| Dennis29 | 24.05.2013 20:41 |
So nun nach den Scans kann ich die Logs nun posten:
OTL :
OTL Logfile: Code:
OTL logfile created on: 24.05.2013 21:35:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\dennis\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16580)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,82 Gb Total Physical Memory | 5,91 Gb Available Physical Memory | 75,49% Memory free
9,01 Gb Paging File | 7,13 Gb Available in Paging File | 79,09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 678,33 Gb Total Space | 537,83 Gb Free Space | 79,29% Space Free | Partition Type: NTFS
Computer Name: DENNIS | User Name: dennis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2013.05.24 20:20:38 | 000,050,477 | ---- | M] () -- C:\Users\dennis\Downloads\Defogger.exe
PRC - [2013.05.24 20:20:10 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\dennis\Downloads\OTL.exe
PRC - [2013.04.05 12:58:26 | 000,059,720 | ---- | M] (Apple Inc.) -- C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2013.03.15 07:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
PRC - [2012.12.23 21:33:30 | 000,144,520 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe
PRC - [2012.11.13 15:08:12 | 003,487,240 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe
PRC - [2012.11.13 15:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
PRC - [2012.11.13 15:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
PRC - [2012.11.13 15:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
PRC - [2012.11.09 02:46:30 | 000,081,536 | ---- | M] (Atheros) -- C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe
PRC - [2012.09.10 16:22:32 | 000,872,048 | ---- | M] (ROCCAT GmbH) -- C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe
PRC - [2012.08.21 12:36:54 | 000,473,712 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMutilps32.exe
PRC - [2012.08.21 12:36:52 | 001,176,176 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2012.08.21 12:36:52 | 000,348,784 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2012.07.31 01:04:06 | 000,533,056 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
PRC - [2012.07.27 17:16:32 | 002,415,760 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
PRC - [2012.07.17 11:10:32 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2012.07.17 11:10:30 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2012.07.17 11:10:16 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
PRC - [2012.07.13 01:01:12 | 000,025,232 | ---- | M] () -- C:\Programme\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
PRC - [2012.07.13 01:01:10 | 000,044,176 | ---- | M] () -- C:\Programme\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
========== Modules (No Company Name) ==========
MOD - [2013.05.24 20:20:38 | 000,050,477 | ---- | M] () -- C:\Users\dennis\Downloads\Defogger.exe
MOD - [2013.05.17 14:29:25 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\5cb0754debdf19b9f0d63d4d8721f532\System.Windows.Forms.ni.dll
MOD - [2013.03.15 07:53:06 | 000,004,096 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
MOD - [2013.01.09 16:23:12 | 001,593,344 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\7e6b074d3f3e3cc8e0270a3552c47aaa\System.Drawing.ni.dll
MOD - [2013.01.09 16:22:50 | 007,988,736 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\28c2c6e7f48ff80c680a97b08df66a72\System.ni.dll
MOD - [2013.01.09 16:22:47 | 011,494,912 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\8d2929ad589e1092eb62a43424361465\mscorlib.ni.dll
MOD - [2012.11.28 15:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012.11.28 15:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012.07.31 01:04:34 | 000,465,384 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
MOD - [2012.07.13 01:01:12 | 000,025,232 | ---- | M] () -- C:\Programme\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
MOD - [2012.07.13 01:01:10 | 000,044,176 | ---- | M] () -- C:\Programme\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
MOD - [2012.05.30 08:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\wincfi39.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013.04.09 06:48:42 | 000,169,472 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013.03.02 04:45:07 | 000,171,008 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013.03.02 04:45:05 | 000,180,224 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013.02.02 10:21:45 | 000,467,456 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013.01.10 01:23:16 | 001,964,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013.01.10 01:22:35 | 000,438,272 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2012.09.20 11:10:47 | 002,367,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2012.09.20 10:18:03 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2012.09.20 08:31:18 | 000,116,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2012.09.20 08:30:41 | 000,179,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2012.08.29 16:22:36 | 000,208,384 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Windows\SysNative\AdminService.exe -- (AtherosSvc)
SRV:64bit: - [2012.07.26 05:07:47 | 000,065,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2012.07.26 05:07:42 | 000,263,680 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2012.07.26 05:07:40 | 000,283,648 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2012.07.26 05:07:25 | 000,012,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2012.07.26 05:06:34 | 000,743,936 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2012.07.26 05:06:33 | 000,161,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2012.07.26 05:06:33 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012.07.26 05:05:55 | 000,059,904 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2012.07.26 05:05:34 | 000,037,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2012.07.26 05:05:28 | 000,207,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2012.07.26 05:05:24 | 000,342,016 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2012.07.26 05:05:08 | 000,122,368 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AUInstallAgent.dll -- (AllUserInstallAgent)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2012.07.26 02:24:02 | 000,336,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV - [2013.05.14 21:40:13 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.05.12 00:26:17 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013.05.04 01:35:30 | 000,543,656 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2013.04.01 21:04:34 | 000,049,152 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\BattlEye\BEService.exe -- (BEService)
SRV - [2013.03.15 07:53:06 | 001,266,464 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2012.12.23 21:33:30 | 000,144,520 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe -- (NIS)
SRV - [2012.12.08 02:11:06 | 000,277,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012.11.09 02:46:30 | 000,081,536 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Qualcomm Atheros\Ath_WlanAgent.exe -- (ZAtheros Wlan Agent)
SRV - [2012.09.20 10:18:03 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2012.09.04 21:56:11 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012.09.04 21:37:14 | 000,093,296 | ---- | M] (Dritek System INC.) [Auto | Running] -- C:\Windows\RfBtnSvc64.exe -- (RfButtonDriverService)
SRV - [2012.08.21 12:36:52 | 000,348,784 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2012.07.31 21:20:26 | 000,659,600 | ---- | M] (Acer Incorporated) [On_Demand | Running] -- C:\Programme\Acer\Acer Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2012.07.31 03:16:42 | 000,466,064 | ---- | M] (Acer Incorporated) [On_Demand | Stopped] -- C:\Programme\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe -- (DeviceFastLaneService)
SRV - [2012.07.31 01:04:16 | 000,259,136 | ---- | M] (NTI Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2012.07.27 17:16:32 | 002,415,760 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe -- (CCDMonitorService)
SRV - [2012.07.26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2012.07.17 11:10:32 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012.07.17 11:10:30 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012.07.17 11:10:16 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012.07.13 11:02:16 | 002,451,456 | ---- | M] (Realsil Microelectronics Inc.) [Auto | Running] -- C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe -- (IconMan_R)
SRV - [2012.07.12 05:10:24 | 000,174,160 | ---- | M] (Egis Technology Inc. ) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe -- (EgisTec Ticket Service)
SRV - [2012.07.04 10:17:08 | 000,243,728 | ---- | M] (CyberLink) [Auto | Stopped] -- C:\Program Files (x86)\Acer\clear.fi SDK21\Movie\NavFilter\kmsvc.exe -- (CLKMSVC10_96E434EB)
