kamyschanin | 26.01.2014 22:13 | hallo,
habe nun alles durchgezogen (alle 4 Programme nach einander)
Hier Inhalt aus OTL.txt und Extra.txt
OTL.txtOTL Logfile: Code:
OTL logfile created on: 26.01.2014 21:47:29 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dimitri\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,46 Gb Total Physical Memory | 2,18 Gb Available Physical Memory | 62,88% Memory free
4,40 Gb Paging File | 2,80 Gb Available in Paging File | 63,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 676,82 Gb Total Space | 477,43 Gb Free Space | 70,54% Space Free | Partition Type: NTFS
Drive D: | 20,70 Gb Total Space | 2,04 Gb Free Space | 9,88% Space Free | Partition Type: NTFS
Drive E: | 4,11 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 465,64 Gb Total Space | 244,08 Gb Free Space | 52,42% Space Free | Partition Type: FAT32
Computer Name: BASIC-PC | User Name: Home-PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2014.01.26 21:45:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dimitri\Desktop\OTL.exe
PRC - [2013.12.21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.12.17 12:03:22 | 000,046,904 | ---- | M] (Hewlett-Packard Company) -- C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
PRC - [2013.12.13 10:36:14 | 000,250,712 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
PRC - [2013.10.16 07:45:55 | 001,714,952 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe
PRC - [2013.10.08 11:41:36 | 001,045,304 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe
PRC - [2013.10.08 11:41:28 | 001,039,160 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe
PRC - [2013.08.05 08:49:42 | 000,111,576 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
PRC - [2013.05.21 05:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe
PRC - [2013.04.10 16:17:08 | 000,095,192 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2013.01.17 10:14:08 | 000,136,488 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
PRC - [2012.11.05 15:14:34 | 001,343,904 | ---- | M] (Hewlett-Packard Development Company, L.P.) -- C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
PRC - [2009.11.16 12:08:06 | 000,349,600 | ---- | M] (Panasonic Corporation) -- C:\Program Files (x86)\Common Files\Panasonic\VideoCam Suite AutoStart\VideoCamSuiteAutoStart.exe
PRC - [2007.06.15 12:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) -- C:\Windows\SysWOW64\bgsvcgen.exe
========== Modules (No Company Name) ==========
MOD - [2013.10.16 07:46:02 | 000,806,664 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\UNO.dll
MOD - [2013.10.16 07:46:02 | 000,175,880 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLVistaAudioMixer.dll
MOD - [2013.08.05 15:48:08 | 000,016,856 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
MOD - [2013.08.05 08:49:47 | 000,627,672 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
MOD - [2013.03.06 04:04:47 | 001,353,688 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go8\Language\DEU\P2GRC.dll
MOD - [2012.05.30 07:51:08 | 000,699,280 | R--- | M] () -- C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.4.0.40\wincfi39.dll
========== Services (SafeList) ==========
SRV:64bit: - [2013.12.23 21:59:44 | 001,302,528 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2013.12.23 21:54:50 | 000,076,800 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV:64bit: - [2013.12.13 10:23:32 | 000,239,616 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV:64bit: - [2013.11.27 16:36:30 | 003,395,920 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2013.11.14 08:33:29 | 001,584,128 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2013.11.14 08:33:29 | 000,533,504 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013.11.14 08:33:29 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013.11.14 08:26:38 | 000,365,568 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2013.11.14 08:26:37 | 001,555,456 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2013.11.14 08:26:37 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2013.11.14 08:26:37 | 000,261,120 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2013.08.22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2013.08.22 12:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013.08.22 12:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013.08.22 12:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013.08.22 12:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013.08.22 12:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013.08.22 11:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013.08.22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013.08.22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013.08.22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013.08.22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013.08.22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013.08.22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013.08.22 11:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013.08.22 11:04:53 | 000,716,288 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2013.08.22 11:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013.08.22 10:59:26 | 000,832,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2013.08.22 10:58:42 | 000,280,576 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2013.08.22 10:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013.08.22 10:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013.08.22 10:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013.08.22 10:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013.08.22 10:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013.08.22 10:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013.08.22 10:40:14 | 000,398,848 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2013.08.22 10:39:33 | 000,198,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2013.08.22 10:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013.08.22 10:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2013.04.16 22:50:22 | 000,361,984 | ---- | M] (Advanced Micro Devices, Inc.) [Auto | Running] -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe -- (AMD FUEL Service)
SRV:64bit: - [2013.03.01 14:40:02 | 000,043,320 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Windows\SysNative\hpservice.exe -- (hpsrv)
SRV - [2013.12.23 21:54:52 | 000,475,648 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2013.12.23 21:54:49 | 000,066,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\inetsrv\w3logsvc.dll -- (w3logsvc)
SRV - [2013.12.23 21:54:48 | 000,062,464 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2013.12.21 07:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.12.17 12:03:22 | 000,046,904 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe -- (HPSupportSolutionsFrameworkService)
SRV - [2013.12.13 10:36:14 | 000,250,712 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto | Running] -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service)
SRV - [2013.11.14 08:26:36 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2013.10.08 11:41:28 | 001,039,160 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Auto | Running] -- c:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe -- (HPWMISVC)
SRV - [2013.08.22 13:31:56 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2013.08.22 04:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013.08.22 03:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013.05.21 05:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\ccSvcHst.exe -- (NIS)
SRV - [2013.04.16 22:51:18 | 000,103,424 | ---- | M] () [Auto | Running] -- C:\Programme\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe -- (AdaptiveSleepService)
SRV - [2013.02.20 06:10:00 | 000,239,176 | ---- | M] (Realtek Semiconductor) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE -- (RtkAudioService)
SRV - [2012.09.27 10:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Running] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2009.11.18 03:14:00 | 000,098,208 | ---- | M] (Andrea Electronics Corporation) [Auto | Running] -- C:\Programme\Realtek\Audio\HDA\AERTSr64.exe -- (AERTFilters)
SRV - [2007.06.15 12:57:42 | 000,145,504 | ---- | M] (B.H.A Corporation) [Auto | Running] -- C:\Windows\SysWOW64\bgsvcgen.exe -- (bgsvcgen)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2013.12.29 18:51:06 | 000,290,008 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtsP2Stor.sys -- (RSP2STOR)
DRV:64bit: - [2013.12.27 09:53:52 | 000,830,680 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt630x64.sys -- (RTL8168)
DRV:64bit: - [2013.12.25 18:08:32 | 002,944,216 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtwlane.sys -- (RTWlanE)
DRV:64bit: - [2013.12.23 21:59:44 | 000,372,568 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2013.12.23 21:59:44 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2013.12.23 21:59:44 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013.12.23 21:59:44 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013.12.23 21:59:44 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013.12.19 19:00:27 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013.12.13 10:23:36 | 013,207,552 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (amdkmdag)
