1FF09 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:05:36.0831 1132  MozillaMaintenance - ok
15:05:36.0863 1132  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:05:36.0894 1132  mpio - ok
15:05:36.0909 1132  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:05:37.0019 1132  mpsdrv - ok
15:05:37.0081 1132  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:05:37.0221 1132  MpsSvc - ok
15:05:37.0268 1132  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:05:37.0346 1132  MRxDAV - ok
15:05:37.0377 1132  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:05:37.0440 1132  mrxsmb - ok
15:05:37.0471 1132  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:05:37.0502 1132  mrxsmb10 - ok
15:05:37.0533 1132  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:05:37.0580 1132  mrxsmb20 - ok
15:05:37.0611 1132  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:05:37.0627 1132  msahci - ok
15:05:37.0658 1132  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:05:37.0689 1132  msdsm - ok
15:05:37.0721 1132  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
15:05:37.0783 1132  MSDTC - ok
15:05:37.0799 1132  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:05:37.0892 1132  Msfs - ok
15:05:37.0923 1132  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:05:38.0033 1132  mshidkmdf - ok
15:05:38.0048 1132  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:05:38.0079 1132  msisadrv - ok
15:05:38.0111 1132  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:05:38.0235 1132  MSiSCSI - ok
15:05:38.0251 1132  msiserver - ok
15:05:38.0282 1132  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:05:38.0391 1132  MSKSSRV - ok
15:05:38.0423 1132  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:05:38.0532 1132  MSPCLOCK - ok
15:05:38.0532 1132  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:05:38.0641 1132  MSPQM - ok
15:05:38.0672 1132  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:05:38.0703 1132  MsRPC - ok
15:05:38.0735 1132  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
15:05:38.0750 1132  mssmbios - ok
15:05:38.0766 1132  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:05:38.0875 1132  MSTEE - ok
15:05:38.0875 1132  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
15:05:38.0922 1132  MTConfig - ok
15:05:38.0953 1132  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
15:05:38.0984 1132  Mup - ok
15:05:39.0015 1132  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
15:05:39.0140 1132  napagent - ok
15:05:39.0203 1132  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:05:39.0249 1132  NativeWifiP - ok
15:05:39.0327 1132  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:05:39.0390 1132  NDIS - ok
15:05:39.0421 1132  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:05:39.0515 1132  NdisCap - ok
15:05:39.0561 1132  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:05:39.0624 1132  NdisTapi - ok
15:05:39.0639 1132  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:05:39.0733 1132  Ndisuio - ok
15:05:39.0749 1132  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:05:39.0858 1132  NdisWan - ok
15:05:39.0889 1132  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:05:39.0983 1132  NDProxy - ok
15:05:40.0014 1132  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:05:40.0154 1132  NetBIOS - ok
15:05:40.0185 1132  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:05:40.0279 1132  NetBT - ok
15:05:40.0310 1132  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
15:05:40.0341 1132  Netlogon - ok
15:05:40.0373 1132  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
15:05:40.0513 1132  Netman - ok
15:05:40.0544 1132  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
15:05:40.0685 1132  netprofm - ok
15:05:40.0716 1132  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:05:40.0763 1132  NetTcpPortSharing - ok
15:05:40.0794 1132  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
15:05:40.0825 1132  nfrd960 - ok
15:05:40.0856 1132  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
15:05:40.0919 1132  NlaSvc - ok
15:05:40.0934 1132  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
15:05:41.0028 1132  Npfs - ok
15:05:41.0059 1132  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
15:05:41.0168 1132  nsi - ok
15:05:41.0199 1132  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
15:05:41.0309 1132  nsiproxy - ok
15:05:41.0387 1132  [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
15:05:41.0527 1132  Ntfs - ok
15:05:41.0543 1132  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
15:05:41.0667 1132  Null - ok
15:05:41.0699 1132  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
15:05:41.0730 1132  nvraid - ok
15:05:41.0745 1132  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
15:05:41.0777 1132  nvstor - ok
15:05:41.0792 1132  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
15:05:41.0839 1132  nv_agp - ok
15:05:41.0839 1132  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
15:05:41.0886 1132  ohci1394 - ok
15:05:41.0933 1132  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
15:05:41.0979 1132  ose - ok
15:05:42.0198 1132  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
15:05:42.0479 1132  osppsvc - ok
15:05:42.0525 1132  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
15:05:42.0588 1132  p2pimsvc - ok
15:05:42.0619 1132  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
15:05:42.0681 1132  p2psvc - ok
15:05:42.0728 1132  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys
15:05:42.0775 1132  Parport - ok
15:05:42.0806 1132  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
15:05:42.0837 1132  partmgr - ok
15:05:42.0869 1132  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
15:05:42.0931 1132  PcaSvc - ok
15:05:42.0978 1132  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
15:05:43.0009 1132  pci - ok
15:05:43.0025 1132  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
15:05:43.0056 1132  pciide - ok
15:05:43.0071 1132  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
15:05:43.0103 1132  pcmcia - ok
15:05:43.0118 1132  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
15:05:43.0149 1132  pcw - ok
15:05:43.0196 1132  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
15:05:43.0337 1132  PEAUTH - ok
15:05:43.0383 1132  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
15:05:43.0461 1132  PerfHost - ok
15:05:43.0555 1132  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
15:05:43.0727 1132  pla - ok
15:05:43.0820 1132  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
15:05:43.0883 1132  PlugPlay - ok
15:05:43.0914 1132  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
15:05:43.0976 1132  PNRPAutoReg - ok
15:05:44.0007 1132  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
15:05:44.0039 1132  PNRPsvc - ok
15:05:44.0085 1132  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
15:05:44.0210 1132  PolicyAgent - ok
15:05:44.0257 1132  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
15:05:44.0382 1132  Power - ok
15:05:44.0429 1132  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
15:05:44.0538 1132  PptpMiniport - ok
15:05:44.0569 1132  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys
15:05:44.0616 1132  Processor - ok
15:05:44.0647 1132  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
15:05:44.0709 1132  ProfSvc - ok
15:05:44.0741 1132  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:05:44.0772 1132  ProtectedStorage - ok
15:05:44.0803 1132  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
15:05:44.0912 1132  Psched - ok
15:05:44.0990 1132  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
15:05:45.0099 1132  ql2300 - ok
15:05:45.0115 1132  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
15:05:45.0146 1132  ql40xx - ok
15:05:45.0177 1132  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
15:05:45.0224 1132  QWAVE - ok
15:05:45.0255 1132  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
15:05:45.0318 1132  QWAVEdrv - ok
15:05:45.0318 1132  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
15:05:45.0411 1132  RasAcd - ok
15:05:45.0474 1132  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
15:05:45.0583 1132  RasAgileVpn - ok
15:05:45.0630 1132  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
15:05:45.0739 1132  RasAuto - ok
15:05:45.0786 1132  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
15:05:45.0895 1132  Rasl2tp - ok
15:05:45.0957 1132  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
15:05:46.0082 1132  RasMan - ok
15:05:46.0113 1132  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
15:05:46.0223 1132  RasPppoe - ok
15:05:46.0238 1132  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
15:05:46.0363 1132  RasSstp - ok
15:05:46.0410 1132  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
15:05:46.0519 1132  rdbss - ok
15:05:46.0550 1132  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
15:05:46.0597 1132  rdpbus - ok
15:05:46.0628 1132  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
15:05:46.0737 1132  RDPCDD - ok
15:05:46.0784 1132  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
15:05:46.0893 1132  RDPENCDD - ok
15:05:46.0925 1132  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
15:05:47.0034 1132  RDPREFMP - ok
15:05:47.0112 1132  [ 313F68E1A3E6345A4F47A36B07062F34 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
15:05:47.0143 1132  RdpVideoMiniport - ok
15:05:47.0190 1132  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
15:05:47.0268 1132  RDPWD - ok
15:05:47.0315 1132  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
15:05:47.0346 1132  rdyboost - ok
15:05:47.0377 1132  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
15:05:47.0486 1132  RemoteAccess - ok
15:05:47.0517 1132  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
15:05:47.0642 1132  RemoteRegistry - ok
15:05:47.0689 1132  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
15:05:47.0736 1132  RFCOMM - ok
15:05:47.0783 1132  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
15:05:47.0907 1132  RpcEptMapper - ok
15:05:47.0939 1132  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
15:05:47.0985 1132  RpcLocator - ok
15:05:48.0032 1132  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
15:05:48.0141 1132  RpcSs - ok
15:05:48.0173 1132  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
15:05:48.0266 1132  rspndr - ok
15:05:48.0266 1132  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
15:05:48.0297 1132  SamSs - ok
15:05:48.0329 1132  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
15:05:48.0344 1132  sbp2port - ok
15:05:48.0375 1132  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
15:05:48.0485 1132  SCardSvr - ok
15:05:48.0500 1132  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
15:05:48.0594 1132  scfilter - ok
15:05:48.0641 1132  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
15:05:48.0812 1132  Schedule - ok
15:05:48.0859 1132  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
15:05:48.0937 1132  SCPolicySvc - ok
15:05:48.0968 1132  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
15:05:49.0015 1132  SDRSVC - ok
15:05:49.0062 1132  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
15:05:49.0171 1132  secdrv - ok
15:05:49.0218 1132  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
15:05:49.0327 1132  seclogon - ok
15:05:49.0358 1132  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\system32\sens.dll
15:05:49.0483 1132  SENS - ok
15:05:49.0483 1132  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
15:05:49.0530 1132  SensrSvc - ok
15:05:49.0577 1132  [ 2437720D4480523562360B2B6B5864A7 ] Ser2pl          C:\Windows\system32\DRIVERS\ser2pl64.sys
15:05:49.0623 1132  Ser2pl - ok
15:05:49.0655 1132  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
15:05:49.0717 1132  Serenum - ok
15:05:49.0748 1132  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\drivers\serial.sys
15:05:49.0795 1132  Serial - ok
15:05:49.0826 1132  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
15:05:49.0889 1132  sermouse - ok
15:05:49.0935 1132  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
15:05:50.0045 1132  SessionEnv - ok
15:05:50.0060 1132  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
15:05:50.0107 1132  sffdisk - ok
15:05:50.0123 1132  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
15:05:50.0169 1132  sffp_mmc - ok
15:05:50.0169 1132  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
15:05:50.0232 1132  sffp_sd - ok
15:05:50.0232 1132  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
15:05:50.0279 1132  sfloppy - ok
15:05:50.0372 1132  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
15:05:50.0435 1132  Sftfs - ok
15:05:50.0513 1132  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
15:05:50.0559 1132  sftlist - ok
15:05:50.0591 1132  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
15:05:50.0622 1132  Sftplay - ok
15:05:50.0653 1132  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
15:05:50.0684 1132  Sftredir - ok
15:05:50.0700 1132  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
15:05:50.0715 1132  Sftvol - ok
15:05:50.0762 1132  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
15:05:50.0793 1132  sftvsa - ok
15:05:50.0840 1132  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
15:05:50.0981 1132  SharedAccess - ok
15:05:51.0027 1132  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:05:51.0137 1132  ShellHWDetection - ok
15:05:51.0183 1132  [ 1BC348CF6BAA90EC8E533EF6E6A69933 ] SiSGbeLH        C:\Windows\system32\DRIVERS\SiSG664.sys
15:05:51.0230 1132  SiSGbeLH - ok
15:05:51.0246 1132  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
15:05:51.0277 1132  SiSRaid2 - ok
15:05:51.0293 1132  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
15:05:51.0324 1132  SiSRaid4 - ok
15:05:51.0324 1132  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
15:05:51.0433 1132  Smb - ok