SRV - [2012.04.20 14:16:12 | 000,635,104 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R)
SRV - [2010.06.25 19:07:20 | 000,117,264 | ---- | M] (CACE Technologies, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.05.24 18:23:39 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013.04.09 07:27:43 | 000,284,424 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013.03.15 07:53:06 | 000,030,496 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2013.03.02 12:57:48 | 000,337,128 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013.03.02 12:57:46 | 000,077,544 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013.03.02 12:45:20 | 000,148,712 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013.03.02 12:45:19 | 000,194,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013.03.02 12:39:38 | 000,069,864 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013.02.02 13:19:44 | 000,446,184 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013.02.02 09:25:23 | 000,037,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013.01.30 21:18:18 | 000,432,800 | R--- | M] (Symantec Corporation) [Kernel | System | Unknown] -- C:\Windows\SysNative\Drivers\NISx64\1403010.016\symnets.sys -- (SymNetS)
DRV:64bit: - [2013.01.30 21:18:06 | 001,139,800 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\Drivers\NISx64\1403010.016\SymEFA64.sys -- (SymEFA)
DRV:64bit: - [2013.01.29 03:57:05 | 000,035,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013.01.29 01:08:22 | 000,230,904 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013.01.28 19:45:20 | 000,796,248 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NISx64\1403010.016\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013.01.28 19:45:20 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1403010.016\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013.01.21 20:15:34 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\NISx64\1403010.016\SymDS64.sys -- (SymDS)
DRV:64bit: - [2013.01.17 22:15:24 | 000,044,272 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\LGSUsbFilt.sys -- (LGSUsbFilt)
DRV:64bit: - [2013.01.17 22:15:12 | 000,066,800 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\LGSHidFilt.Sys -- (LGSHidFilt)
DRV:64bit: - [2013.01.11 20:02:34 | 000,064,624 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2013.01.10 03:53:32 | 000,028,904 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2012.12.13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.12.08 02:11:01 | 005,343,584 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012.11.27 05:55:44 | 000,029,952 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2012.11.20 06:54:31 | 000,039,936 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2012.11.15 20:45:14 | 000,023,448 | R--- | M] (Symantec Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\NISx64\1403010.016\SymELAM.sys -- (SymELAM)
DRV:64bit: - [2012.11.15 20:22:02 | 000,224,416 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1403010.016\Ironx64.sys -- (SymIRON)
DRV:64bit: - [2012.11.15 20:18:04 | 000,168,096 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\NISx64\1403010.016\ccSetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2012.11.13 03:38:33 | 003,701,760 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\athw8x.sys -- (athr)
DRV:64bit: - [2012.11.06 05:55:44 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2012.10.12 10:08:01 | 000,027,880 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.10.11 09:25:48 | 000,056,552 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2012.10.11 09:13:49 | 000,058,088 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\Drivers\dam.sys -- (dam)
DRV:64bit: - [2012.10.01 15:07:32 | 001,982,768 | ---- | M] (TamoSoft) [CommView] Atheros AR9271 Wireless Network Adapter Service [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ts_arnusbx.sys -- (ts_arnusb)
DRV:64bit: - [2012.09.20 09:55:33 | 000,212,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2012.09.20 09:55:30 | 000,120,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2012.09.20 09:55:27 | 003,265,256 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2012.09.20 09:55:24 | 000,533,224 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2012.09.04 21:37:14 | 000,026,736 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\aPs2Kb2Hid.sys -- (Ps2Kb2Hid)
DRV:64bit: - [2012.08.21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012.08.02 13:36:34 | 000,062,776 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2012.08.02 13:36:34 | 000,022,648 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\Drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2012.08.02 13:36:34 | 000,020,520 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2012.07.26 07:26:46 | 000,025,328 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012.07.26 07:26:45 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\condrv.sys -- (condrv)
DRV:64bit: - [2012.07.26 07:00:58 | 000,322,800 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2012.07.26 07:00:58 | 000,106,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2012.07.26 07:00:58 | 000,097,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2012.07.26 07:00:57 | 000,077,040 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2012.07.26 07:00:55 | 000,064,240 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2012.07.26 07:00:55 | 000,030,960 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2012.07.26 07:00:52 | 000,092,400 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2012.07.26 07:00:52 | 000,081,136 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2012.07.26 07:00:52 | 000,064,752 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2012.07.26 07:00:51 | 000,113,904 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2012.07.26 07:00:51 | 000,081,136 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2012.07.26 07:00:49 | 000,258,288 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2012.07.26 07:00:49 | 000,106,736 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\3ware.sys -- (3ware)
DRV:64bit: - [2012.07.26 07:00:49 | 000,076,016 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2012.07.26 07:00:48 | 000,026,352 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\Drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2012.07.26 06:57:54 | 000,361,200 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2012.07.26 06:54:34 | 000,096,496 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2012.07.26 06:53:16 | 000,067,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vpci.sys -- (vpci)
DRV:64bit: - [2012.07.26 05:17:38 | 000,036,592 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2012.07.26 04:29:14 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2012.07.26 04:29:08 | 000,048,640 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2012.07.26 04:29:03 | 000,024,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2012.07.26 04:28:52 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2012.07.26 04:27:58 | 000,012,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2012.07.26 04:27:41 | 000,018,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2012.07.26 04:27:37 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2012.07.26 04:27:33 | 000,023,552 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\Drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2012.07.26 04:27:29 | 000,019,968 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2012.07.26 04:27:16 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2012.07.26 04:27:01 | 000,011,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2012.07.26 04:26:46 | 000,062,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2012.07.26 04:26:43 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2012.07.26 04:26:34 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012.07.26 04:26:13 | 000,051,200 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2012.07.26 04:25:57 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2012.07.26 04:25:56 | 000,057,344 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.07.26 04:25:13 | 000,045,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2012.07.26 04:25:02 | 000,202,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2012.07.26 04:25:01 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2012.07.26 04:23:53 | 000,068,608 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2012.07.26 04:23:42 | 000,097,792 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2012.07.09 13:43:12 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\Drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012.07.04 23:44:48 | 000,446,840 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\Apfiltr.sys -- (ApfiltrService)