DRV:64bit: - [2013.12.13 10:23:36 | 000,626,176 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2013.11.14 08:33:28 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013.11.14 08:26:36 | 000,467,800 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2013.11.14 08:26:36 | 000,236,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2013.11.14 08:26:36 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013.11.14 08:22:31 | 000,136,536 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2013.11.14 08:13:40 | 000,027,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2013.11.14 08:13:36 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013.08.22 14:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013.08.22 14:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013.08.22 13:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013.08.22 13:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013.08.22 13:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013.08.22 13:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013.08.22 13:43:48 | 000,146,272 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2013.08.22 13:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013.08.22 13:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013.08.22 13:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013.08.22 13:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013.08.22 13:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013.08.22 13:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013.08.22 13:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013.08.22 13:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013.08.22 13:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013.08.22 13:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013.08.22 13:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013.08.22 13:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013.08.22 13:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013.08.22 13:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013.08.22 13:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013.08.22 13:43:33 | 000,189,792 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2013.08.22 13:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013.08.22 13:43:32 | 000,078,688 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2013.08.22 13:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013.08.22 13:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013.08.22 13:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013.08.22 13:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013.08.22 13:41:08 | 000,054,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2013.08.22 13:39:44 | 000,377,696 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2013.08.22 13:39:15 | 000,924,512 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2013.08.22 13:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013.08.22 13:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013.08.22 13:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013.08.22 13:34:22 | 000,265,056 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2013.08.22 13:34:22 | 000,124,256 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2013.08.22 13:31:28 | 000,034,760 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2013.08.22 12:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013.08.22 12:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013.08.22 12:39:28 | 000,033,792 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2013.08.22 12:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013.08.22 12:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013.08.22 12:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013.08.22 12:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013.08.22 12:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013.08.22 12:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013.08.22 12:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013.08.22 12:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013.08.22 12:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013.08.22 12:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013.08.22 12:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013.08.22 12:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013.08.22 12:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013.08.22 12:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013.08.22 12:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013.08.22 12:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013.08.22 12:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013.08.22 12:36:17 | 000,124,928 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2013.08.22 12:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013.08.22 12:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013.08.22 09:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013.08.13 00:25:46 | 000,017,624 | ---- | M] (Windows (R) Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013.08.10 01:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013.07.30 19:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013.07.25 20:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013.05.23 06:25:28 | 001,139,800 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symefa64.sys -- (SymEFA)
DRV:64bit: - [2013.05.21 06:02:00 | 000,493,656 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symds64.sys -- (SymDS)
DRV:64bit: - [2013.05.16 06:02:14 | 000,796,760 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013.04.25 01:43:56 | 000,433,752 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symnets.sys -- (SymNetS)
DRV:64bit: - [2013.04.16 03:41:14 | 000,169,048 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2013.03.05 12:01:42 | 000,091,712 | ---- | M] (CyberLink) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\CLVirtualDrive.sys -- (CLVirtualDrive)
DRV:64bit: - [2013.03.05 02:40:08 | 000,224,416 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\ironx64.sys -- (SymIRON)
DRV:64bit: - [2013.03.05 02:21:35 | 000,036,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013.03.01 14:40:02 | 000,043,320 | ---- | M] (Hewlett-Packard) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Accelerometer.sys -- (Accelerometer)
DRV:64bit: - [2013.03.01 14:40:02 | 000,030,520 | ---- | M] (Hewlett-Packard) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\hpdskflt.sys -- (hpdskflt)
DRV:64bit: - [2013.02.15 04:41:14 | 000,094,208 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtihdW86.sys -- (AtiHDAudioService)
DRV:64bit: - [2013.02.08 15:45:32 | 000,017,504 | ---- | M] (Advanced Micro Devices, INC.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AmdAS4.sys -- (AmdAS4)
DRV:64bit: - [2013.02.06 05:54:18 | 000,469,232 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013.02.06 05:54:16 | 000,031,984 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys -- (SmbDrvI)
DRV:64bit: - [2013.02.06 05:54:16 | 000,028,400 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys -- (SmbDrv)
DRV:64bit: - [2012.11.30 23:31:02 | 000,026,280 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amd_xata.sys -- (amd_xata)
DRV:64bit: - [2012.11.30 23:31:00 | 000,080,552 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amd_sata.sys -- (amd_sata)
DRV:64bit: - [2012.08.31 08:40:24 | 000,020,800 | ---- | M] (Hewlett-Packard Development Company, L.P.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\WirelessButtonDriver64.sys -- (WirelessButtonDriver)
DRV:64bit: - [2012.08.29 05:27:24 | 000,058,536 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2012.06.20 22:27:30 | 000,023,448 | R--- | M] (Symantec Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1404000.028\symelam.sys -- (SymELAM)
DRV:64bit: - [2006.08.25 14:36:52 | 000,039,208 | ---- | M] (B.H.A Corporation) [Kernel | System | Running] -- C:\WINDOWS\SysNative\drivers\cdrbsdrv.sys -- (cdrbsdrv)
DRV - [2014.01.23 10:39:43 | 000,521,944 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\IPSDefs\20140124.001\IDSviA64.sys -- (IDSVia64)
DRV - [2013.12.25 18:08:32 | 002,944,216 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysWOW64\drivers\rtwlane.sys -- (RTWlanE)
DRV - [2013.12.18 01:32:10 | 001,526,488 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\BASHDefs\20140121.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013.12.16 21:23:33 | 002,099,288 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140125.005\ex64.sys -- (NAVEX15)
DRV - [2013.12.16 21:23:33 | 000,484,952 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)
DRV - [2013.12.16 21:23:33 | 000,137,648 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013.12.16 21:23:33 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\Definitions\VirusDefs\20140125.005\eng64.sys -- (NAVENG)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
IE:64bit: - HKLM\..\SearchScopes\{09661EB5-25AB-424D-9C44-1E066136326B}: "URL" = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{09661EB5-25AB-424D-9C44-1E066136326B}: "URL" = hxxp://www.amazon.de/s/ref=azs_osd_ieade?ie=UTF-8&tag=hp-de2-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms}
IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS
IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-154345-12128-2/4 ?mpre=http%3A%2F%2Fwww.ebay.com%2Fsch%2F%3F_nkw%3D{searchTerms}&keyword={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\windows\SysWOW64\Adobe\Director\np32dsw_1166636.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\IPSFF [2013.12.17 19:36:24 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn\ [2014.01.26 21:32:08 | 000,000,000 | ---D | M]
O1 HOSTS File: ([2013.08.22 14:25:41 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\IPS\IPSBHO.DLL (Symantec Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\coIEPlg.dll (Symantec Corporation)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [HPMessageService] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe (Hewlett-Packard Development Company, L.P.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)
O4 - HKCU..\Run: [Power2GoExpress8] C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe (CyberLink Corp.)