15:05:51.0480 1132  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
15:05:51.0542 1132  SNMPTRAP - ok
15:05:51.0558 1132  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
15:05:51.0589 1132  spldr - ok
15:05:51.0651 1132  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
15:05:51.0729 1132  Spooler - ok
15:05:51.0870 1132  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
15:05:52.0119 1132  sppsvc - ok
15:05:52.0135 1132  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
15:05:52.0260 1132  sppuinotify - ok
15:05:52.0291 1132  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
15:05:52.0353 1132  srv - ok
15:05:52.0400 1132  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
15:05:52.0447 1132  srv2 - ok
15:05:52.0478 1132  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
15:05:52.0541 1132  srvnet - ok
15:05:52.0587 1132  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
15:05:52.0697 1132  SSDPSRV - ok
15:05:52.0728 1132  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
15:05:52.0837 1132  SstpSvc - ok
15:05:52.0884 1132  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys
15:05:52.0915 1132  stexstor - ok
15:05:52.0946 1132  [ DECACB6921DED1A38642642685D77DAC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
15:05:52.0993 1132  StillCam - ok
15:05:53.0040 1132  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
15:05:53.0165 1132  stisvc - ok
15:05:53.0196 1132  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
15:05:53.0227 1132  swenum - ok
15:05:53.0258 1132  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
15:05:53.0383 1132  swprv - ok
15:05:53.0492 1132  [ 7E8902F9929A5D9FFD0F545332CE0F10 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
15:05:53.0601 1132  SynTP - ok
15:05:53.0679 1132  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
15:05:53.0804 1132  SysMain - ok
15:05:53.0835 1132  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:05:53.0898 1132  TabletInputService - ok
15:05:53.0945 1132  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
15:05:54.0054 1132  TapiSrv - ok
15:05:54.0085 1132  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
15:05:54.0194 1132  TBS - ok
15:05:54.0303 1132  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
15:05:54.0444 1132  Tcpip - ok
15:05:54.0506 1132  [ 9849EA3843A2ADBDD1497E97A85D8CAE ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
15:05:54.0615 1132  TCPIP6 - ok
15:05:54.0647 1132  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
15:05:54.0693 1132  tcpipreg - ok
15:05:54.0740 1132  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
15:05:54.0787 1132  TDPIPE - ok
15:05:54.0818 1132  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
15:05:54.0865 1132  TDTCP - ok
15:05:54.0912 1132  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
15:05:55.0021 1132  tdx - ok
15:05:55.0037 1132  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
15:05:55.0068 1132  TermDD - ok
15:05:55.0115 1132  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
15:05:55.0239 1132  TermService - ok
15:05:55.0255 1132  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
15:05:55.0317 1132  Themes - ok
15:05:55.0349 1132  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
15:05:55.0442 1132  THREADORDER - ok
15:05:55.0458 1132  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
15:05:55.0583 1132  TrkWks - ok
15:05:55.0661 1132  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:05:55.0770 1132  TrustedInstaller - ok
15:05:55.0817 1132  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
15:05:55.0910 1132  tssecsrv - ok
15:05:55.0941 1132  [ 17C6B51CBCCDED95B3CC14E22791F85E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
15:05:55.0988 1132  TsUsbFlt - ok
15:05:56.0035 1132  [ AD64450A4ABE076F5CB34CC08EEACB07 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
15:05:56.0066 1132  TsUsbGD - ok
15:05:56.0113 1132  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
15:05:56.0222 1132  tunnel - ok
15:05:56.0253 1132  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
15:05:56.0285 1132  uagp35 - ok
15:05:56.0316 1132  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
15:05:56.0441 1132  udfs - ok
15:05:56.0503 1132  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
15:05:56.0550 1132  UI0Detect - ok
15:05:56.0597 1132  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
15:05:56.0612 1132  uliagpkx - ok
15:05:56.0675 1132  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
15:05:56.0721 1132  umbus - ok
15:05:56.0721 1132  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys
15:05:56.0799 1132  UmPass - ok
15:05:56.0924 1132  [ 2C16648A12999AE69A9EBF41974B0BA2 ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
15:05:57.0096 1132  UNS - ok
15:05:57.0127 1132  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
15:05:57.0252 1132  upnphost - ok
15:05:57.0299 1132  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
15:05:57.0330 1132  usbccgp - ok
15:05:57.0377 1132  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
15:05:57.0439 1132  usbcir - ok
15:05:57.0455 1132  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
15:05:57.0517 1132  usbehci - ok
15:05:57.0564 1132  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
15:05:57.0626 1132  usbhub - ok
15:05:57.0657 1132  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
15:05:57.0689 1132  usbohci - ok
15:05:57.0720 1132  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
15:05:57.0782 1132  usbprint - ok
15:05:57.0829 1132  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
15:05:57.0876 1132  usbscan - ok
15:05:57.0923 1132  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:05:57.0969 1132  USBSTOR - ok
15:05:58.0016 1132  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
15:05:58.0063 1132  usbuhci - ok
15:05:58.0110 1132  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
15:05:58.0172 1132  usbvideo - ok
15:05:58.0203 1132  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
15:05:58.0297 1132  UxSms - ok
15:05:58.0313 1132  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
15:05:58.0344 1132  VaultSvc - ok
15:05:58.0359 1132  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
15:05:58.0391 1132  vdrvroot - ok
15:05:58.0422 1132  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
15:05:58.0562 1132  vds - ok
15:05:58.0593 1132  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
15:05:58.0625 1132  vga - ok
15:05:58.0656 1132  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
15:05:58.0734 1132  VgaSave - ok
15:05:58.0749 1132  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
15:05:58.0781 1132  vhdmp - ok
15:05:58.0796 1132  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
15:05:58.0827 1132  viaide - ok
15:05:58.0843 1132  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
15:05:58.0874 1132  volmgr - ok
15:05:58.0905 1132  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
15:05:58.0937 1132  volmgrx - ok
15:05:58.0968 1132  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
15:05:58.0999 1132  volsnap - ok
15:05:59.0046 1132  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
15:05:59.0077 1132  vsmraid - ok
15:05:59.0155 1132  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
15:05:59.0327 1132  VSS - ok
15:05:59.0342 1132  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
15:05:59.0389 1132  vwifibus - ok
15:05:59.0420 1132  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
15:05:59.0467 1132  vwififlt - ok
15:05:59.0498 1132  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
15:05:59.0561 1132  vwifimp - ok
15:05:59.0592 1132  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
15:05:59.0701 1132  W32Time - ok
15:05:59.0732 1132  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
15:05:59.0763 1132  WacomPen - ok
15:05:59.0795 1132  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
15:05:59.0888 1132  WANARP - ok
15:05:59.0888 1132  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
15:05:59.0966 1132  Wanarpv6 - ok
15:06:00.0029 1132  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
15:06:00.0200 1132  WatAdminSvc - ok
15:06:00.0263 1132  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
15:06:00.0341 1132  wbengine - ok
15:06:00.0372 1132  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
15:06:00.0419 1132  WbioSrvc - ok
15:06:00.0450 1132  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
15:06:00.0528 1132  wcncsvc - ok
15:06:00.0559 1132  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:06:00.0590 1132  WcsPlugInService - ok
15:06:00.0637 1132  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys
15:06:00.0653 1132  Wd - ok
15:06:00.0699 1132  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
15:06:00.0762 1132  Wdf01000 - ok
15:06:00.0793 1132  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
15:06:00.0855 1132  WdiServiceHost - ok
15:06:00.0871 1132  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
15:06:00.0918 1132  WdiSystemHost - ok
15:06:00.0949 1132  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
15:06:01.0011 1132  WebClient - ok
15:06:01.0058 1132  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
15:06:01.0167 1132  Wecsvc - ok
15:06:01.0199 1132  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
15:06:01.0308 1132  wercplsupport - ok
15:06:01.0339 1132  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
15:06:01.0464 1132  WerSvc - ok
15:06:01.0495 1132  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
15:06:01.0589 1132  WfpLwf - ok
15:06:01.0651 1132  [ 52DED146E4797E6CCF94799E8E22BB2A ] WimFltr         C:\Windows\system32\DRIVERS\wimfltr.sys
15:06:01.0682 1132  WimFltr - ok
15:06:01.0713 1132  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
15:06:01.0745 1132  WIMMount - ok
15:06:01.0776 1132  WinDefend - ok
15:06:01.0776 1132  WinHttpAutoProxySvc - ok
15:06:01.0838 1132  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
15:06:01.0963 1132  Winmgmt - ok
15:06:02.0041 1132  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
15:06:02.0244 1132  WinRM - ok
15:06:02.0306 1132  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
15:06:02.0353 1132  WinUsb - ok
15:06:02.0400 1132  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
15:06:02.0493 1132  Wlansvc - ok
15:06:02.0571 1132  [ 06C8FA1CF39DE6A735B54D906BA791C6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
15:06:02.0603 1132  wlcrasvc - ok
15:06:02.0727 1132  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
15:06:02.0868 1132  wlidsvc - ok
15:06:02.0899 1132  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
15:06:02.0946 1132  WmiAcpi - ok
15:06:02.0993 1132  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
15:06:03.0055 1132  wmiApSrv - ok
15:06:03.0086 1132  WMPNetworkSvc - ok
15:06:03.0102 1132  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
15:06:03.0133 1132  WPCSvc - ok
15:06:03.0164 1132  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
15:06:03.0195 1132  WPDBusEnum - ok
15:06:03.0227 1132  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
15:06:03.0336 1132  ws2ifsl - ok
15:06:03.0367 1132  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\system32\wscsvc.dll
15:06:03.0414 1132  wscsvc - ok
15:06:03.0445 1132  [ 8D918B1DB190A4D9B1753A66FA8C96E8 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
15:06:03.0492 1132  WSDPrintDevice - ok
15:06:03.0523 1132  [ 4A2A5C50DD1A63577D3ACA94269FBC7F ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
15:06:03.0570 1132  WSDScan - ok
15:06:03.0585 1132  WSearch - ok
15:06:03.0695 1132  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
15:06:03.0851 1132  wuauserv - ok
15:06:03.0897 1132  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
15:06:03.0944 1132  WudfPf - ok
15:06:03.0991 1132  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
15:06:04.0038 1132  WUDFRd - ok
15:06:04.0053 1132  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
15:06:04.0116 1132  wudfsvc - ok
15:06:04.0147 1132  [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc         C:\Windows\System32\wwansvc.dll
15:06:04.0209 1132  WwanSvc - ok
15:06:04.0256 1132  ================ Scan global ===============================
15:06:04.0287 1132  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
15:06:04.0319 1132  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:06:04.0350 1132  [ 0C27239FEA4DB8A2AAC9E502186B7264 ] C:\Windows\system32\winsrv.dll
15:06:04.0365 1132  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
15:06:04.0412 1132  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
15:06:04.0428 1132  [Global] - ok
15:06:04.0428 1132  ================ Scan MBR ==================================
15:06:04.0443 1132  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:06:04.0849 1132  \Device\Harddisk0\DR0 - ok
15:06:04.0865 1132  [ A4A15D6782E6FE1DCE41A606CB3AFFE3 ] \Device\Harddisk1\DR1
15:06:05.0489 1132  \Device\Harddisk1\DR1 - ok
15:06:05.0489 1132  ================ Scan VBR ==================================
15:06:05.0489 1132  [ 1EE091679E024C7095DA22C0A953DD74 ] \Device\Harddisk0\DR0\Partition1
15:06:05.0489 1132  \Device\Harddisk0\DR0\Partition1 - ok
15:06:05.0535 1132  [ 44FC5F23AB4AE7EC9EAD0211E251179F ] \Device\Harddisk0\DR0\Partition2
15:06:05.0535 1132  \Device\Harddisk0\DR0\Partition2 - ok
15:06:05.0551 1132  [ B554E546BE1C76148D0C740FC744C170 ] \Device\Harddisk1\DR1\Partition1
15:06:05.0551 1132  \Device\Harddisk1\DR1\Partition1 - ok
15:06:05.0551 1132  ============================================================
15:06:05.0551 1132  Scan finished
15:06:05.0551 1132  ============================================================
15:06:05.0567 3080  Detected object count: 1
15:06:05.0567 3080  Actual detected object count: 1
15:07:55.0110 3080  BrYNSvc ( UnsignedFile.Multi.Generic ) - skipped by user
15:07:55.0110 3080  BrYNSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:08:03.0270 4420  Deinitialize success
         