DRV:64bit: - [2012.07.04 04:41:58 | 000,339,600 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\RtsPStor.sys -- (RSPCIESTOR)
DRV:64bit: - [2012.06.21 23:02:52 | 000,110,744 | ---- | M] (Qualcomm Atheros Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\L1C63x64.sys -- (L1C)
DRV:64bit: - [2012.06.19 01:40:50 | 000,342,528 | ---- | M] (Intel(R) Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2012.03.26 15:50:12 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011.05.13 15:14:36 | 001,206,504 | ---- | M] (TamoSoft) [CommView] Atheros Wireless Network Adapter Service [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\ts_arusbx.sys -- (ts_arusb)
DRV:64bit: - [2010.07.09 05:51:38 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2010.06.25 19:07:26 | 000,035,344 | ---- | M] (CACE Technologies, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\Drivers\npf.sys -- (NPF)
DRV:64bit: - [2010.04.20 04:35:14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\Drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.11.24 03:38:00 | 000,016,008 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\LGVirHid.sys -- (LGVirHid)
DRV:64bit: - [2009.11.24 03:37:50 | 000,022,408 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\Drivers\LGBusEnum.sys -- (LGBusEnum)
DRV:64bit: - [2009.06.18 12:54:10 | 000,006,144 | ---- | M] (Sophos Plc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\86AF.tmp -- (MEMSWEEP2)
DRV - [2013.05.24 12:06:22 | 002,098,776 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\VirusDefs\20130524.003\ex64.sys -- (NAVEX15)
DRV - [2013.05.24 12:06:22 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013.05.24 12:06:22 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Unknown] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilDrv11220.sys -- (EraserUtilDrv11220)
DRV - [2013.05.24 12:06:22 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\VirusDefs\20130524.003\eng64.sys -- (NAVENG)
DRV - [2013.05.23 17:02:58 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\IPSDefs\20130523.001\IDSviA64.sys -- (IDSVia64)
DRV - [2013.05.15 01:00:30 | 001,390,680 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\BASHDefs\20130515.001\BHDrvx64.sys -- (BHDrvx64)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}
IE:64bit: - HKLM\..\SearchScopes\{595B4868-2D76-4051-944A-279993CBA921}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
IE:64bit: - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=0&systemid=413&apn_dtid=BND413&apn_ptnrs=AGA&o=APN10649&apn_uid=4081941635884217&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank
IE - HKLM\..\SearchScopes,DefaultScope = {CBD4ACCD-AF02-4FA4-B623-F591CAB8C432}
IE - HKLM\..\SearchScopes\{595B4868-2D76-4051-944A-279993CBA921}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=0&systemid=413&apn_dtid=BND413&apn_ptnrs=AGA&o=APN10649&apn_uid=4081941635884217&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
IE - HKCU\..\SearchScopes,DefaultScope = {CBD4ACCD-AF02-4FA4-B623-F591CAB8C432}
IE - HKCU\..\SearchScopes\{0C2A0134-3BED-4F21-B880-0CFCC104F8E5}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=184EA20D-A846-4B22-A7E2-E5BBB5949D45&apn_sauid=D924D033-B524-4C81-A9C6-C828DCC624B8
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2413}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=0&systemid=413&apn_dtid=BND413&apn_ptnrs=AGA&o=APN10649&apn_uid=4081941635884217&q={searchTerms}
IE - HKCU\..\SearchScopes\{CBD4ACCD-AF02-4FA4-B623-F591CAB8C432}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3297265&CUI=UN74676148248485455&UM=2
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Norton Safe Search"
FF - prefs.js..browser.search.defaultthis.engineName: "Google"
FF - prefs.js..browser.search.defaulturl: "Google.de"
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.selectedEngine: "Norton Safe Search"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - prefs.js..extensions.enabledAddons: %7BBBDA0591-3099-440a-AA10-41764D9DB4DB%7D:11.3.0.9%20-%205
FF - prefs.js..extensions.enabledAddons: %7B2D3F3651-74B9-4795-BDEC-6DA2F431CB62%7D:2013.3.5.1
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0
FF - prefs.js..keyword.URL: "hxxp://nortonsafe.search.ask.com/web?o=APN10506&gct=kwd&qsrc=2869&l=dis&prt=NIS&chn=retail&geo=DE&ver=20&q="
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\IPSFFPlgn\ [2013.05.24 18:24:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\coFFPlgn\ [2013.05.24 18:32:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.05.17 15:40:54 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.04.13 00:40:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK
[2013.05.17 18:31:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\dennis\AppData\Roaming\mozilla\Extensions
[2013.05.17 19:12:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\dennis\AppData\Roaming\mozilla\Firefox\Profiles\51lkmtki.default\extensions
[2013.05.24 17:50:46 | 000,000,000 | ---D | M] (No name found) -- C:\Users\dennis\AppData\Roaming\mozilla\Firefox\Profiles\s1f2m1ki.default\extensions
[2013.05.17 19:12:24 | 000,134,804 | ---- | M] () (No name found) -- C:\Users\dennis\AppData\Roaming\mozilla\firefox\profiles\51lkmtki.default\extensions\adblockpopups@jessehakanen.net.xpi
[2013.05.24 18:39:48 | 000,002,482 | ---- | M] () -- C:\Users\dennis\AppData\Roaming\mozilla\firefox\profiles\s1f2m1ki.default\searchplugins\safesearch.xml
[2013.05.17 18:39:12 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013.05.17 18:39:12 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013.05.24 18:32:28 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\COFFPLGN
[2013.05.24 18:24:13 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\IPSFFPLGN
========== Chrome ==========
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\24.0.1312.57\pdf.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\McChPlg.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.3 (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: Intel\u00AE Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java(TM) Platform SE 7 U11 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: McAfee Security Scanner + (Enabled) = C:\Program Files (x86)\McAfee Security Scan\3.0.318\npMcAfeeMss.dll
CHR - plugin: McAfee SiteAdvisor (Enabled) = C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: Docs = C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Google Drive = C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: YouTube = C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: SiteAdvisor = C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.60.126.1_0\
CHR - Extension: Google Mail = C:\Users\dennis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2013.03.19 00:42:29 | 000,445,760 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O1 - Hosts: 127.0.0.1 www.007guard.com
O1 - Hosts: 127.0.0.1 007guard.com
O1 - Hosts: 127.0.0.1 008i.com
O1 - Hosts: 127.0.0.1 www.008k.com
O1 - Hosts: 127.0.0.1 008k.com
O1 - Hosts: 127.0.0.1 www.00hq.com
O1 - Hosts: 127.0.0.1 00hq.com
O1 - Hosts: 127.0.0.1 010402.com
O1 - Hosts: 127.0.0.1 www.032439.com
O1 - Hosts: 127.0.0.1 032439.com
O1 - Hosts: 127.0.0.1 www.0scan.com
O1 - Hosts: 127.0.0.1 0scan.com
O1 - Hosts: 127.0.0.1 www.1000gratisproben.com
O1 - Hosts: 127.0.0.1 1000gratisproben.com
O1 - Hosts: 127.0.0.1 1001namen.com
O1 - Hosts: 127.0.0.1 www.1001namen.com
O1 - Hosts: 127.0.0.1 100888290cs.com
O1 - Hosts: 127.0.0.1 www.100888290cs.com
O1 - Hosts: 127.0.0.1 www.100sexlinks.com
O1 - Hosts: 127.0.0.1 100sexlinks.com
O1 - Hosts: 127.0.0.1 www.10sek.com
O1 - Hosts: 127.0.0.1 10sek.com
O1 - Hosts: 127.0.0.1 www.1-2005-search.com
O1 - Hosts: 127.0.0.1 1-2005-search.com
O1 - Hosts: 127.0.0.1 www.123fporn.info
O1 - Hosts: 15307 more lines...
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\IPS\ipsbho.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {A13C2648-91D4-4BF3-BC6D-0079707C4389} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [BtPreLoad] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtPreLoad.exe" File not found
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_Dolby] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BakupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [Dolby Home Theater v4] C:\Dolby PCEE4\pcee4.exe (Dolby Laboratories Inc.)
O4 - HKLM..\Run: [ROCCAT Savu Gaming Mouse] C:\Program Files (x86)\ROCCAT\Savu Mouse\Savu Monitor.exe (ROCCAT GmbH)
O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Spybot-S&D Cleaning] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe (Safer-Networking Ltd.)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O4 - HKLM..\RunOnce: [SpybotDeletingE3387] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunOnce: [SpybotDeletingE5259] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe (Safer-Networking Ltd.)