O4:64bit: - HKLM..\RunOnce: [NCPluginUpdater] C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe (Hewlett-Packard)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O9:64bit: - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.1.0.0/GarminAxControl_32.CAB (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{66B74DC2-9B34-47E2-BBAD-CACFD8E8E5CA}: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EB38FE12-8567-40B0-801C-50C687BBCA4C}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\cdo - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found
O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found
O18:64bit: - Protocol\Handler\mso-offdap - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation)
O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2008.02.25 10:30:42 | 000,000,054 | RHS- | M] () - G:\autorun.in_2.org -- [ FAT32 ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {78E345F7-E976-3595-9C30-2458D6A8EC32} - .NET Framework
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\System32\Rundll32.exe C:\Windows\System32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {EC43E638-09F0-38CC-A585-72FCCDDF035C} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
NetSvcs:64bit: lfsvc - C:\Windows\SysNative\GeofenceMonitorService.dll (Microsoft Corporation)
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
========== Files/Folders - Created Within 30 Days ==========
[2014.01.26 21:45:41 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dimitri\Desktop\OTL.exe
[2014.01.26 20:54:28 | 000,000,000 | ---D | C] -- C:\Users\Dimitri\AppData\Roaming\Malwarebytes
[2014.01.26 20:54:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware
[2014.01.26 20:54:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.01.26 20:54:09 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2014.01.26 20:54:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware
[2014.01.26 20:19:58 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\CyberLink
[2014.01.25 14:24:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Panasonic
[2014.01.25 14:24:21 | 000,000,000 | ---D | C] -- C:\Users\Dimitri\AppData\Local\Panasonic
[2014.01.25 14:16:14 | 000,039,208 | ---- | C] (B.H.A Corporation) -- C:\WINDOWS\SysNative\drivers\cdrbsdrv.sys
[2014.01.25 14:16:13 | 000,145,504 | ---- | C] (B.H.A Corporation) -- C:\WINDOWS\SysWow64\bgsvcgen.exe
[2014.01.25 14:16:13 | 000,059,488 | ---- | C] (B.H.A Corporation) -- C:\WINDOWS\SysWow64\GenSvcInst.exe
[2014.01.25 14:16:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Panasonic
[2014.01.25 14:15:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panasonic
[2014.01.25 14:15:23 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Synchronization Services
[2014.01.24 17:51:22 | 000,091,712 | ---- | C] (CyberLink) -- C:\WINDOWS\SysNative\drivers\CLVirtualDrive.sys
[2014.01.24 17:51:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\CyberLink
[2014.01.12 12:07:15 | 000,000,000 | ---D | C] -- C:\Users\Dimitri\AppData\Roaming\DigitalSites
[2014.01.12 11:42:59 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERUNT
[2014.01.12 11:41:59 | 001,037,068 | ---- | C] (Thisisu) -- C:\Users\Dimitri\Desktop\JRT.exe
[2014.01.07 20:51:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Hp
[2014.01.06 20:34:15 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014.01.02 17:04:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Panasonic
[2014.01.02 16:42:15 | 000,000,000 | ---D | C] -- C:\Users\Dimitri\AppData\Roaming\InstallShield
[2014.01.02 16:31:05 | 000,000,000 | ---D | C] -- C:\Users\Dimitri\AppData\Local\ElevatedDiagnostics
[2014.01.02 15:26:02 | 000,000,000 | ---D | C] -- C:\Users\Dimitri\AppData\Roaming\WebApp
[2014.01.02 14:45:20 | 000,000,000 | ---D | C] -- C:\Users\Dimitri\Documents\CyberLink
[2014.01.02 14:20:50 | 000,000,000 | ---D | C] -- C:\Users\Dimitri\.android
[2014.01.02 14:20:47 | 000,000,000 | ---D | C] -- C:\Users\Dimitri\AppData\Local\cache
[2014.01.02 14:19:57 | 000,000,000 | ---D | C] -- C:\8005aa3f1352b20e2c
[2014.01.02 14:19:02 | 000,000,000 | ---D | C] -- C:\Users\Dimitri\AppData\Local\Programs
[2014.01.01 20:13:32 | 000,000,000 | ---D | C] -- C:\Users\Dimitri\Desktop\Neuer Ordner
[2013.12.29 18:51:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\sda
========== Files - Modified Within 30 Days ==========
[2014.01.26 21:45:41 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dimitri\Desktop\OTL.exe
[2014.01.26 21:31:38 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.01.26 21:29:40 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014.01.26 21:29:28 | 2976,227,328 | -HS- | M] () -- C:\hiberfil.sys
[2014.01.26 21:07:00 | 000,000,318 | ---- | M] () -- C:\WINDOWS\tasks\Digital Sites.job
[2014.01.26 20:54:13 | 000,001,128 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014.01.26 10:07:18 | 000,000,142 | ---- | M] () -- C:\Users\Dimitri\AppData\Roaming\WB.CFG
[2014.01.26 10:07:18 | 000,000,005 | ---- | M] () -- C:\Users\Dimitri\AppData\Roaming\WBPU-TTL.DAT
[2014.01.25 14:59:22 | 001,980,934 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014.01.25 14:59:22 | 000,842,568 | ---- | M] () -- C:\WINDOWS\SysNative\perfh007.dat
[2014.01.25 14:59:22 | 000,786,952 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014.01.25 14:59:22 | 000,191,764 | ---- | M] () -- C:\WINDOWS\SysNative\perfc007.dat