Kann es auch sein dass bei mir Systemdateien fehlen?! Hab irgendwie mit dem CCleaner unter Registry eine Meldung bekommen. Fehlerhafte Mui-Dateien????

Thx

Alt 13.06.2013, 14:47   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows7 Explorer funktioniert nicht mehr - Standard

Windows7 Explorer funktioniert nicht mehr



Zitat:
Hab irgendwie mit dem CCleaner unter Registry eine Meldung bekommen. Fehlerhafte Mui-Dateien????
Finger weg von Registry-Cleanern!!

Hinweis: Registry Cleaner

Ich sehe, dass du sogenannte Registry Cleaner installiert hast.
In deinem Fall ccleaner.

Wir raten von der Verwendung jeglicher Art von Registry Cleaner ab.

Der Grund ist ganz einfach:
Die Registry ist das Hirn des Systems. Funktioniert das Hirn nicht, funktioniert der Rest nicht mehr wirklich.
Man sollte nicht unnötigerweise an der Registry rumbasteln. Schon ein kleiner Fehler kann gravierende Folgen haben und auch Programme machen manchmal Fehler.
Zerstörst du die Registry, zerstörst du Windows.

Zudem ist der Nutzen zur Performancesteigerung umstritten und meist kaum im wahrnehmbaren Bereich.

Ich würde dir empfehlen, Registry Cleaner nicht weiterhin zu verwenden und über
Start --> Systemsteuerung --> Software (bei Windows XP)
Start --> Systemsteuerung --> Programme und Funktionen (bei Vista / Win 7)
zu deinstallieren.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 13.06.2013, 15:00   #13
Tobillix
 
Windows7 Explorer funktioniert nicht mehr - Standard

Windows7 Explorer funktioniert nicht mehr



Hab ich raus geworfen den CCleaner, bin allg. ein Freund von wenig Daten/Programmen...

ich hatte am 22.5. mein Multifunktionsdrucker versucht zu installieren und hatte da große Probleme den als Drucker mit einzurichten Drucken geht nun aber Scanen nicht und da hab ich einige Dateien gelöscht wegen Installieren Deinstallieren als empfehlung wenn es beim 1ten mal nicht klappt haben die geschrieben. Hab da meherer Dateien rausgeworfen. Die mir unbekannt oder auch unnötig waren ähnlich aktuell mit Avira wieso lassen sich manche Programme löschen und Avira bsp. jetzt nicht mehr?

Evtl auch nötige Programme
Kann man solche auch wieder herstellen? Bzw da Fehler aufspühren?

Kam mir jetzt die Idee wegen löschen von CCleaner ..... Da hab ich das Datum gesehen nach dem länger nichts passierte.....


Alt 13.06.2013, 15:47   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
Windows7 Explorer funktioniert nicht mehr - Standard

Windows7 Explorer funktioniert nicht mehr



JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




Im Anschluss:

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Danach eine Kontrolle mit OTL bitte:
  • Doppelklick auf die OTL.exe
  • Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
  • Setze oben mittig den Haken bei Scanne alle Benutzer
  • Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
  • Unter Extra Registry, wähle bitte Use SafeList
  • Klicke nun auf Run Scan links oben
  • Wenn der Scan beendet wurde werden 2 Logfiles erstellt
  • Poste die Logfiles in CODE-Tags hier in den Thread.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 14.06.2013, 09:46   #15
Tobillix
 