O4 - HKLM..\RunOnce: [Z1] C:\Windows\SysWow64\cmd.exe (Microsoft Corporation)
O4 - HKCU..\RunOnce: [SpybotDeletingF7015] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe (Safer-Networking Ltd.)
O4 - HKCU..\RunOnce: [SpybotDeletingF7950] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDDelFile.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 60
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{1552E2AF-04A6-45B6-A59E-BAABBA10CA14}: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{41F4020E-51BF-4FB0-912B-19FDE9120017}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 0
O33 - MountPoints2\{1fafc16d-9a38-11e2-bf02-4c72b993a0f0}\Shell - "" = AutoRun
O33 - MountPoints2\{1fafc16d-9a38-11e2-bf02-4c72b993a0f0}\Shell\AutoRun\command - "" = "E:\HTC_Sync_Manager_PC.exe"
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.05.24 19:15:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.05.24 18:45:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Registry Recycler
[2013.05.24 18:45:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registry Recycler
[2013.05.24 18:45:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Registry Recycler
[2013.05.24 18:42:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NT Registry Optimizer
[2013.05.24 18:42:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NT Registry Optimizer
[2013.05.24 18:23:39 | 000,177,312 | ---- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013.05.24 18:23:39 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2013.05.24 18:23:39 | 000,000,000 | ---D | C] -- C:\Program Files\Symantec
[2013.05.24 18:22:57 | 000,432,800 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symnets.sys
[2013.05.24 18:22:57 | 000,023,448 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\SymELAM.sys
[2013.05.24 18:22:56 | 001,139,800 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\SymEFA64.sys
[2013.05.24 18:22:56 | 000,796,248 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtsp64.sys
[2013.05.24 18:22:56 | 000,493,656 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\SymDS64.sys
[2013.05.24 18:22:56 | 000,224,416 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\Ironx64.sys
[2013.05.24 18:22:56 | 000,036,952 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtspx64.sys
[2013.05.24 18:22:55 | 000,168,096 | R--- | C] (Symantec Corporation) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\ccSetx64.sys
[2013.05.24 18:21:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64
[2013.05.24 18:21:13 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\drivers\NISx64\1403010.016
[2013.05.24 18:21:10 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
[2013.05.24 18:21:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Internet Security
[2013.05.24 18:16:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NortonInstaller
[2013.05.24 17:54:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
[2013.05.24 17:54:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sophos
[2013.05.23 20:50:45 | 000,000,000 | ---D | C] -- C:\Users\dennis\RETrOSHARE DOWNLOADS
[2013.05.23 18:46:15 | 000,000,000 | ---D | C] -- C:\Users\dennis\Desktop\RetroshARE
[2013.05.23 18:41:18 | 000,000,000 | ---D | C] -- C:\Users\dennis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RetroShare
[2013.05.23 18:41:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RetroShare
[2013.05.23 18:41:15 | 000,000,000 | ---D | C] -- C:\Users\dennis\AppData\Roaming\RetroShare
[2013.05.23 18:41:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RetroShare
[2013.05.23 18:28:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tcpfile
[2013.05.22 15:19:37 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.05.20 23:44:08 | 000,000,000 | ---D | C] -- C:\Users\dennis\Desktop\Musik
[2013.05.20 18:17:10 | 000,000,000 | ---D | C] -- C:\Users\dennis\Desktop\Best of Summer
[2013.05.17 03:33:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service
[2013.05.17 00:36:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[2013.05.17 00:36:42 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner
[2013.05.16 21:39:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Conduit
[2013.05.16 21:39:43 | 000,000,000 | ---D | C] -- C:\Users\dennis\AppData\Local\Conduit
[2013.05.16 21:33:56 | 000,081,536 | ---- | C] (Conduit) -- C:\ministub.exe
[2013.05.16 21:33:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Conduit
[2013.05.16 10:43:07 | 000,000,000 | ---D | C] -- C:\ProgramData\eMule
[2013.05.16 10:42:59 | 000,000,000 | ---D | C] -- C:\Users\dennis\AppData\Local\eMule
[2013.05.16 10:42:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eMule
[2013.05.16 10:42:58 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eMule
[2013.05.16 02:50:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Browser Manager
[2013.05.16 01:34:00 | 000,000,000 | ---D | C] -- C:\Users\dennis\AppData\Roaming\FFP
[2013.05.16 00:46:30 | 000,000,000 | ---D | C] -- C:\Users\dennis\AppData\Roaming\TFP
[2013.05.16 00:44:57 | 000,397,312 | ---- | C] (Koyote Soft) -- C:\Windows\SysWow64\TubeFinder.exe
[2013.05.16 00:44:49 | 000,000,000 | ---D | C] -- C:\Users\dennis\AppData\Roaming\FreeFLVConverter
[2013.05.16 00:30:43 | 000,000,000 | ---D | C] -- C:\Users\dennis\dwhelper
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2013.05.24 20:44:14 | 000,000,000 | ---- | M] () -- C:\Users\dennis\defogger_reenable
[2013.05.24 20:40:21 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.05.24 19:25:03 | 000,003,344 | ---- | M] () -- C:\{7BCD4120-C69E-4398-888E-C6C2B5425867}
[2013.05.24 19:17:22 | 000,000,504 | ---- | M] () -- C:\Windows\wininit.ini
[2013.05.24 18:45:56 | 000,000,424 | ---- | M] () -- C:\Windows\tasks\Registry Recycler Scheduled Scan - dennis.job
[2013.05.24 18:45:54 | 000,001,074 | ---- | M] () -- C:\Users\Public\Desktop\Registry Recycler.lnk
[2013.05.24 18:42:50 | 000,000,972 | ---- | M] () -- C:\Users\dennis\Desktop\NTREGOPT.lnk
[2013.05.24 18:28:46 | 001,745,416 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.05.24 18:28:46 | 000,753,134 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.05.24 18:28:46 | 000,710,244 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.05.24 18:28:46 | 000,155,826 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.05.24 18:28:46 | 000,132,614 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.05.24 18:25:42 | 002,380,629 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\Cat.DB
[2013.05.24 18:23:39 | 000,177,312 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS
[2013.05.24 18:23:39 | 000,007,466 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013.05.24 18:23:39 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2013.05.24 18:23:28 | 000,002,537 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2013.05.24 18:22:18 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.05.24 18:20:06 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2013.05.24 18:20:05 | 2424,528,895 | -HS- | M] () -- C:\hiberfil.sys
[2013.05.24 18:19:23 | 003,932,160 | -HS- | M] () -- C:\Users\dennis\ntuser.bak
[2013.05.23 18:10:36 | 000,172,592 | ---- | M] () -- C:\Users\dennis\Desktop\Screenshot (2).png