[2014.01.25 14:59:22 | 000,161,212 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014.01.25 14:16:49 | 001,236,282 | ---- | M] () -- C:\Users\Dimitri\Desktop\adwcleaner.exe
[2014.01.25 14:16:26 | 000,002,193 | ---- | M] () -- C:\Users\Public\Desktop\VideoCam Suite 3.0.lnk
[2014.01.25 14:16:07 | 000,002,274 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VideoCam Suite.lnk
[2014.01.25 14:10:42 | 000,000,358 | ---- | M] () -- C:\WINDOWS\tasks\HPCeeScheduleForHome-PC.job
[2014.01.12 11:41:59 | 001,037,068 | ---- | M] (Thisisu) -- C:\Users\Dimitri\Desktop\JRT.exe
========== Files Created - No Company Name ==========
[2014.01.26 20:54:13 | 000,001,128 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2014.01.25 14:16:49 | 001,236,282 | ---- | C] () -- C:\Users\Dimitri\Desktop\adwcleaner.exe
[2014.01.25 14:16:25 | 000,002,193 | ---- | C] () -- C:\Users\Public\Desktop\VideoCam Suite 3.0.lnk
[2014.01.25 14:16:07 | 000,002,274 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VideoCam Suite.lnk
[2014.01.24 17:52:44 | 000,000,358 | ---- | C] () -- C:\WINDOWS\tasks\HPCeeScheduleForHome-PC.job
[2014.01.16 21:32:30 | 000,138,240 | ---- | C] () -- C:\WINDOWS\SysNative\OEMLicense.dll
[2014.01.16 21:32:30 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014.01.12 12:07:22 | 000,000,005 | ---- | C] () -- C:\Users\Dimitri\AppData\Roaming\WBPU-TTL.DAT
[2014.01.12 12:07:21 | 000,000,142 | ---- | C] () -- C:\Users\Dimitri\AppData\Roaming\WB.CFG
[2014.01.12 12:07:18 | 000,000,318 | ---- | C] () -- C:\WINDOWS\tasks\Digital Sites.job
[2014.01.02 14:19:43 | 000,016,896 | ---- | C] () -- C:\WINDOWS\SysNative\sasnative64.exe
[2013.12.23 22:10:25 | 001,914,374 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013.12.23 22:06:55 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2013.12.23 08:28:14 | 000,000,400 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2013.12.13 10:23:56 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2013.12.13 10:23:54 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2013.12.13 10:23:46 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblag.dat
[2013.12.13 10:23:24 | 000,995,342 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_as32.exe
[2013.12.13 10:23:24 | 000,798,734 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_ld32.exe
[2013.12.13 10:23:14 | 000,123,392 | ---- | C] () -- C:\WINDOWS\SysWow64\amdhdl32.dll
[2013.10.07 03:37:51 | 000,451,072 | ---- | C] () -- C:\WINDOWS\SysWow64\ISSRemoveSP.exe
[2013.08.22 16:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013.08.22 16:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013.08.22 15:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2013.08.22 08:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013.08.22 04:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013.08.22 00:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013.08.22 00:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2012.11.27 00:18:46 | 000,038,912 | ---- | C] () -- C:\WINDOWS\SysWow64\kdbsdk32.dll
[2012.07.25 21:22:54 | 000,982,240 | ---- | C] () -- C:\WINDOWS\SysWow64\igkrng500.bin
[2012.07.25 21:22:54 | 000,439,308 | ---- | C] () -- C:\WINDOWS\SysWow64\igcompkrng500.bin
[2012.07.25 21:22:54 | 000,092,356 | ---- | C] () -- C:\WINDOWS\SysWow64\igfcg500m.bin
========== ZeroAccess Check ==========
[2013.12.25 17:30:51 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013.11.14 08:50:38 | 021,196,664 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013.11.14 08:50:38 | 018,642,504 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013.08.22 10:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013.08.22 03:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013.08.22 10:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2014.01.26 21:18:19 | 000,000,000 | ---D | M] -- C:\Users\Dimitri\AppData\Roaming\DigitalSites
[2013.12.22 18:04:15 | 000,000,000 | ---D | M] -- C:\Users\Dimitri\AppData\Roaming\Garmin
[2013.12.22 20:21:57 | 000,000,000 | ---D | M] -- C:\Users\Dimitri\AppData\Roaming\GHISLER
[2013.12.16 21:04:37 | 000,000,000 | ---D | M] -- C:\Users\Dimitri\AppData\Roaming\Synaptics
[2014.01.02 15:26:02 | 000,000,000 | ---D | M] -- C:\Users\Dimitri\AppData\Roaming\WebApp
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*. >
[2014.01.11 23:55:55 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2014.01.02 14:20:01 | 000,000,000 | ---D | M] -- C:\8005aa3f1352b20e2c
[2014.01.26 21:28:49 | 000,000,000 | ---D | M] -- C:\AdwCleaner
[2013.12.23 22:06:56 | 000,000,000 | ---D | M] -- C:\AMD
[2012.08.04 00:21:36 | 000,000,000 | -HSD | M] -- C:\Boot
[2013.08.22 15:45:52 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2013.12.17 03:43:58 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2013.07.02 09:49:46 | 000,000,000 | -H-D | M] -- C:\HP
[2013.12.23 21:55:01 | 000,000,000 | ---D | M] -- C:\inetpub
[2013.08.22 16:22:35 | 000,000,000 | ---D | M] -- C:\PerfLogs
[2013.12.23 22:20:08 | 000,000,000 | R--D | M] -- C:\Program Files
[2014.01.26 21:24:19 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2014.01.26 20:54:11 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2013.12.17 03:43:58 | 000,000,000 | -HSD | M] -- C:\Programme
[2013.12.23 22:04:14 | 000,000,000 | -HSD | M] -- C:\Recovery