Windows7 Explorer funktioniert nicht mehr - Standard

Windows7 Explorer funktioniert nicht mehr



JRT:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.9.4 (05.06.2013:1)
OS: Windows 7 Home Premium x64
Ran by Tobillix on 14.06.2013 at 10:35:20,58
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1136809362-2212667915-2443606012-1001\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylontoolbar
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\datamngr
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilivid
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\discoveryhelper.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\gifanimator.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\imtrprogress.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\imweb.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\appid\wmhelper.dll
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\discoveryhelper.imesh6discovery
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\discoveryhelper.imesh6discovery.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\imweb.imwebcontrol
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.notificationsource
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.notificationsource.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.sourcesinkimpl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.sourcesinkimpl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.toolbarinfo
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\wtb.toolbarinfo.1
Failed to delete: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\datamngr
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E327B07A-0E11-4FD4-BEF2-B2C5605B59C6}



~~~ Files

Successfully deleted: [File] "C:\Users\Tobillix\AppData\Roaming\microsoft\windows\start menu\programs\ilivid.lnk"
Successfully deleted: [File] "C:\end"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\installmate"
Successfully deleted: [Folder] "C:\ProgramData\partner"
Successfully deleted: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\ProgramData\speedmaxpc"
Successfully deleted: [Folder] "C:\ProgramData\tarma installer"
Successfully deleted: [Folder] "C:\Users\Tobillix\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Tobillix\AppData\Roaming\dealply"
Successfully deleted: [Folder] "C:\Users\Tobillix\AppData\Roaming\downtangofttoolbar"
Successfully deleted: [Folder] "C:\Users\Tobillix\AppData\Roaming\drivercure"
Successfully deleted: [Folder] "C:\Users\Tobillix\AppData\Roaming\goforfiles"
Successfully deleted: [Folder] "C:\Users\Tobillix\AppData\Roaming\opencandy"
Successfully deleted: [Folder] "C:\Users\Tobillix\AppData\Roaming\speedmaxpc"
Successfully deleted: [Folder] "C:\Users\Tobillix\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\Tobillix\appdata\local\downtango"
Successfully deleted: [Folder] "C:\Users\Tobillix\appdata\local\ilivid"
Successfully deleted: [Folder] "C:\Users\Tobillix\appdata\locallow\downtangofttoolbar"
Failed to delete: [Folder] "C:\Users\Tobillix\appdata\locallow\mediabarim"
Successfully deleted: [Folder] "C:\Users\Tobillix\appdata\locallow\simplytech"
Successfully deleted: [Folder] "C:\Program Files (x86)\protected search"
Successfully deleted: [Empty Folder] C:\Users\Tobillix\appdata\local\{40C725C9-5225-418B-A664-4744B88CB99C}
Successfully deleted: [Empty Folder] C:\Users\Tobillix\appdata\local\{66CAEBAB-B7D9-49A8-801D-FFC2403165F9}
Successfully deleted: [Empty Folder] C:\Users\Tobillix\appdata\local\{8BAA3374-866D-4A63-ADEF-2A7E784ED8DA}
Successfully deleted: [Empty Folder] C:\Users\Tobillix\appdata\local\{DF1876F2-DF70-419B-8546-0ADCD8512255}
Successfully deleted: [Empty Folder] C:\Users\Tobillix\appdata\local\{F29A1BC3-52D1-4462-A596-61C4E40D4CAB}



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.06.2013 at 10:44:07,52
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
ADWCleaner
wurde nur 1mal neu gestartet.

Code:
ATTFilter
# AdwCleaner v2.303 - Datei am 14/06/2013 um 10:49:57 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Tobillix - TOBILLIX-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Tobillix\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****


***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Users\Tobillix\AppData\Roaming\Mozilla\Firefox\Profiles\tu3kxf86.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Tobillix\AppData\Roaming\Mozilla\Firefox\Profiles\tu3kxf86.default\searchplugins\delta.xml
Datei Gelöscht : C:\Users\Tobillix\Desktop\iLivid.lnk
Ordner Gelöscht : C:\Program Files (x86)\Red Sky
Ordner Gelöscht : C:\Users\Tobillix\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Tobillix\AppData\LocalLow\mediabarim
Ordner Gelöscht : C:\Users\Tobillix\AppData\Roaming\DSite
Ordner Gelöscht : C:\Users\Tobillix\AppData\Roaming\Mozilla\Firefox\Profiles\tu3kxf86.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
Ordner Gelöscht : C:\Users\Tobillix\AppData\Roaming\Mozilla\Firefox\Profiles\tu3kxf86.default\mediabarim
Ordner Gelöscht : C:\Users\Tobillix\iMesh Applications

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\delta LTD
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Schlüssel Gelöscht : HKCU\Software\ProtectedSearch
Schlüssel Gelöscht : HKCU\Software\SpeedMaxPC
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415C-8A37-763AE183E7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\iMesh.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{ec96f516-51b2-4b46-8451-8665f5a6ba2b}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{f07fbd3e-2048-44a4-9065-71bf551e2672}
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Schlüssel Gelöscht : HKLM\Software\SpeedMaxPC
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2656B92B-0207-4AFB-BEBF-F5FD231ECD39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{59570C1F-B692-48C9-91B4-7809E6945287}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{63A0F7FA-2C95-4D7E-AF25-EFCC303D20A1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{6559E502-6EE1-46B8-A83C-F3A45BDA23EE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{69d3f709-9de2-479f-980f-532d46895703}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{B6F8DA9F-2696-419E-A8A3-19BE41EF51BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C63CA8A4-AB4E-49E5-A6C0-33FC86D80205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C6A7847E-8931-4A9A-B4EF-72A91E3CCF4D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DD0F1D24-E250-4E93-966C-65615720AEFB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EC1277BB-1C71-4C0D-BA6D-BFEA16E773A6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{69d3f709-9de2-479f-980f-532d46895703}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{cfd485f0-96bd-47cd-bb6d-cd7dda95f102}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Imesh
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Wincore MediaBar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{69d3f709-9de2-479f-980f-532d46895703}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C}
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{28387537-E3F9-4ED7-860C-11E69AF4A8A0}]

***** [Internet Browser] *****

-\\ Internet Explorer v10.0.9200.16611

Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Page] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 --> hxxp://www.google.com
Ersetzt : [HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Main - Start Default_Page_URL] = hxxp://search.certified-toolbar.com?si=41460&home=true&tid=2937 --> hxxp://www.google.com

-\\ Mozilla Firefox v12.0 (de)

Datei : C:\Users\Tobillix\AppData\Roaming\Mozilla\Firefox\Profiles\tu3kxf86.default\prefs.js

C:\Users\Tobillix\AppData\Roaming\Mozilla\Firefox\Profiles\tu3kxf86.default\user.js ... Gelöscht !

Gelöscht : user_pref("extensions.delta.bbDpng", "29");
Gelöscht : user_pref("extensions.delta.cntry", "DE");
Gelöscht : user_pref("extensions.delta.hdrMd5", "");
Gelöscht : user_pref("extensions.delta.lastVrsnTs", "");
Gelöscht : user_pref("extensions.delta.sg", "er");
Gelöscht : user_pref("extensions.delta.smplGrp", "er");
Gelöscht : user_pref("extensions.ffxtlbr@delta.com.install-event-fired", true);

-\\ Google Chrome v [Version kann nicht ermittelt werden]

Datei : C:\Users\Tobillix\AppData\Local\Google\Chrome\User Data\Default\Preferences

Gelöscht [l.22] : icon_url = "hxxp://www.delta-search.com/favicon.ico",
Gelöscht [l.25] : keyword = "delta-search.com",
Gelöscht [l.29] : search_url = "hxxp://www.delta-search.com/?q={searchTerms}&affID=119293&tt=gc_&babsrc=SP_ss[...]
Gelöscht [l.361] : homepage = "hxxp://www.delta-search.com/?affID=119293&tt=gc_&babsrc=HP_ss&mntrId=248486D53D120B[...]
Gelöscht [l.534] : urls_to_restore_on_startup = [ "hxxp://www.delta-search.com/?affID=119293&tt=gc_&babsrc=HP_[...]

*************************

AdwCleaner[S1].txt - [10784 octets] - [14/06/2013 10:49:57]

########## EOF - C:\AdwCleaner[S1].txt - [10845 octets] ##########
         
OTL aut. geöffnete Logfile:

Code:
ATTFilter
OTL logfile created on: 14.06.2013 11:01:39 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Tobillix\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,91 Gb Total Physical Memory | 2,40 Gb Available Physical Memory | 61,55% Memory free
7,81 Gb Paging File | 6,12 Gb Available in Paging File | 78,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,24 Gb Total Space | 66,98 Gb Free Space | 56,18% Space Free | Partition Type: NTFS
Drive D: | 153,85 Gb Total Space | 48,21 Gb Free Space | 31,33% Space Free | Partition Type: NTFS
Drive E: | 3,78 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 698,64 Gb Total Space | 198,90 Gb Free Space | 28,47% Space Free | Partition Type: NTFS
 
Computer Name: TOBILLIX-PC | User Name: Tobillix | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Tobillix\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_6_602_171.exe (Adobe Systems, Inc.)
PRC - C:\Program Files\Mozillafirefo9crome\plugin-container.exe (Mozilla Corporation)
PRC - C:\Program Files\Mozillafirefo9crome\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\Common Files\InstantOn\InsOnWMI.exe (ASUS)
PRC - C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
PRC - C:\Windows\SysWOW64\ACEngSvr.exe (ASUSTeK)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
PRC - C:\Windows\SysWOW64\BRSVC01A.EXE (brother Industries Ltd)
PRC - C:\Windows\SysWOW64\BRSS01A.EXE (brother Industries Ltd)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\af525b4bec3b9941b7be8ffbf813da80\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\f878765b06a1d56b04f4bd23a9c60985\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\7eac0dbe9aa20b55e37235f8ee030e6b\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\716959df79685a1eae0fc14275a32b0f\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\764f15e86c82662e977bd418bd6318c1\System.Configuration.ni.dll ()
MOD - C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\libcef.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\d7d20811a7ce7cc589153648cbb1ce5c\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\eead6629e384a5b69f9ae35284b7eeed\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\f687c43e9fdec031988b33ae722c4613\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\369f8bdca364e2b4936d18dea582912c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\7150b9136fad5b79e88f6c7f9d3d2c39\mscorlib.ni.dll ()
MOD - C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll ()
MOD - C:\Program Files\Mozillafirefo9crome\mozjs.dll ()
MOD - C:\Program Files (x86)\ASUS\Wireless Console 3\acAuth.dll ()
MOD - C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll ()