[2013.05.17 14:15:03 | 000,322,152 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.17 03:33:57 | 000,001,111 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.05.17 00:36:44 | 000,000,826 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.05.16 21:42:37 | 000,000,009 | ---- | M] () -- C:\END
[2013.05.16 21:34:04 | 000,081,536 | ---- | M] (Conduit) -- C:\ministub.exe
[2013.05.16 10:43:04 | 000,000,955 | ---- | M] () -- C:\Users\Public\Desktop\eMule.lnk
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
========== Files Created - No Company Name ==========
[2013.05.24 20:44:14 | 000,000,000 | ---- | C] () -- C:\Users\dennis\defogger_reenable
[2013.05.24 19:25:02 | 000,003,344 | ---- | C] () -- C:\{7BCD4120-C69E-4398-888E-C6C2B5425867}
[2013.05.24 18:45:56 | 000,000,424 | ---- | C] () -- C:\Windows\tasks\Registry Recycler Scheduled Scan - dennis.job
[2013.05.24 18:45:54 | 000,001,074 | ---- | C] () -- C:\Users\Public\Desktop\Registry Recycler.lnk
[2013.05.24 18:42:50 | 000,000,972 | ---- | C] () -- C:\Users\dennis\Desktop\NTREGOPT.lnk
[2013.05.24 18:30:05 | 000,014,818 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\VT20130115.021
[2013.05.24 18:23:59 | 002,380,629 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\Cat.DB
[2013.05.24 18:23:39 | 000,007,466 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT
[2013.05.24 18:23:39 | 000,000,855 | ---- | C] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF
[2013.05.24 18:23:28 | 000,002,537 | ---- | C] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk
[2013.05.24 18:21:54 | 000,003,434 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\SymEFA.inf
[2013.05.24 18:21:54 | 000,002,852 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\SymDS.inf
[2013.05.24 18:21:54 | 000,001,440 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\SymNet.inf
[2013.05.24 18:21:54 | 000,001,438 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtsp64.inf
[2013.05.24 18:21:54 | 000,001,420 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtspx64.inf
[2013.05.24 18:21:54 | 000,000,996 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symELAM.inf
[2013.05.24 18:21:54 | 000,000,853 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\ccSetx64.inf
[2013.05.24 18:21:54 | 000,000,767 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\Iron.inf
[2013.05.24 18:21:14 | 000,014,818 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\SymVTcer.dat
[2013.05.24 18:21:13 | 000,009,670 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\SymELAM64.cat
[2013.05.24 18:21:13 | 000,007,611 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\ccsetx64.cat
[2013.05.24 18:21:13 | 000,007,601 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symnet64.cat
[2013.05.24 18:21:13 | 000,007,593 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\iron.cat
[2013.05.24 18:21:13 | 000,007,589 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtspx64.cat
[2013.05.24 18:21:13 | 000,007,587 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\SymEFA64.cat
[2013.05.24 18:21:13 | 000,007,585 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtsp64.cat
[2013.05.24 18:21:13 | 000,007,581 | R--- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\SymDS64.cat
[2013.05.24 18:21:13 | 000,000,172 | ---- | C] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\isolate.ini
[2013.05.23 18:10:36 | 000,172,592 | ---- | C] () -- C:\Users\dennis\Desktop\Screenshot (2).png
[2013.05.17 14:14:52 | 000,322,152 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.05.17 03:33:57 | 000,001,123 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2013.05.17 03:33:57 | 000,001,111 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2013.05.17 00:36:44 | 000,000,826 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2013.05.16 21:25:51 | 000,000,009 | ---- | C] () -- C:\END
[2013.05.16 10:43:04 | 000,000,955 | ---- | C] () -- C:\Users\Public\Desktop\eMule.lnk
[2013.05.16 00:44:56 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\PropertyGrid.ocx
[2013.05.16 00:44:56 | 000,208,500 | ---- | C] () -- C:\Windows\SysWow64\ReyXpBasics.tlb
[2013.05.16 00:44:49 | 000,024,576 | ---- | C] () -- C:\Windows\SysWow64\ControlSubX.ocx
[2013.05.15 22:49:06 | 000,387,688 | ---- | C] () -- C:\Windows\SysNative\ApnDatabase.xml
[2013.01.15 06:48:42 | 000,000,504 | ---- | C] () -- C:\Windows\wininit.ini
[2012.12.08 02:11:06 | 000,598,780 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012.12.08 02:10:59 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012.12.08 02:10:58 | 000,755,048 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012.12.01 01:08:10 | 000,083,968 | ---- | C] () -- C:\Windows\SysWow64\OEMLicense.dll
[2012.11.30 22:42:39 | 003,932,160 | -HS- | C] () -- C:\Users\dennis\ntuser.bak
[2012.09.04 21:28:20 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\Windows\SysWow64\dssec.dat
[2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\Windows\SysWow64\NOISE.DAT
[2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\Windows\SysWow64\BWContextHandler.dll
[2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\msjetoledb40.dll
[2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\Windows\SysWow64\mlang.dat
[2012.04.20 13:59:44 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll
========== ZeroAccess Check ==========
[2013.01.07 19:38:09 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.03.06 08:31:28 | 019,758,592 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.03.06 07:03:37 | 017,561,600 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.05.24 01:38:22 | 000,000,000 | ---D | M] -- C:\Users\dennis\AppData\Roaming\FFP
[2013.05.24 01:38:22 | 000,000,000 | ---D | M] -- C:\Users\dennis\AppData\Roaming\FreeFLVConverter
[2012.12.19 21:22:10 | 000,000,000 | ---D | M] -- C:\Users\dennis\AppData\Roaming\Leadertech
[2012.11.30 22:43:57 | 000,000,000 | ---D | M] -- C:\Users\dennis\AppData\Roaming\lm
[2013.03.26 01:29:17 | 000,000,000 | ---D | M] -- C:\Users\dennis\AppData\Roaming\QuickScan
[2013.05.23 18:42:27 | 000,000,000 | ---D | M] -- C:\Users\dennis\AppData\Roaming\RetroShare
[2013.01.24 02:31:51 | 000,000,000 | ---D | M] -- C:\Users\dennis\AppData\Roaming\SleepTimer
[2013.05.24 01:38:26 | 000,000,000 | ---D | M] -- C:\Users\dennis\AppData\Roaming\TFP
[2013.04.25 14:28:41 | 000,000,000 | ---D | M] -- C:\Users\dennis\AppData\Roaming\WildTangent
[2012.12.16 02:46:19 | 000,000,000 | ---D | M] -- C:\Users\dennis\AppData\Roaming\Wireshark
[2012.12.03 00:12:04 | 000,000,000 | ---D | M] -- C:\Users\dennis\AppData\Roaming\ZUB-Software
========== Purity Check ==========
< End of report >
--- --- ---
So nun die 2. LogfileOTL EXTRAS Logfile: Code:
OTL Extras logfile created on: 24.05.2013 21:35:13 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\dennis\Downloads
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16580)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,82 Gb Total Physical Memory | 5,91 Gb Available Physical Memory | 75,49% Memory free
9,01 Gb Paging File | 7,13 Gb Available in Paging File | 79,09% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 678,33 Gb Total Space | 537,83 Gb Free Space | 79,29% Space Free | Partition Type: NTFS