[2013.12.22 21:26:00 | 000,000,000 | ---D | M] -- C:\sources
[2014.01.24 17:48:13 | 000,000,000 | ---D | M] -- C:\SWSetup
[2014.01.26 21:50:48 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2013.12.16 21:03:12 | 000,000,000 | -H-D | M] -- C:\SYSTEM.SAV
[2013.12.22 20:22:33 | 000,000,000 | ---D | M] -- C:\totalcmd
[2013.12.23 22:20:20 | 000,000,000 | R--D | M] -- C:\Users
[2014.01.16 21:30:26 | 000,000,000 | ---D | M] -- C:\Windows
< %PROGRAMFILES%\*.exe >
< %LOCALAPPDATA%\*.exe >
< %systemroot%\*. /mp /s >
< %windir%\installer\*. /5 >
[2014.01.24 17:51:04 | 000,000,000 | ---D | M] -- C:\WINDOWS\installer\{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}
[2014.01.25 14:15:24 | 000,000,000 | ---D | M] -- C:\WINDOWS\installer\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}
< %localappdata%\*. /5 >
[2014.01.24 17:52:36 | 000,000,000 | ---D | M] -- C:\Users\Dimitri\AppData\Local\Hewlett-Packard
[2014.01.25 14:24:21 | 000,000,000 | ---D | M] -- C:\Users\Dimitri\AppData\Local\Panasonic
[2014.01.26 21:50:27 | 000,000,000 | ---D | M] -- C:\Users\Dimitri\AppData\Local\Temp
< >
[2013.08.22 15:45:54 | 000,000,006 | -H-- | C] () -- C:\WINDOWS\Tasks\SA.DAT
[2013.12.23 22:07:30 | 000,000,264 | ---- | C] () -- C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job
[2014.01.12 12:07:18 | 000,000,318 | ---- | C] () -- C:\WINDOWS\Tasks\Digital Sites.job
[2014.01.24 17:52:44 | 000,000,358 | ---- | C] () -- C:\WINDOWS\Tasks\HPCeeScheduleForHome-PC.job
========== Alternate Data Streams ==========
@Alternate Data Stream - 456 bytes -> C:\WINDOWS\Temp\f228c534-ffee-4a66-b239-b05835bb5acf:$WIMMOUNTDATA
@Alternate Data Stream - 199 bytes -> C:\Users\Dimitri\SkyDrive:ms-properties
< End of report > --- --- ---
Extra.txtOTL Logfile: Code:
OTL Extras logfile created on: 26.01.2014 21:47:29 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dimitri\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16476)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,46 Gb Total Physical Memory | 2,18 Gb Available Physical Memory | 62,88% Memory free
4,40 Gb Paging File | 2,80 Gb Available in Paging File | 63,53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 676,82 Gb Total Space | 477,43 Gb Free Space | 70,54% Space Free | Partition Type: NTFS
Drive D: | 20,70 Gb Total Space | 2,04 Gb Free Space | 9,88% Space Free | Partition Type: NTFS
Drive E: | 4,11 Gb Total Space | 0,00 Gb Free Space | 0,00% Space Free | Partition Type: UDF
Drive G: | 465,64 Gb Total Space | 244,08 Gb Free Space | 52,42% Space Free | Partition Type: FAT32
Computer Name: BASIC-PC | User Name: Home-PC | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [print] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files (x86)\Advanced System Protector\filetypehelper.exe -scanunknown "%1"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- "C:\Program Files (x86)\Office10\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- C:\Program Files (x86)\Advanced System Protector\filetypehelper.exe -scanunknown "%1"
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0351A3F2-3A29-4237-B881-7809A406E425}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1A634265-7B68-4089-9AA0-BCA5059FB00D}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{67AAFF14-65C2-45FB-8FE0-E027207AFCB0}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{6C313040-A827-46EC-A912-02B661A94B34}" = rport=10243 | protocol=6 | dir=out | app=system |
"{95E34133-9C01-4ABA-B385-5F632AA95AE3}" = lport=10243 | protocol=6 | dir=in | app=system |
"{9E61889E-6C30-42D0-B148-EC80C6155ABD}" = lport=2869 | protocol=6 | dir=in | app=system |
"{C5D84AD3-33B0-4EA9-A34D-246B91D294BC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{DD7EB34D-224C-43E8-B919-52F0B5BA6A3C}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{DFDBEBE8-1976-409D-BAB3-C8E734163E9A}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{E8F7D89A-6C7D-4A00-AA90-921750918777}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{EDCA6E20-4413-4578-B829-E60D60601159}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00AD6CF1-0B71-4E51-86FD-BB98EFE9E297}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{00C05A3A-B92B-4293-9CE6-2BC4F9B4B1E7}" = dir=out | name=ebay |
"{0482A1B4-847A-4C6B-A649-FE9A0DFCF4B0}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{158D0A29-8E25-4126-922E-58F57507A3C8}" = dir=out | name=hp connected photo powered by snapfish |
"{17D9CFE7-B6DA-42DF-AA43-96AAEDA729E5}" = dir=out | name=@{microsoft.zunevideo_2.2.338.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{19F3D917-E1BA-48A7-A46B-5680F9313291}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{1B4B5D02-6C74-4271-8E54-C4DA9D36CBAE}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{1EAAB02E-C732-44B2-BA0D-19D7A425CC73}" = dir=out | name=@{microsoft.bingmaps_2.0.2210.2401_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{1EB1DAB9-BF62-40BB-9746-27ECE0F5E453}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector10\pdr10.exe |
"{21F1C2D5-B96E-45BF-A60E-F8551BA98F82}" = dir=out | name=getting started with windows 8 |
"{2CA6101C-5E58-4CDA-A180-33171A018F51}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{3187EA31-E403-466B-AF5A-3D8E1924DDF8}" = dir=in | name=check point vpn |