MOD - C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\PresentationFramework.resources\3.0.0.0_de_31bf3856ad364e35\PresentationFramework.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (BrYNSvc) -- C:\Program Files (x86)\Browny02\BrYNSvc.exe (Brother Industries, Ltd.)
SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation)
SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation)
SRV - (ASUS InstantOn) -- C:\Program Files (x86)\Common Files\InstantOn\InsOnSrv.exe (ASUS)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (Brother XP spl Service) -- C:\Windows\SysWOW64\BRSVC01A.EXE (brother Industries Ltd)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (Ser2pl) -- C:\Windows\SysNative\drivers\ser2pl64.sys (Prolific Technology Inc.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation)
DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation)
DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation)
DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc)
DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (AmUStor) -- C:\Windows\SysNative\drivers\AmUStor.sys (Alcor Micro, Corp.)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = 
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Default_Page_URL = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Default_Page_URL = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Start Page = hxxp://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=NP06&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
 
 
IE - HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-1136809362-2212667915-2443606012-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKU\S-1-5-21-1136809362-2212667915-2443606012-1001\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-1136809362-2212667915-2443606012-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.search.useDBForOrder: "false"
FF - prefs.js..extensions.enabledAddons: testpilot@labs.mozilla.com:1.2.2
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_171.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_171.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files\Mozillafirefo9crome\components [2012.06.04 12:43:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files\Mozillafirefo9crome\plugins [2011.12.08 18:08:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0.6\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.05.23 13:13:12 | 000,000,000 | ---D | M]
 
[2011.12.08 17:55:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobillix\AppData\Roaming\mozilla\Extensions
[2013.06.14 10:50:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Tobillix\AppData\Roaming\mozilla\Firefox\Profiles\tu3kxf86.default\extensions
[2012.11.16 15:07:36 | 000,000,000 | ---D | M] (DownTango Launcher) -- C:\Users\Tobillix\AppData\Roaming\mozilla\Firefox\Profiles\tu3kxf86.default\extensions\{411beae9-8c58-477c-8903-201536f61512}
[2012.09.15 10:19:06 | 000,621,521 | ---- | M] () (No name found) -- C:\Users\Tobillix\AppData\Roaming\mozilla\firefox\profiles\tu3kxf86.default\extensions\testpilot@labs.mozilla.com.xpi
 
========== Chrome  ==========
 
CHR - default_search_provider: Delta Search (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: hxxp://www.google.com/
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Tobillix\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google-Suche = C:\Users\Tobillix\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: Google Mail = C:\Users\Tobillix\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2013.06.13 07:53:21 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (DownTango Launcher) - {e327b07a-0e11-4fd4-bef2-b2c5605b59c6} - C:\Users\Tobillix\AppData\Roaming\DownTangoFTToolbar\DownTangoFTToolbar.dll File not found
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SynAsusAcpi] C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe (Synaptics Incorporated)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe (ASUS)
O4 - Startup: C:\Users\Tobillix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Tobillix\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1136809362-2212667915-2443606012-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1136809362-2212667915-2443606012-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKU\S-1-5-21-1136809362-2212667915-2443606012-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{D9FB8A97-64B7-46D0-BCAF-B10735B25125}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F1B2404B-6A93-4894-867E-985A2BA1157C}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.06.14 10:35:18 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2013.06.14 10:34:33 | 000,000,000 | ---D | C] -- C:\JRT
[2013.06.13 10:35:10 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.06.13 10:35:10 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.06.13 10:35:08 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.06.13 10:35:08 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.06.13 10:35:08 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe
[2013.06.13 10:35:08 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe
[2013.06.13 10:35:08 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.06.13 10:35:08 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.06.13 10:35:08 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.06.13 10:35:08 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2013.06.13 10:35:08 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.06.13 10:35:06 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.06.13 10:35:05 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.06.13 10:35:05 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.06.13 10:35:04 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.06.13 09:08:44 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.06.13 07:57:26 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2013.06.13 07:53:19 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2013.06.13 07:42:16 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2013.06.13 07:42:16 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2013.06.13 07:42:16 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2013.06.13 07:42:09 | 000,000,000 | ---D | C] -- C:\ComboFix
[2013.06.13 07:42:03 | 000,000,000 | ---D | C] -- C:\Qoobox
[2013.06.13 07:41:39 | 000,000,000 | ---D | C] -- C:\Windows\erdnt
[2013.06.13 07:38:40 | 005,079,773 | R--- | C] (Swearware) -- C:\Users\Tobillix\Desktop\ComboFix.exe
[2013.06.12 22:41:22 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll
[2013.06.12 22:41:22 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll
[2013.06.12 22:41:18 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll
[2013.06.12 22:41:17 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll
[2013.06.12 22:41:10 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll
[2013.06.12 22:41:05 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe
[2013.06.12 22:41:05 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe
[2013.06.12 22:41:04 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2013.06.12 22:41:04 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2013.06.12 22:41:04 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll
[2013.06.12 22:41:03 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll
[2013.06.12 22:40:56 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll
[2013.06.12 22:40:56 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll
[2013.06.12 18:59:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.06.12 18:58:15 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\Desktop\mbar
[2013.06.11 22:02:12 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\TuneUp Software
[2013.06.11 22:01:28 | 000,000,000 | ---D | C] -- C:\ProgramData\TuneUp Software
[2013.06.11 22:00:45 | 000,000,000 | -HSD | C] -- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}
[2013.06.11 22:00:45 | 000,000,000 | -H-D | C] -- C:\ProgramData\Common Files
[2013.06.10 13:52:44 | 000,000,000 | ---D | C] -- C:\LocalDumps
[2013.05.30 01:55:44 | 000,083,160 | ---- | C] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.05.29 19:55:09 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\Avira
[2013.05.29 19:49:34 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.05.29 19:49:34 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.05.29 19:49:34 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.05.29 19:49:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Avira
[2013.05.29 19:49:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2013.05.29 18:34:47 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Local\Downloaded Installations
[2013.05.29 18:34:15 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\Zip Opener Packages
[2013.05.29 15:38:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Easy
[2013.05.29 15:38:24 | 000,000,000 | ---D | C] -- C:\Program Files\Registry Easy
[2013.05.29 15:38:04 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Local\Programs
[2013.05.23 19:46:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[2013.05.23 19:44:34 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Silverlight
[2013.05.23 19:44:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Silverlight
[2013.05.23 19:43:39 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RdpGroupPolicyExtension.dll
[2013.05.23 19:43:39 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyExtension.dll
[2013.05.23 19:43:39 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbRedirectionGroupPolicyControl.exe
[2013.05.23 19:43:38 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys
[2013.05.23 19:43:38 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tsgqec.dll
[2013.05.23 19:43:38 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TsUsbGDCoInstaller.dll
[2013.05.23 19:43:38 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\TsUsbGD.sys
[2013.05.23 19:43:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys
[2013.05.23 19:43:38 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprtPS.dll
[2013.05.23 19:43:37 | 001,123,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstsc.exe
[2013.05.23 19:43:37 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstsc.exe
[2013.05.23 19:43:37 | 000,384,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wksprt.exe
[2013.05.23 19:43:37 | 000,322,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\aaclient.dll
[2013.05.23 19:43:37 | 000,269,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\aaclient.dll
[2013.05.23 19:43:37 | 000,243,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpudd.dll
[2013.05.23 19:43:37 | 000,228,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpendp_winip.dll
[2013.05.23 19:43:37 | 000,192,000 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpendp_winip.dll
[2013.05.23 19:43:37 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\TSWbPrxy.exe
[2013.05.23 19:43:37 | 000,054,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsRdpWebAccess.dll
[2013.05.23 19:43:37 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\MsRdpWebAccess.dll
[2013.05.23 19:43:37 | 000,037,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tsgqec.dll
[2013.05.23 19:43:37 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wksprtPS.dll
[2013.05.23 19:43:36 | 004,916,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mstscax.dll
[2013.05.23 19:43:36 | 003,174,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorets.dll
[2013.05.23 19:43:35 | 005,773,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mstscax.dll
[2013.05.23 19:40:29 | 001,448,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\lsasrv.dll
[2013.05.23 19:40:27 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\qdvd.dll
[2013.05.23 19:40:27 | 000,366,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\qdvd.dll
[2013.05.23 19:31:01 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\vlc