Computer Name: DENNIS | User Name: dennis | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = CE 37 E6 AF FF 6A CD 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{048D0622-3D72-467C-B9D8-92C8128B01A3}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{1F2A8BED-2A95-4667-BD89-42776C38E80F}" = lport=10243 | protocol=6 | dir=in | app=system |
"{23E7104A-4489-4C30-B2AE-F39D62E358F4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{333C26BC-D010-409D-82D5-BC978654E1A1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3F4508BD-0297-4789-B3BF-FADBEFDA3B9D}" = rport=10243 | protocol=6 | dir=out | app=system |
"{3F9D5C5D-9D11-4A08-A589-D6ACC99F685F}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{4C5E68E0-758B-4391-A74D-6DF90290BA83}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{50AFC921-A022-4C42-A1CC-8F525FF948BA}" = lport=2869 | protocol=6 | dir=in | app=system |
"{63AF941B-6CBB-4EEE-95EC-08C337425910}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{763FE5F6-53C3-4F6F-842C-5C480773F3A0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{849909DE-362F-441B-9B8A-A016A9720E6F}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{A20C5857-C91E-411A-9666-BEB86BE57F3D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AA7D3071-7853-41B3-9821-CE8E5634DB8A}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B416BFC5-ED9C-4C8A-AFA8-249E1256A135}" = rport=2869 | protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B844071E-7329-4343-B540-4D4E8F1282E5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DACF135D-D0DF-438C-BA31-E6733C07F149}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{EB6600F9-2BF3-4856-BBFB-42BC1CEAC860}" = lport=3702 | protocol=17 | dir=in | app=%systemroot%\system32\dashost.exe |
"{F1AC5008-5B55-48F8-B1A1-D913870A6564}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{F42EAFC2-8016-473E-A571-A235DACCBCB1}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00F0421C-0C40-47F7-AF83-A5CCACEC2259}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{015D70C6-FABB-4709-B1CC-1D6E4ABBF035}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{035A022B-96E8-4EC3-8A26-3145EFFDC484}" = dir=out | name=fresh paint |
"{0A514500-5345-44B6-AA84-7C500F4E9917}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{0A863D49-AC5D-4414-8E7A-3D9598AE3090}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\left 4 dead 2\left4dead2.exe |
"{102FE53D-59CC-47EF-9981-82F7119C7664}" = protocol=6 | dir=out | app=c:\program files (x86)\bluetooth suite\win7ui.exe |
"{13136AE1-A530-40D2-A402-4FF429202799}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{15E05A86-A2EC-4AFE-B26E-A98B72922CD6}" = dir=out | name=@{microsoft.bingweather_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{16CA4FA1-769E-42D7-BDD7-3AC76A1DFF47}" = dir=in | app=c:\program files (x86)\nti\acer backup manager\backupmanager.exe |
"{18FF345F-C462-4338-A7D8-1C770C6D0E69}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1B72CEDA-053E-4F24-B919-C9C7AFA5D436}" = dir=in | app=c:\program files (x86)\nti\acer backup manager\fileexplorer.exe |
"{247B9CC9-A4B3-4B27-9A21-45B55BDECCBC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2BB24641-3EB2-477D-836F-FEF1C03B6B62}" = dir=out | name=@{microsoft.bingsports_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{2C5674B8-4780-498D-AE30-4EC585C1D932}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe |
"{2DA9EA94-6BA2-46EA-9EF0-03FF4D7AF06A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{30DD5D2A-C77F-460A-B410-838472765711}" = dir=out | name=@{microsoft.zunevideo_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{3410A309-6675-4E08-9DCF-A8ACF24960E9}" = dir=out | name=microsoft solitaire collection |
"{37256BA6-B057-4643-B586-647A892982D5}" = dir=out | name=@{microsoft.bingtravel_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{3D3B34AE-8DF1-47A8-B1B7-DAF57D99183A}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{3FF11988-CF2A-42CF-9D56-D1B0824CA656}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{45A9B814-F007-4B07-80CD-86C47E80CB5D}" = dir=out | name=@{microsoft.bing_1.5.1.259_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{4C0FAC39-C141-4FD5-9E66-1666DC09AB12}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{50DF407A-FA60-48DA-8C31-D5AD9B4106C1}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{52BA1D04-6550-45DD-B616-3BCB1237BFA7}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{52F5D426-10BA-47FE-8B22-2D3926548AFB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{53A04DFA-41F0-4C81-92F4-2F5D7E93A787}" = dir=in | name=@{microsoft.skypeapp_1.3.0.112_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{55ED5CB1-CE1B-4379-9557-441C39F8F2DB}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{59008103-5DF0-4F44-B22E-7EC04634C7D0}" = dir=out | name=skitch |
"{5991D6A4-D1C9-433C-B67D-6140B67F5D55}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{5C2463C8-1AF2-4529-A232-8FA7B8162C3F}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5C87D7E7-8F40-477D-8499-035F1FAB09D0}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\arma2oa.exe |
"{62638D69-ED8C-4D12-806D-6AFA41AE0579}" = protocol=6 | dir=out | app=c:\program files (x86)\bluetooth suite\bttray.exe |
"{637D8753-A1D2-4743-9FF5-950C003DA70F}" = dir=in | app=c:\program files (x86)\nti\acer backup manager\ischedulesvc.exe |
"{6480891B-B391-4333-991F-8E30911CE394}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{6599BFBB-F1DB-4830-AD44-63B87F210A8E}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{66783591-81B8-4E8B-BB8F-2B85FDFC232E}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk21\movie\playmovie.exe |
"{6CB4B5F6-1AD6-4AED-8CEE-47A20B525654}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"{6D52B4BE-C823-4CF2-8DCF-218B247B038A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6DCABC1B-3BA6-4F01-B0BC-038C61E4154B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6F72C29B-1FF6-4A04-942E-82DE55C7D5E5}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{71722C20-B313-42FB-B591-A03090142A17}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{7549263E-77B7-49A4-B0AE-3EED7FE64AAF}" = dir=out | name=microsoft minesweeper |
"{75664F81-512A-4C05-9DD5-829B30001371}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe |
"{77971AC8-881D-4451-AB5D-C9DE831AA052}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk21\video\videoplayer.exe |
"{7F5D0BF1-89DE-4DAC-ABB7-3BE2BDF4229A}" = dir=out | name=@{microsoft.bingnews_1.7.0.27_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{86F3228E-0DF0-4C0A-8B4A-35A70603933E}" = protocol=6 | dir=in | app=c:\program files (x86)\bluetooth suite\bttray.exe |
"{8A448097-7B1E-4B8D-A4CD-2B310374AE7D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tomb raider (iv) the last revelation\tomb4.exe |
"{8C2ECCFC-2DD4-4DFB-9F16-FDF23EBF5F90}" = dir=out | name=taptiles |
"{8D48380B-F4DD-4493-8C03-42C36333E38F}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{94C30376-9F8D-4B79-A040-FA0C88421395}" = dir=out | name=@{microsoft.bingmaps_1.5.1.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{95D027C7-7E6A-458C-A6D0-F96A70DE5F4D}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{96BD2139-440D-4CF0-89D7-8878450BE6C6}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe |
"{98DC1D2B-B0D0-4713-9F13-A9492117BC93}" = protocol=6 | dir=in | app=c:\program files (x86)\bluetooth suite\btvstack.exe |
"{9C8229A3-92A6-415E-BC97-3BB11A086BFA}" = dir=out | name=@{microsoft.xboxlivegames_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{9DACA4E0-AE52-4230-ADE9-F535E2E50A8C}" = dir=out | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{A11F52EC-3935-4B4C-BAE4-896CC2AC1AC4}" = dir=in | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{A12BEF12-404A-4F8C-B799-20AFE00AFF92}" = dir=in | name=evernote |
"{A7D54AB5-4F83-4E41-B208-95A678A110B0}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk21\video\musicplayer.exe |
"{A8A811EF-198F-487F-8498-5CF91C29DD0E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\geeds3\counter-strike source\hl2.exe |
"{AD307879-DAC1-463F-AE32-83687A79174A}" = dir=out | name=evernote |
"{AD61E865-C1A6-4386-A5BA-793E7B8C9725}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{AD9FCFCC-DFD3-4149-B80F-38767E7930D8}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead\expansion\beta\arma2oa.exe |
"{B559FFA6-9ABB-46E3-8115-29DE23CA14C0}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{B5634AC7-B504-4926-A4A5-73C1C6486835}" = dir=in | name=acer explorer |
"{B5A5C5C3-13D1-4478-BF0B-23BE299C8872}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe |
"{B6589643-1C1B-4F3F-8657-40BDB70E7641}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\geeds3\counter-strike source\hl2.exe |
"{B85F700A-4AC1-433B-AA1F-A8AA1EDC945F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe |
"{BC14C4B7-CB0D-415D-A478-AD57624DD3C8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BCC8AF1C-AD60-47A3-8D5F-52EB6EAF703F}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe |
"{BD3FE655-D8A5-4526-9D41-90F3B024948C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{BD8FAF3B-1638-47DD-A396-BA754B103FC6}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{BE08BFCC-37E8-483A-9B2A-D150F1BE260D}" = dir=out | name=ebay |
"{BEAD8063-F620-4619-8858-B0A88199E2E8}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe |
"{BF127584-56CE-4F86-9130-7F2FFA7A9BD4}" = dir=out | name=newsxpresso |
"{C078AC87-B0EF-48BB-9F69-58DAE460DF5E}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{C122F207-6A76-4BCC-AF52-AFAEDD482C6F}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\tomb raider (iv) the last revelation\tomb4.exe |
"{C4ABE90D-9902-4B26-9127-2A0FD012C845}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe |
"{CD2439D8-9BE8-48B9-AE52-456B9845A9FF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{D1097875-4F7D-4CAE-9B81-4402E3DD941C}" = dir=in | name=ebay |
"{D23EC6F5-360D-41D3-B08E-EE466744EED8}" = dir=out | name=acer crystal eye |
"{DB24A0BB-FF71-4E05-B60F-A4EFB2E59747}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{E2D1B7AB-4AC0-4FD6-8D19-7BBA094CB137}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{E382FFD0-186C-486E-BA0C-674EAFA8C7A1}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E396B59A-1E75-4EFA-A71B-E79B0FF5592E}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E420B3AC-8024-45F4-B615-78CFA02D175E}" = dir=out | name=txtr reader |
"{E4C28CAC-80AA-4FBE-8A49-D024B6E8C11C}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{E66A8B33-F61D-48B5-959B-FC2539C2A248}" = dir=out | name=windows_ie_ac_001 |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EBE524CE-4B00-4AA3-8FCD-4347421D25E5}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer cloud\ccd.exe |
"{F0DF5A3C-1E27-43B7-AA14-DF88596265FE}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer cloud\ccd.exe |
"{F5897E7D-2128-48B3-9BAE-B2A8DB4AFC4F}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe |
"{F642E066-D6F1-4780-8789-8A04A3412DD9}" = dir=out | name=7digital music store |
"{F7748343-FE7D-4781-9108-A7C2CCC334ED}" = protocol=6 | dir=out | app=system |
"{F7ABE644-22D1-42DD-8035-236DFD139613}" = dir=out | name=@{microsoft.zunemusic_1.1.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{FA54C35B-C8FA-417A-B58B-757A27948B36}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2\arma2.exe |
"{FBF43D7B-6239-4A30-A4BA-0B22D2191657}" = dir=out | name=acer explorer |
"{FC9214DC-AF6D-4796-ADAC-26F3EA62AE46}" = dir=out | name=@{microsoft.bingfinance_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{FDD19D8D-CF2D-489A-9022-3F1F8B11C3A6}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{FE1DD242-BAB7-42F0-B5C9-19AD98CD3E54}" = dir=out | name=@{microsoft.skypeapp_1.3.0.112_x86__kzf8qxf38zg5c?ms-resource://microsoft.skypeapp/resources/manifest_display_name} |
"{FEF50E4A-4045-413C-AAA8-4215C47D011D}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{FFFEA71B-452B-4F05-B3AA-5E8C7BA0DEA0}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"TCP Query User{7845D72E-F76E-4049-9E78-B27DB778CB9F}C:\program files (x86)\emule\emule.exe" = protocol=6 | dir=in | app=c:\program files (x86)\emule\emule.exe |
"TCP Query User{A1B37724-2D78-4373-B6B7-1E73A6595584}C:\program files (x86)\steam\steamapps\geeds3\counter-strike source\hl2.exe" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\geeds3\counter-strike source\hl2.exe |
"UDP Query User{71339399-C7C1-4556-B11A-C51F0F1FBBC4}C:\program files (x86)\emule\emule.exe" = protocol=17 | dir=in | app=c:\program files (x86)\emule\emule.exe |
"UDP Query User{E12D4069-AB8D-4C14-B190-167C728E140A}C:\program files (x86)\steam\steamapps\geeds3\counter-strike source\hl2.exe" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\geeds3\counter-strike source\hl2.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}" = Acer Recovery Management
"{0B78ECB0-1A6B-4E6D-89D7-0E7CE77F0427}" = MyWinLocker
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}" = Acer Device Fast-lane
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{690285C2-2481-44FB-8402-162EA970A6DD}" = Logitech Gaming Software
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{704C0303-D20C-45AF-BD2B-556EAF31BE09}" = iCloud
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{91F52DE4-B789-42B0-9311-A349F10E5479}" = Acer Power Management
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = ALPS Touch Pad Driver
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 314.22
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.12.12
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{D32367AC-8FCA-4DE8-A2C6-037AE14B4001}" = Acer Instant Update Service
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"CCleaner" = CCleaner
"WinRAR archiver" = WinRAR 4.20 (64-Bit)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0170930E-68D6-4E85-88B2-82761CDE1F94}" = DayZ Commander
"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam
"{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros WLAN and Bluetooth Client Installation Program
"{3108C217-BE83-42E4-AE9E-A56A2A92E549}" = Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver
"{35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}" = clear.fi SDK- Movie 2
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{39F15B50-A977-4CA6-B1C3-6A8724CDA025}" = MyWinLocker 4