"{3C4F6F1B-8255-4234-979E-E3D3BBCF5811}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{3F927A1F-9998-45D6-85D7-D48837AE8AAF}" = dir=in | name=juniper networks junos pulse |
"{3FCF5F50-7936-4617-995D-322EB1648231}" = dir=out | name=norton studio |
"{4083603C-FA9C-4C70-801B-A248C1C0DF13}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{41B507AB-12F1-4903-BA7A-38B92EEA801D}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{47B2D30E-5FA3-4D28-8651-457DFF3331D7}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{49ADCF7C-A81D-4920-892C-5278246F3E84}" = dir=out | name=skype |
"{4E775DB4-1770-42FD-9E5F-CB151F455591}" = dir=in | name=f5 vpn |
"{4F9CE46B-0AF4-4ED0-8C86-0769A4DE125C}" = dir=out | app=c:\program files (x86)\hpconnectedmusic\hpconnectedmusic.exe |
"{50B17B86-572D-4386-8319-84106877DA45}" = dir=out | name=@{microsoft.bingnews_3.0.1.321_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/apptitle} |
"{51868207-089B-4E1F-88E6-CAF0461F66E6}" = dir=out | name=@{microsoft.zunemusic_2.2.444.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{5221CAD3-061B-4AE6-B555-1FF36C23A98D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{5329C0CD-D66E-4268-B4D2-FFE2B5068795}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{59206638-E066-4B25-BD2F-E6981ECEF8E1}" = dir=out | name=@{microsoft.zunemusic_1.5.216.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{5A8306CC-2CC7-4738-ACF3-D818C43750BA}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{6921E06F-B342-4FF8-A470-2507684A4047}" = dir=out | app=%localappdata%\hpconnectedmusic\application\hpconnectedmusic.exe |
"{6BC98EAB-851C-4EA1-A8AF-AD17093D22E3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{6C70626F-40A3-4FB4-881C-67A1D61A112E}" = dir=out | name=windows_ie_ac_001 |
"{6D1D2A95-DDE0-467C-9081-40F914AFF410}" = dir=out | name=@{microsoft.bingweather_2.0.0.310_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{738BACCE-C500-4A45-917B-13C3C4C619C8}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.1.337_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{742D1A21-4A31-41FA-8C2D-ADCA75D56ACE}" = dir=in | name=sonicwall mobile connect |
"{7D7FE519-8424-445F-BB0A-58DEA66602AF}" = dir=out | name=hp registration |
"{7FEF0FEB-1D6E-4599-94B7-81F97E5700A3}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{84BF15F0-AF05-46AA-8C8D-60E32B3F8861}" = dir=out | name=@{microsoft.bingmaps_1.6.1821.2624_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{89D1BB37-7EBA-460F-83E4-784F4CEEC8E1}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.1.335_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{8C484F4B-00FC-456C-B97A-3B5515B704E3}" = dir=in | name=skype |
"{8D25B2FB-374D-463C-9E4B-E377AA62C588}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{9306C5FB-886A-4435-8EE0-7B9ED3F336B6}" = dir=out | name=youcam for hp |
"{9B1EAF8B-99F8-4383-8E4F-7435AA7ED40E}" = dir=out | name=@{microsoft.bingnews_2.0.0.308_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{A031931E-EE25-48DF-B0BF-F23B992A75B3}" = dir=in | app=c:\program files (x86)\hewlett-packard\hp support framework\resources\hpwarrantycheck\hpdevicedetection3.exe |
"{A41BC392-1CA1-410B-B508-E276DE0500E8}" = dir=out | name=sonicwall mobile connect |
"{A62DADFB-DE92-4EF1-A1A8-44152A4EA0CE}" = dir=out | name=check point vpn |
"{A8720B3C-7024-4A16-8427-60BEBD39C31A}" = dir=out | name=windows_ie_ac_001 |
"{A8DC909D-6CF9-4B12-88B0-8EE949B242B6}" = dir=out | name=f5 vpn |
"{AB936004-C684-4DD9-8A1D-ED20D66E7191}" = dir=in | app=c:\users\administrator\appdata\local\microsoft\skydrive\skydrive.exe |
"{B04856C3-21EC-4F1E-8BF6-59DBFAD3E3D7}" = dir=out | name=@{microsoft.bingsports_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{B501C89B-6214-4DE4-91A7-DCFC55CDDC9F}" = dir=out | name=@{microsoft.bingfinance_3.0.1.299_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{BBAD63F2-650C-4E16-BD8F-1EBEDF1546D0}" = dir=out | name=@{microsoft.zunevideo_1.5.338.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{C47B3750-6F26-4579-BCE0-A6147D266082}" = dir=out | name=@{microsoft.bingtravel_3.0.1.202_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{C5F37D0B-9F2D-4926-BAE6-1C5949994838}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C7713CE8-92F5-45D8-8344-D87FC29DC525}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{C84AD5AE-6B62-4B6B-A52F-79E388D6E3A4}" = dir=out | name=juniper networks junos pulse |
"{CAAE0D3B-5F09-43E2-8D2B-96DD8F3491F8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{CD8C78F4-134D-443A-A77A-40AB798930A4}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{D102D9EC-0C70-4C46-AE68-701D72626F86}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D23298F4-E128-4792-BD77-E7368271F63B}" = dir=out | app=%localappdata%\hpconnectedmusic\application\spotify_helper.exe |
"{D5E6D72F-71C5-478E-BFDE-F3BD3AEFAEA1}" = dir=out | name=windows_ie_ac_001 |
"{D6339B1A-1C5A-45C9-8B63-0443259CE6A7}" = dir=in | app=c:\program files (x86)\hpconnectedmusic\hpconnectedmusic.exe |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EB0CB980-758D-44D1-899E-FDD4112E00EF}" = dir=in | app=%localappdata%\hpconnectedmusic\application\spotify_helper.exe |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{F37ED377-AB00-484C-9058-A06A0B69C0C2}" = protocol=6 | dir=out | app=system |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F64530AB-4396-496B-A38F-7A6A8E3DC737}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20349_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{F7B72D4D-F4AE-4556-AE49-7D9BEE9E1BC4}" = dir=in | app=%localappdata%\hpconnectedmusic\application\hpconnectedmusic.exe |
"{F8DF85C2-E474-4F14-9694-BDA38EB432D4}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20315_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{F976B81B-E15F-40B1-BCC2-4901E12A74C1}" = dir=in | name=hp connected photo powered by snapfish |
"{FCBBAC8B-5A84-449E-B298-F3D7E8834141}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{FEF80E3E-60A3-45C2-AAEE-21F6D0D32C3F}" = dir=out | name=@{microsoft.bingweather_3.0.1.203_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{FFEBB405-4E24-41E4-9F93-0A377D6B97DE}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07B3679D-5F6D-B475-97E4-EB930A67564A}" = ccc-utility64
"{12A9540F-5863-DE7F-A994-3A708541AC70}" = AMD Accelerated Video Transcoding
"{20405B38-CED3-CF8A-4DEE-89C9140FD86F}" = AMD Start Now
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E14E6D6-3175-4E1A-B934-CAB5A86367CD}" = HP Postscript Converter
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{73237EBB-B26F-4628-8754-4EFE563D72E9}" = HP Utility Center
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A2CB1ACB-94A2-32BA-A15E-7D80319F7589}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
"{AB1FC306-0E04-81D5-F105-C929F912CF20}" = AMD Catalyst Install Manager
"{AC53FC8B-EE18-3F9C-9B59-60937D0B182C}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
"{B8375507-CC65-3A1E-EDE9-739AC8183C69}" = AMD Fuel
"{D1E8F2D7-7794-4245-B286-87ED86C1893C}" = HP Registration Service
"{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"Jump Flip" = Jump Flip
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Totalcmd64" = Total Commander 64-bit (Remove or Repair)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"{03CC9D58-B132-4CC0-A521-4F3660AA43C7}" = Movie Maker
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{04DB4506-A2DE-7BF5-E95D-D64258DEF8FD}" = AMD VISION Engine Control Center
"{07F6DC37-0857-4B68-A675-4E35989E85E3}" = HP 3D DriveGuard
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{0AB0DBB2-27F5-E9E2-8F35-8EF71965D0B5}" = CCC Help Finnish
"{11AF9A96-6D83-4C3B-8DCB-16EA2A358E3F}" = HP CoolSense
"{15134cb0-b767-4960-a911-f2d16ae54797}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
"{1640D710-95DB-C9D2-11E6-23BC12671D4C}" = CCC Help Swedish
"{19084A1B-2DA6-0AB6-659B-72333D0DA4D7}" = CCC Help English
"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
"{1A96A5C2-6E35-3683-17B6-DE4F4163377A}" = CCC Help French
"{1AE37508-089E-41AC-95BD-99FF06887C2F}" = HP Recovery Manager
"{1D5EB783-25F8-495B-8B01-DE6D1BFBB8B4}" = VideoCam Suite 3.0
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"{235C00AD-9AC2-339C-A0A3-22FB2DDE92CD}" = CCC Help Thai
"{23CCE784-A812-4647-AEFF-1DCCD4E57478}" = HP Support Solutions Framework
"{24EB3189-4AE1-4188-FE78-0E54CAA3BD62}" = CCC Help German
"{2A572E0B-2462-8D3B-23AF-E29020E47727}" = CCC Help Portuguese
"{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"{30B2D1D8-0A07-4B71-9553-0710C5D31E35}" = HP Wireless Button Driver
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{352B1136-BF8D-4F5A-924B-43B26D05B3B5}" = Elevated Installer
"{39337565-330E-4ab6-A9AE-AC81E0720B10}" = Cyberlink PhotoDirector
"{3B43918F-9F9A-2293-BADD-B4F6DC605E40}" = CCC Help Turkish
"{3CBD94C1-BA15-488C-888B-D8DD296CC6DC}" = Fotogalerie
"{42323E2A-B8F7-6C3D-A8FB-2E46B7049321}" = CCC Help Czech
"{49110532-D289-4BFF-807C-45B782E66A7C}" = Photo Common
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{527B6190-AD26-AE45-9985-32424177CA93}" = Catalyst Control Center Localization All
"{589633D5-2E50-E65A-7C28-B1D51595CEE5}" = CCC Help Italian
"{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}" = Realtek Card Reader
"{5F638781-7754-411F-974C-F20F27292E24}" = VideoCam Suite
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{63824BC0-B747-43F3-9863-1066D64AD919}" = Photo Gallery
"{690F5BA3-5DEB-42CD-962B-F687EE59FAA7}" = Windows Live Essentials
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6CEA775F-E70A-4D72-A3B4-1EB3A5AD4B5C}" = Windows Live Essentials
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{727E80AB-EB99-23CE-E6C9-7122999A6915}" = CCC Help Danish
"{772B132F-1C42-4EAC-1BDA-BB1869051E45}" = CCC Help Chinese Standard
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{874B12CE-2C6A-4E12-AEB5-4D35CCA5270B}" = Garmin Express
"{87D7EB18-0C00-632D-7B57-519D1BF536D9}" = Catalyst Control Center InstallProxy
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}" = Movie Maker
"{90150000-0138-0409-0000-0000000FF1CE}" = Microsoft Office
"{90280407-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional mit FrontPage
"{92323FF7-7417-4C28-9683-2FEA6F654735}" = Catalyst Control Center - Branding
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A5107464-AA9B-4177-8129-5FF2F42DD322}" = REALTEK Wireless LAN Driver
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.06) - Deutsch
"{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"{B2DB889D-D231-4BF8-A417-8740D6B99F1B}" = Catalyst Control Center Graphics Previews Common
"{B41C6B3F-F752-46EA-BC46-F26D3AD147B8}" = HP Documentation
"{B727564C-47D3-473A-AC9E-F4BE7B1BD5D3}" = Windows Live UX Platform Language Pack
"{B92F2892-9C2A-1429-65A0-4C256B941354}" = CCC Help Chinese Traditional
"{BB27C290-AB30-4D9E-A5D1-88745AAE42E9}" = HP Quick Start
"{BB995437-1E32-C0C6-115A-C6BB61566837}" = CCC Help Polish
"{BE770575-1FB0-47EB-A2EE-52107A023F12}" = Garmin Express Tray
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C78E8F51-3EAD-4F0C-83F0-EF371075E0B4}" = HP System Event Utility
"{C89A97B6-F991-EBB5-77B7-927BCF420EBE}" = OEM Application Profile
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{CD60A43F-170F-9B78-66E1-B546BA346EA1}" = CCC Help Hungarian
"{d6f59919-3fd4-48c5-8404-def6f92d8422}" = Garmin Express
"{D82A57CA-7C8D-CE6B-3684-785576371301}" = CCC Help Greek
"{D82AF243-984B-AEC0-8076-66ABB6A7845D}" = CCC Help Norwegian
"{DD0B2555-024F-EBB9-58EC-12D67D057457}" = CCC Help Korean
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E1203F8C-FF34-4968-A4A5-B4F1F8533DAB}" = Photo Common
"{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}" = Microsoft SQL Server Compact 3.5 SP1 English
"{E998D949-8CBC-AD2A-F3BB-A52479CED2AC}" = CCC Help Russian
"{EBE10CF0-3FCE-6BDC-181B-E9DD5EDD2877}" = CCC Help Japanese
"{ECEC6527-135D-F38B-DA6E-E53C32BD4335}" = CCC Help Spanish
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F21F0424-B2FF-40BF-A984-9E0D7FB4C97E}" = Windows Live UX Platform Language Pack
"{FC0ADA4D-8FA5-4452-8AFF-F0A0BAC97EF7}" = Energy Star
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FEF560E3-52AF-DACD-FE99-850398DD80DB}" = CCC Help Dutch
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}" = CyberLink YouCam
"InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}" = CyberLink Media Suite 10
"InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}" = CyberLink Power2Go 8
"InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}" = Cyberlink PhotoDirector
"InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}" = CyberLink PowerDirector 10
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"NIS" = Norton Internet Security
"StartHPConnectedMusic" = HP Connected Music (Meridian - installer)
"WinLiveSuite" = Windows Live Essentials
"WPM" = WPM17.8.0.3297
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"HPConnectedMusic" = HP Connected Music (Meridian - player)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 12.01.2014 07:15:00 | Computer Name = Basic-PC | Source = Perflib | ID = 1021
Description =
Error - 12.01.2014 07:15:00 | Computer Name = Basic-PC | Source = Perflib | ID = 1017
Description =
Error - 12.01.2014 07:15:00 | Computer Name = Basic-PC | Source = Perflib | ID = 1008
Description =
Error - 12.01.2014 08:06:37 | Computer Name = Basic-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 12.01.2014 10:32:25 | Computer Name = Basic-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 12.01.2014 12:44:51 | Computer Name = Basic-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 13.01.2014 13:56:38 | Computer Name = Basic-PC | Source = Microsoft-Windows-LocationProvider | ID = 2005
Description = There was an error communicating to the Orion DCS server
Error - 13.01.2014 14:31:33 | Computer Name = Basic-PC | Source = Customer Experience Improvement Program | ID = 1008
Description =
Error - 15.01.2014 15:17:46 | Computer Name = Basic-PC | Source = MsiInstaller | ID = 1024
Description =
Error - 16.01.2014 16:20:26 | Computer Name = Basic-PC | Source = Microsoft-Windows-LocationProvider | ID = 2005
Description = There was an error communicating to the Orion DCS server
[ System Events ]
Error - 18.01.2014 04:28:33 | Computer Name = Basic-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Update Jump Flip" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 18.01.2014 04:29:03 | Computer Name = Basic-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Util Jump Flip erreicht.
Error - 18.01.2014 04:29:03 | Computer Name = Basic-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Util Jump Flip" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 18.01.2014 04:31:01 | Computer Name = Basic-PC | Source = DCOM | ID = 10016
Description =
Error - 18.01.2014 04:37:03 | Computer Name = Basic-PC | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt
gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende
Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus
lautet: 252.
Error - 18.01.2014 04:37:03 | Computer Name = Basic-PC | Source = Schannel | ID = 36888
Description = Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt
gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende
Warnung hat folgenden für das TLS-Protokoll definierten Code: 40. Der Windows-SChannel-Fehlerstatus
lautet: 252.
Error - 22.01.2014 05:18:39 | Computer Name = Basic-PC | Source = Microsoft-Windows-HAL | ID = 13
Description = Der Systemüberwachungszeitgeber wurde ausgelöst.
Error - 22.01.2014 05:19:38 | Computer Name = Basic-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Update Jump Flip erreicht.
Error - 22.01.2014 05:19:38 | Computer Name = Basic-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Update Jump Flip" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 22.01.2014 05:20:08 | Computer Name = Basic-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Util Jump Flip erreicht.
< End of report > --- --- --- |