[2013.05.23 13:26:50 | 000,018,832 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe
[2013.05.23 13:26:44 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\Canneverbe Limited
[2013.05.23 13:26:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2013.05.23 13:26:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDBurnerXP
[2013.05.23 13:13:22 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\Thunderbird
[2013.05.23 13:13:22 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Local\Thunderbird
[2013.05.23 13:13:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Thunderbird
[2013.05.23 12:48:05 | 000,057,344 | ---- | C] (brother Industries Ltd) -- C:\Windows\SysWow64\BRSVC01A.EXE
[2013.05.23 12:48:05 | 000,045,056 | ---- | C] (brother Industries Ltd) -- C:\Windows\SysWow64\BRSS01A.EXE
[2013.05.23 11:19:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother Personal Utilities
[2013.05.23 10:54:09 | 000,000,000 | ---D | C] -- C:\Program Files\Lexmark
[2013.05.22 14:37:21 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\ControlCenter4
[2013.05.22 14:33:42 | 000,000,000 | ---D | C] -- C:\Brother
[2013.05.22 14:33:40 | 000,000,000 | ---D | C] -- C:\ProgramData\ControlCenter4
[2013.05.22 14:33:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Browny02
[2013.05.22 14:32:55 | 000,245,760 | ---- | C] (brother) -- C:\Windows\SysWow64\NSSearch.dll
[2013.05.22 14:32:55 | 000,005,632 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2L.dll
[2013.05.22 14:32:55 | 000,005,120 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2S.dll
[2013.05.22 14:32:54 | 000,073,728 | ---- | C] (Brother Industries Ltd.) -- C:\Windows\SysWow64\BrDctF2.dll
[2013.05.22 14:32:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Brother
[2013.05.22 14:32:49 | 000,180,224 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysWow64\BroSNMP.dll
[2013.05.22 14:29:20 | 000,000,000 | ---D | C] -- C:\Users\Tobillix\AppData\Roaming\InstallShield
[2013.05.22 12:07:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother
[2013.05.22 12:07:26 | 000,316,928 | ---- | C] (brother) -- C:\Windows\SysNative\NSSRH64.dll
[2013.05.22 12:07:26 | 000,084,480 | ---- | C] (Brother Industries, Ltd.) -- C:\Windows\SysNative\BrNetSti.dll
[2013.05.22 12:07:26 | 000,058,880 | ---- | C] (Brother Industries,Ltd.) -- C:\Windows\SysNative\BrWiaNCp.dll
[2013.05.22 12:07:26 | 000,054,272 | R--- | C] (Brother Industries,Ltd) -- C:\Windows\SysNative\Brnsplg.dll
[2013.05.22 12:07:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ControlCenter4
[2013.05.22 12:01:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Brother
 
========== Files - Modified Within 30 Days ==========
 
[2013.06.14 11:00:07 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.06.14 11:00:07 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.06.14 10:57:13 | 001,531,014 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.06.14 10:57:13 | 000,666,256 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.06.14 10:57:13 | 000,628,098 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.06.14 10:57:13 | 000,134,178 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.06.14 10:57:13 | 000,110,560 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.06.14 10:52:32 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.06.14 10:52:16 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.06.14 10:52:09 | 3145,826,304 | -HS- | M] () -- C:\hiberfil.sys
[2013.06.14 10:39:00 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.06.14 10:26:55 | 000,045,056 | ---- | M] () -- C:\Windows\SysWow64\acovcnt.exe
[2013.06.13 15:01:24 | 000,000,512 | ---- | M] () -- C:\Users\Tobillix\Desktop\MBR.dat
[2013.06.13 10:58:30 | 000,005,668 | ---- | M] () -- C:\Users\Tobillix\AppData\Local\recently-used.xbel
[2013.06.13 09:27:40 | 000,277,352 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.06.13 07:53:21 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2013.06.13 07:39:39 | 005,079,773 | R--- | M] (Swearware) -- C:\Users\Tobillix\Desktop\ComboFix.exe
[2013.06.12 22:05:57 | 000,088,087 | ---- | M] () -- C:\Users\Tobillix\Desktop\Tätigkeitsbeschreibung.pdf
[2013.06.12 22:03:46 | 000,027,100 | ---- | M] () -- C:\Users\Tobillix\Desktop\Selbsteinschätzungsprofil.pdf
[2013.06.12 18:53:39 | 013,169,742 | ---- | M] () -- C:\Users\Tobillix\Desktop\mbar-1.06.0.1003.zip
[2013.06.12 18:13:09 | 000,001,272 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2013.06.08 00:43:00 | 000,000,274 | ---- | M] () -- C:\Windows\tasks\ASUS SmartLogon Console Sensor.job
[2013.05.30 14:18:51 | 000,002,046 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2013.05.30 01:55:19 | 000,083,160 | ---- | M] (Avira GmbH) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.05.29 19:47:57 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.05.29 19:47:57 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.05.29 19:47:57 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.05.29 14:10:24 | 000,001,059 | ---- | M] () -- C:\Users\Tobillix\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2013.05.29 14:10:11 | 000,001,033 | ---- | M] () -- C:\Users\Tobillix\Desktop\Dropbox.lnk
[2013.05.23 19:30:50 | 000,000,742 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.05.23 19:25:43 | 000,001,142 | ---- | M] () -- C:\Users\Tobillix\Desktop\ASUS Produktregistrierung.lnk
[2013.05.23 13:26:34 | 000,001,955 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2013.05.23 13:13:15 | 000,002,092 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2013.05.23 12:48:08 | 000,000,184 | ---- | M] () -- C:\Windows\SysWow64\brsvc01a.bsi
[2013.05.23 12:48:08 | 000,000,030 | ---- | M] () -- C:\Windows\SysWow64\brss01a.ini
[2013.05.23 12:48:01 | 000,000,055 | ---- | M] () -- C:\Windows\SysWow64\BRDPJ140W.DAT
[2013.05.19 18:35:42 | 000,247,887 | ---- | M] () -- C:\Users\Tobillix\Desktop\Strangfeld.jpg
[2013.05.17 03:25:27 | 000,690,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2013.05.17 03:25:26 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2013.05.17 03:25:26 | 000,109,056 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll
[2013.05.17 03:25:26 | 000,061,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2013.05.17 03:25:26 | 000,033,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2013.05.17 02:59:12 | 000,051,712 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2013.05.17 02:58:20 | 000,603,136 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2013.05.17 02:58:10 | 003,958,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2013.05.17 02:58:10 | 000,855,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2013.05.17 02:58:08 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2013.05.17 02:58:08 | 000,136,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll
[2013.05.17 02:58:08 | 000,067,072 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2013.05.17 02:58:08 | 000,039,936 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
 
========== Files Created - No Company Name ==========
 
[2013.06.13 14:57:06 | 000,000,512 | ---- | C] () -- C:\Users\Tobillix\Desktop\MBR.dat
[2013.06.13 10:58:30 | 000,005,668 | ---- | C] () -- C:\Users\Tobillix\AppData\Local\recently-used.xbel
[2013.06.13 07:42:16 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2013.06.13 07:42:16 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2013.06.13 07:42:16 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2013.06.13 07:42:16 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2013.06.13 07:42:16 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2013.06.12 22:05:54 | 000,088,087 | ---- | C] () -- C:\Users\Tobillix\Desktop\Tätigkeitsbeschreibung.pdf
[2013.06.12 22:03:45 | 000,027,100 | ---- | C] () -- C:\Users\Tobillix\Desktop\Selbsteinschätzungsprofil.pdf
[2013.06.12 18:52:51 | 013,169,742 | ---- | C] () -- C:\Users\Tobillix\Desktop\mbar-1.06.0.1003.zip
[2013.06.08 00:43:00 | 000,000,274 | ---- | C] () -- C:\Windows\tasks\ASUS SmartLogon Console Sensor.job
[2013.05.24 09:58:24 | 000,247,887 | ---- | C] () -- C:\Users\Tobillix\Desktop\Strangfeld.jpg
[2013.05.23 19:30:50 | 000,000,742 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk
[2013.05.23 19:25:43 | 000,001,142 | ---- | C] () -- C:\Users\Tobillix\Desktop\ASUS Produktregistrierung.lnk
[2013.05.23 13:26:34 | 000,001,955 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2013.05.23 13:26:34 | 000,001,905 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2013.05.23 13:13:14 | 000,002,092 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Thunderbird.lnk
[2013.05.23 12:48:08 | 000,000,184 | ---- | C] () -- C:\Windows\SysWow64\brsvc01a.bsi
[2013.05.23 12:48:08 | 000,000,030 | ---- | C] () -- C:\Windows\SysWow64\brss01a.ini
[2013.05.23 11:18:07 | 000,000,060 | R--- | C] () -- C:\Program Files (x86)\BRINST.INI
[2013.05.22 14:53:54 | 000,000,055 | ---- | C] () -- C:\Windows\SysWow64\BRDPJ140W.DAT
[2013.05.22 12:07:26 | 000,143,360 | R--- | C] () -- C:\Windows\SysNative\BrSNMP64.dll
[2013.03.29 16:33:23 | 000,000,057 | ---- | C] () -- C:\ProgramData\Ament.ini
[2012.12.14 02:42:30 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012.12.14 02:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.12.14 02:42:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012.12.08 15:40:48 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2012.11.16 15:07:30 | 000,015,432 | ---- | C] () -- C:\Windows\Launcher.exe
[2012.02.28 20:28:25 | 000,164,234 | ---- | C] () -- C:\Windows\FlyChart Uninstaller.exe
[2012.02.12 21:20:35 | 001,557,912 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.01.20 15:28:12 | 000,027,648 | ---- | C] () -- C:\Users\Tobillix\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.12.01 16:07:58 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\acovcnt.exe
[2011.09.16 10:21:16 | 000,066,856 | ---- | C] () -- C:\Windows\SysWow64\SynTPEnhPS.dll
[2011.09.16 10:20:27 | 000,963,116 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011.09.16 10:20:19 | 000,218,304 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011.09.16 10:20:13 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
 
========== ZeroAccess Check ==========
 
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:04 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 144 bytes -> C:\ProgramData\Temp:41099CE9

< End of report >
         
Ok war nur Run2 als erstes zu sehen hier also dann die eig. 1te Logfile

Code:
ATTFilter
OTL Extras logfile created on: 14.06.2013 11:01:39 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Tobillix\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,91 Gb Total Physical Memory | 2,40 Gb Available Physical Memory | 61,55% Memory free
7,81 Gb Paging File | 6,12 Gb Available in Paging File | 78,32% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119,24 Gb Total Space | 66,98 Gb Free Space | 56,18% Space Free | Partition Type: NTFS
Drive D: | 153,85 Gb Total Space | 48,21 Gb Free Space | 31,33% Space Free | Partition Type: NTFS
Drive E: | 3,78 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: CDFS
Drive H: | 698,64 Gb Total Space | 198,90 Gb Free Space | 28,47% Space Free | Partition Type: NTFS
 
Computer Name: TOBILLIX-PC | User Name: Tobillix | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_USERS\S-1-5-21-1136809362-2212667915-2443606012-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozillafirefo9crome\firefox.exe (Mozilla Corporation)
 
========== Shell Spawning ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
 
========== Security Center Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
 
========== System Restore Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
 
========== Firewall Settings ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{01030C6F-5837-45D1-AB3A-AF3B197B0371}" = lport=138 | protocol=17 | dir=in | app=system | 
"{05398B0F-DF21-49B9-89E4-B94DDDA8C53D}" = lport=445 | protocol=6 | dir=in | app=system | 
"{39B40135-DE6F-4B1E-9392-C4560374AEAF}" = rport=138 | protocol=17 | dir=out | app=system | 
"{3DAC7D07-F950-4220-A07F-13FC0C5E7B8A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{3F84BB46-FA1B-46B3-AB3D-6926B1478FF5}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{41265FCC-C8FD-4637-940D-81D93E5445B1}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{46F89CE4-032C-4BD7-BEDB-59B3E6118BE6}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{506984D9-DE61-4E40-9679-2D3BDE5A3CB8}" = lport=8182 | protocol=6 | dir=in | name=java(tm) platform se binary | 
"{58ECAC34-358A-4996-93D8-9D0BABF621B1}" = rport=139 | protocol=6 | dir=out | app=system | 
"{5987CD0D-9C68-4205-B53B-786670C44BBA}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{5CDE0E7C-DC47-4771-A849-8CFDF593D83B}" = rport=445 | protocol=6 | dir=out | app=system | 
"{5FB1DCF9-E80F-4A2A-8C19-A83037B4128F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{64D0CF8C-460F-4A0F-AB60-885D07254789}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{6B34172A-84C3-432B-983E-F72E92DEBC66}" = rport=137 | protocol=17 | dir=out | app=system | 
"{6D86BBA6-660B-4EA4-9C85-ADBCBF533D55}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | 
"{81BD1620-B145-459B-8294-89DC76E8572F}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{8CCF1862-7DD5-4479-8C75-816B63D5AE7E}" = lport=137 | protocol=17 | dir=in | app=system | 
"{9B30EEB1-3357-4F0D-9BF8-C740440D33FA}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{9C2BC9E1-B81A-486E-9D96-F0C8E6502C49}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{A119C4FF-3AE3-40BB-B5D7-933C3DF80772}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{A72233AF-337A-40D3-BCE9-4CBCFF8C6B0B}" = lport=5353 | protocol=17 | dir=in | name=java(tm) platform se binary | 
"{AEB556A1-0EA9-45B1-AB3B-1429C2598C19}" = lport=139 | protocol=6 | dir=in | app=system | 
"{B236816B-FE21-4E85-B060-05EA7B258844}" = lport=54925 | protocol=17 | dir=in | name=brothernetwork scanner | 
"{B827E1C7-5A7A-484C-9653-2FE388A8B888}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | 
"{CE94DC46-31D2-4A19-B634-FEC5BF51E233}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{D93049F5-5267-4C4D-A6BA-5B5AE2B511E7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{EB06DDCA-ED3D-4019-BA93-9DF325F55A05}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{ED7C6FB1-EE29-4727-BB8A-EF35088F3FF3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{033045E6-3034-4B01-869B-6FFA6C747C1A}" = dir=in | app=c:\program files (x86)\protected search\protectedsearch.exe | 
"{05F6FBB2-DD36-4430-8819-7D0B9000596F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{15B67990-8F2C-4858-B36B-9DAB9B2D53DD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{21791D02-FAEF-44B5-9008-A6E644E256D3}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{22A603FD-8628-4190-BFF9-EC1E3A4198B0}" = protocol=58 | dir=in | app=system | 
"{25BDD843-A815-48A8-A216-66D065687049}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | 
"{380CD1BF-3256-4C1D-B497-5243B0F35003}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{462639D2-B49D-4052-A9AD-AC2CA7C0F9A4}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{4987BBB2-9C47-4607-A315-8BDEFFD817D0}" = protocol=58 | dir=out | name=@iphlpsvc.dll,-503 | 
"{49FDBA42-E06F-4D2F-A541-4AE21FD4B217}" = protocol=17 | dir=in | app=c:\users\tobillix\imesh applications\mediabar\datamngr\toolbar\dtuser.exe | 
"{4EC18E60-0161-47A0-A4BF-01067E3A153D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{50D76052-134E-46DB-AF8E-63827F883C0F}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | 
"{573A2FE5-57C0-42F8-8975-5BAB012E4E67}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{5CE34F28-6F4F-42EE-BAE2-9BCCF93766E1}" = dir=out | app=c:\program files (x86)\protected search\protectedsearch.exe | 
"{603B5352-9F25-450C-931F-5AB21B9D9B30}" = dir=out | app=c:\program files (x86)\protected search\protectedsearch.exe | 
"{628AA317-31C9-44E2-8A42-F7F802557474}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{64EF058B-DF0B-47FA-839E-D8F61DF5DFC8}" = protocol=6 | dir=in | app=c:\users\tobillix\imesh applications\imesh\imesh.exe | 
"{7034917E-CA98-4BB5-AB89-3416A22A23EE}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{712E01E0-C950-42FF-9219-DFC7341EC893}" = protocol=6 | dir=in | app=c:\users\tobillix\imesh applications\mediabar\datamngr\toolbar\dtuser.exe | 
"{74D4C5A4-04C8-44BE-B791-DE225CBB5EBA}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{75EA3C65-0DDD-4326-98AC-21F0076CC5B6}" = protocol=6 | dir=out | app=system | 
"{781B43D5-A1EC-46D6-8565-3EC613235D80}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{7CB2FC95-AB79-4E83-BCC5-6633D5C8E5BD}" = protocol=17 | dir=in | app=c:\users\tobillix\appdata\roaming\dropbox\bin\dropbox.exe | 
"{8EF01BA1-D1F6-4D73-AADB-AB5E81F83EF1}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | 
"{913350F3-00D4-4B9F-9C8D-F30D7A0F8754}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{9D830397-6E89-423D-A1F7-196B8BA4E3C1}" = protocol=17 | dir=in | app=c:\users\tobillix\imesh applications\imesh\imesh.exe | 
"{A52B226D-7E37-4AC4-9E9F-7D446241EC18}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{AE90F868-2056-4724-9677-E62210637C89}" = protocol=6 | dir=in | app=c:\users\tobillix\appdata\roaming\dropbox\bin\dropbox.exe | 
"{B78C6051-5848-4568-BD2B-7E008D5BC9E3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{BE3E0709-A3B0-40C0-8F87-EA82E1C91D54}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{CC5B74B6-49A5-4E7A-B36E-39D95F00FFAD}" = protocol=6 | dir=in | app=c:\users\tobillix\imesh applications\imesh\imesh.exe | 
"{D0CA002B-4ECB-4DD7-80CF-22540258D827}" = protocol=17 | dir=in | app=c:\users\tobillix\imesh applications\imesh\imesh.exe | 
"{D8BF7B41-9685-43FD-B1C5-3C2F26BCA8CE}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{EE82D5BF-4B83-4999-809A-5D98E38A1CCD}" = dir=in | app=c:\program files (x86)\protected search\protectedsearch.exe | 
"{F273DB03-3C4C-4D95-9B90-D4E369103FEB}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"{FA5DBE5C-113F-4A75-BB37-A38EA4402287}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | 
"TCP Query User{5BD44DEA-8C93-4C43-8D98-4F0E76E6C4D8}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe | 
"TCP Query User{9C1D6887-417E-439B-9C69-47B9E8A22CAB}C:\program files\vlc\vlc.exe" = protocol=6 | dir=in | app=c:\program files\vlc\vlc.exe | 
"TCP Query User{C8E107EB-06FC-4848-8342-2413F6EDB566}C:\users\tobillix\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\tobillix\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{41AEA62B-C521-43F9-9C0B-8DAF6892DC38}C:\users\tobillix\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\tobillix\appdata\roaming\dropbox\bin\dropbox.exe | 
"UDP Query User{5050D132-3565-4248-860A-13B4321645BC}C:\program files\vlc\vlc.exe" = protocol=17 | dir=in | app=c:\program files\vlc\vlc.exe | 
"UDP Query User{EBA5D961-39F4-4620-9730-99E7731A6B84}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0919C44F-F18A-4E3B-A737-03685272CE72}" = Windows Live Remote Service Resources
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{0F696557-180C-4813-A754-5D43969B0691}" = Windows Live Family Safety
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{169C77B7-69C9-4648-9DD0-72B152AF269F}" = Windows Live Family Safety
"{17A4FD95-A507-43F1-BC92-D8572AF8340A}" = Windows Live Remote Service Resources
"{19F09425-3C20-4730-9E2A-FC2E17C9F362}" = Windows Live Remote Service Resources
"{1AAF3A3B-7B32-4DDF-8ABB-438DAEB46EEC}" = Windows Live Family Safety
"{1B8ABA62-74F0-47ED-B18C-A43128E591B8}" = Windows Live ID Sign-in Assistant
"{1C55470A-7C9E-4C63-B466-6AFFC69E94E9}" = Windows Live Family Safety
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{289809B1-078A-49F3-83D0-7E51715B3915}" = Windows Live Family Safety
"{33B98264-A889-4913-A0CA-C364A75032B3}" = ASUS Power4Gear Hybrid
"{3946328A-5B3A-434C-A22B-64CF6652FBAD}" = Windows Live Family Safety
"{401C50F6-B443-43EE-8F27-A80DB19B03FD}" = Windows Live Family Safety
"{46A5FBE9-ADB3-4493-A1CC-B4CFFD24D26A}" = Windows Live Family Safety
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{5FEAD3E5-A158-4B66-B92B-0C959D7CF838}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6CBFDC3C-CF21-4C02-A6DC-A5A2707FAF55}" = Windows Live Remote Service Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{7734509D-A1F7-4A5E-AF9D-77CD17AE41AF}" = Windows Live Family Safety
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8970AE69-40BE-4058-9916-0ACB1B974A3D}" = Windows Live Remote Client Resources
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{9210D7A2-DC28-43F6-92F9-E6CD4C729F7B}" = Windows Live Family Safety
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0BF8602-EA52-4B0A-A2BD-EDABB0977030}" = Windows Live Remote Client Resources
"{B22C8566-D522-4B40-A7AF-525F5A70D832}" = Windows Live Family Safety
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{C504EC13-E122-4939-BD6E-EE5A3BAA5FEC}" = Windows Live Remote Client Resources
"{C9F05151-95A9-4B9B-B534-1760E2D014A5}" = Windows Live Remote Client Resources
"{CB7935EF-43EE-4C0F-AC02-B0E4DD5DAC17}" = Windows Live Family Safety
"{D07A61E5-A59C-433C-BCBD-22025FA2287B}" = Windows Live Language Selector
"{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources
"{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DBEDAF67-C5A3-4C91-951D-31F3FE63AF3F}" = Windows Live Remote Client Resources
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{EFB20CF5-1A6D-41F3-8895-223346CE6291}" = Windows Live Remote Service Resources
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"{FAD0EC0B-753B-4A97-AD34-32AC1EC8DB69}" = Windows Live Remote Client Resources
"{FE4BE0BD-1EDB-4D24-9614-847B3C472887}" = Windows Live Family Safety
"GIMP-2_is1" = GIMP 2.8.2
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Registry Easy_is1" = Registry Easy v5.6
"SynTPDeinstKey" = Synaptics Pointing Device Driver
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{039480EE-6933-4845-88B8-77FD0C3D059D}" = Windows Live Mesh
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = Sonic Focus
"{0A4C4B29-5A9D-4910-A13C-B920D5758744}" = بريد Windows Live
"{0A9256E0-C924-46DE-921B-F6C4548A1C64}" = Windows Live Messenger
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{0ED38503-B69A-44B4-98BE-21BFF284A9B6}" = Brother Driver Deployment Wizard
"{128133D3-037A-4C62-B1B7-55666A10587A}" = Windows Live UX Platform Language Pack
"{14B441B7-774D-4170-98EA-A13667AE6218}" = Windows Live Writer Resources
"{168E7302-890A-4138-9109-A225ACAF7AD1}" = Windows Live Photo Common
"{17F99FCE-8F03-4439-860A-25C5A5434E18}" = Windows Live Essentials
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1A82AE99-84D3-486D-BAD6-675982603E14}" = Windows Live Writer
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{2511AAD7-82DF-4B97-B0B3-E1B933317010}" = Windows Live Writer Resources
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Driver Installation Program
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A07C35B-8384-4DA4-9A95-442B6C89A073}" = Windows Live Essentials
"{2AD2DD70-27F7-4343-BB4E-DE50A32D854B}" = Windows Live Messenger
"{2C4E06CC-1F04-4C25-8B3C-93A9049EC42C}" = Windows Live UX Platform Language Pack
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2FF959E3-FFE4-46C4-96DA-03F26BCFEFCC}" = Brother MFL-Pro Suite DCP-J140W
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{341697D8-9923-445E-B42A-529E5A99CB7A}" = syncables desktop SE
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{3D0C22FA-96D7-4789-BC5B-991A5A99BFFA}" = Windows Live Messenger
"{3F4143A1-9C21-4011-8679-3BC1014C6886}" = Windows Live Mesh
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{40BFD84C-64CD-42CC-9909-8734C50429C6}" = Windows Live UX Platform Language Pack
"{4555BB9E-E715-4260-A178-E8EFD2B653E3}" = Alcor Micro USB Card Reader
"{46872828-6453-4138-BE1C-CE35FBF67978}" = Windows Live Mesh
"{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4A275FD1-2F24-4274-8C01-813F5AD1A92D}" = Windows Live Messenger
"{4B28D47A-5FF0-45F8-8745-11DC2A1C9D0F}" = Windows Live Writer
"{4D83F339-5A5C-4B21-8FD3-5D407B981E72}" = Windows Live Photo Common
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{5F6E678A-7E61-448A-86CB-BC2AD1E04138}" = Windows Live Messenger
"{6057E21C-ABE9-4059-AE3E-3BEB9925E660}" = Windows Live Messenger
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{63AE67AA-1AB1-4565-B4EF-ABBC5C841E8D}" = Windows Live Messenger
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{677AAD91-1790-4FC5-B285-0E6A9D65F7DC}" = Windows Live Mail
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6986737B-F286-40D1-87AF-938339DCF6AB}" = Windows Live Messenger
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6A4ABCDC-0A49-4132-944E-01FBCCB3465C}" = Windows Live UX Platform Language Pack
"{6A563426-3474-41C6-B847-42B39F1485B2}" = Windows Live Messenger
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{709E38A9-7F80-4598-96CC-44B0D553FECE}" = Windows Live Messenger
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73FC3510-6421-40F7-9503-EDAE4D0CF70D}" = Windows Live Photo Common
"{7465A996-0FCA-4D2D-A52C-F833B0829B5B}" = Windows Live Movie Maker
"{7496FD31-E5CB-4AE4-82D3-31099558BF6A}" = Windows Live Mesh
"{749F674B-2674-47E8-879C-5626A06B2A91}" = InstantOn for NB
"{74E8A7F6-575D-42C7-9178-E87D1B3BEFE8}" = Windows Live UX Platform Language Pack
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{77F69CA1-E53D-4D77-8BA3-FA07606CC851}" = Фотоальбом Windows Live
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{7E017923-16F8-4E32-94EF-0A150BD196FE}" = Windows Live Writer
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7FF11E53-C002-4F40-8D68-6BE751E5DD62}" = Windows Live Writer Resources
"{804DE397-F82C-4867-9085-E0AA539A3294}" = Windows Live Writer
"{80956555-A512-4190-9CAD-B000C36D6B6B}" = Windows Live Messenger
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{84A411F9-40A5-4CDA-BF46-E09FBB2BC313}" = Windows Live Essentials
"{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer
"{873E4648-6F6E-47F6-A7B2-A6F8DFABDCE6}" = Windows Live Messenger
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{93E464B3-D075-4989-87FD-A828B5C308B1}" = Windows Live Writer Resources
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{9BD262D0-B788-4546-A0A5-F4F56EC3834B}" = Windows Live Photo Common
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9DB90178-B5B0-45BD-B0A7-D40A6A1DF1CA}" = Windows Live Movie Maker
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A60B3BF0-954B-42AF-B8D8-2C1D34B613AA}" = Windows Live Photo Gallery
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{ABD534B7-E951-470E-92C2-CD5AF1735726}" = Windows Live Essentials
"{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh
"{ADE85655-8D1E-4E4B-BF88-5E312FB2C74F}" = Windows Live Mail
"{ADFE4AED-7F8E-4658-8D6E-742B15B9F120}" = Windows Live Photo Common
"{AF01B90A-D25C-4F60-AECD-6EEDF509DC11}" = Windows Live Mesh
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail
"{B2BCA478-EC0F-45EE-A9E9-5EABE87EA72D}" = Windows Live Photo Common
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{B63F0CE3-CCD0-490A-9A9C-E1A3B3A17137}" = Почта Windows Live
"{BF022D76-9F72-4203-B8FA-6522DC66DFDA}" = Windows Live Movie Maker
"{C00C2A91-6CB3-483F-80B3-2958E29468F1}" = Συλλογή φωτογραφιών του Windows Live
"{C29FC15D-E84B-4EEC-8505-4DED94414C59}" = Windows Live Writer Resources
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C4BC5A5F-4A97-47CC-99C3-AB8E10572AFE}" = Wireless Console 3
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}" = ASUS FancyStart
"{CB7224D9-6DCA-43F1-8F83-6B1E39A00F92}" = Windows Live Movie Maker
"{CDC39BF2-9697-4959-B893-A2EE05EF6ACB}" = Windows Live Writer
"{CE929F09-3853-4180-BD90-30764BFF7136}" = גלריית התמונות של Windows Live
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D588365A-AE39-4F27-BDAE-B4E72C8E900C}" = Windows Live Mail
"{D6F25CF9-4E87-43EB-B324-C12BE9CDD668}" = Windows Live UX Platform Language Pack
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DBAA2B17-D596-4195-A169-BA2166B0D69B}" = Windows Live Mail
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE7C13A6-E4EA-4296-B0D5-5D7E8AD69501}" = Windows Live Writer
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{DEF91E0F-D266-453D-B6F2-1BA002B40CB6}" = Windows Live Essentials
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E83DC314-C926-4214-AD58-147691D6FE9F}" = Основные компоненты Windows Live
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EB4DF488-AAEF-406F-A341-CB2AAA315B90}" = Windows Live Messenger
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{ED16B700-D91F-44B0-867C-7EB5253CA38D}" = Raccolta foto di Windows Live
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F52C5BE7-3F57-464E-8A54-908402E43CE8}" = Windows Live Writer Resources
"{F7E80BA7-A09D-4DD1-828B-C4A0274D4720}" = Windows Live Mesh
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}" = ASUS Live Update
"{FBCA06D2-4642-4F33-B20A-A7AB3F0D2E69}" = معرض صور Windows Live
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"{FF105207-8423-4E13-B0B1-50753170B245}" = Windows Live Movie Maker
"{FF3DFA01-1E98-46B4-A065-DA8AD47C9598}" = Windows Live Movie Maker
"3GP Media Player_is1" = 3GP Media Player 1.0.1
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"AmUStor" = Alcor Micro USB Card Reader
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"ASUS_Screensaver" = ASUS_Screensaver
"Avira AntiVir Desktop" = Avira Free Antivirus
"AVS Screen Capture_is1" = AVS Screen Capture version 2.0.1
"AVS Update Manager_is1" = AVS Update Manager 1.0
"AVS Video Editor_is1" = AVS Video Editor 6
"AVS Video Recorder_is1" = AVS Video Recorder 2.5
"AVS4YOU Software Navigator_is1" = AVS4YOU Software Navigator 1.4
"FlyChart" = FlyChart
"Google Chrome" = Google Chrome
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"IrfanView" = IrfanView (remove only)
"MaxPunkte_is1" = MaxPunkte Ver. 6.3.x
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"Mozilla Thunderbird 17.0.6 (x86 de)" = Mozilla Thunderbird 17.0.6 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"VLC media player" = VLC media player 2.0.6
"Winamp" = Winamp
"WinLiveSuite" = Windows Live Essentials
"World of Goo" = World of Goo
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-1136809362-2212667915-2443606012-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"2418080180.www.pcspeedup.com" = PCSpeedUp
"Dropbox" = Dropbox
"Swiss Casino" = Swiss Casino
"Winamp Detect" = Winamp Erkennungs-Plug-in
 
========== Last 20 Event Log Errors ==========
 
[ System Events ]
Error - 14.06.2013 04:50:07 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Client Virtualization Handler" wurde unerwartet beendet. Dies
 ist bereits 1 Mal passiert.
 
Error - 14.06.2013 04:50:07 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0"
 wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen
 werden in 0 Millisekunden durchgeführt: Neustart des Diensts.
 
Error - 14.06.2013 04:50:08 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Intel(R) Management and Security Application Local Management
 Service" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende
 Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
 
Error - 14.06.2013 04:50:08 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits
 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt:
 Neustart des Diensts.
 
Error - 14.06.2013 04:50:08 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet
 beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden
 in 30000 Millisekunden durchgeführt: Neustart des Diensts.
 
Error - 14.06.2013 04:50:08 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Intel(R) Management and Security Application User Notification
 Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 
Error - 14.06.2013 04:50:12 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7034
Description = Dienst "Application Virtualization Client" wurde unerwartet beendet.
 Dies ist bereits 1 Mal passiert.
 
Error - 14.06.2013 04:50:38 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7032
Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden
 des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen,
 ist fehlgeschlagen. Fehler:   %%1056
 
Error - 14.06.2013 04:55:01 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
 Google Update-Dienst (gupdate) erreicht.
 
Error - 14.06.2013 04:55:01 | Computer Name = Tobillix-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden
 Fehlers nicht gestartet:   %%1053
 
 
< End of report >
         
Entschuldige die Reihenfolge

Vielen Dank für die Flotten Antworten!


Thx

Antwort

Themen zu Windows7 Explorer funktioniert nicht mehr
arbeiten, ausführen, befehl, beschädigte, bilder, c:\windows, cbs.log, cmd, datein, explorer, explorer funktioniert nicht, fehlerhafte, funktioniert, funktioniert nicht, funktioniert nicht mehr, home, konnte, nicht mehr, richtig, scan, schutz, stehe, stürtzt, system, systemdateien, windows, windows 7, übertragen



Ähnliche Themen: Windows7 Explorer funktioniert nicht mehr


  1. IE-Explorer funktioniert nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 04.11.2015 (20)
  2. Windows-Explorer Funktioniert nicht mehr?
    Alles rund um Windows - 15.04.2015 (76)
  3. Internet Explorer funktioniert nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 09.12.2014 (17)
  4. Explorer.exe funktioniert nicht mehr
    Alles rund um Windows - 31.01.2014 (4)
  5. Windows-Explorer funktioniert nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 26.09.2013 (1)
  6. GVU Trojaner / windows7 / admin-konto funktioniert nicht mehr
    Log-Analyse und Auswertung - 01.08.2013 (15)
  7. Windows Explorer funktioniert nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 09.01.2013 (17)
  8. explorer.exe funktioniert nicht mehr. Windows 7
    Log-Analyse und Auswertung - 29.06.2012 (1)
  9. Internet Explorer funktioniert nicht mehr
    Log-Analyse und Auswertung - 25.01.2010 (1)
  10. Windows-Explorer funktioniert nicht mehr - explorer.exe
    Alles rund um Windows - 21.12.2009 (0)
  11. Internet Explorer funktioniert nicht mehr!
    Log-Analyse und Auswertung - 29.03.2009 (0)
  12. Win explorer funktioniert nicht mehr
    Mülltonne - 09.11.2008 (0)
  13. Internet Explorer Funktioniert nicht mehr.
    Plagegeister aller Art und deren Bekämpfung - 18.01.2008 (23)
  14. Internet Explorer funktioniert nicht mehr
    Log-Analyse und Auswertung - 19.12.2007 (13)
  15. Internet Explorer 7.0 funktioniert nicht mehr
    Alles rund um Windows - 25.07.2007 (1)
  16. Windows Explorer funktioniert nicht mehr
    Log-Analyse und Auswertung - 07.06.2007 (3)
  17. Win-Explorer funktioniert nicht mehr...
    Log-Analyse und Auswertung - 22.03.2005 (4)

Zum Thema Windows7 Explorer funktioniert nicht mehr - Hallo, bei mir stürtzt immer der Explorer ab, wenn ich bsp. Bilder übertragen möchte vielleicht Kontexmenü als auslöser für den Absturz. Da ich ihn geöffnet stehen lassen kann ohne zu - Windows7 Explorer funktioniert nicht mehr...
Archiv
Du betrachtest: Windows7 Explorer funktioniert nicht mehr auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.