"{3D9CB654-99AD-4301-89C6-0D12A790767C}" = Identity Card
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{6D2BBE1D-E600-4695-BA37-0B0E605542CC}" = Office Addin
"{6F4B8EA6-4546-4160-A05F-0706F7DC1EFF}" = Savu Mouse
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office
"{9580813D-94B1-4C28-9426-A441E2BB29A5}" = Counter-Strike: Source
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B1975E3-F7AA-4424-BD43-D1DA28F78A58}" = Adobe Update Manager CS4
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}" = Backup Manager v4
"{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}" = AcerCloud
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{B26438B4-BF51-49C3-9567-7F14A5E40CB9}" = Dolby Home Theater v4
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B5AD89F2-03D3-4206-8487-018298007DD0}" = clear.fi Photo
"{C1594429-8296-4652-BF54-9DBE4932A44C}" = Realtek PCIE Card Reader
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}" = AcerCloud Docs
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{DDF94F8B-1239-4612-A8B3-AA425F013726}" = Adobe Setup
"{E9AF1707-3F3A-49E2-8345-4F2D629D0876}" = clear.fi Media
"{EBA33CAD-E071-48d5-A168-FBA4EEB42E93}" = clear.fi SDK - Video 2
"{EE26E302-876A-48D9-9058-3129E5B99999}" = Live Updater
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel(R) SDK for OpenCL - CPU Only Runtime Package
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_bdaf081c056f11a250e72a7a345a96c" = Adobe Update Manager CS4
"BattlEye for OA" = BattlEye for OA Uninstall
"eMule" = eMule
"EVEREST Home Edition_is1" = EVEREST Home Edition v2.20
"HijackThis" = HijackThis 2.0.2
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}" = MyWinLocker Suite
"InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}" = Acer Backup Manager
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"LManager" = Launch Manager
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Visual Studio 2005 Tools for Office Second Edition Runtime
"Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NIS" = Norton Internet Security
"NTREGOPT_is1" = NTREGOPT 1.1j
"Registry Recycler_is1" = Registry Recycler
"Sophos-AntiRootkit" = Sophos Anti-Rootkit 1.5.0
"Spotify" = Spotify
"Steam App 219540" = Arma 2: Operation Arrowhead Beta
"Steam App 224980" = Tomb Raider: The Last Revelation
"Steam App 33910" = Arma 2
"Steam App 33930" = Arma 2: Operation Arrowhead
"Steam App 550" = Left 4 Dead 2
"Steam App 730" = Counter-Strike: Global Offensive
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"WinPcapInst" = WinPcap 4.1.2
"ZUB HELENA®_Plus_2012_is1" = ZUB HELENA® 2012 Plus
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 17.05.2013 16:53:10 | Computer Name = Dennis | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 17.05.2013 16:53:10 | Computer Name = Dennis | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 4344
Error - 17.05.2013 16:53:10 | Computer Name = Dennis | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 4344
Error - 17.05.2013 16:53:11 | Computer Name = Dennis | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 17.05.2013 16:53:11 | Computer Name = Dennis | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 5844
Error - 17.05.2013 16:53:11 | Computer Name = Dennis | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 5844
Error - 17.05.2013 16:53:13 | Computer Name = Dennis | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 17.05.2013 16:53:13 | Computer Name = Dennis | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 7360
Error - 17.05.2013 16:53:13 | Computer Name = Dennis | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 7360
Error - 17.05.2013 19:24:26 | Computer Name = Dennis | Source = Customer Experience Improvement Program | ID = 1008
Description =
[ OSession Events ]
Error - 26.01.2013 11:38:44 | Computer Name = Dennis | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 17
seconds with 0 seconds of active time. This session ended with a crash.
[ Spybot - Search and Destroy Events ]
Error - 16.05.2013 17:55:38 | Computer Name = Dennis | Source = SDCleaner | ID = 100
Description = LoadCleaningInstructions
[ System Events ]
Error - 17.05.2013 10:17:17 | Computer Name = Dennis | Source = Service Control Manager | ID = 7043
Description = Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements
nicht richtig heruntergefahren werden.
Error - 17.05.2013 10:19:44 | Computer Name = Dennis | Source = Ntfs | ID = 55
Description = In der Dateisystemstruktur auf Volume "Acer" wurde eine Beschädigung
erkannt. Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz.
Die Dateireferenznummer ist 0x2000000033d67. Der Name der Datei ist "<Dateiname
kann nicht bestimmt werden>".
Error - 17.05.2013 10:20:52 | Computer Name = Dennis | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Apple Mobile Device erreicht.
Error - 17.05.2013 10:20:52 | Computer Name = Dennis | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 17.05.2013 12:13:01 | Computer Name = Dennis | Source = Ntfs | ID = 55
Description = In der Dateisystemstruktur auf Volume "Acer" wurde eine Beschädigung
erkannt. Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz.
Die Dateireferenznummer ist 0x2000000033d67. Der Name der Datei ist "<Dateiname
kann nicht bestimmt werden>".
Error - 17.05.2013 12:20:09 | Computer Name = Dennis | Source = Ntfs | ID = 55
Description = In der Dateisystemstruktur auf Volume "Acer" wurde eine Beschädigung
erkannt. Die Masterdateitabelle (MFT) beinhaltet einen beschädigten Dateidatensatz.
Die Dateireferenznummer ist 0x2000000033d67. Der Name der Datei ist "<Dateiname
kann nicht bestimmt werden>".
Error - 18.05.2013 14:38:36 | Computer Name = Dennis | Source = DCOM | ID = 10010
Description =
Error - 20.05.2013 12:08:20 | Computer Name = Dennis | Source = DCOM | ID = 10010
Description =
Error - 22.05.2013 09:11:32 | Computer Name = Dennis | Source = DCOM | ID = 10010
Description =
Error - 22.05.2013 09:11:32 | Computer Name = Dennis | Source = DCOM | ID = 10010
Description =
< End of report >
--- --- --- Code:
// info: Rootkit removal help file
// copyright: (c) 2008-2013 Safer-Networking Ltd. All rights reserved.
:: RootAlyzer Results
File:"No admin in ACL","C:\Users\All Users\Microsoft\OFFICE\DATA"
File:"No admin in ACL","C:\Users\All Users\Microsoft\OFFICE\DATA\81602.bpc"
File:"No admin in ACL","C:\Users\All Users\Microsoft\OFFICE\DATA\OPA12.BAK"
File:"No admin in ACL","C:\Users\All Users\Microsoft\OFFICE\DATA\opa12.dat"
File:"Unknown ADS","C:\Users\All Users\Kaspersky Lab\AVP13\Report:kisextended:$DATA"
File:"No admin in ACL","C:\ProgramData\Microsoft\OFFICE\DATA"
File:"Unknown ADS","C:\ProgramData\Kaspersky Lab\AVP13\Report:kisextended:$DATA"
RegyValue:"No admin in ACL","HKEY_LOCAL_MACHINE","\SYSTEM\CurrentControlSet\Control\Nsi\{eb004a11-9b1a-11d4-9123-0050047759bc}\","8"
RegyValue:"No admin in ACL","HKEY_LOCAL_MACHINE","\SYSTEM\ControlSet001\Control\Nsi\{eb004a11-9b1a-11d4-9123-0050047759bc}\","8"
RegyValue:"No admin in ACL","HKEY_LOCAL_MACHINE","\SOFTWARE\Microsoft\MediaPlayer\PREFERENCES\HME\","S-1-5-21-1682322521-158705993-1847856961-1002"
|
So funktioniert es:
Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
SecurityCheck und: