Trojaner-Board - Sobald ich einen Browser öffne wir mein Internet extrem langsam

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - Sobald ich einen Browser öffne wir mein Internet extrem langsam (https://www.trojaner-board.de/124817-sobald-browser-oeffne-internet-extrem-langsam.html)

Sobald ich einen Browser öffne wir mein Internet extrem langsam

Also wie im Titel beschrieben sobald ich nen Browser öffne wird mein Internet arg langsam, egal ob Internet Explorer oder Firefox. Habt ihr ne Ahnung?

hi
Falls noch nicht vorhanden, lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop

Starte bitte die
OTL.exe
.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Kopiere nun den Inhalt in die http://larusso.trojaner-board.de/Images/otlfix.jpg
Textbox.

Code:

activex

netsvcs

msconfig

%SYSTEMDRIVE%\*.

%PROGRAMFILES%\*.exe

%LOCALAPPDATA%\*.exe

%systemroot%\*. /mp /s

C:\Windows\system32\*.tsp

/md5start

userinit.exe

eventlog.dll

scecli.dll

netlogon.dll

cngaudit.dll

ws2ifsl.sys

sceclt.dll

ntelogon.dll

winlogon.exe

logevent.dll

user32.DLL

explorer.exe

iaStor.sys

nvstor.sys

atapi.sys

IdeChnDr.sys

viasraid.sys

AGP440.sys

vaxscsi.sys

nvatabus.sys

viamraid.sys

nvata.sys

nvgts.sys

iastorv.sys

ViPrt.sys

eNetHook.dll

ahcix86.sys

KR10N.sys

nvstor32.sys

ahcix86s.sys

/md5stop

%systemroot%\system32\drivers\*.sys /lockedfiles

%systemroot%\System32\config\*.sav

%systemroot%\system32\*.dll /lockedfiles

%USERPROFILE%\*.*

%USERPROFILE%\Local Settings\Temp\*.exe

%USERPROFILE%\Local Settings\Temp\*.dll

%USERPROFILE%\Application Data\*.exe

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs

CREATERESTOREPOINT

Schliesse bitte nun alle Programme. (Wichtig)
Klicke nun bitte auf den Quick Scan Button.
Kopiere
nun den Inhalt aus OTL.txt und Extra.txt hier in Deinen Thread

So ich habe den Scan direkt nach dem Systemstart ausgeführt nur Firefox lief.
OTL Logfile:

Code:

OTL logfile created on: 28.09.2012 17:16:23 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Marc\Desktop

64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

7,98 Gb Total Physical Memory | 5,47 Gb Available Physical Memory | 68,52% Memory free

15,97 Gb Paging File | 13,34 Gb Available in Paging File | 83,55% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 465,66 Gb Total Space | 67,46 Gb Free Space | 14,49% Space Free | Partition Type: NTFS

Drive E: | 1000,00 Gb Total Space | 104,51 Gb Free Space | 10,45% Space Free | Partition Type: NTFS

Drive H: | 100,00 Mb Total Space | 84,72 Mb Free Space | 84,73% Space Free | Partition Type: NTFS

Drive I: | 863,01 Gb Total Space | 828,46 Gb Free Space | 96,00% Space Free | Partition Type: NTFS

Drive K: | 931,51 Gb Total Space | 441,21 Gb Free Space | 47,36% Space Free | Partition Type: NTFS

 

Computer Name: MARC-PC | User Name: Marc | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans

Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Processes (SafeList) ==========

 

PRC - [2012.09.28 15:49:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marc\Desktop\OTL.exe

PRC - [2012.09.21 15:22:49 | 001,807,280 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_4_402_278.exe

PRC - [2012.09.06 03:24:58 | 000,917,984 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe

PRC - [2012.08.30 21:14:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

PRC - [2012.08.30 10:40:00 | 000,382,312 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

PRC - [2012.08.29 12:03:38 | 001,996,200 | ---- | M] (LogMeIn Inc.) -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

PRC - [2012.08.24 13:01:40 | 002,735,528 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

PRC - [2012.07.29 15:28:12 | 000,138,096 | ---- | M] (Facebook Inc.) -- C:\Users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe

PRC - [2012.07.27 22:51:38 | 000,823,224 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\acrotray.exe

PRC - [2012.07.27 13:51:28 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2012.06.16 04:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe

PRC - [2012.05.24 20:39:22 | 027,112,840 | ---- | M] (Dropbox, Inc.) -- C:\Users\Marc\AppData\Roaming\Dropbox\bin\Dropbox.exe

PRC - [2012.04.17 17:19:40 | 003,671,872 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

PRC - [2012.04.17 17:19:32 | 002,614,080 | ---- | M] (DT Soft Ltd) -- C:\Program Files (x86)\DAEMON Tools Lite\DTShellHlp.exe

PRC - [2012.04.06 17:59:49 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe

PRC - [2012.01.18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

PRC - [2011.09.09 17:11:58 | 000,142,848 | ---- | M] () -- C:\Program Files (x86)\Facebook Desktop\Facebook Desktop.exe

PRC - [2011.07.11 23:47:06 | 000,074,752 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\Winamp\winampa.exe

PRC - [2010.04.22 15:05:26 | 001,011,712 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\AlarmClock.exe

PRC - [2009.12.02 19:40:40 | 000,068,136 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe

PRC - [2009.12.01 14:13:08 | 000,035,880 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\smart6\dbios\SDBMSG.exe

PRC - [2009.10.13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) -- C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe

PRC - [2009.08.27 18:09:10 | 001,253,376 | ---- | M] (MAGIX AG) -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

PRC - [2009.06.17 16:13:06 | 000,068,136 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe

PRC - [2009.06.02 19:05:58 | 000,457,200 | ---- | M] () -- C:\Program Files (x86)\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe

PRC - [2009.03.30 15:00:54 | 000,221,184 | ---- | M] (Brother Industries, Ltd.) -- C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe

PRC - [2007.07.11 16:09:48 | 000,020,480 | ---- | M] () -- C:\Windows\FixCamera.exe

PRC - [2007.05.10 13:18:10 | 000,835,584 | ---- | M] () -- C:\Windows\vsnp325.exe

PRC - [2007.04.21 09:36:50 | 000,270,336 | ---- | M] () -- C:\Windows\tsnp325.exe

PRC - [2006.10.16 10:18:36 | 000,344,064 | ---- | M] (Sonix) -- C:\Windows\vphc710.exe

PRC - [2006.05.10 11:37:54 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\Philips\Philips SPC710NC Webcam\TrayMin710.exe

 

 
 ========== Modules (No Company Name) ==========

 

MOD - [2012.09.21 15:22:49 | 009,813,424 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll

MOD - [2012.09.06 03:25:12 | 002,244,064 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

MOD - [2012.08.30 10:39:42 | 000,374,120 | ---- | M] () -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll

MOD - [2012.08.22 19:23:53 | 012,436,480 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll

MOD - [2012.08.22 19:23:40 | 001,591,808 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll

MOD - [2012.08.22 19:23:20 | 007,967,232 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll

MOD - [2012.08.22 19:23:16 | 011,492,864 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll

MOD - [2012.07.27 22:51:54 | 000,019,968 | ---- | M] () -- C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Locale\de_DE\acrotray.deu

MOD - [2011.09.09 17:11:58 | 000,142,848 | ---- | M] () -- C:\Program Files (x86)\Facebook Desktop\Facebook Desktop.exe

MOD - [2011.06.24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2011.06.24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2011.03.17 00:11:16 | 004,297,568 | ---- | M] () -- C:\PROGRA~3\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf

MOD - [2009.12.01 14:13:08 | 000,035,880 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\smart6\dbios\SDBMSG.exe

MOD - [2009.06.10 16:28:56 | 000,106,496 | ---- | M] () -- C:\Program Files (x86)\GIGABYTE\smart6\dbios\DBIOS.dll

MOD - [2009.02.27 16:38:22 | 000,139,264 | R--- | M] () -- C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll

MOD - [2007.07.11 16:09:48 | 000,020,480 | ---- | M] () -- C:\Windows\FixCamera.exe

MOD - [2007.05.10 13:18:10 | 000,835,584 | ---- | M] () -- C:\Windows\vsnp325.exe

MOD - [2007.04.21 09:36:50 | 000,270,336 | ---- | M] () -- C:\Windows\tsnp325.exe

MOD - [2006.05.10 11:37:54 | 000,278,528 | ---- | M] () -- C:\Program Files (x86)\Philips\Philips SPC710NC Webcam\TrayMin710.exe

 

 
 ========== Services (SafeList) ==========

 

SRV:64bit: - [2010.04.06 16:30:38 | 000,031,272 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysNative\AppleChargerSrv.exe -- (AppleChargerSrv)

SRV:64bit: - [2009.07.14 03:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)

SRV - [2012.09.22 11:08:37 | 000,529,744 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)

SRV - [2012.09.21 15:22:54 | 000,250,288 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2012.09.06 03:25:06 | 000,114,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2012.09.05 20:38:06 | 006,364,024 | ---- | M] (Native Instruments GmbH) [Auto | Running] -- C:\Programme\Common Files\Native Instruments\Hardware\NIHardwareService.exe -- (NIHardwareService)

SRV - [2012.08.30 21:14:00 | 001,258,856 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)

SRV - [2012.08.30 10:40:00 | 000,382,312 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)

SRV - [2012.08.29 12:03:36 | 002,369,960 | ---- | M] (LogMeIn Inc.) [Auto | Running] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)

SRV - [2012.08.24 13:01:40 | 002,735,528 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe -- (TeamViewer7)

SRV - [2012.08.21 17:12:24 | 000,018,360 | ---- | M] (Overwolf Ltd) [On_Demand | Stopped] -- C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe -- (OverwolfUpdaterService)

SRV - [2012.07.27 13:51:28 | 000,063,960 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2012.07.13 13:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2012.06.16 04:24:19 | 000,138,272 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe -- (NIS)

SRV - [2012.04.06 17:59:49 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)

SRV - [2012.01.18 06:44:52 | 000,450,848 | ---- | M] (Logitech Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe -- (UMVPFSrv)

SRV - [2011.10.23 22:07:34 | 000,630,784 | ---- | M] (FileZilla Project) [On_Demand | Stopped] -- C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe -- (FileZilla Server)

SRV - [2010.12.13 14:37:16 | 000,194,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Programme\Microsoft LifeCam\MSCamS64.exe -- (MSCamSvc)

SRV - [2010.03.18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2010.02.19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)

SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)

SRV - [2010.01.09 21:20:56 | 000,174,440 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose64)

SRV - [2009.12.02 19:40:40 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe -- (GEST Service)

SRV - [2009.10.13 16:39:46 | 000,114,688 | ---- | M] (Gigabyte Technology CO., LTD.) [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe -- (Smart TimeLock)

SRV - [2009.08.27 18:09:10 | 001,253,376 | ---- | M] (MAGIX AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe -- (Fabs)

SRV - [2009.07.24 08:33:34 | 000,219,632 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe -- (RoxWatch12)

SRV - [2009.07.24 08:33:10 | 001,116,656 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe -- (RoxMediaDB12)

SRV - [2009.06.17 16:13:06 | 000,068,136 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe -- (DES2 Service)

SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009.06.02 19:05:58 | 000,457,200 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe -- (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269)

SRV - [2008.08.07 12:10:02 | 003,276,800 | ---- | M] (MAGIX®) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe -- (FirebirdServerMAGIXInstance)

SRV - [2007.12.17 06:00:00 | 000,163,840 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE -- (EPSON_EB_RPCV4_01)

SRV - [2007.01.11 06:02:00 | 000,126,464 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE -- (EPSON_PM_RPCV4_01)

 

 
 ========== Driver Services (SafeList) ==========

 

DRV:64bit: - [2012.08.21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2012.07.30 13:32:08 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudobex.sys -- (ssudobex)

DRV:64bit: - [2012.07.30 13:32:08 | 000,203,104 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)

DRV:64bit: - [2012.07.30 13:32:08 | 000,102,240 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)

DRV:64bit: - [2012.07.06 04:17:58 | 000,037,536 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\srtspx64.sys -- (SRTSPX)

DRV:64bit: - [2012.07.06 04:17:57 | 000,737,952 | ---- | M] (Symantec Corporation) [File_System | On_Demand | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\srtsp64.sys -- (SRTSP)

DRV:64bit: - [2012.07.03 17:25:16 | 000,189,288 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)

DRV:64bit: - [2012.06.07 06:43:38 | 000,167,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\ccsetx64.sys -- (ccSet_NIS)

DRV:64bit: - [2012.05.22 14:26:10 | 000,147,288 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)

DRV:64bit: - [2012.05.22 03:37:12 | 001,129,120 | ---- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symefa64.sys -- (SymEFA)

DRV:64bit: - [2012.05.06 15:15:04 | 000,283,200 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)

DRV:64bit: - [2012.04.18 04:13:32 | 000,405,624 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symnets.sys -- (SymNetS)

DRV:64bit: - [2012.04.18 03:42:14 | 000,190,072 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\ironx64.sys -- (SymIRON)

DRV:64bit: - [2012.03.27 18:49:40 | 000,175,736 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)

DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2012.02.22 12:34:36 | 000,028,160 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcaudrv_x64.sys -- (mcaudrv_simple)

DRV:64bit: - [2012.02.22 12:23:14 | 000,358,480 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ks2avs.sys -- (ks2avs)

DRV:64bit: - [2012.02.22 12:23:14 | 000,080,464 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ks2usb.sys -- (ks2usb_svc)

DRV:64bit: - [2012.02.22 11:03:22 | 000,358,480 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\a2djavs.sys -- (a2djavs)

DRV:64bit: - [2012.02.22 11:03:22 | 000,096,336 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\a2djusb.sys -- (a2djusb_svc)

DRV:64bit: - [2012.02.15 12:01:50 | 000,052,736 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2012.01.18 06:44:36 | 004,865,568 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvuvc64.sys -- (LVUVC64)

DRV:64bit: - [2012.01.18 06:44:28 | 000,351,136 | ---- | M] (Logitech Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lvrs64.sys -- (LVRS64)

DRV:64bit: - [2012.01.11 08:11:20 | 000,034,304 | ---- | M] (ManyCam LLC) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mcvidrv_x64.sys -- (ManyCam)

DRV:64bit: - [2011.11.24 04:23:20 | 000,043,640 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SymIMV.sys -- (SymIM)

DRV:64bit: - [2011.11.03 03:01:00 | 000,056,208 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2011.08.01 15:59:06 | 000,045,416 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)

DRV:64bit: - [2011.07.28 18:37:10 | 000,052,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dc3d.sys -- (dc3d)

DRV:64bit: - [2011.07.27 20:48:14 | 000,014,952 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\iPodDrv.sys -- (iPodDrv)

DRV:64bit: - [2011.07.25 20:18:36 | 000,451,192 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1308000.00E\symds64.sys -- (SymDS)

DRV:64bit: - [2011.06.23 21:39:54 | 000,088,480 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\atksgt.sys -- (atksgt)

DRV:64bit: - [2011.06.23 21:39:54 | 000,046,400 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\lirsgt.sys -- (lirsgt)

DRV:64bit: - [2011.06.10 14:34:52 | 000,539,240 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2011.06.02 07:47:22 | 000,177,640 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdm.sys -- (ssadmdm)

DRV:64bit: - [2011.06.02 07:47:22 | 000,157,672 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadbus.sys -- (ssadbus)

DRV:64bit: - [2011.06.02 07:47:22 | 000,016,872 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadmdfl.sys -- (ssadmdfl)

DRV:64bit: - [2011.04.12 01:33:54 | 001,579,520 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)

DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2011.03.07 11:22:00 | 000,065,280 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronXHCI.sys -- (EtronXHCI)

DRV:64bit: - [2011.03.07 11:22:00 | 000,040,832 | ---- | M] (Etron Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\EtronHub3.sys -- (EtronHub3)

DRV:64bit: - [2011.01.10 18:16:08 | 000,021,104 | ---- | M] () [Kernel | System | Running] -- C:\Windows\SysNative\drivers\AppleCharger.sys -- (AppleCharger)

DRV:64bit: - [2010.12.21 07:55:02 | 000,172,104 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdm.sys -- (sscdmdm)

DRV:64bit: - [2010.12.21 07:55:02 | 000,136,264 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdbus.sys -- (sscdbus)

DRV:64bit: - [2010.12.21 07:55:02 | 000,036,328 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssadadb.sys -- (androidusb)

DRV:64bit: - [2010.12.21 07:55:02 | 000,019,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sscdmdfl.sys -- (sscdmdfl)

DRV:64bit: - [2010.11.21 05:24:43 | 000,020,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2010.11.21 05:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2010.11.21 05:23:48 | 000,117,248 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tsusbhub.sys -- (tsusbhub)

DRV:64bit: - [2010.11.21 05:23:48 | 000,088,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Synth3dVsc.sys -- (Synth3dVsc)

DRV:64bit: - [2010.11.21 05:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)

DRV:64bit: - [2010.11.21 05:23:48 | 000,034,816 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)

DRV:64bit: - [2010.11.21 05:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010.11.21 05:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)

DRV:64bit: - [2010.10.19 23:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)

DRV:64bit: - [2010.01.06 05:23:18 | 001,847,296 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athurx.sys -- (athur)

DRV:64bit: - [2009.10.08 13:59:34 | 000,044,624 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\a2djavs_x64.sys -- (a2djavs_x64)

DRV:64bit: - [2009.10.08 13:59:31 | 000,300,112 | ---- | M] (Native Instruments GmbH) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\a2djusb_x64.sys -- (a2djusb_x64)

DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2009.06.02 01:00:00 | 000,027,632 | ---- | M] (Sonic Solutions) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\SaibVdAd64.sys -- (SaibVdAd64)

DRV:64bit: - [2009.06.02 01:00:00 | 000,027,120 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Sahdad64.sys -- (Sahdad64)

DRV:64bit: - [2009.06.02 01:00:00 | 000,019,952 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Saibad64.sys -- (Saibad64)

DRV:64bit: - [2009.04.29 16:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)

DRV:64bit: - [2009.03.18 17:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)

DRV:64bit: - [2007.11.22 14:48:46 | 010,733,184 | ---- | M] (Sonix Co. Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\snp325.sys -- (SNP325)

DRV:64bit: - [2006.10.16 10:35:24 | 000,867,712 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\phc710.sys -- (phc710)

DRV - [2012.09.28 16:54:22 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Running] -- C:\Windows\gdrv.sys -- (gdrv)

DRV - [2012.09.28 14:48:06 | 002,084,000 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120927.034\ex64.sys -- (NAVEX15)

DRV - [2012.09.28 14:48:06 | 000,126,112 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120927.034\eng64.sys -- (NAVENG)

DRV - [2012.09.12 12:21:57 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)

DRV - [2012.09.01 02:27:24 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120927.001\IDSviA64.sys -- (IDSVia64)

DRV - [2012.09.01 00:09:13 | 001,385,120 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120919.001\BHDrvx64.sys -- (BHDrvx64)

DRV - [2012.08.21 18:25:33 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)

DRV - [2012.06.06 22:49:42 | 000,030,528 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\GVTDrv64.sys -- (GVTDrv64)

DRV - [2012.06.06 20:31:44 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\etdrv.sys -- (etdrv)

DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

 

 
 ========== Standard Registry (SafeList) ==========

 

 
 ========== Internet Explorer ==========

 

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

 

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Users\Marc\Desktop

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DE E0 DE 9C 61 8C CD 01  [binary data]

IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}

IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH

IE - HKCU\..\SearchScopes\{0647B9BC-2C83-41bb-823F-E8789C72E908}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV

IE - HKCU\..\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}: "URL" = hxxp://int.search-results.com/web?q={SEARCHTERMS}&o=15527&l=dis&prt=NIS&chn=retail&geo=DE&ver=18

IE - HKCU\..\SearchScopes\{F5CC370D-0E53-4eea-A9C4-65DB5D120CAC}: "URL" = hxxp://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&q=&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;<local>

 
 ========== FireFox ==========

 

FF - prefs.js..browser.startup.homepage: "hxxp://www.wisedock.de/m.php?id=2332406674768a7e760877fb50ef6c1161c7"

FF - prefs.js..extensions.enabledAddons: amznUWL2@amazon.com:1.10

FF - prefs.js..extensions.enabledAddons: de-DE@dictionaries.addons.mozilla.org:2.0.2

FF - prefs.js..extensions.enabledAddons: ich@maltegoetz.de:1.4.3

FF - prefs.js..extensions.enabledAddons: youtube2mp3@mondayx.de:1.2.3

FF - prefs.js..extensions.enabledAddons: {1018e4d6-728f-4b20-ad56-37578a4de76b}:4.2.1

FF - prefs.js..extensions.enabledAddons: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.10

FF - prefs.js..extensions.enabledAddons: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:2.0.15

FF - prefs.js..extensions.enabledAddons: {ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}:2.7.6

FF - prefs.js..extensions.enabledAddons: {BBDA0591-3099-440a-AA10-41764D9DB4DB}:11.1.1.5 - 1

FF - prefs.js..extensions.enabledAddons: {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}:2012.7.5.2

FF - user.js - File not found

 

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_4_402_278.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_278.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.122.0: C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.132.0: C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll (ESN Social Software AB)

FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=1.6.0_35: C:\Windows\SysWOW64\npdeployJava1.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~3\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~3\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@ngm.nexoneu.com/NxGame: C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll File not found

FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)

FF - HKCU\Software\MozillaPlugins\@doubletwist.com/NPPodcast: C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation)

FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Marc\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Marc\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)

FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\Marc\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll ()

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Marc\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Marc\AppData\Local\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)

FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin.dll (Amazon.com, Inc.)

 

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn\ [2012.09.28 16:53:53 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPlgn\ [2012.01.14 16:26:35 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\web2pdfextension@web2pdf.adobedotcom: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012.08.16 13:38:34 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.09.25 17:29:05 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 15.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins

FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\mail@gutscheinrausch.de: C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\qmuapb03.default\extensions\mail@gutscheinrausch.de

 

[2012.09.25 17:29:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marc\AppData\Roaming\mozilla\Extensions

[2012.09.25 17:37:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Marc\AppData\Roaming\mozilla\Firefox\Profiles\r28uct31.default\extensions

[2012.09.25 17:37:36 | 000,000,000 | ---D | M] (Flagfox) -- C:\Users\Marc\AppData\Roaming\mozilla\Firefox\Profiles\r28uct31.default\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}

[2012.09.25 17:37:36 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Marc\AppData\Roaming\mozilla\Firefox\Profiles\r28uct31.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}

[2012.09.25 17:37:39 | 000,000,000 | ---D | M] (FoxLingo) -- C:\Users\Marc\AppData\Roaming\mozilla\Firefox\Profiles\r28uct31.default\extensions\{ef62e1ce-d2a4-4cdd-b7ec-92b120366b66}

[2012.09.25 17:37:36 | 000,000,000 | ---D | M] (German Dictionary) -- C:\Users\Marc\AppData\Roaming\mozilla\Firefox\Profiles\r28uct31.default\extensions\de-DE@dictionaries.addons.mozilla.org

[2012.09.25 17:37:36 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Marc\AppData\Roaming\mozilla\Firefox\Profiles\r28uct31.default\extensions\ich@maltegoetz.de

[2012.09.25 17:37:36 | 000,243,287 | ---- | M] () (No name found) -- C:\Users\Marc\AppData\Roaming\mozilla\firefox\profiles\r28uct31.default\extensions\amznUWL2@amazon.com.xpi

[2012.09.25 17:37:36 | 000,011,510 | ---- | M] () (No name found) -- C:\Users\Marc\AppData\Roaming\mozilla\firefox\profiles\r28uct31.default\extensions\youtube2mp3@mondayx.de.xpi

[2012.09.25 17:37:36 | 000,698,867 | ---- | M] () (No name found) -- C:\Users\Marc\AppData\Roaming\mozilla\firefox\profiles\r28uct31.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi

[2012.09.25 17:29:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions

[2012.09.28 16:53:53 | 000,000,000 | ---D | M] (Norton Toolbar) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\COFFPLGN

[2012.01.14 16:26:35 | 000,000,000 | ---D | M] (Norton Vulnerability Protection) -- C:\PROGRAMDATA\NORTON\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\IPSFFPLGN

[2012.09.06 03:26:03 | 000,266,720 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll

[2012.09.06 04:07:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml

[2012.09.06 04:07:37 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml

[2012.09.06 04:07:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml

[2012.09.06 04:07:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml

[2012.09.06 04:07:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml

[2012.09.06 04:07:37 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml

 

O1 HOSTS File: ([2012.07.10 17:21:32 | 000,003,225 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O1 - Hosts: 127.0.0.1 3dns.adobe.com

O1 - Hosts: 127.0.0.1 3dns-1.adobe.com

O1 - Hosts: 127.0.0.1 3dns-2.adobe.com

O1 - Hosts: 127.0.0.1 3dns-3.adobe.com

O1 - Hosts: 127.0.0.1 3dns-4.adobe.com

O1 - Hosts: 127.0.0.1 activate.adobe.com

O1 - Hosts: 127.0.0.1 activate-sea.adobe.com

O1 - Hosts: 127.0.0.1 activate-sea.adobe.com

O1 - Hosts: 127.0.0.1 activate-sjc0.adobe.com

O1 - Hosts: 127.0.0.1 activate.wip.adobe.com

O1 - Hosts: 127.0.0.1 activate.wip1.adobe.com

O1 - Hosts: 127.0.0.1 activate.wip2.adobe.com

O1 - Hosts: 127.0.0.1 activate.wip3.adobe.com

O1 - Hosts: 127.0.0.1 activate.wip4.adobe.com

O1 - Hosts: 127.0.0.1 adobe-dns.adobe.com

O1 - Hosts: 127.0.0.1 adobe-dns-1.adobe.com

O1 - Hosts: 127.0.0.1 adobe-dns-2.adobe.com

O1 - Hosts: 127.0.0.1 adobe-dns-3.adobe.com

O1 - Hosts: 127.0.0.1 adobe-dns-4.adobe.com

O1 - Hosts: 127.0.0.1 crl.verisign.net

O1 - Hosts: 127.0.0.1 CRL.VERISIGN.NET

O1 - Hosts: 127.0.0.1 ood.opsource.net

O1 - Hosts: 127.0.0.1 209-34-83-73.ood.opsource.net

O1 - Hosts: 127.0.0.1 practivate.adobe

O1 - Hosts: 127.0.0.1 practivate.adobe

O1 - Hosts: 57 more lines...

O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\coIEPlg.dll (Symantec Corporation)

O2 - BHO: (PodcastBHO Class) - {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} - C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)

O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\IPS\IPSBHO.DLL (Symantec Corporation)

O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~3\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)

O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)

O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~3\MICROS~2\Office14\URLREDIR.DLL (Microsoft Corporation)

O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\coIEPlg.dll (Symantec Corporation)

O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\coIEPlg.dll (Symantec Corporation)

O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)

O4:64bit: - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [itype] C:\Program Files\Microsoft IntelliType Pro\itype.exe (Microsoft Corporation)

O4:64bit: - HKLM..\Run: [phc710] C:\Windows\vphc710.exe (Sonix)

O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)

O4:64bit: - HKLM..\Run: [snp325] C:\Windows\vsnp325.exe ()

O4 - HKLM..\Run: []  File not found

O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)

O4 - HKLM..\Run: [Adobe Acrobat Speed Launcher] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)

O4 - HKLM..\Run: [FixCamera] C:\Windows\FixCamera.exe ()

O4 - HKLM..\Run: [LifeCam] C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)

O4 - HKLM..\Run: [LogMeIn Hamachi Ui] C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [tsnp325] C:\Windows\tsnp325.exe ()

O4 - HKLM..\Run: [WinampAgent] C:\Program Files (x86)\Winamp\winampa.exe (Nullsoft, Inc.)

O4 - HKCU..\Run: [AdobeBridge]  File not found

O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)

O4 - HKCU..\Run: [Facebook Update] C:\Users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)

O4 - HKLM..\RunOnce: [DES2] C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2.exe ()

O4 - HKLM..\RunOnce: [SDBOK] C:\Program Files (x86)\GIGABYTE\smart6\dbios\run.exe ()

O4 - Startup: C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Marc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

O4 - Startup: C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Desktop.lnk = C:\Program Files (x86)\Facebook Desktop\Facebook Desktop.exe ()

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutorun = 0

O8:64bit: - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8:64bit: - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found

O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)

O8 - Extra context menu item: An OneNote s&enden - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: In Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)

O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 File not found

O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - C:\Programme\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)

O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)

O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)

O9 - Extra Button: ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)

O9 - Extra 'Tools' menuitem : ICQ7.6 - {7644E42D-B096-457F-8B5B-901238FC81AE} - C:\Program Files (x86)\ICQ7.6\ICQ.exe (ICQ, LLC.)

O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16:64bit: - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)

O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)

O16 - DPF: {C8BC46C7-921C-4102-B67D-F1F7E65FB0BE} https://battlefield.play4free.com/static/updater/BP4FUpdater_1.0.53.2.cab (Battlefield Play4Free Updater)

O16 - DPF: {CAFEEFAC-0016-0000-0027-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_27-windows-i586.cab (Java Plug-in 1.6.0_27)

O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)

O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{10F71570-F32B-4796-9EAE-8ECDAD908688}: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{654CC677-78AE-43FA-9C8C-CEEF8BB3CA38}: DhcpNameServer = 192.168.2.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BF4A41BF-FABF-4D9B-BE1F-E1C2EC2E212D}: DhcpNameServer = 192.168.2.1

O18:64bit: - Protocol\Handler\msdaipp - No CLSID value found

O18:64bit: - Protocol\Handler\msdaipp\0x00000001 - No CLSID value found

O18:64bit: - Protocol\Handler\msdaipp\oledb - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found

O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\SYSTEM\OLE DB\msdaipp.dll (Microsoft Corporation)

O18 - Protocol\Handler\ms-help - No CLSID value found

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~3\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)

O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)

O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~3\MICROS~2\Office14\GROOVEEX.DLL (Microsoft Corporation)

O32 - HKLM CDRom: AutoRun - 1

O33 - MountPoints2\{f192303a-c4e4-11e0-a109-1c6f65d978ed}\Shell - "" = AutoRun

O33 - MountPoints2\{f192303a-c4e4-11e0-a109-1c6f65d978ed}\Shell\AutoRun\command - "" = G:\setup.exe

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

 

ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)

ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings

ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install

ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework

ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX:64bit: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig

ActiveX:64bit: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Microsoft VM

ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0

ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework

ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll

ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack

ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE

ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx

ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help

ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6

ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools

ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements

ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player

ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access

ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Webordner

ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7

ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll

ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\SysWOW64\ie4uinit.exe -BaseSettings

ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install

ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding

ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts

ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help

ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface

ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework

ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP

ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\SysWOW64\ie4uinit.exe -UserIconConfig

ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\SysWOW64\rundll32.exe" "C:\Windows\SysWOW64\iedkcs32.dll",BrandIEActiveSetup SIGNUP

 

NetSvcs:64bit: AppMgmt - C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)

 

MsConfig:64bit - StartUpReg: AdobeCS5.5ServiceManager - hkey= - key= -  File not found

MsConfig:64bit - StartUpReg: AdobeCS5ServiceManager - hkey= - key= -  File not found

MsConfig:64bit - StartUpReg: Akamai NetSession Interface - hkey= - key= - C:\Users\Marc\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc)

MsConfig:64bit - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

MsConfig:64bit - StartUpReg: CPMonitor - hkey= - key= - C:\Program Files (x86)\Roxio 2010\5.0\CPMonitor.exe ()

MsConfig:64bit - StartUpReg: Desktop Disc Tool - hkey= - key= - C:\Program Files (x86)\Roxio 2010\Roxio Burn\RoxioBurnLauncher.exe ()

MsConfig:64bit - StartUpReg: KiesPDLR - hkey= - key= - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()

MsConfig:64bit - StartUpReg: KPeerNexonEU - hkey= - key= - C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe (NEXON Inc.)

MsConfig:64bit - StartUpReg: LogMeIn Hamachi Ui - hkey= - key= - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe (LogMeIn Inc.)

MsConfig:64bit - StartUpReg: QuickTime Task - hkey= - key= - C:\Program Files (x86)\QuickTime\QTTask.exe (Apple Inc.)

MsConfig:64bit - StartUpReg: STCAgent - hkey= - key= -  File not found

MsConfig:64bit - StartUpReg: ZyngaGamesAgent - hkey= - key= -  File not found

MsConfig:64bit - State: "bootini" - Reg Error: Key error.

MsConfig:64bit - State: "startup" - Reg Error: Key error.

 

CREATERESTOREPOINT

Restore point Set: OTL Restore Point

 
 ========== Files/Folders - Created Within 30 Days ==========

 

[2012.09.28 15:48:56 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Marc\Desktop\OTL.exe

[2012.09.26 12:03:26 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\OxpsConverter.exe

[2012.09.25 17:29:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Maintenance Service

[2012.09.25 17:29:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox

[2012.09.22 12:25:38 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll

[2012.09.22 12:25:38 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll

[2012.09.22 12:25:37 | 002,312,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll

[2012.09.22 12:25:37 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl

[2012.09.22 12:25:37 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl

[2012.09.22 12:25:37 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll

[2012.09.22 12:25:37 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll

[2012.09.22 12:25:37 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll

[2012.09.22 12:25:37 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll

[2012.09.22 12:25:37 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe

[2012.09.22 12:25:37 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe

[2012.09.22 12:25:36 | 000,816,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll

[2012.09.22 12:25:36 | 000,729,088 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll

[2012.09.22 12:25:36 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll

[2012.09.22 12:25:36 | 000,599,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll

[2012.09.21 18:17:28 | 000,000,000 | -H-D | C] -- C:\ProgramData\{30FA7941-4170-4C83-A9A8-FDF01C431704}

[2012.09.20 20:07:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2012.09.20 20:07:49 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys

[2012.09.20 20:07:12 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2012.09.20 20:07:12 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2012.09.20 20:07:12 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

[2012.09.18 20:59:06 | 000,696,240 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2012.09.18 14:20:29 | 000,073,136 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2012.09.17 19:15:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\edcastASIO

[2012.09.17 18:57:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\edcast

[2012.09.16 21:42:37 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\uTorrent

[2012.09.16 21:41:18 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Roaming\uTorrent

[2012.09.14 15:09:55 | 000,000,000 | ---D | C] -- C:\Users\Marc\Documents\Amazon MP3

[2012.09.14 15:07:23 | 026,228,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll

[2012.09.14 15:07:23 | 025,256,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll

[2012.09.14 15:07:23 | 019,828,584 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll

[2012.09.14 15:07:23 | 017,559,912 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll

[2012.09.14 15:07:23 | 009,066,344 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll

[2012.09.14 15:07:23 | 007,626,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll

[2012.09.14 15:07:23 | 007,397,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll

[2012.09.14 15:07:23 | 006,109,032 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll

[2012.09.14 15:07:23 | 002,745,192 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll

[2012.09.14 15:07:23 | 002,573,672 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll

[2012.09.14 15:07:23 | 002,216,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll

[2012.09.14 15:07:23 | 001,866,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll

[2012.09.14 15:07:23 | 001,482,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll

[2012.09.14 15:07:23 | 000,971,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll

[2012.09.14 15:07:23 | 000,830,312 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll

[2012.09.14 15:07:23 | 000,247,144 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll

[2012.09.14 15:07:23 | 000,202,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll

[2012.09.14 15:07:23 | 000,189,288 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvhda64v.sys

[2012.09.14 15:07:23 | 000,031,080 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvhdap64.dll

[2012.09.12 18:39:52 | 000,041,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\RNDISMP.sys

[2012.09.12 18:39:51 | 000,574,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10level9.dll

[2012.09.12 18:39:50 | 000,376,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\netio.sys

[2012.09.12 18:39:49 | 000,288,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\FWPKCLNT.SYS

[2012.09.11 12:55:05 | 000,000,000 | -HSD | C] -- C:\found.004

[2012.09.08 13:12:57 | 000,477,168 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\npdeployJava1.dll

[2012.09.08 13:12:57 | 000,157,680 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe

[2012.09.08 13:12:57 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe

[2012.09.08 13:12:57 | 000,149,488 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe

[2012.09.08 10:53:28 | 001,579,520 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys

[2012.09.07 16:56:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simfy

[2012.09.07 16:56:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\simfy

[2012.09.06 20:52:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client

[2012.09.06 20:52:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\TeamSpeak 3 Client

[2012.09.04 20:57:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSplit

[2012.09.04 20:57:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SplitMediaLabs

[2012.09.03 15:54:29 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Local\CANON_INC

[2012.09.03 15:50:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities

[2012.09.03 15:50:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Canon

[2012.09.03 15:49:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Canon

[2012.09.03 14:47:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EOS Camera Movie Record

[2012.09.03 14:47:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\eos_movrec

[2012.09.02 21:50:32 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Local\Purplizer

[2012.09.02 21:16:09 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf

[2012.09.02 21:15:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Overwolf

[2012.09.02 21:15:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Overwolf

[2012.09.02 20:59:04 | 000,000,000 | ---D | C] -- C:\Users\Marc\AppData\Local\Overwolf

[2012.09.02 12:23:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi

[2012.09.02 12:23:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LogMeIn Hamachi

[6 C:\Users\Marc\Desktop\*.tmp files -> C:\Users\Marc\Desktop\*.tmp -> ]

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 
 ========== Files - Modified Within 30 Days ==========

 

[2012.09.28 17:02:49 | 000,016,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2012.09.28 17:02:49 | 000,016,768 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2012.09.28 16:58:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1771800032-78958699-3666061034-1000UA.job

[2012.09.28 16:56:13 | 000,001,068 | ---- | M] () -- C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Desktop.lnk

[2012.09.28 16:54:22 | 000,025,640 | ---- | M] (Windows (R) Server 2003 DDK provider) -- C:\Windows\gdrv.sys

[2012.09.28 16:54:07 | 000,001,102 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2012.09.28 16:53:25 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2012.09.28 16:53:19 | 4277,264,383 | -HS- | M] () -- C:\hiberfil.sys

[2012.09.28 16:51:38 | 006,034,724 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat

[2012.09.28 16:51:38 | 002,373,056 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat

[2012.09.28 16:51:38 | 000,768,884 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2012.09.28 16:51:38 | 000,655,070 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2012.09.28 16:51:38 | 000,121,942 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2012.09.28 16:51:30 | 000,768,884 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2012.09.28 16:40:00 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2012.09.28 16:19:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.09.28 15:49:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Marc\Desktop\OTL.exe

[2012.09.28 15:33:00 | 000,001,134 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1771800032-78958699-3666061034-1000UA.job

[2012.09.28 15:33:00 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1771800032-78958699-3666061034-1000Core.job

[2012.09.27 21:58:10 | 000,001,064 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1771800032-78958699-3666061034-1000Core.job

[2012.09.24 19:54:39 | 000,000,132 | ---- | M] () -- C:\Users\Marc\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen

[2012.09.23 16:04:06 | 438,312,960 | ---- | M] () -- C:\Users\Marc\Desktop\Auftritt Blue Diamonds 23-09-2012.MTS

[2012.09.22 21:47:45 | 000,281,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr

[2012.09.22 21:47:45 | 000,281,520 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2012.09.22 21:47:30 | 000,280,904 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0

[2012.09.21 15:22:49 | 000,696,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe

[2012.09.21 15:22:49 | 000,073,136 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

[2012.09.20 20:07:53 | 000,001,792 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2012.09.18 18:17:46 | 000,001,611 | ---- | M] () -- C:\Users\Marc\AppData\Roaming\buttrc

[2012.09.18 17:51:25 | 000,001,040 | ---- | M] () -- C:\Users\Marc\Desktop\EdcastStandalone.lnk

[2012.09.16 20:46:30 | 855,678,175 | ---- | M] () -- C:\Windows\MEMORY.DMP

[2012.09.09 19:57:23 | 000,007,660 | ---- | M] () -- C:\Users\Marc\AppData\Local\Resmon.ResmonCfg

[2012.09.08 13:12:30 | 000,477,168 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\npdeployJava1.dll

[2012.09.08 13:12:30 | 000,473,072 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\deployJava1.dll

[2012.09.08 13:12:30 | 000,157,680 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaws.exe

[2012.09.08 13:12:30 | 000,149,488 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\javaw.exe

[2012.09.08 13:12:30 | 000,149,488 | ---- | M] (Sun Microsystems, Inc.) -- C:\Windows\SysWow64\java.exe

[2012.09.06 20:52:21 | 000,001,171 | ---- | M] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk

[2012.09.03 15:50:26 | 000,001,076 | ---- | M] () -- C:\Users\Public\Desktop\EOS Utility.lnk

[2012.08.31 16:38:55 | 000,344,187 | ---- | M] () -- C:\Users\Marc\Desktop\4437215_t201209047.pdf

[2012.08.30 21:14:00 | 026,228,072 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll

[2012.08.30 21:14:00 | 025,256,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll

[2012.08.30 21:14:00 | 019,828,584 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll

[2012.08.30 21:14:00 | 018,229,096 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll

[2012.08.30 21:14:00 | 017,559,912 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll

[2012.08.30 21:14:00 | 015,291,752 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll

[2012.08.30 21:14:00 | 014,879,080 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll

[2012.08.30 21:14:00 | 012,465,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll

[2012.08.30 21:14:00 | 009,066,344 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll

[2012.08.30 21:14:00 | 007,626,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll

[2012.08.30 21:14:00 | 007,397,736 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll

[2012.08.30 21:14:00 | 006,109,032 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll

[2012.08.30 21:14:00 | 002,745,192 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll

[2012.08.30 21:14:00 | 002,725,224 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll

[2012.08.30 21:14:00 | 002,573,672 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll

[2012.08.30 21:14:00 | 002,422,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll

[2012.08.30 21:14:00 | 002,216,808 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll

[2012.08.30 21:14:00 | 001,866,088 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll

[2012.08.30 21:14:00 | 001,760,104 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco64.dll

[2012.08.30 21:14:00 | 001,482,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco64.dll

[2012.08.30 21:14:00 | 000,971,624 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll

[2012.08.30 21:14:00 | 000,830,312 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll

[2012.08.30 21:14:00 | 000,247,144 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll

[2012.08.30 21:14:00 | 000,202,600 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll

[2012.08.30 21:14:00 | 000,016,366 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb

[2012.08.30 18:18:05 | 002,557,800 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll

[2012.08.30 18:18:05 | 000,118,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll

[2012.08.30 18:18:05 | 000,063,336 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll

[2012.08.30 18:18:04 | 003,487,434 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin

[2012.08.30 18:18:01 | 003,266,920 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll

[2012.08.30 18:17:59 | 006,198,120 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll

[2012.08.30 10:40:14 | 000,429,416 | ---- | M] () -- C:\Windows\SysWow64\nvStreaming.exe

[6 C:\Users\Marc\Desktop\*.tmp files -> C:\Users\Marc\Desktop\*.tmp -> ]

[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

 
 ========== Files Created - No Company Name ==========

 

[2012.09.25 17:29:08 | 000,001,151 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

[2012.09.24 21:53:51 | 000,001,116 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1771800032-78958699-3666061034-1000UA.job

[2012.09.24 21:53:50 | 000,001,064 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1771800032-78958699-3666061034-1000Core.job

[2012.09.24 21:49:13 | 438,312,960 | ---- | C] () -- C:\Users\Marc\Desktop\Auftritt Blue Diamonds 23-09-2012.MTS

[2012.09.22 11:06:33 | 000,001,106 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Content Viewer.lnk

[2012.09.22 11:05:49 | 000,001,539 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk

[2012.09.20 20:07:53 | 000,001,792 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2012.09.18 20:59:07 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2012.09.17 19:15:48 | 000,001,040 | ---- | C] () -- C:\Users\Marc\Desktop\EdcastStandalone.lnk

[2012.09.06 20:52:21 | 000,001,171 | ---- | C] () -- C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk

[2012.09.06 20:48:10 | 855,678,175 | ---- | C] () -- C:\Windows\MEMORY.DMP

[2012.09.03 15:50:26 | 000,001,076 | ---- | C] () -- C:\Users\Public\Desktop\EOS Utility.lnk

[2012.08.31 16:38:54 | 000,344,187 | ---- | C] () -- C:\Users\Marc\Desktop\4437215_t201209047.pdf

[2012.08.30 10:40:14 | 000,429,416 | ---- | C] () -- C:\Windows\SysWow64\nvStreaming.exe

[2012.08.21 19:04:51 | 000,768,884 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI

[2012.08.19 19:26:26 | 000,000,132 | ---- | C] () -- C:\Users\Marc\AppData\Roaming\Adobe CS6-PNG-Format - Voreinstellungen

[2012.08.11 21:09:57 | 000,020,480 | ---- | C] () -- C:\Windows\FixCamera.exe

[2012.08.11 21:09:50 | 000,835,584 | ---- | C] () -- C:\Windows\vsnp325.exe

[2012.08.11 21:09:50 | 000,270,336 | ---- | C] () -- C:\Windows\tsnp325.exe

[2012.08.11 21:09:50 | 000,015,498 | ---- | C] () -- C:\Windows\snp325.ini

[2012.08.11 21:09:49 | 000,147,456 | ---- | C] ( ) -- C:\Windows\SysWow64\rsnp325.dll

[2012.08.11 21:09:49 | 000,057,344 | ---- | C] ( ) -- C:\Windows\SysWow64\vsnp325.dll

[2012.08.11 21:09:49 | 000,053,248 | ---- | C] ( ) -- C:\Windows\SysWow64\csnp325.dll

[2012.06.07 03:45:28 | 000,007,660 | ---- | C] () -- C:\Users\Marc\AppData\Local\Resmon.ResmonCfg

[2012.03.23 19:45:05 | 000,005,632 | ---- | C] () -- C:\Users\Marc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

[2012.03.16 19:39:42 | 000,000,132 | ---- | C] () -- C:\Users\Marc\AppData\Roaming\Adobe AIFF Format CS5 Prefs

[2012.02.25 15:03:05 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll

[2012.02.12 18:06:18 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat

[2012.01.18 06:44:00 | 010,920,984 | ---- | C] () -- C:\Windows\SysWow64\LogiDPP.dll

[2012.01.18 06:44:00 | 000,336,408 | ---- | C] () -- C:\Windows\SysWow64\DevManagerCore.dll

[2012.01.18 06:44:00 | 000,104,472 | ---- | C] () -- C:\Windows\SysWow64\LogiDPPApp.exe

[2012.01.13 20:42:06 | 000,338,432 | ---- | C] () -- C:\Windows\SysWow64\sqlite36_engine.dll

[2011.12.30 15:12:37 | 000,000,032 | ---- | C] () -- C:\Users\Marc\.simfy

[2011.12.08 21:26:35 | 000,819,200 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll

[2011.12.08 21:26:35 | 000,180,224 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll

[2011.10.28 20:29:00 | 000,001,611 | ---- | C] () -- C:\Users\Marc\AppData\Roaming\buttrc

[2011.10.09 18:59:15 | 000,120,200 | ---- | C] () -- C:\Windows\SysWow64\DLLDEV32i.dll

[2011.09.01 19:10:44 | 000,000,425 | ---- | C] () -- C:\Windows\BRWMARK.INI

[2011.09.01 19:10:44 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI

[2011.07.17 18:40:46 | 000,000,132 | ---- | C] () -- C:\Users\Marc\AppData\Roaming\Adobe PNG Format CS5 Prefs

[2011.07.06 19:57:48 | 000,030,528 | ---- | C] () -- C:\Windows\GVTDrv64.sys

[2011.07.06 19:49:06 | 000,008,192 | ---- | C] () -- C:\Windows\SysWow64\drivers\IntelMEFWVer.dll

[2011.07.06 19:38:49 | 000,000,010 | ---- | C] () -- C:\Windows\GSetup.ini

[2011.05.24 12:00:44 | 000,001,057 | ---- | C] () -- C:\Users\Marc\AppData\Roaming\vso_ts_preview.xml

[2011.04.27 14:19:32 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe

[2011.04.27 14:19:30 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll

[2011.04.27 14:19:30 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll

[2011.04.27 14:19:30 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll

[2011.04.27 14:19:30 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll

[2011.04.21 16:05:03 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\Access.dat

[2011.04.08 15:51:13 | 000,281,520 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe

[2011.04.08 15:51:05 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe

[2011.04.07 21:11:10 | 000,000,400 | ---- | C] () -- C:\Windows\ODBC.INI

[2011.04.07 20:45:03 | 000,015,488 | ---- | C] () -- C:\Windows\phc710.ini

 
 ========== ZeroAccess Check ==========

 

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

 

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

 

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

 

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

 

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

 
 ========== LOP Check ==========

 

[2012.09.04 22:17:25 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\.minecraft

[2012.07.11 12:30:55 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\.Nitrous

[2012.04.03 16:26:27 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Ableton

[2012.01.02 15:21:33 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Amazon

[2012.01.02 15:21:33 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\AnvSoft

[2012.01.02 15:21:55 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\BeatportDownloader.EE670286545758FAB4A69D4439CF6054F83E0AC2.1

[2012.01.02 15:21:55 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Clonk Rage

[2012.01.02 15:21:55 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

[2012.08.01 12:19:56 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\com.beatport.BeatportDownloader

[2012.01.02 15:21:55 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\com.facebookdesktop.app

[2012.02.09 20:06:45 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\DAEMON Tools Lite

[2012.01.13 21:16:30 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\DesktopIconForAmazon

[2012.01.02 15:21:55 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\dreamload

[2012.09.28 16:56:23 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Dropbox

[2012.07.05 22:33:35 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\EurekaLog

[2012.08.21 19:10:04 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\FFsplit

[2012.09.24 19:42:13 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\FileZilla

[2012.09.11 18:57:06 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\ICQ

[2012.03.13 19:58:02 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Kores

[2012.01.02 15:22:20 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Leadertech

[2012.01.02 15:22:23 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\MAGIX

[2012.04.15 15:57:28 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\ManyCam

[2012.08.17 01:56:31 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\MAXON

[2012.03.13 21:24:34 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\michaelkaesper.de Software

[2012.09.14 15:48:20 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Mp3tag

[2012.08.12 01:34:29 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Origin

[2012.09.16 22:06:34 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\PACE Anti-Piracy

[2012.09.23 21:29:04 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\PhotoScape

[2012.01.02 15:22:34 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\ResourceCentral.E6E1B28A311BC518DB6C6883EA3757FDE0E90ADC.1

[2012.01.02 15:22:34 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Samsung

[2012.01.02 15:22:38 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Simfy

[2012.01.02 15:22:44 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Simple Star

[2012.03.23 19:45:04 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Solveig Multimedia

[2012.07.05 20:01:06 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Splashtop

[2012.04.15 15:55:58 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\SplitMediaLabs

[2012.01.02 15:22:44 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

[2012.01.02 15:22:47 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Steinberg

[2012.01.02 15:22:47 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\TeamViewer

[2012.01.02 15:22:47 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Tific

[2012.08.06 23:32:08 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\TS3Client

[2012.03.16 18:57:56 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\ts3overlay

[2012.01.02 15:22:47 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Tunngle

[2012.01.02 15:22:47 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\URSoft

[2012.09.20 21:05:17 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\UseNeXT

[2012.09.16 22:10:00 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\uTorrent

[2012.07.11 13:46:44 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\Vso

[2012.01.02 15:22:48 | 000,000,000 | ---D | M] -- C:\Users\Marc\AppData\Roaming\wargaming.net

 
 ========== Purity Check ==========

 

 

 
 ========== Custom Scans ==========

 
 < %SYSTEMDRIVE%\*. >

[2012.01.27 19:33:40 | 000,000,000 | -HSD | M] -- C:\$RECYCLE.BIN

[2012.02.18 15:02:33 | 000,000,000 | -HSD | M] -- C:\Boot

[2012.09.28 16:51:53 | 000,000,000 | -HSD | M] -- C:\Config.Msi

[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings

[2011.03.27 15:38:04 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen

[2011.04.08 14:04:58 | 000,000,000 | ---D | M] -- C:\dreamloaddata

[2011.10.03 22:27:52 | 000,000,000 | -HSD | M] -- C:\found.000

[2011.10.03 22:27:52 | 000,000,000 | -HSD | M] -- C:\found.001

[2011.10.03 22:27:52 | 000,000,000 | -HSD | M] -- C:\found.002

[2012.08.04 16:30:23 | 000,000,000 | -HSD | M] -- C:\found.003

[2012.09.11 12:55:05 | 000,000,000 | -HSD | M] -- C:\found.004

[2012.08.06 21:44:44 | 000,000,000 | ---D | M] -- C:\Fraps

[2011.11.22 19:59:20 | 000,000,000 | ---D | M] -- C:\Games

[2012.04.08 23:04:47 | 000,000,000 | ---D | M] -- C:\GTA SanAndreas

[2011.07.06 19:41:45 | 000,000,000 | ---D | M] -- C:\Intel

[2012.07.05 22:38:36 | 000,000,000 | RH-D | M] -- C:\MSOCache

[2012.04.04 21:07:39 | 000,000,000 | ---D | M] -- C:\Nexon

[2012.05.21 19:05:07 | 000,000,000 | ---D | M] -- C:\NVIDIA

[2009.07.14 05:20:08 | 000,000,000 | ---D | M] -- C:\PerfLogs

[2012.09.20 20:07:12 | 000,000,000 | R--D | M] -- C:\Program Files

[2012.09.25 17:29:07 | 000,000,000 | R--D | M] -- C:\Program Files (x86)

[2012.09.21 18:17:28 | 000,000,000 | -H-D | M] -- C:\ProgramData

[2012.01.02 01:40:26 | 000,000,000 | ---D | M] -- C:\ProgramData (0)

[2011.03.27 15:38:04 | 000,000,000 | -HSD | M] -- C:\Programme

[2012.01.02 15:58:15 | 000,000,000 | -HSD | M] -- C:\Recovery

[2012.09.28 17:17:49 | 000,000,000 | -HSD | M] -- C:\System Volume Information

[2012.09.14 15:08:23 | 000,000,000 | ---D | M] -- C:\Temp

[2012.04.02 20:52:08 | 000,000,000 | R--D | M] -- C:\Users

[2012.09.22 11:12:02 | 000,000,000 | ---D | M] -- C:\Windows

 
 < %PROGRAMFILES%\*.exe >

 
 < %LOCALAPPDATA%\*.exe >

 
 < %systemroot%\*. /mp /s >

 
 < C:\Windows\system32\*.tsp >

[2009.07.14 03:14:11 | 000,030,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\hidphone.tsp

[2009.07.14 03:14:11 | 000,038,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\kmddsp.tsp

[2009.07.14 03:14:11 | 000,050,688 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\ndptsp.tsp

[2009.07.14 03:14:11 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\remotesp.tsp

[2010.11.21 05:23:55 | 000,281,088 | ---- | M] (Microsoft Corporation) -- C:\Windows\system32\unimdm.tsp

[2009.07.14 07:08:49 | 000,000,006 | -H-- | C] () -- C:\Windows\Tasks\SA.DAT

[2009.07.14 07:08:49 | 000,028,602 | ---- | C] () -- C:\Windows\Tasks\SCHEDLGU.TXT

[2011.09.20 21:00:07 | 000,001,112 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1771800032-78958699-3666061034-1000Core.job

[2011.09.20 21:00:08 | 000,001,134 | ---- | C] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1771800032-78958699-3666061034-1000UA.job

[2011.10.13 21:33:34 | 000,001,102 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

[2011.10.13 21:33:35 | 000,001,106 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

[2012.09.18 20:59:07 | 000,000,884 | ---- | C] () -- C:\Windows\Tasks\Adobe Flash Player Updater.job

[2012.09.24 21:53:50 | 000,001,064 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1771800032-78958699-3666061034-1000Core.job

[2012.09.24 21:53:51 | 000,001,116 | ---- | C] () -- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1771800032-78958699-3666061034-1000UA.job

 
 < MD5 for: AGP440.SYS  >

[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\drivers\AGP440.sys

[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\SysNative\DriverStore\FileRepository\machine.inf_amd64_neutral_a2f120466549d68b\AGP440.sys

[2009.07.14 03:52:21 | 000,061,008 | ---- | M] (Microsoft Corporation) MD5=608C14DBA7299D8CB6ED035A68A15799 -- C:\Windows\winsxs\amd64_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_1838f2aad55063bb\AGP440.sys

 
 < MD5 for: ATAPI.SYS  >

[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\drivers\atapi.sys

[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\SysNative\DriverStore\FileRepository\mshdc.inf_amd64_neutral_aad30bdeec04ea5e\atapi.sys

[2009.07.14 03:52:21 | 000,024,128 | ---- | M] (Microsoft Corporation) MD5=02062C0B390B7729EDC9E69C680A6F3C -- C:\Windows\winsxs\amd64_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_3b5e2d89382958dd\atapi.sys

 
 < MD5 for: CNGAUDIT.DLL  >

[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\SysWOW64\cngaudit.dll

[2009.07.14 03:15:06 | 000,012,288 | ---- | M] (Microsoft Corporation) MD5=50BA656134F78AF64E4DD3C8B6FEFD7E -- C:\Windows\winsxs\x86_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_e83a414890e8132b\cngaudit.dll

[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\SysNative\cngaudit.dll

[2009.07.14 03:40:20 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=86FE1B1F8FD42CD0DB641AB1CDB13093 -- C:\Windows\winsxs\amd64_microsoft-windows-cngaudit-dll_31bf3856ad364e35_6.1.7600.16385_none_4458dccc49458461\cngaudit.dll

 
 < MD5 for: EXPLORER.EXE  >

[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe

[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe

[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe

[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe

[2010.11.21 05:24:25 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe

[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe

[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe

[2010.11.21 05:24:11 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe

 
 < MD5 for: IASTORV.SYS  >

[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_668286aa35d55928\iaStorV.sys

[2010.11.21 05:23:47 | 000,410,496 | ---- | M] (Intel Corporation) MD5=3DF4395A7CF8B7A72A5F4606366B8C2D -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17514_none_0d3757e79e6784d0\iaStorV.sys

[2011.03.11 08:19:16 | 000,410,496 | ---- | M] (Intel Corporation) MD5=5B3DE7208E5000D5B451B9D290D2579C -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.21680_none_0d714416b7c182d5\iaStorV.sys

[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\drivers\iaStorV.sys

[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\SysNative\DriverStore\FileRepository\iastorv.inf_amd64_neutral_0bcee2057afcc090\iaStorV.sys

[2011.03.11 08:41:26 | 000,410,496 | ---- | M] (Intel Corporation) MD5=AAAF44DB3BD0B9D1FB6969B23ECC8366 -- C:\Windows\winsxs\amd64_iastorv.inf_31bf3856ad364e35_6.1.7601.17577_none_0cf9793d9e95787b\iaStorV.sys

 
 < MD5 for: NETLOGON.DLL  >

[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\SysNative\netlogon.dll

[2010.11.21 05:24:01 | 000,695,808 | ---- | M] (Microsoft Corporation) MD5=AA339DD8BB128EF66660DFBBB59043D3 -- C:\Windows\winsxs\amd64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_5bddbcb24e997298\netlogon.dll

[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SysWOW64\netlogon.dll

[2010.11.21 05:24:09 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\winsxs\wow64_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_6632670482fa3493\netlogon.dll

 
 < MD5 for: NVSTOR.SYS  >

[2011.03.11 08:19:21 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=D23C7E8566DA2B8A7C0DBBB761D54888 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_983ab4c5eef82cad\nvstor.sys

[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\drivers\nvstor.sys

[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_0276fc3b3ea60d41\nvstor.sys

[2011.03.11 08:41:34 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=DAB0E87525C10052BF65F06152F37E4A -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_97c2e9ecd5cc2253\nvstor.sys

[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\SysNative\DriverStore\FileRepository\nvraid.inf_amd64_neutral_dd659ed032d28a14\nvstor.sys

[2010.11.21 05:23:47 | 000,166,272 | ---- | M] (NVIDIA Corporation) MD5=F7CD50FE7139F07E77DA8AC8033D1832 -- C:\Windows\winsxs\amd64_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_9800c896d59e2ea8\nvstor.sys

 
 < MD5 for: SCECLI.DLL  >

[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\SysWOW64\scecli.dll

[2010.11.21 05:23:54 | 000,175,616 | ---- | M] (Microsoft Corporation) MD5=8124944EC89D6A1815E4E53F5B96AAF4 -- C:\Windows\winsxs\wow64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_a088921d241bbb4e\scecli.dll

[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\SysNative\scecli.dll

[2010.11.21 05:24:32 | 000,232,960 | ---- | M] (Microsoft Corporation) MD5=ED78427259134C63ED69804D2132B86C -- C:\Windows\winsxs\amd64_microsoft-windows-s..urationengineclient_31bf3856ad364e35_6.1.7601.17514_none_9633e7caefbaf953\scecli.dll

 
 < MD5 for: USER32.DLL  >

[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\SysWOW64\user32.dll

[2010.11.21 05:24:20 | 000,833,024 | ---- | M] (Microsoft Corporation) MD5=5E0DB2D8B2750543CD2EBB9EA8E6CDD3 -- C:\Windows\winsxs\wow64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_35b31c02b85ccb6e\user32.dll

[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\SysNative\user32.dll

[2010.11.21 05:24:09 | 001,008,128 | ---- | M] (Microsoft Corporation) MD5=FE70103391A64039A921DBFFF9C7AB1B -- C:\Windows\winsxs\amd64_microsoft-windows-user32_31bf3856ad364e35_6.1.7601.17514_none_2b5e71b083fc0973\user32.dll

 
 < MD5 for: USERINIT.EXE  >

[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe

[2010.11.21 05:23:55 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe

[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe

[2010.11.21 05:24:28 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe

 
 < MD5 for: WINLOGON.EXE  >

[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\SysNative\winlogon.exe

[2010.11.21 05:24:29 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe

 
 < MD5 for: WS2IFSL.SYS  >

[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\SysNative\drivers\ws2ifsl.sys

[2009.07.14 02:10:33 | 000,021,504 | ---- | M] (Microsoft Corporation) MD5=6BCC1D7D2FD2453957C5479A32364E52 -- C:\Windows\winsxs\amd64_microsoft-windows-w..rastructure-ws2ifsl_31bf3856ad364e35_6.1.7600.16385_none_ab7b927be17eace8\ws2ifsl.sys

 
 < %systemroot%\system32\drivers\*.sys /lockedfiles >

 
 < %systemroot%\System32\config\*.sav >

 
 < %systemroot%\system32\*.dll /lockedfiles >

[2009.07.14 03:15:21 | 000,462,848 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\system32\FirewallAPI.dll

 
 < %USERPROFILE%\*.* >

[2011.12.30 15:12:37 | 000,000,032 | ---- | M] () -- C:\Users\Marc\.simfy

[2012.09.28 17:27:13 | 006,291,456 | -H-- | M] () -- C:\Users\Marc\NTUSER.DAT

[2012.09.28 17:27:13 | 000,262,144 | -HS- | M] () -- C:\Users\Marc\ntuser.dat.LOG1

[2012.09.11 14:20:05 | 000,262,144 | -HS- | M] () -- C:\Users\Marc\ntuser.dat.LOG2

[2012.01.02 14:55:18 | 000,065,536 | -HS- | M] () -- C:\Users\Marc\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TM.blf

[2012.01.02 14:55:18 | 000,524,288 | -HS- | M] () -- C:\Users\Marc\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000001.regtrans-ms

[2012.01.02 14:55:18 | 000,524,288 | -HS- | M] () -- C:\Users\Marc\NTUSER.DAT{016888bd-6c6f-11de-8d1d-001e0bcde3ec}.TMContainer00000000000000000002.regtrans-ms

[2012.07.05 19:26:17 | 000,065,536 | -HS- | M] () -- C:\Users\Marc\NTUSER.DAT{e88df6ce-c6c5-11e1-be35-1c6f65d978ed}.TM.blf

[2012.07.05 19:26:17 | 000,524,288 | -HS- | M] () -- C:\Users\Marc\NTUSER.DAT{e88df6ce-c6c5-11e1-be35-1c6f65d978ed}.TMContainer00000000000000000001.regtrans-ms

[2012.07.05 19:26:17 | 000,524,288 | -HS- | M] () -- C:\Users\Marc\NTUSER.DAT{e88df6ce-c6c5-11e1-be35-1c6f65d978ed}.TMContainer00000000000000000002.regtrans-ms

[2012.01.02 15:58:21 | 000,000,020 | -HS- | M] () -- C:\Users\Marc\ntuser.ini

 
 < %USERPROFILE%\Local Settings\Temp\*.exe >

 
 < %USERPROFILE%\Local Settings\Temp\*.dll >

 
 < %USERPROFILE%\Application Data\*.exe >

 
 < HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems|Windows /rs >

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Required: DebugWindows [binary data]

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems\\Windows: %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

 
 <           >

 
 ========== Alternate Data Streams ==========

 

@Alternate Data Stream - 173 bytes -> C:\ProgramData\TEMP:1CE11B51

@Alternate Data Stream - 1176 bytes -> C:\Users\Marc\AppData\Local\Temp:JqXJqIvCPi0Drr1yrX0QK
 

< End of report >

--- --- ---

[/CODE]

Mfg Marc

und noch die Extra Log:
OTL EXTRAS Logfile:

Code:

OTL Extras logfile created on: 28.09.2012 16:58:35 - Run 1

OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Marc\Desktop

64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.0.8112.16421)

Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

 

7,98 Gb Total Physical Memory | 6,09 Gb Available Physical Memory | 76,29% Memory free

15,97 Gb Paging File | 13,92 Gb Available in Paging File | 87,18% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

 

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 465,66 Gb Total Space | 67,47 Gb Free Space | 14,49% Space Free | Partition Type: NTFS

Drive E: | 1000,00 Gb Total Space | 104,51 Gb Free Space | 10,45% Space Free | Partition Type: NTFS

Drive H: | 100,00 Mb Total Space | 84,72 Mb Free Space | 84,73% Space Free | Partition Type: NTFS

Drive I: | 863,01 Gb Total Space | 828,46 Gb Free Space | 96,00% Space Free | Partition Type: NTFS

Drive K: | 931,51 Gb Total Space | 441,21 Gb Free Space | 47,36% Space Free | Partition Type: NTFS

 

Computer Name: MARC-PC | User Name: Marc | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

 
 ========== Extra Registry (SafeList) ==========

 

 
 ========== File Associations ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

 

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]

.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

 
 ========== Shell Spawning ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)

Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)

Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()

Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()

Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)

Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)

Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

 
 ========== Security Center Settings ==========

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01  [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

 
 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

 
 ========== Firewall Settings ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

"DoNotAllowExceptions" = 0

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

 
 ========== Authorized Applications List ==========

 

 
 ========== Vista Active Open Ports Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{03454EF3-940B-4E41-B970-42007DA148AE}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{096D4551-B184-452C-A4AA-DED3CC6F21EF}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{0A2BABE6-2F33-49A4-96F8-7175D16D7B3D}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{1A6DFC10-8D9A-4598-893B-FDDB07187109}" = lport=999 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 

"{33C2F5AC-EC49-4E65-9630-9CF1F589FAAC}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office14\outlook.exe | 

"{41F76671-D0C7-4FFD-8A72-E3288F347F68}" = lport=5678 | protocol=6 | dir=in | app=%systemroot%\windowsmobile\wmdhost.exe | 

"{47E5E01C-E439-43FD-865D-144D06ACC32B}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 

"{54498819-7E23-40F6-BF62-EC38F6DC03E5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{567AF1CC-F4DC-4D9C-866A-71DBD3647561}" = lport=5721 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 

"{5F23B0A9-C70F-40BC-BCAF-7E266AC5C698}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{755D4E5A-5EB4-4CF2-A67B-F4DACB1A6DA2}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{82326F72-D59E-4CDE-86D4-783F9590253E}" = rport=5679 | protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 

"{895BC069-F116-4536-8FEE-BAB1ACC6C4EA}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 

"{9DA73957-4C6F-4B5D-A2BC-3A19C2EE8019}" = lport=26675 | protocol=6 | dir=in | name=@%systemroot%\windowsmobile\wmdcbase.exe,-4006 | 

"{AB524504-EFC6-4A67-B249-B1773E405BD0}" = lport=990 | protocol=6 | dir=in | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 

"{B9A93537-FBA5-4A4E-ABD7-141BF3806DAA}" = rport=10243 | protocol=6 | dir=out | app=system | 

"{BC5F015B-399C-4355-8E6A-3D542077B7C2}" = rport=2869 | protocol=6 | dir=out | app=system | 

"{D19EDBA5-F305-4C04-A5C2-D235224F84AA}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 

"{D58BFD18-A6E4-4BEB-87AD-099D01502B86}" = lport=10243 | protocol=6 | dir=in | app=system | 

"{D9D46F43-96AC-4592-B5B6-DCA7E2402D9A}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 

"{DC24A4DC-0900-4B76-8638-E1E861F5F17E}" = lport=2869 | protocol=6 | dir=in | app=system | 

"{EFE38879-8D26-4D44-B3EE-175D38703F34}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 

"{F1BC0C36-61EF-4777-9395-D6AB935CC998}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 

"{F3E37ABD-2979-4650-8384-83EB9993BE55}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 

 
 ========== Vista Active Application Exception List ==========

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{02C8B788-496D-4AD9-8EB3-733CA608A040}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe | 

"{065A42C0-4E63-401F-9AC4-82E3759105CE}" = protocol=6 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | 

"{09E2D412-9D59-4B9F-97A6-7FF9B2D65135}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | 

"{0A48876A-3553-4AC3-ABFE-B7869D2F7333}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{0C834B37-5360-4CE8-A059-F59C8C5A9F84}" = protocol=17 | dir=in | app=c:\program files (x86)\radio toolbox\rtb.exe | 

"{0CF10902-D13C-4240-8B42-5ED7B5A95A47}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer_service.exe | 

"{0D6EEA6F-7F29-4836-9D6F-7DB688FA7BF0}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe | 

"{1494F9CD-39BC-4BB6-A075-50B990D81028}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 

"{1AE6153E-5363-4A66-BC78-E80F9413D9BF}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | 

"{1EAE22CC-382D-4596-9D73-28543E94039A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 

"{1F3FAA14-E59B-488B-AEC6-811298D45349}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe | 

"{20B3C73A-23B3-4151-A403-7D3B2B69B56B}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 

"{20C1AD6F-47F1-4F2E-BFE9-CC72908315A7}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe | 

"{22A1E82E-3F58-4DE0-A193-D90068FF9EAD}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifecam.exe | 

"{2CB31AD8-8F4E-48CF-B4C4-3C27DE0489AA}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 

"{2D1EC30E-A755-4272-A433-1E0C85710CE3}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe | 

"{2DF5DA93-30D8-4504-9BE9-9F58065C13CB}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 

"{36061B54-17D7-4AE1-AB9C-21A6FBFD939E}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | 

"{37F38554-7C1D-43E9-9FA6-D7F1C38083C7}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe | 

"{38D92F4C-113C-486C-81A4-ED27A7751426}" = protocol=17 | dir=in | app=c:\program files (x86)\utorrent\utorrent.exe | 

"{3AC903EF-30E6-49CD-94DF-F39504791447}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 

"{46E28280-59E9-40D6-B365-C989461D8942}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | 

"{470ECEE2-255C-4253-A859-29DCAF91FF8E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{4A3835D5-27CC-4049-BADD-84096CA05CC3}" = protocol=17 | dir=in | app=c:\users\marc\appdata\roaming\dropbox\bin\dropbox.exe | 

"{4B513041-4F3F-4DEA-A9A8-5D9C62E8F963}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | 

"{4DA6213E-0465-4102-AC4A-A079B71E0141}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 3\bf3.exe | 

"{5270A2E3-4AE3-4AD5-9314-46595D5394D5}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 

"{5A602974-89EA-4E35-8C94-98730194DD45}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | 

"{5AB3C9BA-EFCC-4BC2-9AB6-BFECC6CEE988}" = protocol=6 | dir=in | app=c:\program files (x86)\radio toolbox\rtb.exe | 

"{5C9C7615-0E66-4A18-B5CE-FE8EE66C83A4}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 

"{5DB0219C-8FF2-46AB-867B-45C4C134E9D0}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe | 

"{5E55B214-58F4-41AC-97EC-F2B50DC5A5A2}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe | 

"{5F4F42E3-D28B-4B4A-9D0C-580D8EA74380}" = protocol=6 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 

"{6103E926-6E4C-4A7D-9FB7-FBA15A9B10D6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe | 

"{659C729D-4247-4A4C-9C4C-8930FA626D14}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 

"{6674CE9E-3140-48A8-BCB8-0D5CABBA8971}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | 

"{66EAD6E8-9CE8-48C3-8978-D34FF53A3C0F}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe | 

"{681AE765-6BEF-4B09-9608-1D7D6B0DECF6}" = dir=in | app=c:\users\marc\appdata\local\facebook\video\skype\facebookvideocalling.exe | 

"{69E4B8DF-33AB-4B90-8ADE-53F02C101A97}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 

"{719455A9-3DC2-487A-8503-0C3D2272A859}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe | 

"{744943E7-65F4-47A0-A942-94D5C1A4FB9B}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shoot many robots\shootmanyrobots\binaries\shootmanyrobots.exe | 

"{78E1B704-0D83-48F2-8229-8AB7A823F20C}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe | 

"{7B6CB47E-1540-4F86-818A-45B6F22AC1AC}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe | 

"{7E404DE1-9557-45C9-87E3-5B83D6E75C2F}" = protocol=6 | dir=in | app=c:\users\marc\appdata\roaming\dropbox\bin\dropbox.exe | 

"{80CA8B7B-40A2-4B1C-AD15-83616991CCA5}" = protocol=17 | dir=in | app=c:\program files (x86)\codemasters\of dragon rising\ofdr.exe | 

"{827AD8FB-2012-419F-815D-A1268A25E34D}" = dir=out | app=%systemdrive%\games\world_of_tanks\worldoftanks.exe | 

"{84DC9E8F-A88B-4088-96B3-9652999F766B}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe | 

"{8CD7E03B-252E-468A-9948-0BAC0D817D75}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe | 

"{8EBB04B6-1934-4B04-98E5-4738718C4E12}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 

"{91FDBA21-4B7F-44A3-AEC9-E9FAFF3AA593}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sanctum\binaries\win32\sanctumgame-win32-shipping.exe | 

"{948092FD-AF41-4576-A2BC-156E27FB8A90}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe | 

"{9670DE21-D578-47FF-ACB8-279FFFB8DFA2}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\portal 2\portal2.exe | 

"{9673EAA2-F096-4EBE-A34A-1D2EFD69B8AB}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | 

"{98D799CF-50FB-4AE6-B11B-29E7D2FBA03B}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | 

"{99CAC734-BBA6-4482-8230-086E50657A3D}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe | 

"{9ACD77F7-3843-4F95-AA84-3EEBAB9C3322}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 

"{A319450C-AC5B-4805-BD80-64AA48AAE415}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | 

"{A37566EC-5087-4CD7-8310-5815D0347174}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 

"{A4F3A4D8-BBD7-419A-90E5-2509A1D5C7BC}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version7\teamviewer.exe | 

"{A95274C2-A254-4A81-AC3D-57F701E0E760}" = protocol=17 | dir=in | app=c:\users\marc\appdata\local\akamai\netsession_win.exe | 

"{AE14C40C-D941-4538-B6C5-56CCF84364F7}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 

"{AF44D805-4278-4732-B694-0AD28CC0D57D}" = protocol=6 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | 

"{B1102DE9-FA78-47F3-BABC-A32627773F48}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe | 

"{B56C6AFC-57D7-4FE2-8C3C-82798A972D1D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sanctum\binaries\win32\sanctumgame-win32-shipping.exe | 

"{B78A0DC1-A4D3-49E8-8C64-A7A77F9456B7}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{B90CBB9E-AB06-48B6-875D-0677BA0FB15C}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{BD6A2CDE-F4D2-42FA-A1DD-E1B99B4B087F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 

"{C09B0398-E4D8-40E1-876D-61F10671C91E}" = protocol=17 | dir=in | app=c:\nexon\combat arms eu\nmservice.exe | 

"{C185F7CF-02E4-4946-B9CA-33AF5240FDDD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\shoot many robots\shootmanyrobots\binaries\shootmanyrobots.exe | 

"{C1AF869F-8E22-4DC3-8543-F8834C1DEF91}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 

"{C55E7AA3-FD14-467D-A2E3-5F83D36C1368}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 

"{C6F99825-E7F4-4741-9C48-EB4A82538FDC}" = dir=in | app=c:\program files (x86)\norton internet security\engine\19.7.1.5\ccsvchst.exe | 

"{CD030BEE-F015-4220-A4CA-574474ED22C3}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe | 

"{CD2532C8-8013-4324-835A-F59968E5FF6C}" = protocol=17 | dir=in | app=c:\programdata\nexoneu\ngm\ngm.exe | 

"{CD68F935-6E80-4285-955B-6AE0DFF9C93E}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 

"{CE851775-D007-42CB-B515-1D5757E1E216}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe | 

"{CF382E92-9352-428E-98A7-B4D9592ED9DD}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifetray.exe | 

"{CFC740F1-B836-4F66-9CC2-DD8BE371FE3B}" = protocol=6 | dir=out | app=system | 

"{D0CA64CA-9013-4728-A2E0-93B40C85C239}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeenc2.exe | 

"{D30571B8-7481-46E3-A93D-7E974AD3C86D}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 

"{D3E5DF77-64E9-403B-957A-4AB667DC0624}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer_service.exe | 

"{D6F843CA-BAAE-4A4C-8291-9C73394A3921}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 | 

"{D77B75FF-9FC0-4ABE-B0A2-ADDAC561A2BE}" = protocol=6 | dir=in | app=c:\users\marc\appdata\local\akamai\netsession_win.exe | 

"{D9DA09C2-BDE1-4699-942C-41222E36D086}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft lifecam\lifeexp.exe | 

"{D9FF302D-0EF7-40D8-A762-72490CE9C9F5}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe | 

"{DA075407-A3CD-4A5D-B22F-315D6823A1DB}" = protocol=6 | dir=in | app=c:\program files (x86)\codemasters\of dragon rising\ofdr.exe | 

"{DDFB8742-F8E1-4EC9-8495-D27AE71DF1B3}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{DE09D6C2-8638-42EA-9435-C09C36A37EA0}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | 

"{E1034E74-19EB-4AA3-A369-4DF475479F03}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 

"{E39104A5-C02A-4EC2-966F-E15AE309E8C5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\borderlands 2\binaries\win32\launcher.exe | 

"{E3A56668-AB8A-478C-85DE-E7F7ED3F832E}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\groove.exe | 

"{EA102F1D-E32E-4228-A1FF-C052F16C03B3}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 

"{EA46463A-B8C9-4FFB-84C7-E8BC655E791A}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe | 

"{EBEADB2C-BA08-42B9-B163-111B469DBB7C}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | 

"{F61F9E92-CEB7-41D5-8372-9EE52B3AE33A}" = dir=out | app=%systemdrive%\games\world_of_tanks\wotlauncher.exe | 

"{F79ECC9F-DB85-42E0-BED3-5C3A6DE6A0CA}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version6\teamviewer.exe | 

"{FBF38D7B-EC92-46C9-AF8E-AF274ECDFC96}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office14\onenote.exe | 

"TCP Query User{0202718D-0C66-469E-813B-5AC99AE8637A}C:\program files (x86)\radio toolbox\rtb.exe" = protocol=6 | dir=in | app=c:\program files (x86)\radio toolbox\rtb.exe | 

"TCP Query User{40C29C38-9602-4656-9D76-4542DD9CF21E}C:\users\marc\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\marc\appdata\roaming\dropbox\bin\dropbox.exe | 

"TCP Query User{5D1EAD48-AF4D-47C5-8C73-6D5E16B9D01F}C:\program files (x86)\icq7.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe | 

"TCP Query User{7F65E12A-B161-4363-9B75-63B5585414E6}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe" = protocol=6 | dir=in | app=c:\program files (x86)\ea games\battlefield play4free\bfp4f.exe | 

"TCP Query User{A2DFCB1D-5E14-4124-8C71-B4A403C81FE7}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | 

"TCP Query User{DEC3C099-A778-47FA-BF3D-1440E44EA291}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | 

"TCP Query User{E25B87DB-98D7-4E5F-9841-5DADDD870AFE}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=6 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | 

"UDP Query User{05124A6F-7FD1-4245-A37C-4DB2F7D84E9F}C:\program files (x86)\icq7.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe | 

"UDP Query User{28848CAC-C9AA-457F-B83C-AD2B899B3B42}C:\users\marc\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\marc\appdata\roaming\dropbox\bin\dropbox.exe | 

"UDP Query User{3F2C966D-4ED4-416B-A85D-53FF657F1BF5}C:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe" = protocol=17 | dir=in | app=c:\nexon\nexon_eu_downloader\nexon_eu_downloader_engine.exe | 

"UDP Query User{50C0F2D9-FB6B-4B1B-85EC-1B82CA7F37A0}C:\program files (x86)\radio toolbox\rtb.exe" = protocol=17 | dir=in | app=c:\program files (x86)\radio toolbox\rtb.exe | 

"UDP Query User{A5C98DE2-85A8-4670-942E-B40646CA2D73}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | 

"UDP Query User{EEF2C9B3-CB35-4127-ACED-0BC8A6F0386C}C:\program files (x86)\ea games\battlefield play4free\bfp4f.exe" = protocol=17 | dir=in | app=c:\program files (x86)\ea games\battlefield play4free\bfp4f.exe | 

"UDP Query User{FBCEED65-0F03-443C-B125-B3D8D3D0CC71}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe | 

 
 ========== HKEY_LOCAL_MACHINE Uninstall List ==========

 

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack

"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{0886900B-B2F3-452C-B580-60F1253F7F80}" = Native Instruments Controller Editor

"{0B8565BA-BAD5-4732-B122-5FD78EFC50A9}" = Native Instruments Service Center

"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}" = iTunes

"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64

"{23A66953-369C-4d22-A189-C6E403D4A19F}" = Native Instruments Audio 2 DJ Driver

"{26A24AE4-039D-4CA4-87B4-2F86416027FF}" = Java(TM) 6 Update 27 (64-bit)

"{3D8003CE-E3CD-49b7-A59E-9C21546AF95E}" = Native Instruments Traktor Kontrol S2 Driver

"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64

"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

"{5CE7E3F5-9803-4F32-AA89-2D8848A80109}" = Microsoft LifeCam

"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

"{60B2315F-680F-4EB3-B8DD-CCDC86A7CCAB}" = Roxio File Backup

"{624C7F0A-89B2-4C49-9CAB-9D69613EC95A}" = Microsoft IntelliPoint 8.2

"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour

"{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}" = Apple Mobile Device Support

"{8219EDCB-CE5A-4348-B056-AAC0FE4E99D0}" = Microsoft IntelliType Pro 8.2

"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64

"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended

"{90140000-0011-0000-1000-0000000FF1CE}" = Microsoft Office Professional Plus 2010

"{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{7BC9B5EB-125A-4E9B-97E1-8D85B5E960B8}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0015-0407-1000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010

"{90140000-0015-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0016-0407-1000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010

"{90140000-0016-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0018-0407-1000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010

"{90140000-0018-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0019-0407-1000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010

"{90140000-0019-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001A-0407-1000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010

"{90140000-001A-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001B-0407-1000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010

"{90140000-001B-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0407-1000-0000000FF1CE}" = Microsoft Office Proof (German) 2010

"{90140000-001F-0407-1000-0000000FF1CE}_Office14.PROPLUS_{70A3169E-288F-454F-A08D-20DF66639B50}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0409-1000-0000000FF1CE}" = Microsoft Office Proof (English) 2010

"{90140000-001F-0409-1000-0000000FF1CE}_Office14.PROPLUS_{0242505C-4E90-407F-9299-B5B275F50D86}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-040C-1000-0000000FF1CE}" = Microsoft Office Proof (French) 2010

"{90140000-001F-040C-1000-0000000FF1CE}_Office14.PROPLUS_{B51389C8-2890-4633-81D8-47D2A7402274}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-001F-0410-1000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010

"{90140000-001F-0410-1000-0000000FF1CE}_Office14.PROPLUS_{3013A793-10A7-4D1F-B8B4-2FAA82F4D259}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-002C-0407-1000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010

"{90140000-002C-0407-1000-0000000FF1CE}_Office14.PROPLUS_{98782D5D-A9EE-43C6-88AD-B50AD8530E78}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0043-0000-1000-0000000FF1CE}" = Microsoft Office Office 32-bit Components 2010

"{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{E8B6D35B-0B6F-4DCE-9493-859BF3809A7F}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0043-0407-1000-0000000FF1CE}" = Microsoft Office Shared 32-bit MUI (German) 2010

"{90140000-0043-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8DFD91C7-66AE-4E54-9901-5D5F401AD329}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-0044-0407-1000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010

"{90140000-0044-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-006E-0407-1000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010

"{90140000-006E-0407-1000-0000000FF1CE}_Office14.PROPLUS_{8299B64F-1537-4081-974C-033EAB8F098E}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00A1-0407-1000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010

"{90140000-00A1-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90140000-00BA-0407-1000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010

"{90140000-00BA-0407-1000-0000000FF1CE}_Office14.PROPLUS_{BBBD3986-9A9D-402A-BA73-CCDE3EF0ED77}" = Microsoft Office 2010 Service Pack 1 (SP1)

"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64

"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64

"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9C5A08BF-BB99-4998-81BD-F6CC32483B34}" = Microsoft Corporation

"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64

"{A8EC0CC0-AD8D-4244-B080-424EDF7A7634}" = Native Instruments Traktor 2

"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 306.23

"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 306.23

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 306.23

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller-Treiber 306.23

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.12.0604

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.10.8

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.18.0

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application

"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components

"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64

"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones

"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"{F7ADB493-B913-4D61-9A63-DA736C20C3F2}" = Adobe Photoshop Lightroom 4.1 64-bit

"{FD67869B-C97B-4F2C-AD80-ABF130238441}" = Oracle VM VirtualBox 4.1.16

"EPSON SX100 Series" = EPSON SX100 Series Printer Uninstall

"MAXON8C02D5E0" = CINEMA 4D 12.016

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack

"Microsoft IntelliPoint 8.2" = Microsoft IntelliPoint 8.2

"Microsoft IntelliType Pro 8.2" = Microsoft IntelliType Pro 8.2

"Office14.PROPLUS" = Microsoft Office Professional Plus 2010

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

"{024521CF-C07E-4F8E-8481-0D75695E03AF}" = PxMergeModule

"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86

"{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam

"{0659E943-DDF4-44FC-9FEE-A13B09F8BB08}" = Adobe Flash Media Live Encoder 3.2

"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86

"{0E64B098-8018-4256-BA23-C316A43AD9B0}" = QuickTime

"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86

"{14DC0059-00F1-4F62-BD1A-AB23CD51A95E}" = Adobe AIR

"{15ED9EF1-672B-333C-B653-3A655B6DE4F7}" = Adobe® Content Viewer

"{185F9795-9663-4F13-9EF9-307A282ADB5A}" = ph

"{1A4052AB-BA77-44F7-8EE7-9F9131BFD7A6}" = OF Dragon Rising

"{1EAC1D02-C6AC-4FA6-9A44-96258C37C812}_is1" = World of Tanks v.0.6.7

"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool

"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT

"{26A24AE4-039D-4CA4-87B4-2F83216027F0}" = Java(TM) 6 Update 27

"{26A24AE4-039D-4CA4-87B4-2F83216035FF}" = Java(TM) 6 Update 35

"{289AC7E0-0AEE-4a7b-913C-709D9803D23E}" = Nexon Game Manager

"{2934DCB0-F8EE-11E0-A4A5-B8AC6F97B88E}" = Google Earth Plug-in

"{2A075BB4-E976-4278-BF3F-E5C6945D84C0}" = bl

"{2B11BA9C-7F97-4C16-970F-1491FD77969B}_is1" = GutscheinRausch.de - AddOn für Firefox

"{2FDD750F-49B7-40C1-9D5E-D2955BC0E2D8}" = NVIDIA PhysX

"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform

"{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}" = Firebird SQL Server - MAGIX Edition

"{3B35725F-C623-4A1E-B5CC-99C0868679E3}" = Smart 6 B10.1221.1

"{3DECD372-76A1-4483-BF10-B547790A3261}" = ON_OFF Charge B11.0110.1

"{457D7505-D665-4F95-91C3-ECB8C56E9ACA}" = Easy Tune 6 B11.0309.1

"{46578609-AD6D-4E69-AC8F-28B89C090F3B}" = Roxio Creator 2010 Pro

"{490BF87E-1F75-4453-BF55-9F540543A3CA}" = Steinberg Drum Loop Expansion 01

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4A19D6AC-ADE0-4A07-80FF-9C9812C45557}" = Steinberg Cubase 5

"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin

"{4D454CF8-12FD-464D-B57B-B46FE27B78BB}" = Steinberg LoopMash Content

"{52B65911-1559-4ED5-9461-46957FDD48CD}" = Borderlands

"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent

"{5310C7A5-A385-6E26-66E9-C0F0CA5A7E45}" = BeatportDownloader

"{532B917B-8235-4FA5-BE36-643A8BB053A5}" = Steinberg REVerence Content 01

"{55AE564D-F4C0-624E-6784-A4040D2ED7F7}" = Facebook Desktop

"{586509F0-350D-48B5-B763-9CC2F8D96C4C}" = Windows Live Sync

"{5A06423A-210C-49FB-950E-CB0EB8C5CEC7}" = Roxio BackOnTrack

"{5B0D20D7-AA12-4FC8-9A4A-AF722F430738}_is1" = EOS Camera Movie Record 0.3.1.1 Beta

"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86

"{63EC2120-1742-4625-AA47-C6A8AEC9C64C}" = Apple Application Support

"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components

"{675F86A8-E093-4002-87D5-915CC2C45571}" = DES 2.0

"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{6B4AD1A9-E73A-4184-9D6B-072F8A3C5EBA}" = VoiceOver Kit

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable

"{733CDF24-0A93-426E-AA89-DF281EB54793}" = Roxio CinePlayer

"{744DA166-F189-4ED4-92EA-E06F3347DD44}" = Philips SPC710NC Webcam

"{74DC8A26-4E05-40B6-AD11-C9428A1AE150}" = Roxio Creator 2010 Pro

"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies

"{76285C16-411A-488A-BCE3-C83CB933D8CF}" = Battlefield 3™

"{7644E42D-B096-457F-8B5B-901238FC81AE}" = ICQ7.6

"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}" = Text-To-Speech-Runtime

"{7CAC6A44-C3DE-4153-ACA6-7524602C789E}" = Facebook Video Calling 1.2.0.159

"{7E48AFD3-F28A-4E54-99A8-9F3A4A27DBC4}" = Brother MFL-Pro Suite DCP-130C

"{7ED169D4-5053-4166-93DF-53B12AE6C539}" = Energy Saver Advance B10.0309.1

"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable

"{84DE49CA-0AFB-4557-B1B4-B9B8C1DAE2DE}" = XSplit

"{850C7BD3-9F3F-46AD-9396-E7985B38C55E}" = Windows Live Fotogalerie

"{865D9ED1-EAC2-436D-AFA7-0B750EB5AAAB}" = Steinberg HALionOne Studio Drum Set

"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570

"{86DDDAAD-AEB9-42E5-BE01-0E8FABD2BB29}" = Roxio Video Capture USB

"{87686C21-8A15-4b4d-A3F1-11141D9BE094}" = Battlefield Play4Free

"{87A83C6F-F53C-448A-B078-FF00E3EAEB29}" = Roxio Disaster Recovery

"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver

"{89A15676-78AE-4D51-BF5B-DEE3E0D46C94}" = Roxio Creator 2010 Pro

"{905D4F6B-FADC-4CA4-AA41-BD32A2E446CE}" = Anno 1701 - Der Fluch des Drachen

"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86

"{955AB765-E48B-4D82-9F06-F2E142433B71}" = Ableton Live 8

"{96D06FDD-6AF4-4309-BC1B-1C9588B0575E}" = Dead Space™ 2

"{9A00EC4E-27E1-42C4-98DD-662F32AC8870}" = Roxio CinePlayer Decoder Pack

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{A048F6D6-BECE-D521-9BC9-B8806BFB118C}" = Beatport Downloader

"{A121EEDE-C68F-461D-91AA-D48BA226AF1C}" = Roxio Activation Module

"{A2433A63-5F5D-40E5-B529-9123C2B3E734}" = Anno 1701

"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn

"{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable

"{A7496F46-78AE-4DB2-BCF5-95F210FA6F96}" = Windows Live Movie Maker

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{AC0E0FA6-B945-4F48-BC36-055FCB0DB42B}" = Overwolf

"{AC76BA86-1033-F400-7760-000000000005}" = Adobe Acrobat X Pro - English, Français, Deutsch

"{AC997F93-0757-4ED4-A701-F40C2D654D09}" = Steinberg HALionOne GM Drum Set

"{AD86049C-3D9C-43E1-BE73-643F57D83D50}" = Easy Migration

"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager

"{AF9E97C1-7431-426D-A8D5-ABE40995C0B1}" = DirectX 9 Runtime

"{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}" = @BIOS

"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation

"{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call

"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86

"{B8ABD8C7-991E-4A70-B5A3-20C6FC680680}" = LogMeIn Hamachi

"{BD86F1AC-B594-46E4-85DC-1258AC9E2232}" = Steinberg Groove Agent ONE Content

"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6

"{C75FAD21-EC08-42F3-92D6-C9C0AB355345}" = AutoGreen B10.1021.1

"{CAFA57E8-8927-4912-AFCF-B0AA3837E989}" = Windows Live Essentials

"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86

"{D23CBFDA-C46B-4920-BA70-FC7878A3F05A}" = Steinberg HALionOne Studio Set

"{D82CDA0D-C182-42C8-8FF2-5649C98D6003}" = Steinberg HALionOne Pro Set

"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86

"{DB6AB705-C9BD-40E3-8929-2EA57F36A4FF}_is1" = ConvertXtoDVD 4.1.10.348

"{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller

"{E22AD5D3-EB60-4A8F-835C-6C10E369DCE2}" = Steinberg HALionOne Expression Set

"{E52F8D95-AEB5-3B67-879C-C59DF8AF88EE}" = Google Talk Plugin

"{E70E7159-93B1-470D-9FBD-D8E9EF34B538}" = Steinberg HALionOne

"{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}" = Adobe Creative Suite 6 Master Collection

"{EDA02C05-A98F-71F6-8F01-9CE3E253D34C}" = simfy

"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10

"{EFBE6DD5-B224-96E5-72B9-68D328CB12A6}" = Adobe Widget Browser

"{F057965A-D974-4C64-ADB1-4381CD4B8956}" = Steinberg HALionOne GM Set

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard

"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver

"{F3AFD063-8BAD-485E-B641-E7F5A2C5AE71}" = Steinberg HALionOne Additional Content Set 01

"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center

"{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}" = 325 USB PC Camera

"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

"1489-3350-5074-6281" = JDownloader 0.9

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Akamai" = Akamai NetSession Interface Service

"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.15

"Any DVD Converter Professional_is1" = Any DVD Converter Professional 4.0.1

"ASIO4ALL" = ASIO4ALL

"Battlelog Web Plugins" = Battlelog Web Plugins

"BeatportDownloader.EE670286545758FAB4A69D4439CF6054F83E0AC2.1" = BeatportDownloader

"butt" = butt

"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager

"Clonk Rage" = Clonk Rage

"com.adobe.dmp.contentviewer" = Adobe® Content Viewer

"com.adobe.WidgetBrowser" = Adobe Widget Browser

"com.beatport.BeatportDownloader" = Beatport Downloader

"com.facebookdesktop.app" = Facebook Desktop

"Combat Arms EU" = Combat Arms EU

"DAEMON Tools Lite" = DAEMON Tools Lite

"doubleTwist" = doubleTwist

"Dreamload" = Dreamload

"EdcastStandalone" = Edcast Standalone 3.37.2011

"EOS Utility" = Canon Utilities EOS Utility

"ESN Sonar-0.70.4" = ESN Sonar

"ffdshow_is1" = ffdshow [rev 2527] [2008-12-19]

"FileZilla Client" = FileZilla Client 3.5.3

"FileZilla Server" = FileZilla Server

"Fraps" = Fraps (remove only)

"HyperCam 3" = HyperCam 3

"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies

"InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}" = Etron USB3.0 Host Controller

"KORES Print Designer" = KORES Print Designer

"LogMeIn Hamachi" = LogMeIn Hamachi

"MAGIX Speed burnR D" = MAGIX Speed burnR

"Michas Jingle-Player" = Michas Jingle-Player

"Mozilla Firefox 15.0.1 (x86 de)" = Mozilla Firefox 15.0.1 (x86 de)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"Mp3tag" = Mp3tag v2.52

"Native Instruments Audio 2 DJ Driver" = Native Instruments Audio 2 DJ Driver

"Native Instruments Controller Editor" = Native Instruments Controller Editor

"Native Instruments Service Center" = Native Instruments Service Center

"Native Instruments Traktor 2" = Native Instruments Traktor 2

"Native Instruments Traktor Kontrol S2 Driver" = Native Instruments Traktor Kontrol S2 Driver

"NBRTWizard" = Norton Bootable Recovery Tool Wizard

"NIS" = Norton Internet Security

"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver

"Origin" = Origin

"PhotoScape" = PhotoScape

"PhotoStitch" = Canon Utilities PhotoStitch

"PunkBusterSvc" = PunkBuster Services

"Radio Toolbox" = Radio Toolbox

"reFX Nexus_is1" = reFX Nexus VSTi RTAS v2.2.0

"Roxio PhotoShow" = Roxio PhotoShow

"SCDNAS" = SHOUTcast DNAS (remove only)

"SHOUTcast" = SHOUTcast DNAS Server v2

"Simfy" = simfy

"Steam App 400" = Portal

"Steam App 49520" = Borderlands 2

"Steam App 620" = Portal 2

"Steam App 91600" = Sanctum

"Steam App 96400" = Shoot Many Robots

"TeamSpeak 3 Client" = TeamSpeak 3 Client

"TeamViewer 7" = TeamViewer 7

"USB_AUDIO_DEusb-audio.deBehringer2902" = BEHRINGER USB AUDIO DRIVER

"UseNeXT_is1" = UseNeXT

"uTorrent" = µTorrent

"VLC media player" = VLC media player 2.0.1

"Winamp" = Winamp

"WinLiveSuite_Wave3" = Windows Live Essentials

"WinRAR archiver" = WinRAR archiver

"YU2010_is1" = Your Uninstaller! 2010

 
 ========== HKEY_CURRENT_USER Uninstall List ==========

 

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"Akamai" = Akamai NetSession Interface

"Dropbox" = Dropbox

"Winamp Detect" = Winamp Erkennungs-Plug-in

 
 ========== Last 20 Event Log Errors ==========

 

[ Application Events ]

Error - 28.09.2012 10:44:07 | Computer Name = Marc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung

 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter

 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste

 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich

 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

 

Error - 28.09.2012 10:45:13 | Computer Name = Marc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung

 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter

 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste

 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich

 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

 

Error - 28.09.2012 10:45:16 | Computer Name = Marc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung

 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter

 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste

 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich

 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

 

Error - 28.09.2012 10:45:26 | Computer Name = Marc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung

 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter

 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste

 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich

 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

 

Error - 28.09.2012 10:47:03 | Computer Name = Marc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung

 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter

 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste

 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich

 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

 

Error - 28.09.2012 10:47:05 | Computer Name = Marc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung

 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter

 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste

 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich

 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

 

Error - 28.09.2012 10:50:46 | Computer Name = Marc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung

 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter

 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste

 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich

 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

 

Error - 28.09.2012 10:51:25 | Computer Name = Marc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung

 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter

 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste

 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich

 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

 

Error - 28.09.2012 10:51:27 | Computer Name = Marc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung

 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter

 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste

 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich

 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

 

Error - 28.09.2012 10:51:33 | Computer Name = Marc-PC | Source = Microsoft-Windows-LoadPerf | ID = 3012

Description = Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung

 werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter

 ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste

 DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich

 und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.

 

Error - 28.09.2012 10:55:08 | Computer Name = Marc-PC | Source = WinMgmt | ID = 10

Description = 

 

[ System Events ]

Error - 25.09.2012 11:24:52 | Computer Name = Marc-PC | Source = NetBT | ID = 4321

Description = Der Name "MARC-PC        :20" konnte nicht auf der Schnittstelle mit

 IP-Adresse 192.168.2.139  registriert werden. Der Computer mit IP-Adresse 192.168.2.102

 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.

 

Error - 25.09.2012 11:24:53 | Computer Name = Marc-PC | Source = NetBT | ID = 4321

Description = Der Name "MARC-PC        :0" konnte nicht auf der Schnittstelle mit

 IP-Adresse 192.168.2.139  registriert werden. Der Computer mit IP-Adresse 192.168.2.102

 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.

 

Error - 28.09.2012 08:42:36 | Computer Name = Marc-PC | Source = Disk | ID = 262151

Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

 

Error - 28.09.2012 08:42:38 | Computer Name = Marc-PC | Source = Disk | ID = 262151

Description = Fehlerhafter Block bei Gerät \Device\Harddisk0\DR0.

 

Error - 28.09.2012 08:58:21 | Computer Name = Marc-PC | Source = Service Control Manager | ID = 7031

Description = Der Dienst "Apple Mobile Device" wurde unerwartet beendet. Dies ist

 bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden

 durchgeführt: Neustart des Diensts.

 

Error - 28.09.2012 09:23:31 | Computer Name = Marc-PC | Source = DCOM | ID = 10010

Description = 

 

Error - 28.09.2012 09:38:44 | Computer Name = Marc-PC | Source = Service Control Manager | ID = 7009

Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst

 Roxio Hard Drive Watcher 12 erreicht.

 

Error - 28.09.2012 09:38:49 | Computer Name = Marc-PC | Source = NetBT | ID = 4321

Description = Der Name "MARC-PC        :0" konnte nicht auf der Schnittstelle mit

 IP-Adresse 192.168.2.139  registriert werden. Der Computer mit IP-Adresse 192.168.2.102

 hat nicht  zugelassen, dass dieser Computer diesen Namen verwendet.

 

Error - 28.09.2012 09:48:01 | Computer Name = Marc-PC | Source = Microsoft-Windows-WLAN-AutoConfig | ID = 10000

Description = Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.    Modulpfad:

 C:\Windows\system32\athExt.dll  Fehlercode: 126  

 

Error - 28.09.2012 10:53:45 | Computer Name = Marc-PC | Source = Service Control Manager | ID = 7009

Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst

 Roxio Hard Drive Watcher 12 erreicht.

 

 

< End of report >

--- --- ---

Mfg Marc

hi
download tdss killer:
http://www.trojaner-board.de/82358-t...entfernen.html
Klicke auf Change parameters
• Setze die Haken bei Verify driver digital signatures und Detect TDLFS file system
• Klick auf OK und anschließend auf Start scan
- bei funden erst mal immer skip wählen, log posten

Code:

19:08:06.0950 4872  TDSS rootkit removing tool 2.8.10.0 Sep 17 2012 19:23:24

19:08:07.0354 4872  ============================================================

19:08:07.0354 4872  Current date / time: 2012/09/28 19:08:07.0354

19:08:07.0354 4872  SystemInfo:

19:08:07.0354 4872  

19:08:07.0354 4872  OS Version: 6.1.7601 ServicePack: 1.0

19:08:07.0354 4872  Product type: Workstation

19:08:07.0354 4872  ComputerName: MARC-PC

19:08:07.0354 4872  UserName: Marc

19:08:07.0354 4872  Windows directory: C:\Windows

19:08:07.0354 4872  System windows directory: C:\Windows

19:08:07.0354 4872  Running under WOW64

19:08:07.0354 4872  Processor architecture: Intel x64

19:08:07.0354 4872  Number of processors: 4

19:08:07.0354 4872  Page size: 0x1000

19:08:07.0354 4872  Boot type: Normal boot

19:08:07.0354 4872  ============================================================

19:08:08.0889 4872  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040

19:08:08.0889 4872  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 (1863.02 Gb), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

19:08:08.0892 4872  Drive \Device\Harddisk2\DR2 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

19:08:08.0894 4872  ============================================================

19:08:08.0894 4872  \Device\Harddisk0\DR0:

19:08:08.0894 4872  MBR partitions:

19:08:08.0895 4872  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000

19:08:08.0895 4872  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A352000

19:08:08.0895 4872  \Device\Harddisk1\DR1:

19:08:08.0895 4872  MBR partitions:

19:08:08.0895 4872  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x7D000000

19:08:08.0895 4872  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x7D000800, BlocksNum 0x6BE07000

19:08:08.0895 4872  \Device\Harddisk2\DR2:

19:08:08.0895 4872  MBR partitions:

19:08:08.0895 4872  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x74705982

19:08:08.0895 4872  ============================================================

19:08:08.0913 4872  C: <-> \Device\Harddisk0\DR0\Partition2

19:08:08.0940 4872  K: <-> \Device\Harddisk2\DR2\Partition1

19:08:08.0955 4872  H: <-> \Device\Harddisk0\DR0\Partition1

19:08:09.0371 4872  E: <-> \Device\Harddisk1\DR1\Partition1

19:08:09.0440 4872  I: <-> \Device\Harddisk1\DR1\Partition2

19:08:09.0440 4872  ============================================================

19:08:09.0440 4872  Initialize success

19:08:09.0440 4872  ============================================================

19:08:26.0067 6300  ============================================================

19:08:26.0067 6300  Scan started

19:08:26.0067 6300  Mode: Manual; SigCheck; TDLFS; 

19:08:26.0067 6300  ============================================================

19:08:26.0902 6300  ================ Scan system memory ========================

19:08:26.0902 6300  System memory - ok

19:08:26.0903 6300  ================ Scan services =============================

19:08:27.0032 6300  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys

19:08:27.0096 6300  1394ohci - ok

19:08:27.0195 6300  [ A15069EEC83EBC54150564B2585CFDBA ] 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 C:\Program Files (x86)\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe

19:08:27.0212 6300  9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 - ok

19:08:27.0241 6300  [ 3A935600DADB122887B0BD3BCEB0247D ] a2djavs         C:\Windows\system32\Drivers\a2djavs.sys

19:08:27.0252 6300  a2djavs - ok

19:08:27.0316 6300  [ BDED0E1B0A0B5D53B8E174B57545FC75 ] a2djavs_x64     C:\Windows\system32\Drivers\a2djavs_x64.sys

19:08:27.0323 6300  a2djavs_x64 - ok

19:08:27.0378 6300  [ B5821079E99C9420AC78F60D536A9F1F ] a2djusb_svc     C:\Windows\system32\Drivers\a2djusb.sys

19:08:27.0385 6300  a2djusb_svc - ok

19:08:27.0423 6300  [ C515FAFDE87046D2EF465CDA999DB38F ] a2djusb_x64     C:\Windows\system32\Drivers\a2djusb_x64.sys

19:08:27.0433 6300  a2djusb_x64 - ok

19:08:27.0452 6300  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys

19:08:27.0464 6300  ACPI - ok

19:08:27.0507 6300  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys

19:08:27.0573 6300  AcpiPmi - ok

19:08:27.0672 6300  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

19:08:27.0680 6300  AdobeARMservice - ok

19:08:27.0811 6300  [ E12CFCF1DDBFC50948A75E6E38793225 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

19:08:27.0820 6300  AdobeFlashPlayerUpdateSvc - ok

19:08:27.0858 6300  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys

19:08:27.0873 6300  adp94xx - ok

19:08:27.0911 6300  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\drivers\adpahci.sys

19:08:27.0923 6300  adpahci - ok

19:08:27.0954 6300  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\drivers\adpu320.sys

19:08:27.0964 6300  adpu320 - ok

19:08:27.0980 6300  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll

19:08:28.0089 6300  AeLookupSvc - ok

19:08:28.0132 6300  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys

19:08:28.0181 6300  AFD - ok

19:08:28.0218 6300  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys

19:08:28.0226 6300  agp440 - ok

19:08:28.0234 6300  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe

19:08:28.0256 6300  ALG - ok

19:08:28.0266 6300  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys

19:08:28.0273 6300  aliide - ok

19:08:28.0284 6300  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys

19:08:28.0291 6300  amdide - ok

19:08:28.0311 6300  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys

19:08:28.0330 6300  AmdK8 - ok

19:08:28.0342 6300  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys

19:08:28.0372 6300  AmdPPM - ok

19:08:28.0405 6300  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys

19:08:28.0414 6300  amdsata - ok

19:08:28.0439 6300  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys

19:08:28.0449 6300  amdsbs - ok

19:08:28.0462 6300  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys

19:08:28.0470 6300  amdxata - ok

19:08:28.0488 6300  [ 4DE0D5D747A73797C95A97DCCE5018B5 ] androidusb      C:\Windows\system32\Drivers\ssadadb.sys

19:08:28.0503 6300  androidusb - ok

19:08:28.0532 6300  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys

19:08:28.0635 6300  AppID - ok

19:08:28.0660 6300  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll

19:08:28.0700 6300  AppIDSvc - ok

19:08:28.0736 6300  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll

19:08:28.0775 6300  Appinfo - ok

19:08:28.0851 6300  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

19:08:28.0858 6300  Apple Mobile Device - ok

19:08:28.0909 6300  [ 6BE11AD81D4527D299F0CB5F3731AABC ] AppleCharger    C:\Windows\system32\DRIVERS\AppleCharger.sys

19:08:28.0916 6300  AppleCharger - ok

19:08:28.0957 6300  [ 95EF7247C50C7241FDAE39A9B3AFF4AE ] AppleChargerSrv C:\Windows\system32\AppleChargerSrv.exe

19:08:28.0965 6300  AppleChargerSrv - ok

19:08:29.0013 6300  [ 4ABA3E75A76195A3E38ED2766C962899 ] AppMgmt         C:\Windows\System32\appmgmts.dll

19:08:29.0040 6300  AppMgmt - ok

19:08:29.0087 6300  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\drivers\arc.sys

19:08:29.0096 6300  arc - ok

19:08:29.0110 6300  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\drivers\arcsas.sys

19:08:29.0119 6300  arcsas - ok

19:08:29.0228 6300  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

19:08:29.0236 6300  aspnet_state - ok

19:08:29.0257 6300  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys

19:08:29.0293 6300  AsyncMac - ok

19:08:29.0325 6300  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys

19:08:29.0333 6300  atapi - ok

19:08:29.0394 6300  [ 7D89B0C443F6068E5B27AA3B972069FF ] athr            C:\Windows\system32\DRIVERS\athrx.sys

19:08:29.0435 6300  athr - ok

19:08:29.0490 6300  [ 36322190763845975E0D001E90687BF2 ] athur           C:\Windows\system32\DRIVERS\athurx.sys

19:08:29.0530 6300  athur - ok

19:08:29.0563 6300  [ B4BDE3F758A34658A37DFED3D9783CD8 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys

19:08:29.0572 6300  atksgt - ok

19:08:29.0599 6300  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

19:08:29.0650 6300  AudioEndpointBuilder - ok

19:08:29.0697 6300  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll

19:08:29.0726 6300  AudioSrv - ok

19:08:29.0740 6300  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll

19:08:29.0794 6300  AxInstSV - ok

19:08:29.0836 6300  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys

19:08:29.0867 6300  b06bdrv - ok

19:08:29.0920 6300  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys

19:08:29.0956 6300  b57nd60a - ok

19:08:30.0035 6300  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll

19:08:30.0150 6300  BDESVC - ok

19:08:30.0164 6300  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys

19:08:30.0197 6300  Beep - ok

19:08:30.0233 6300  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll

19:08:30.0276 6300  BFE - ok

19:08:30.0449 6300  [ A45BE4E091636F6C86D6E4FC945D5A26 ] BHDrvx64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120919.001\BHDrvx64.sys

19:08:30.0475 6300  BHDrvx64 - ok

19:08:30.0507 6300  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll

19:08:30.0553 6300  BITS - ok

19:08:30.0579 6300  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys

19:08:30.0607 6300  blbdrive - ok

19:08:30.0667 6300  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

19:08:30.0680 6300  Bonjour Service - ok

19:08:30.0694 6300  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys

19:08:30.0733 6300  bowser - ok

19:08:30.0747 6300  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys

19:08:30.0772 6300  BrFiltLo - ok

19:08:30.0788 6300  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys

19:08:30.0817 6300  BrFiltUp - ok

19:08:30.0848 6300  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll

19:08:30.0864 6300  Browser - ok

19:08:30.0887 6300  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys

19:08:30.0911 6300  Brserid - ok

19:08:30.0935 6300  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys

19:08:30.0952 6300  BrSerWdm - ok

19:08:30.0958 6300  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys

19:08:30.0969 6300  BrUsbMdm - ok

19:08:30.0979 6300  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys

19:08:30.0988 6300  BrUsbSer - ok

19:08:30.0996 6300  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys

19:08:31.0020 6300  BTHMODEM - ok

19:08:31.0053 6300  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll

19:08:31.0080 6300  bthserv - ok

19:08:31.0189 6300  [ 2C6FFCCA37B002AAB3C7C31A6D780A76 ] ccSet_NIS       C:\Windows\system32\drivers\NISx64\1308000.00E\ccSetx64.sys

19:08:31.0199 6300  ccSet_NIS - ok

19:08:31.0247 6300  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys

19:08:31.0279 6300  cdfs - ok

19:08:31.0307 6300  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys

19:08:31.0331 6300  cdrom - ok

19:08:31.0343 6300  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll

19:08:31.0378 6300  CertPropSvc - ok

19:08:31.0384 6300  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\drivers\circlass.sys

19:08:31.0396 6300  circlass - ok

19:08:31.0413 6300  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys

19:08:31.0426 6300  CLFS - ok

19:08:31.0466 6300  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

19:08:31.0473 6300  clr_optimization_v2.0.50727_32 - ok

19:08:31.0510 6300  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

19:08:31.0518 6300  clr_optimization_v2.0.50727_64 - ok

19:08:31.0595 6300  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

19:08:31.0603 6300  clr_optimization_v4.0.30319_32 - ok

19:08:31.0644 6300  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

19:08:31.0651 6300  clr_optimization_v4.0.30319_64 - ok

19:08:31.0688 6300  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys

19:08:31.0709 6300  CmBatt - ok

19:08:31.0718 6300  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys

19:08:31.0726 6300  cmdide - ok

19:08:31.0767 6300  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys

19:08:31.0786 6300  CNG - ok

19:08:31.0800 6300  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys

19:08:31.0808 6300  Compbatt - ok

19:08:31.0824 6300  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys

19:08:31.0852 6300  CompositeBus - ok

19:08:31.0854 6300  COMSysApp - ok

19:08:31.0868 6300  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys

19:08:31.0876 6300  crcdisk - ok

19:08:31.0904 6300  [ 4F5414602E2544A4554D95517948B705 ] CryptSvc        C:\Windows\system32\cryptsvc.dll

19:08:31.0944 6300  CryptSvc - ok

19:08:31.0974 6300  [ 54DA3DFD29ED9F1619B6F53F3CE55E49 ] CSC             C:\Windows\system32\drivers\csc.sys

19:08:32.0016 6300  CSC - ok

19:08:32.0036 6300  [ 3AB183AB4D2C79DCF459CD2C1266B043 ] CscService      C:\Windows\System32\cscsvc.dll

19:08:32.0058 6300  CscService - ok

19:08:32.0104 6300  [ 1CA90212A99DB6975C344826D11055C9 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys

19:08:32.0111 6300  dc3d - ok

19:08:32.0131 6300  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll

19:08:32.0161 6300  DcomLaunch - ok

19:08:32.0198 6300  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll

19:08:32.0229 6300  defragsvc - ok

19:08:32.0323 6300  [ FDC0C5ADDE1CDE6EDB0BEF78F0699AF3 ] DES2 Service    C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe

19:08:32.0330 6300  DES2 Service - ok

19:08:32.0342 6300  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys

19:08:32.0368 6300  DfsC - ok

19:08:32.0398 6300  [ 105373D52E71D2D1355AD3ACD18259C3 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys

19:08:32.0406 6300  dg_ssudbus - ok

19:08:32.0437 6300  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll

19:08:32.0476 6300  Dhcp - ok

19:08:32.0507 6300  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys

19:08:32.0532 6300  discache - ok

19:08:32.0589 6300  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\drivers\disk.sys

19:08:32.0597 6300  Disk - ok

19:08:32.0628 6300  [ 5DB085A8A6600BE6401F2B24EECB5415 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys

19:08:32.0648 6300  dmvsc - ok

19:08:32.0657 6300  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll

19:08:32.0677 6300  Dnscache - ok

19:08:32.0690 6300  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll

19:08:32.0717 6300  dot3svc - ok

19:08:32.0728 6300  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll

19:08:32.0766 6300  DPS - ok

19:08:32.0804 6300  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys

19:08:32.0815 6300  drmkaud - ok

19:08:32.0844 6300  [ 46571ED73AE84469DCA53081D33CF3C8 ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys

19:08:32.0854 6300  dtsoftbus01 - ok

19:08:32.0875 6300  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys

19:08:32.0896 6300  DXGKrnl - ok

19:08:32.0914 6300  EagleX64 - ok

19:08:32.0930 6300  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll

19:08:32.0957 6300  EapHost - ok

19:08:33.0003 6300  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\drivers\evbda.sys

19:08:33.0066 6300  ebdrv - ok

19:08:33.0113 6300  [ 4353FF94D47A0A9D52B89ECCF0CDB013 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys

19:08:33.0127 6300  eeCtrl - ok

19:08:33.0149 6300  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe

19:08:33.0173 6300  EFS - ok

19:08:33.0214 6300  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe

19:08:33.0241 6300  ehRecvr - ok

19:08:33.0252 6300  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe

19:08:33.0274 6300  ehSched - ok

19:08:33.0297 6300  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\drivers\elxstor.sys

19:08:33.0312 6300  elxstor - ok

19:08:33.0392 6300  [ B5581646636759D0DAFA8B008881C079 ] EPSON_EB_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE

19:08:33.0412 6300  EPSON_EB_RPCV4_01 - ok

19:08:33.0440 6300  [ 1E345F2A2D95DA3190596E691CDE9342 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE

19:08:33.0448 6300  EPSON_PM_RPCV4_01 - ok

19:08:33.0525 6300  [ C5BCCB378D0A896304A3E71BE7215983 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

19:08:33.0536 6300  EraserUtilRebootDrv - ok

19:08:33.0549 6300  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys

19:08:33.0558 6300  ErrDev - ok

19:08:33.0594 6300  [ 84486624268E078255BC7AA47F0960BC ] etdrv           C:\Windows\etdrv.sys

19:08:33.0601 6300  etdrv - ok

19:08:33.0638 6300  [ 3663291D0D26001A2BB67678AB61D14C ] EtronHub3       C:\Windows\system32\Drivers\EtronHub3.sys

19:08:33.0667 6300  EtronHub3 - ok

19:08:33.0698 6300  [ 744420D6C062C38F7361870F010D6D4B ] EtronXHCI       C:\Windows\system32\Drivers\EtronXHCI.sys

19:08:33.0718 6300  EtronXHCI - ok

19:08:33.0747 6300  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll

19:08:33.0781 6300  EventSystem - ok

19:08:33.0832 6300  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys

19:08:33.0869 6300  exfat - ok

19:08:33.0906 6300  Fabs - ok

19:08:33.0935 6300  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys

19:08:33.0968 6300  fastfat - ok

19:08:33.0990 6300  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe

19:08:34.0006 6300  Fax - ok

19:08:34.0013 6300  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\drivers\fdc.sys

19:08:34.0023 6300  fdc - ok

19:08:34.0034 6300  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll

19:08:34.0078 6300  fdPHost - ok

19:08:34.0092 6300  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll

19:08:34.0126 6300  FDResPub - ok

19:08:34.0139 6300  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys

19:08:34.0147 6300  FileInfo - ok

19:08:34.0157 6300  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys

19:08:34.0182 6300  Filetrace - ok

19:08:34.0239 6300  [ C623057D3905323F760A8B3C8523C072 ] FileZilla Server C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe

19:08:34.0250 6300  FileZilla Server ( UnsignedFile.Multi.Generic ) - warning

19:08:34.0250 6300  FileZilla Server - detected UnsignedFile.Multi.Generic (1)

19:08:34.0310 6300  [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe

19:08:34.0383 6300  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning

19:08:34.0383 6300  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)

19:08:34.0401 6300  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys

19:08:34.0426 6300  flpydisk - ok

19:08:34.0448 6300  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys

19:08:34.0460 6300  FltMgr - ok

19:08:34.0491 6300  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll

19:08:34.0527 6300  FontCache - ok

19:08:34.0572 6300  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

19:08:34.0579 6300  FontCache3.0.0.0 - ok

19:08:34.0587 6300  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys

19:08:34.0595 6300  FsDepends - ok

19:08:34.0616 6300  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys

19:08:34.0624 6300  Fs_Rec - ok

19:08:34.0646 6300  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys

19:08:34.0660 6300  fvevol - ok

19:08:34.0698 6300  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys

19:08:34.0707 6300  gagp30kx - ok

19:08:34.0734 6300  [ 7907E14F9BCF3A4689C9A74A1A873CB6 ] gdrv            C:\Windows\gdrv.sys

19:08:34.0740 6300  gdrv - ok

19:08:34.0763 6300  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

19:08:34.0769 6300  GEARAspiWDM - ok

19:08:34.0837 6300  [ 2DDD5CBB203C3C3FD6F74979EBD8CC92 ] GEST Service    C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe

19:08:34.0844 6300  GEST Service - ok

19:08:34.0863 6300  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll

19:08:34.0896 6300  gpsvc - ok

19:08:34.0944 6300  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

19:08:34.0951 6300  gupdate - ok

19:08:34.0965 6300  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

19:08:34.0972 6300  gupdatem - ok

19:08:34.0988 6300  [ 8126331FBD4ED29EB3B356F9C905064D ] GVTDrv64        C:\Windows\GVTDrv64.sys

19:08:34.0996 6300  GVTDrv64 - ok

19:08:35.0030 6300  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys

19:08:35.0037 6300  hamachi - ok

19:08:35.0137 6300  [ F10C3F2E002100BF8B797DCF283FEA7D ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

19:08:35.0181 6300  Hamachi2Svc - ok

19:08:35.0216 6300  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys

19:08:35.0244 6300  hcw85cir - ok

19:08:35.0326 6300  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys

19:08:35.0378 6300  HdAudAddService - ok

19:08:35.0421 6300  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys

19:08:35.0534 6300  HDAudBus - ok

19:08:35.0578 6300  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys

19:08:35.0597 6300  HidBatt - ok

19:08:35.0610 6300  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\drivers\hidbth.sys

19:08:35.0622 6300  HidBth - ok

19:08:35.0631 6300  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\drivers\hidir.sys

19:08:35.0654 6300  HidIr - ok

19:08:35.0677 6300  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll

19:08:35.0712 6300  hidserv - ok

19:08:35.0734 6300  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys

19:08:35.0743 6300  HidUsb - ok

19:08:35.0764 6300  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll

19:08:35.0795 6300  hkmsvc - ok

19:08:35.0810 6300  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll

19:08:35.0820 6300  HomeGroupListener - ok

19:08:35.0828 6300  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

19:08:35.0838 6300  HomeGroupProvider - ok

19:08:35.0862 6300  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys

19:08:35.0870 6300  HpSAMD - ok

19:08:35.0892 6300  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys

19:08:35.0926 6300  HTTP - ok

19:08:35.0933 6300  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys

19:08:35.0941 6300  hwpolicy - ok

19:08:35.0950 6300  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys

19:08:35.0972 6300  i8042prt - ok

19:08:36.0009 6300  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys

19:08:36.0022 6300  iaStorV - ok

19:08:36.0085 6300  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

19:08:36.0094 6300  IDriverT ( UnsignedFile.Multi.Generic ) - warning

19:08:36.0094 6300  IDriverT - detected UnsignedFile.Multi.Generic (1)

19:08:36.0125 6300  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

19:08:36.0143 6300  idsvc - ok

19:08:36.0208 6300  [ A48928D4CCA6F8B731989DB08CF2C0AB ] IDSVia64        C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20120927.001\IDSvia64.sys

19:08:36.0222 6300  IDSVia64 - ok

19:08:36.0234 6300  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\drivers\iirsp.sys

19:08:36.0243 6300  iirsp - ok

19:08:36.0267 6300  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll

19:08:36.0309 6300  IKEEXT - ok

19:08:36.0388 6300  [ A5F7CEF8A939EBE270462EDEFD629F20 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys

19:08:36.0466 6300  IntcAzAudAddService - ok

19:08:36.0482 6300  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys

19:08:36.0490 6300  intelide - ok

19:08:36.0503 6300  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys

19:08:36.0522 6300  intelppm - ok

19:08:36.0542 6300  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll

19:08:36.0581 6300  IPBusEnum - ok

19:08:36.0616 6300  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys

19:08:36.0646 6300  IpFilterDriver - ok

19:08:36.0662 6300  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll

19:08:36.0693 6300  iphlpsvc - ok

19:08:36.0705 6300  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys

19:08:36.0721 6300  IPMIDRV - ok

19:08:36.0732 6300  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys

19:08:36.0769 6300  IPNAT - ok

19:08:36.0849 6300  [ 6E50CFA46527B39015B750AAD161C5CC ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe

19:08:36.0868 6300  iPod Service - ok

19:08:36.0896 6300  [ 02DEF37AB75E0032C50724646F708DE8 ] iPodDrv         C:\Windows\system32\drivers\iPodDrv.sys

19:08:36.0904 6300  iPodDrv - ok

19:08:36.0922 6300  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys

19:08:36.0948 6300  IRENUM - ok

19:08:36.0963 6300  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys

19:08:36.0971 6300  isapnp - ok

19:08:37.0001 6300  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys

19:08:37.0012 6300  iScsiPrt - ok

19:08:37.0029 6300  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys

19:08:37.0038 6300  kbdclass - ok

19:08:37.0054 6300  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys

19:08:37.0064 6300  kbdhid - ok

19:08:37.0074 6300  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe

19:08:37.0083 6300  KeyIso - ok

19:08:37.0103 6300  [ 07071C1E3CD8F0F9114AAC8B072CA1E5 ] KMWDFILTER      C:\Windows\system32\DRIVERS\KMWDFILTER.sys

19:08:37.0110 6300  KMWDFILTER - ok

19:08:37.0163 6300  [ 21153127E50EAAEEEB6282B3D17FBCDF ] ks2avs          C:\Windows\system32\Drivers\ks2avs.sys

19:08:37.0173 6300  ks2avs - ok

19:08:37.0200 6300  [ 5DA41A519DFF55EF3A969577E18119E0 ] ks2usb_svc      C:\Windows\system32\Drivers\ks2usb.sys

19:08:37.0208 6300  ks2usb_svc - ok

19:08:37.0234 6300  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys

19:08:37.0243 6300  KSecDD - ok

19:08:37.0256 6300  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys

19:08:37.0266 6300  KSecPkg - ok

19:08:37.0293 6300  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys

19:08:37.0318 6300  ksthunk - ok

19:08:37.0341 6300  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll

19:08:37.0382 6300  KtmRm - ok

19:08:37.0404 6300  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll

19:08:37.0446 6300  LanmanServer - ok

19:08:37.0472 6300  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

19:08:37.0499 6300  LanmanWorkstation - ok

19:08:37.0521 6300  [ 955982BF4421B77722196552B62E8DC2 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys

19:08:37.0529 6300  lirsgt - ok

19:08:37.0549 6300  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys

19:08:37.0593 6300  lltdio - ok

19:08:37.0644 6300  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll

19:08:37.0673 6300  lltdsvc - ok

19:08:37.0681 6300  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll

19:08:37.0707 6300  lmhosts - ok

19:08:37.0725 6300  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys

19:08:37.0734 6300  LSI_FC - ok

19:08:37.0747 6300  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys

19:08:37.0755 6300  LSI_SAS - ok

19:08:37.0764 6300  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys

19:08:37.0773 6300  LSI_SAS2 - ok

19:08:37.0809 6300  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys

19:08:37.0818 6300  LSI_SCSI - ok

19:08:37.0836 6300  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys

19:08:37.0863 6300  luafv - ok

19:08:37.0899 6300  [ 0C85B2B6FB74B36A251792D45E0EF860 ] LVRS64          C:\Windows\system32\DRIVERS\lvrs64.sys

19:08:37.0912 6300  LVRS64 - ok

19:08:37.0994 6300  [ FF3A488924B0032B1A9CA6948C1FA9E8 ] LVUVC64         C:\Windows\system32\DRIVERS\lvuvc64.sys

19:08:38.0093 6300  LVUVC64 - ok

19:08:38.0141 6300  [ 922CBAC7B992B9614CAB7122F4BF9406 ] ManyCam         C:\Windows\system32\DRIVERS\mcvidrv_x64.sys

19:08:38.0149 6300  ManyCam - ok

19:08:38.0171 6300  [ 34A42DD7CF525D0D2C5232916496E4B8 ] mcaudrv_simple  C:\Windows\system32\drivers\mcaudrv_x64.sys

19:08:38.0192 6300  mcaudrv_simple - ok

19:08:38.0216 6300  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll

19:08:38.0232 6300  Mcx2Svc - ok

19:08:38.0266 6300  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\drivers\megasas.sys

19:08:38.0274 6300  megasas - ok

19:08:38.0290 6300  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys

19:08:38.0301 6300  MegaSR - ok

19:08:38.0331 6300  [ A6518DCC42F7A6E999BB3BEA8FD87567 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys

19:08:38.0339 6300  MEIx64 - ok

19:08:38.0390 6300  Microsoft SharePoint Workspace Audit Service - ok

19:08:38.0402 6300  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll

19:08:38.0429 6300  MMCSS - ok

19:08:38.0455 6300  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys

19:08:38.0491 6300  Modem - ok

19:08:38.0526 6300  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys

19:08:38.0548 6300  monitor - ok

19:08:38.0567 6300  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys

19:08:38.0576 6300  mouclass - ok

19:08:38.0592 6300  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys

19:08:38.0617 6300  mouhid - ok

19:08:38.0667 6300  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys

19:08:38.0676 6300  mountmgr - ok

19:08:38.0742 6300  [ CB8AF049AC9BE419A77ADAE288673359 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

19:08:38.0750 6300  MozillaMaintenance - ok

19:08:38.0767 6300  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys

19:08:38.0777 6300  mpio - ok

19:08:38.0788 6300  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys

19:08:38.0813 6300  mpsdrv - ok

19:08:38.0861 6300  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll

19:08:38.0894 6300  MpsSvc - ok

19:08:38.0903 6300  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys

19:08:38.0918 6300  MRxDAV - ok

19:08:38.0930 6300  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys

19:08:38.0952 6300  mrxsmb - ok

19:08:38.0986 6300  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys

19:08:38.0998 6300  mrxsmb10 - ok

19:08:39.0008 6300  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys

19:08:39.0030 6300  mrxsmb20 - ok

19:08:39.0040 6300  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys

19:08:39.0048 6300  msahci - ok

19:08:39.0078 6300  [ 41FB1D61DF09C36CCAB0B04EEC66F6D5 ] MSCamSvc        C:\Program Files\Microsoft LifeCam\MSCamS64.exe

19:08:39.0087 6300  MSCamSvc - ok

19:08:39.0107 6300  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys

19:08:39.0116 6300  msdsm - ok

19:08:39.0124 6300  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe

19:08:39.0136 6300  MSDTC - ok

19:08:39.0151 6300  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys

19:08:39.0183 6300  Msfs - ok

19:08:39.0200 6300  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys

19:08:39.0225 6300  mshidkmdf - ok

19:08:39.0229 6300  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys

19:08:39.0237 6300  msisadrv - ok

19:08:39.0257 6300  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll

19:08:39.0291 6300  MSiSCSI - ok

19:08:39.0293 6300  msiserver - ok

19:08:39.0312 6300  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys

19:08:39.0338 6300  MSKSSRV - ok

19:08:39.0354 6300  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys

19:08:39.0381 6300  MSPCLOCK - ok

19:08:39.0390 6300  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys

19:08:39.0426 6300  MSPQM - ok

19:08:39.0439 6300  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys

19:08:39.0452 6300  MsRPC - ok

19:08:39.0455 6300  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys

19:08:39.0463 6300  mssmbios - ok

19:08:39.0491 6300  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys

19:08:39.0516 6300  MSTEE - ok

19:08:39.0523 6300  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys

19:08:39.0532 6300  MTConfig - ok

19:08:39.0557 6300  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys

19:08:39.0566 6300  Mup - ok

19:08:39.0586 6300  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll

19:08:39.0631 6300  napagent - ok

19:08:39.0680 6300  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys

19:08:39.0704 6300  NativeWifiP - ok

19:08:39.0766 6300  [ C58D8A669D6551F616D90244BD2C2D4F ] NAVENG          C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120927.034\ENG64.SYS

19:08:39.0774 6300  NAVENG - ok

19:08:39.0811 6300  [ A3DBDB412ADFA5882DD6843B11FE0828 ] NAVEX15         C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\VirusDefs\20120927.034\EX64.SYS

19:08:39.0872 6300  NAVEX15 - ok

19:08:39.0930 6300  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys

19:08:39.0951 6300  NDIS - ok

19:08:39.0982 6300  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys

19:08:40.0018 6300  NdisCap - ok

19:08:40.0038 6300  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys

19:08:40.0064 6300  NdisTapi - ok

19:08:40.0072 6300  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys

19:08:40.0097 6300  Ndisuio - ok

19:08:40.0105 6300  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys

19:08:40.0153 6300  NdisWan - ok

19:08:40.0191 6300  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys

19:08:40.0215 6300  NDProxy - ok

19:08:40.0240 6300  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys

19:08:40.0265 6300  NetBIOS - ok

19:08:40.0291 6300  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys

19:08:40.0325 6300  NetBT - ok

19:08:40.0341 6300  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe

19:08:40.0350 6300  Netlogon - ok

19:08:40.0371 6300  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll

19:08:40.0411 6300  Netman - ok

19:08:40.0448 6300  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

19:08:40.0456 6300  NetMsmqActivator - ok

19:08:40.0473 6300  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

19:08:40.0480 6300  NetPipeActivator - ok

19:08:40.0496 6300  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll

19:08:40.0526 6300  netprofm - ok

19:08:40.0531 6300  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

19:08:40.0538 6300  NetTcpActivator - ok

19:08:40.0540 6300  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

19:08:40.0548 6300  NetTcpPortSharing - ok

19:08:40.0597 6300  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys

19:08:40.0627 6300  nfrd960 - ok

19:08:40.0797 6300  [ 93F304DEB07095BCF33BD1C17C2DB2A7 ] NIHardwareService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe

19:08:40.0947 6300  NIHardwareService - ok

19:08:41.0090 6300  [ F2840DBFE9322F35557219AE82CC4597 ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe

19:08:41.0099 6300  NIS - ok

19:08:41.0120 6300  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll

19:08:41.0154 6300  NlaSvc - ok

19:08:41.0166 6300  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys

19:08:41.0191 6300  Npfs - ok

19:08:41.0197 6300  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll

19:08:41.0240 6300  nsi - ok

19:08:41.0254 6300  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

19:08:41.0279 6300  nsiproxy - ok

19:08:41.0316 6300  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

19:08:41.0353 6300  Ntfs - ok

19:08:41.0359 6300  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys

19:08:41.0396 6300  Null - ok

19:08:41.0438 6300  [ 1F07B814C0BB5AABA703ABFF1F31F2E8 ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys

19:08:41.0448 6300  NVHDA - ok

19:08:41.0645 6300  [ BF7A24A71E1932200D864BC1CE15E596 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys

19:08:41.0926 6300  nvlddmkm - ok

19:08:41.0952 6300  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys

19:08:41.0962 6300  nvraid - ok

19:08:41.0972 6300  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys

19:08:41.0982 6300  nvstor - ok

19:08:42.0025 6300  [ 43F91595049DE14C4B61D1E76436164F ] NVSvc           C:\Windows\system32\nvvsvc.exe

19:08:42.0041 6300  NVSvc - ok

19:08:42.0125 6300  [ 322B69422836F97B76F4AA59B47507BA ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

19:08:42.0150 6300  nvUpdatusService - ok

19:08:42.0189 6300  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

19:08:42.0198 6300  nv_agp - ok

19:08:42.0232 6300  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys

19:08:42.0249 6300  ohci1394 - ok

19:08:42.0282 6300  [ 4965B005492CBA7719E82B71E3245495 ] ose64           C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE

19:08:42.0290 6300  ose64 - ok

19:08:42.0431 6300  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

19:08:42.0548 6300  osppsvc - ok

19:08:42.0680 6300  [ 01B14F4D64BC70E93734211C3D324099 ] OverwolfUpdaterService C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe

19:08:42.0687 6300  OverwolfUpdaterService - ok

19:08:42.0712 6300  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

19:08:42.0735 6300  p2pimsvc - ok

19:08:42.0764 6300  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll

19:08:42.0789 6300  p2psvc - ok

19:08:42.0801 6300  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\drivers\parport.sys

19:08:42.0811 6300  Parport - ok

19:08:42.0837 6300  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys

19:08:42.0846 6300  partmgr - ok

19:08:42.0862 6300  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll

19:08:42.0883 6300  PcaSvc - ok

19:08:42.0893 6300  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys

19:08:42.0903 6300  pci - ok

19:08:42.0927 6300  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys

19:08:42.0935 6300  pciide - ok

19:08:42.0965 6300  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys

19:08:42.0976 6300  pcmcia - ok

19:08:42.0986 6300  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys

19:08:42.0994 6300  pcw - ok

19:08:43.0007 6300  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

19:08:43.0039 6300  PEAUTH - ok

19:08:43.0087 6300  [ B9B0A4299DD2D76A4243F75FD54DC680 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll

19:08:43.0124 6300  PeerDistSvc - ok

19:08:43.0201 6300  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe

19:08:43.0218 6300  PerfHost - ok

19:08:43.0269 6300  [ FE9E913758C770CC6E88D9B8C95D0AD4 ] phc710          C:\Windows\system32\DRIVERS\phc710.sys

19:08:43.0320 6300  phc710 - ok

19:08:43.0360 6300  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll

19:08:43.0421 6300  pla - ok

19:08:43.0451 6300  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

19:08:43.0464 6300  PlugPlay - ok

19:08:43.0483 6300  PnkBstrA - ok

19:08:43.0494 6300  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

19:08:43.0523 6300  PNRPAutoReg - ok

19:08:43.0549 6300  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

19:08:43.0560 6300  PNRPsvc - ok

19:08:43.0571 6300  [ 4F0878FD62D5F7444C5F1C4C66D9D293 ] Point64         C:\Windows\system32\DRIVERS\point64.sys

19:08:43.0577 6300  Point64 - ok

19:08:43.0600 6300  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

19:08:43.0639 6300  PolicyAgent - ok

19:08:43.0673 6300  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll

19:08:43.0700 6300  Power - ok

19:08:43.0729 6300  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

19:08:43.0767 6300  PptpMiniport - ok

19:08:43.0799 6300  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\drivers\processr.sys

19:08:43.0824 6300  Processor - ok

19:08:43.0851 6300  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll

19:08:43.0862 6300  ProfSvc - ok

19:08:43.0866 6300  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe

19:08:43.0875 6300  ProtectedStorage - ok

19:08:43.0911 6300  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

19:08:43.0937 6300  Psched - ok

19:08:43.0968 6300  [ BC08F7F3C53CBEE68670ED1314E290FD ] PxHlpa64        C:\Windows\system32\Drivers\PxHlpa64.sys

19:08:43.0976 6300  PxHlpa64 - ok

19:08:44.0020 6300  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\drivers\ql2300.sys

19:08:44.0049 6300  ql2300 - ok

19:08:44.0063 6300  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys

19:08:44.0073 6300  ql40xx - ok

19:08:44.0091 6300  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll

19:08:44.0106 6300  QWAVE - ok

19:08:44.0114 6300  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

19:08:44.0127 6300  QWAVEdrv - ok

19:08:44.0151 6300  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

19:08:44.0180 6300  RasAcd - ok

19:08:44.0226 6300  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

19:08:44.0259 6300  RasAgileVpn - ok

19:08:44.0271 6300  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll

19:08:44.0297 6300  RasAuto - ok

19:08:44.0303 6300  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

19:08:44.0342 6300  Rasl2tp - ok

19:08:44.0365 6300  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll

19:08:44.0410 6300  RasMan - ok

19:08:44.0433 6300  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

19:08:44.0464 6300  RasPppoe - ok

19:08:44.0472 6300  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

19:08:44.0507 6300  RasSstp - ok

19:08:44.0518 6300  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

19:08:44.0551 6300  rdbss - ok

19:08:44.0574 6300  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys

19:08:44.0585 6300  rdpbus - ok

19:08:44.0613 6300  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

19:08:44.0648 6300  RDPCDD - ok

19:08:44.0674 6300  [ 1B6163C503398B23FF8B939C67747683 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys

19:08:44.0701 6300  RDPDR - ok

19:08:44.0715 6300  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

19:08:44.0740 6300  RDPENCDD - ok

19:08:44.0753 6300  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

19:08:44.0792 6300  RDPREFMP - ok

19:08:44.0821 6300  [ 70CBA1A0C98600A2AA1863479B35CB90 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

19:08:44.0840 6300  RdpVideoMiniport - ok

19:08:44.0860 6300  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

19:08:44.0870 6300  RDPWD - ok

19:08:44.0879 6300  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

19:08:44.0889 6300  rdyboost - ok

19:08:44.0909 6300  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll

19:08:44.0935 6300  RemoteAccess - ok

19:08:44.0950 6300  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

19:08:44.0984 6300  RemoteRegistry - ok

19:08:45.0103 6300  [ FF578453D3B3ADAAB22D7151D7F9E592 ] RoxMediaDB12    C:\Program Files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe

19:08:45.0125 6300  RoxMediaDB12 - ok

19:08:45.0158 6300  [ 71B38B8DF1A9B55FC0FB64958CC7B9DD ] RoxWatch12      C:\Program Files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe

19:08:45.0168 6300  RoxWatch12 - ok

19:08:45.0171 6300  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

19:08:45.0197 6300  RpcEptMapper - ok

19:08:45.0215 6300  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe

19:08:45.0224 6300  RpcLocator - ok

19:08:45.0239 6300  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll

19:08:45.0268 6300  RpcSs - ok

19:08:45.0302 6300  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

19:08:45.0339 6300  rspndr - ok

19:08:45.0381 6300  [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys

19:08:45.0395 6300  RTL8167 - ok

19:08:45.0430 6300  [ E60C0A09F997826C7627B244195AB581 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys

19:08:45.0438 6300  s3cap - ok

19:08:45.0472 6300  [ 27DB9153D259D632D15483DEEAB799ED ] Sahdad64        C:\Windows\system32\Drivers\Sahdad64.sys

19:08:45.0479 6300  Sahdad64 - ok

19:08:45.0484 6300  [ F77849D909B90BCACFCF7295AECF299B ] Saibad64        C:\Windows\system32\Drivers\Saibad64.sys

19:08:45.0491 6300  Saibad64 - ok

19:08:45.0505 6300  [ 704D415290A568F68DE20942DAC23F7E ] SaibVdAd64      C:\Windows\system32\Drivers\SaibVdAd64.sys

19:08:45.0512 6300  SaibVdAd64 - ok

19:08:45.0524 6300  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe

19:08:45.0533 6300  SamSs - ok

19:08:45.0545 6300  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

19:08:45.0554 6300  sbp2port - ok

19:08:45.0566 6300  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll

19:08:45.0605 6300  SCardSvr - ok

19:08:45.0640 6300  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

19:08:45.0679 6300  scfilter - ok

19:08:45.0710 6300  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll

19:08:45.0763 6300  Schedule - ok

19:08:45.0790 6300  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll

19:08:45.0815 6300  SCPolicySvc - ok

19:08:45.0821 6300  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

19:08:45.0849 6300  SDRSVC - ok

19:08:45.0895 6300  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys

19:08:45.0920 6300  secdrv - ok

19:08:45.0925 6300  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll

19:08:45.0950 6300  seclogon - ok

19:08:45.0956 6300  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll

19:08:45.0982 6300  SENS - ok

19:08:45.0989 6300  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll

19:08:46.0003 6300  SensrSvc - ok

19:08:46.0015 6300  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys

19:08:46.0035 6300  Serenum - ok

19:08:46.0046 6300  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys

19:08:46.0069 6300  Serial - ok

19:08:46.0092 6300  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\drivers\sermouse.sys

19:08:46.0107 6300  sermouse - ok

19:08:46.0124 6300  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll

19:08:46.0151 6300  SessionEnv - ok

19:08:46.0185 6300  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

19:08:46.0196 6300  sffdisk - ok

19:08:46.0201 6300  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

19:08:46.0212 6300  sffp_mmc - ok

19:08:46.0221 6300  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

19:08:46.0231 6300  sffp_sd - ok

19:08:46.0260 6300  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys

19:08:46.0269 6300  sfloppy - ok

19:08:46.0298 6300  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll

19:08:46.0327 6300  SharedAccess - ok

19:08:46.0342 6300  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll

19:08:46.0371 6300  ShellHWDetection - ok

19:08:46.0386 6300  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys

19:08:46.0394 6300  SiSRaid2 - ok

19:08:46.0404 6300  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys

19:08:46.0413 6300  SiSRaid4 - ok

19:08:46.0491 6300  [ F07AF60B152221472FBDB2FECEC4896D ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

19:08:46.0499 6300  SkypeUpdate - ok

19:08:46.0588 6300  [ 101556F6216E97F1258D87C38203695F ] Smart TimeLock  C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe

19:08:46.0607 6300  Smart TimeLock ( UnsignedFile.Multi.Generic ) - warning

19:08:46.0607 6300  Smart TimeLock - detected UnsignedFile.Multi.Generic (1)

19:08:46.0624 6300  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

19:08:46.0656 6300  Smb - ok

19:08:46.0696 6300  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

19:08:46.0713 6300  SNMPTRAP - ok

19:08:46.0891 6300  [ BE35CC81081328B1CFB2A5AB5CF0CE33 ] SNP325          C:\Windows\system32\DRIVERS\snp325.sys

19:08:47.0080 6300  SNP325 - ok

19:08:47.0102 6300  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys

19:08:47.0110 6300  spldr - ok

19:08:47.0128 6300  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe

19:08:47.0154 6300  Spooler - ok

19:08:47.0209 6300  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe

19:08:47.0309 6300  sppsvc - ok

19:08:47.0326 6300  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll

19:08:47.0352 6300  sppuinotify - ok

19:08:47.0433 6300  [ 891793E00432FA055CF040605C260E49 ] SRTSP           C:\Windows\System32\Drivers\NISx64\1308000.00E\SRTSP64.SYS

19:08:47.0450 6300  SRTSP - ok

19:08:47.0471 6300  [ 1CB7BB3B0561FB5ECFE37F7731E8BF3E ] SRTSPX          C:\Windows\system32\drivers\NISx64\1308000.00E\SRTSPX64.SYS

19:08:47.0477 6300  SRTSPX - ok

19:08:47.0515 6300  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys

19:08:47.0552 6300  srv - ok

19:08:47.0564 6300  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

19:08:47.0586 6300  srv2 - ok

19:08:47.0601 6300  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

19:08:47.0611 6300  srvnet - ok

19:08:47.0639 6300  [ 8F8324ED1DE63FFC7B1A02CD2D963C72 ] ssadbus         C:\Windows\system32\DRIVERS\ssadbus.sys

19:08:47.0650 6300  ssadbus - ok

19:08:47.0661 6300  [ 58221EFCB74167B73667F0024C661CE0 ] ssadmdfl        C:\Windows\system32\DRIVERS\ssadmdfl.sys

19:08:47.0671 6300  ssadmdfl - ok

19:08:47.0686 6300  [ 4DA7C71BFAC5AD71255B7E4CAB980163 ] ssadmdm         C:\Windows\system32\DRIVERS\ssadmdm.sys

19:08:47.0703 6300  ssadmdm - ok

19:08:47.0730 6300  [ ED161B91FDF7EAA39469D72D463D5F4E ] sscdbus         C:\Windows\system32\DRIVERS\sscdbus.sys

19:08:47.0739 6300  sscdbus - ok

19:08:47.0751 6300  [ 4CB09E77593DBD8D7AF33B37375CA715 ] sscdmdfl        C:\Windows\system32\DRIVERS\sscdmdfl.sys

19:08:47.0758 6300  sscdmdfl - ok

19:08:47.0771 6300  [ C7B4CF53497A6E5363F3439427663882 ] sscdmdm         C:\Windows\system32\DRIVERS\sscdmdm.sys

19:08:47.0780 6300  sscdmdm - ok

19:08:47.0805 6300  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

19:08:47.0832 6300  SSDPSRV - ok

19:08:47.0865 6300  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll

19:08:47.0891 6300  SstpSvc - ok

19:08:47.0929 6300  [ 74425FFA11C133D045E1C3BE2EAD481D ] ssudmdm         C:\Windows\system32\DRIVERS\ssudmdm.sys

19:08:47.0938 6300  ssudmdm - ok

19:08:47.0971 6300  [ D4B75B0A46F7BF74E13F1493E7721786 ] ssudobex        C:\Windows\system32\DRIVERS\ssudobex.sys

19:08:47.0981 6300  ssudobex - ok

19:08:47.0992 6300  Steam Client Service - ok

19:08:48.0117 6300  [ A766CCAD980235FF34E7F8089D3175A3 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

19:08:48.0128 6300  Stereo Service - ok

19:08:48.0164 6300  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\drivers\stexstor.sys

19:08:48.0172 6300  stexstor - ok

19:08:48.0201 6300  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll

19:08:48.0226 6300  stisvc - ok

19:08:48.0254 6300  [ 7785DC213270D2FC066538DAF94087E7 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys

19:08:48.0263 6300  storflt - ok

19:08:48.0299 6300  [ D34E4943D5AC096C8EDEEBFD80D76E23 ] storvsc         C:\Windows\system32\drivers\storvsc.sys

19:08:48.0307 6300  storvsc - ok

19:08:48.0320 6300  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys

19:08:48.0328 6300  swenum - ok

19:08:48.0398 6300  [ F577910A133A592234EBAAD3F3AFA258 ] SwitchBoard     C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

19:08:48.0410 6300  SwitchBoard ( UnsignedFile.Multi.Generic ) - warning

19:08:48.0410 6300  SwitchBoard - detected UnsignedFile.Multi.Generic (1)

19:08:48.0423 6300  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll

19:08:48.0455 6300  swprv - ok

19:08:48.0486 6300  [ 8B2430762099598DA40686F754632EFD ] SymDS           C:\Windows\system32\drivers\NISx64\1308000.00E\SYMDS64.SYS

19:08:48.0499 6300  SymDS - ok

19:08:48.0527 6300  [ 5CB7F2FD7E30A0F52F93574BFC3A8041 ] SymEFA          C:\Windows\system32\drivers\NISx64\1308000.00E\SYMEFA64.SYS

19:08:48.0551 6300  SymEFA - ok

19:08:48.0603 6300  [ 894579207E39C465737E850A252CE4F2 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS

19:08:48.0612 6300  SymEvent - ok

19:08:48.0630 6300  [ B681D1B0F9596684225DCC9B94C6BACF ] SymIM           C:\Windows\system32\DRIVERS\SymIMv.sys

19:08:48.0637 6300  SymIM - ok

19:08:48.0662 6300  [ 5013A76CAAA1D7CF1C55214B490B4E35 ] SymIRON         C:\Windows\system32\drivers\NISx64\1308000.00E\Ironx64.SYS

19:08:48.0671 6300  SymIRON - ok

19:08:48.0677 6300  [ 3911BD0E68C010E5438A87706ABBE9AB ] SymNetS         C:\Windows\System32\Drivers\NISx64\1308000.00E\SYMNETS.SYS

19:08:48.0689 6300  SymNetS - ok

19:08:48.0720 6300  [ C3A39C4079305480972D29C44B868C78 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys

19:08:48.0729 6300  Synth3dVsc - ok

19:08:48.0758 6300  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll

19:08:48.0797 6300  SysMain - ok

19:08:48.0810 6300  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll

19:08:48.0824 6300  TabletInputService - ok

19:08:48.0839 6300  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll

19:08:48.0875 6300  TapiSrv - ok

19:08:48.0886 6300  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll

19:08:48.0929 6300  TBS - ok

19:08:48.0981 6300  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

19:08:49.0022 6300  Tcpip - ok

19:08:49.0050 6300  [ F782CAD3CEDBB3F9FFE3BF2775D92DDC ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

19:08:49.0078 6300  TCPIP6 - ok

19:08:49.0115 6300  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

19:08:49.0140 6300  tcpipreg - ok

19:08:49.0149 6300  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

19:08:49.0158 6300  TDPIPE - ok

19:08:49.0171 6300  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

19:08:49.0200 6300  TDTCP - ok

19:08:49.0222 6300  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

19:08:49.0279 6300  tdx - ok

19:08:49.0460 6300  [ 9C1F776825207C203CB44CA3C63B5A6E ] TeamViewer7     C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe

19:08:49.0517 6300  TeamViewer7 - ok

19:08:49.0531 6300  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys

19:08:49.0543 6300  TermDD - ok

19:08:49.0571 6300  [ 2B5BDFF688EC9871D7EC5837833374E9 ] terminpt        C:\Windows\system32\drivers\terminpt.sys

19:08:49.0591 6300  terminpt - ok

19:08:49.0616 6300  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll

19:08:49.0648 6300  TermService - ok

19:08:49.0672 6300  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll

19:08:49.0685 6300  Themes - ok

19:08:49.0697 6300  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll

19:08:49.0722 6300  THREADORDER - ok

19:08:49.0732 6300  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll

19:08:49.0769 6300  TrkWks - ok

19:08:49.0787 6300  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

19:08:49.0825 6300  TrustedInstaller - ok

19:08:49.0837 6300  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

19:08:49.0862 6300  tssecsrv - ok

19:08:49.0881 6300  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys

19:08:49.0897 6300  TsUsbFlt - ok

19:08:49.0905 6300  [ 9CC2CCAE8A84820EAECB886D477CBCB8 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys

19:08:49.0913 6300  TsUsbGD - ok

19:08:49.0922 6300  [ E1748D04AE40118B62BC18AC86032192 ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys

19:08:49.0945 6300  tsusbhub - ok

19:08:49.0995 6300  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

19:08:50.0031 6300  tunnel - ok

19:08:50.0042 6300  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\drivers\uagp35.sys

19:08:50.0051 6300  uagp35 - ok

19:08:50.0067 6300  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

19:08:50.0114 6300  udfs - ok

19:08:50.0135 6300  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe

19:08:50.0146 6300  UI0Detect - ok

19:08:50.0163 6300  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

19:08:50.0171 6300  uliagpkx - ok

19:08:50.0174 6300  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

19:08:50.0194 6300  umbus - ok

19:08:50.0218 6300  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\drivers\umpass.sys

19:08:50.0227 6300  UmPass - ok

19:08:50.0263 6300  [ A293DCD756D04D8492A750D03B9A297C ] UmRdpService    C:\Windows\System32\umrdp.dll

19:08:50.0291 6300  UmRdpService - ok

19:08:50.0343 6300  [ 67A95B9D129ED5399E7965CD09CF30E7 ] UMVPFSrv        C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

19:08:50.0356 6300  UMVPFSrv - ok

19:08:50.0366 6300  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll

19:08:50.0407 6300  upnphost - ok

19:08:50.0453 6300  [ FB251567F41BC61988B26731DEC19E4B ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys

19:08:50.0457 6300  USBAAPL64 ( UnsignedFile.Multi.Generic ) - warning

19:08:50.0457 6300  USBAAPL64 - detected UnsignedFile.Multi.Generic (1)

19:08:50.0493 6300  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys

19:08:50.0521 6300  usbaudio - ok

19:08:50.0548 6300  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

19:08:50.0558 6300  usbccgp - ok

19:08:50.0588 6300  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys

19:08:50.0612 6300  usbcir - ok

19:08:50.0631 6300  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys

19:08:50.0646 6300  usbehci - ok

19:08:50.0671 6300  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

19:08:50.0684 6300  usbhub - ok

19:08:50.0697 6300  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys

19:08:50.0706 6300  usbohci - ok

19:08:50.0738 6300  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

19:08:50.0758 6300  usbprint - ok

19:08:50.0807 6300  [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys

19:08:50.0830 6300  usbscan - ok

19:08:50.0843 6300  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

19:08:50.0852 6300  USBSTOR - ok

19:08:50.0863 6300  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys

19:08:50.0873 6300  usbuhci - ok

19:08:50.0912 6300  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys

19:08:50.0924 6300  usbvideo - ok

19:08:50.0943 6300  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll

19:08:50.0986 6300  UxSms - ok

19:08:51.0007 6300  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe

19:08:51.0016 6300  VaultSvc - ok

19:08:51.0035 6300  [ BA20A718E25228B9D69D72E4F19EDEB5 ] VBoxDrv         C:\Windows\system32\DRIVERS\VBoxDrv.sys

19:08:51.0045 6300  VBoxDrv - ok

19:08:51.0065 6300  [ 48630B4530C80AAF3DDE9633E4291D8C ] VBoxNetAdp      C:\Windows\system32\DRIVERS\VBoxNetAdp.sys

19:08:51.0074 6300  VBoxNetAdp - ok

19:08:51.0086 6300  [ 8B86A00D13E2DCBFE320061F3435FAFF ] VBoxNetFlt      C:\Windows\system32\DRIVERS\VBoxNetFlt.sys

19:08:51.0096 6300  VBoxNetFlt - ok

19:08:51.0110 6300  [ 4831EE295C9911B0236867931BE493F1 ] VBoxUSB         C:\Windows\system32\Drivers\VBoxUSB.sys

19:08:51.0119 6300  VBoxUSB - ok

19:08:51.0133 6300  [ CEC73CEA22B7258C0A8F2354DC49D25C ] VBoxUSBMon      C:\Windows\system32\DRIVERS\VBoxUSBMon.sys

19:08:51.0141 6300  VBoxUSBMon - ok

19:08:51.0175 6300  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys

19:08:51.0183 6300  vdrvroot - ok

19:08:51.0196 6300  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe

19:08:51.0245 6300  vds - ok

19:08:51.0270 6300  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

19:08:51.0281 6300  vga - ok

19:08:51.0293 6300  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys

19:08:51.0325 6300  VgaSave - ok

19:08:51.0327 6300  VGPU - ok

19:08:51.0355 6300  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys

19:08:51.0366 6300  vhdmp - ok

19:08:51.0380 6300  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys

19:08:51.0387 6300  viaide - ok

19:08:51.0415 6300  [ 80E731A278695B47345D0171A19E428B ] vmbus           C:\Windows\system32\drivers\vmbus.sys

19:08:51.0425 6300  vmbus - ok

19:08:51.0432 6300  [ 7DE90B48F210D29649380545DB45A187 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys

19:08:51.0440 6300  VMBusHID - ok

19:08:51.0454 6300  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys

19:08:51.0462 6300  volmgr - ok

19:08:51.0492 6300  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

19:08:51.0505 6300  volmgrx - ok

19:08:51.0517 6300  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys

19:08:51.0529 6300  volsnap - ok

19:08:51.0548 6300  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys

19:08:51.0558 6300  vsmraid - ok

19:08:51.0599 6300  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe

19:08:51.0653 6300  VSS - ok

19:08:51.0675 6300  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys

19:08:51.0687 6300  vwifibus - ok

19:08:51.0703 6300  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys

19:08:51.0716 6300  vwififlt - ok

19:08:51.0756 6300  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys

19:08:51.0802 6300  vwifimp - ok

19:08:51.0824 6300  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll

19:08:51.0854 6300  W32Time - ok

19:08:51.0870 6300  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\drivers\wacompen.sys

19:08:51.0879 6300  WacomPen - ok

19:08:51.0894 6300  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

19:08:51.0934 6300  WANARP - ok

19:08:51.0947 6300  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

19:08:51.0972 6300  Wanarpv6 - ok

19:08:52.0025 6300  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe

19:08:52.0051 6300  WatAdminSvc - ok

19:08:52.0077 6300  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe

19:08:52.0123 6300  wbengine - ok

19:08:52.0145 6300  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

19:08:52.0160 6300  WbioSrvc - ok

19:08:52.0170 6300  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll

19:08:52.0198 6300  wcncsvc - ok

19:08:52.0212 6300  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

19:08:52.0231 6300  WcsPlugInService - ok

19:08:52.0243 6300  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\drivers\wd.sys

19:08:52.0252 6300  Wd - ok

19:08:52.0273 6300  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

19:08:52.0289 6300  Wdf01000 - ok

19:08:52.0296 6300  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll

19:08:52.0328 6300  WdiServiceHost - ok

19:08:52.0330 6300  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll

19:08:52.0344 6300  WdiSystemHost - ok

19:08:52.0361 6300  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll

19:08:52.0383 6300  WebClient - ok

19:08:52.0396 6300  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll

19:08:52.0438 6300  Wecsvc - ok

19:08:52.0458 6300  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

19:08:52.0485 6300  wercplsupport - ok

19:08:52.0501 6300  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll

19:08:52.0540 6300  WerSvc - ok

19:08:52.0564 6300  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

19:08:52.0590 6300  WfpLwf - ok

19:08:52.0620 6300  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

19:08:52.0628 6300  WIMMount - ok

19:08:52.0635 6300  WinDefend - ok

19:08:52.0639 6300  WinHttpAutoProxySvc - ok

19:08:52.0680 6300  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

19:08:52.0709 6300  Winmgmt - ok

19:08:52.0850 6300  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll

19:08:52.0896 6300  WinRM - ok

19:08:52.0936 6300  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUSB.sys

19:08:52.0948 6300  WinUsb - ok

19:08:52.0965 6300  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll

19:08:52.0987 6300  Wlansvc - ok

19:08:53.0012 6300  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys

19:08:53.0031 6300  WmiAcpi - ok

19:08:53.0063 6300  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

19:08:53.0083 6300  wmiApSrv - ok

19:08:53.0090 6300  WMPNetworkSvc - ok

19:08:53.0098 6300  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll

19:08:53.0108 6300  WPCSvc - ok

19:08:53.0117 6300  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

19:08:53.0129 6300  WPDBusEnum - ok

19:08:53.0141 6300  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

19:08:53.0167 6300  ws2ifsl - ok

19:08:53.0173 6300  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll

19:08:53.0187 6300  wscsvc - ok

19:08:53.0189 6300  WSearch - ok

19:08:53.0231 6300  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll

19:08:53.0286 6300  wuauserv - ok

19:08:53.0294 6300  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

19:08:53.0320 6300  WudfPf - ok

19:08:53.0355 6300  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

19:08:53.0381 6300  WUDFRd - ok

19:08:53.0407 6300  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

19:08:53.0432 6300  wudfsvc - ok

19:08:53.0439 6300  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll

19:08:53.0468 6300  WwanSvc - ok

19:08:53.0522 6300  ================ Scan global ===============================

19:08:53.0543 6300  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll

19:08:53.0554 6300  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll

19:08:53.0560 6300  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll

19:08:53.0581 6300  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll

19:08:53.0598 6300  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe

19:08:53.0601 6300  [Global] - ok

19:08:53.0601 6300  ================ Scan MBR ==================================

19:08:53.0612 6300  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

19:08:53.0949 6300  \Device\Harddisk0\DR0 - ok

19:08:53.0950 6300  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1

19:08:54.0468 6300  \Device\Harddisk1\DR1 - ok

19:08:54.0471 6300  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2

19:08:54.0585 6300  \Device\Harddisk2\DR2 - ok

19:08:54.0586 6300  ================ Scan VBR ==================================

19:08:54.0593 6300  [ 2932F18FA649FF21C5D3A40912159221 ] \Device\Harddisk0\DR0\Partition1

19:08:54.0594 6300  \Device\Harddisk0\DR0\Partition1 - ok

19:08:54.0596 6300  [ 42F18F50D0B8E38AA17CAD8ED13D3B53 ] \Device\Harddisk0\DR0\Partition2

19:08:54.0597 6300  \Device\Harddisk0\DR0\Partition2 - ok

19:08:54.0599 6300  [ D569134E1863D52A561E8BAA8F12D57D ] \Device\Harddisk1\DR1\Partition1

19:08:54.0599 6300  \Device\Harddisk1\DR1\Partition1 - ok

19:08:54.0601 6300  [ 674D508787620AD6D105EA49EF3D8F0B ] \Device\Harddisk1\DR1\Partition2

19:08:54.0602 6300  \Device\Harddisk1\DR1\Partition2 - ok

19:08:54.0604 6300  [ EB4B1F85FC6692F93233D8C57DDF3F8B ] \Device\Harddisk2\DR2\Partition1

19:08:54.0606 6300  \Device\Harddisk2\DR2\Partition1 - ok

19:08:54.0607 6300  ============================================================

19:08:54.0607 6300  Scan finished

19:08:54.0607 6300  ============================================================

19:08:54.0612 6452  Detected object count: 6

19:08:54.0612 6452  Actual detected object count: 6

19:09:02.0449 6452  FileZilla Server ( UnsignedFile.Multi.Generic ) - skipped by user

19:09:02.0449 6452  FileZilla Server ( UnsignedFile.Multi.Generic ) - User select action: Skip 

19:09:02.0450 6452  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user

19:09:02.0450 6452  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 

19:09:02.0450 6452  IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user

19:09:02.0450 6452  IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip 

19:09:02.0451 6452  Smart TimeLock ( UnsignedFile.Multi.Generic ) - skipped by user

19:09:02.0451 6452  Smart TimeLock ( UnsignedFile.Multi.Generic ) - User select action: Skip 

19:09:02.0452 6452  SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user

19:09:02.0452 6452  SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip 

19:09:02.0452 6452  USBAAPL64 ( UnsignedFile.Multi.Generic ) - skipped by user

19:09:02.0452 6452  USBAAPL64 ( UnsignedFile.Multi.Generic ) - User select action: Skip

Combofix darf ausschließlich ausgeführt werden, wenn dies von einem Team Mitglied angewiesen wurde!
Es sollte nie auf eigene Initiative hin ausgeführt werden! Eine falsche Benutzung kann ernsthafte Computerprobleme nach sich
ziehen und eine Bereinigung der Infektion noch erschweren.

Downloade dir bitte Combofix von einem dieser Downloadspiegel

Link 1
Link 2

WICHTIG - Speichere Combofix auf deinem Desktop

Deaktiviere bitte all deine Anti Viren sowie Anti Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.

Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.

Wenn Combofix fertig ist, wird es eine Logfile erstellen. Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.

Hier die Log von Combofix:
[CODE]
Combofix Logfile:

Code:

ComboFix 12-10-04.01 - Marc 04.10.2012  15:52:37.1.4 - x64

Microsoft Windows 7 Ultimate   6.1.7601.1.1252.49.1031.18.8175.5107 [GMT 2:00]

ausgeführt von:: c:\users\Marc\Desktop\ComboFix.exe

AV: Norton Internet Security *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

FW: Norton Internet Security *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

SP: Norton Internet Security *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

.

((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))

.

.

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\TrayMin710.exe.lnk

c:\programdata\ntuser.dat

c:\users\Marc\AppData\Roaming\vso_ts_preview.xml

c:\windows\SysWow64\muzapp.exe

c:\windows\SysWow64\System32\MASetupCleaner.exe

c:\windows\SysWow64\System32\muzapp.exe

.

.

(((((((((((((((((((((((   Dateien erstellt von 2012-09-04 bis 2012-10-04  ))))))))))))))))))))))))))))))

.

.

2012-10-04 14:09 . 2012-10-04 14:09        --------        d-----w-        c:\users\UpdatusUser.Marc-PC\AppData\Local\temp

2012-10-04 14:09 . 2012-10-04 14:09        --------        d-----w-        c:\users\Default\AppData\Local\temp

2012-10-02 11:01 . 2012-10-02 11:01        --------        d-----w-        c:\windows\system32\drivers\NISx64\1309000.009

2012-09-26 10:03 . 2012-08-21 21:01        245760        ----a-w-        c:\windows\system32\OxpsConverter.exe

2012-09-25 15:29 . 2012-09-25 15:29        --------        d-----w-        c:\program files (x86)\Mozilla Maintenance Service

2012-09-21 16:17 . 2012-09-21 16:17        --------        dc-h--w-        c:\programdata\{30FA7941-4170-4C83-A9A8-FDF01C431704}

2012-09-20 18:07 . 2012-08-21 11:01        33240        ----a-w-        c:\windows\system32\drivers\GEARAspiWDM.sys

2012-09-20 18:07 . 2012-09-20 18:07        --------        d-----w-        c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69

2012-09-20 18:07 . 2012-09-20 18:07        --------        d-----w-        c:\program files\iTunes

2012-09-20 18:07 . 2012-09-20 18:07        --------        d-----w-        c:\program files\iPod

2012-09-18 18:59 . 2012-09-21 13:22        696240        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe

2012-09-18 12:20 . 2012-09-21 13:22        73136        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2012-09-17 16:57 . 2012-09-25 17:45        --------        d-----w-        c:\program files (x86)\edcast

2012-09-16 19:42 . 2012-09-16 19:42        --------        d-----w-        c:\program files (x86)\uTorrent

2012-09-16 19:41 . 2012-09-16 20:10        --------        d-----w-        c:\users\Marc\AppData\Roaming\uTorrent

2012-09-12 16:39 . 2012-08-22 18:12        950128        ----a-w-        c:\windows\system32\drivers\ndis.sys

2012-09-12 16:39 . 2012-07-04 20:26        41472        ----a-w-        c:\windows\system32\drivers\RNDISMP.sys

2012-09-12 16:39 . 2012-08-02 17:58        574464        ----a-w-        c:\windows\system32\d3d10level9.dll

2012-09-12 16:39 . 2012-08-02 16:57        490496        ----a-w-        c:\windows\SysWow64\d3d10level9.dll

2012-09-12 16:39 . 2012-08-22 18:12        1913200        ----a-w-        c:\windows\system32\drivers\tcpip.sys

2012-09-12 16:39 . 2012-08-22 18:12        376688        ----a-w-        c:\windows\system32\drivers\netio.sys

2012-09-12 16:39 . 2012-08-22 18:12        288624        ----a-w-        c:\windows\system32\drivers\FWPKCLNT.SYS

2012-09-11 10:55 . 2012-09-11 10:55        --------        d-----w-        C:\found.004

2012-09-08 11:12 . 2012-09-08 11:12        477168        ----a-w-        c:\windows\SysWow64\npdeployJava1.dll

2012-09-08 08:53 . 2011-04-11 23:33        1579520        ----a-w-        c:\windows\system32\drivers\athrx.sys

2012-09-07 14:56 . 2012-09-07 14:56        --------        d-----w-        c:\program files (x86)\simfy

2012-09-06 18:52 . 2012-09-06 18:52        --------        d-----w-        c:\program files (x86)\TeamSpeak 3 Client

2012-09-04 18:57 . 2012-09-04 18:57        --------        d-----w-        c:\program files (x86)\SplitMediaLabs

.

.

.

((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2012-10-04 12:58 . 2011-07-06 17:57        25640        ----a-w-        c:\windows\gdrv.sys

2012-09-22 19:47 . 2011-04-08 14:45        281520        ----a-w-        c:\windows\SysWow64\PnkBstrB.xtr

2012-09-22 19:47 . 2011-04-08 13:51        281520        ----a-w-        c:\windows\SysWow64\PnkBstrB.exe

2012-09-22 19:47 . 2011-04-08 13:51        280904        ----a-w-        c:\windows\SysWow64\PnkBstrB.ex0

2012-09-13 12:59 . 2012-01-02 14:26        64462936        ----a-w-        c:\windows\system32\MRT.exe

2012-09-08 11:12 . 2011-06-20 18:38        473072        ----a-w-        c:\windows\SysWow64\deployJava1.dll

2012-08-30 19:14 . 2012-02-19 11:31        1760104        ----a-w-        c:\windows\system32\nvdispco64.dll

2012-08-30 19:14 . 2011-08-12 13:42        2725224        ----a-w-        c:\windows\system32\nvapi64.dll

2012-08-30 19:14 . 2011-05-21 04:01        2422120        ----a-w-        c:\windows\SysWow64\nvapi.dll

2012-08-30 19:14 . 2011-05-21 04:01        18229096        ----a-w-        c:\windows\system32\nvd3dumx.dll

2012-08-30 19:14 . 2011-05-21 04:01        15291752        ----a-w-        c:\windows\SysWow64\nvd3dum.dll

2012-08-30 19:14 . 2011-05-21 04:01        14879080        ----a-w-        c:\windows\system32\nvwgf2umx.dll

2012-08-30 19:14 . 2011-05-21 04:01        12465512        ----a-w-        c:\windows\SysWow64\nvwgf2um.dll

2012-08-30 16:18 . 2011-01-07 18:49        118120        ----a-w-        c:\windows\system32\nvmctray.dll

2012-08-30 16:18 . 2011-01-07 18:49        891240        ----a-w-        c:\windows\system32\nvvsvc.exe

2012-08-30 16:18 . 2011-01-07 18:49        63336        ----a-w-        c:\windows\system32\nvshext.dll

2012-08-30 16:18 . 2011-01-07 18:49        2557800        ----a-w-        c:\windows\system32\nvsvcr.dll

2012-08-30 16:18 . 2012-05-21 16:57        3487434        ----a-w-        c:\windows\system32\nvcoproc.bin

2012-08-30 16:18 . 2011-01-07 18:49        3266920        ----a-w-        c:\windows\system32\nvsvc64.dll

2012-08-30 16:17 . 2011-01-07 18:50        6198120        ----a-w-        c:\windows\system32\nvcpl.dll

2012-08-30 08:40 . 2012-08-30 08:40        429416        ----a-w-        c:\windows\SysWow64\nvStreaming.exe

2012-08-21 11:01 . 2011-04-20 18:48        125872        ----a-w-        c:\windows\system32\GEARAspi64.dll

2012-08-21 11:01 . 2011-04-20 18:48        106928        ----a-w-        c:\windows\SysWow64\GEARAspi.dll

2012-07-30 11:32 . 2012-07-30 11:32        708168        ----a-w-        c:\windows\system32\WinUSBCoInstaller.dll

2012-07-30 11:32 . 2012-07-30 11:32        203104        ----a-w-        c:\windows\system32\drivers\ssudobex.sys

2012-07-30 11:32 . 2012-07-30 11:32        203104        ----a-w-        c:\windows\system32\drivers\ssudmdm.sys

2012-07-30 11:32 . 2012-07-30 11:32        1490656        ----a-w-        c:\windows\system32\WdfCoInstaller01007.dll

2012-07-30 11:32 . 2012-07-30 11:32        102240        ----a-w-        c:\windows\system32\drivers\ssudbus.sys

2012-07-18 18:15 . 2012-08-15 08:41        3148800        ----a-w-        c:\windows\system32\win32k.sys

.

.

((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))

.

.

*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 

REGEDIT4

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12        94208        ----a-w-        c:\users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12        94208        ----a-w-        c:\users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12        94208        ----a-w-        c:\users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt.14.dll

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]

"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2012-04-17 3671872]

"Facebook Update"="c:\users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-29 138096]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-08-27 59280]

"BrMfcWnd"="c:\program files (x86)\Brother\Brmfcmon\BrMfcWnd.exe" [2009-05-26 1159168]

"ControlCenter3"="c:\program files (x86)\Brother\ControlCenter3\brctrcen.exe" [2008-12-24 114688]

"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-07-11 74752]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]

"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]

"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-06-25 1073352]

"Adobe Acrobat Speed Launcher"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe" [2012-07-27 36800]

"Acrobat Assistant 8.0"="c:\program files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe" [2012-07-27 823224]

"FixCamera"="c:\windows\FixCamera.exe" [2007-07-11 20480]

"tsnp325"="c:\windows\tsnp325.exe" [2007-04-21 270336]

"LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-12-13 135536]

"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2012-08-29 1996200]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2012-09-09 421776]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]

"DES2"="c:\program files (x86)\GIGABYTE\EnergySaver2\des2.exe" [2011-03-08 359024]

"SDBOK"="c:\program files (x86)\GIGABYTE\smart6\dbios\run.exe" [2009-07-06 207400]

.

c:\users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\

Dropbox.lnk - c:\users\Marc\AppData\Roaming\Dropbox\bin\Dropbox.exe [2012-5-24 27112840]

Facebook Desktop.lnk - c:\program files (x86)\Facebook Desktop\Facebook Desktop.exe [2011-9-9 142848]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableUIADesktopToggle"= 0 (0x0)

"ConsentPromptBehaviorAdmin"= 5 (0x5)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]

"LoadAppInit_DLLs"=0 (0x0)

.

R2 gupdate;Google Update-Dienst (gupdate);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-13 136176]

R2 RoxWatch12;Roxio Hard Drive Watcher 12;c:\program files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxWatch12.exe [2009-07-24 219632]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe [2012-07-13 160944]

R3 a2djavs_x64;a2djavs_x64;c:\windows\system32\Drivers\a2djavs_x64.sys [2009-10-08 44624]

R3 a2djusb_x64;a2djusb_x64;c:\windows\system32\Drivers\a2djusb_x64.sys [2009-10-08 300112]

R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-21 250288]

R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys [2010-12-21 36328]

R3 AppleChargerSrv;AppleChargerSrv;c:\windows\system32\AppleChargerSrv.exe [2010-04-06 31272]

R3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys [2010-01-06 1847296]

R3 dc3d;MS Hardware Device Detection Driver (USB);c:\windows\system32\DRIVERS\dc3d.sys [2011-07-28 52584]

R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys [2012-07-30 102240]

R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-21 71168]

R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys [x]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-09-12 138912]

R3 etdrv;etdrv;c:\windows\etdrv.sys [2012-06-06 25640]

R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2008-08-07 3276800]

R3 gupdatem;Google Update-Dienst (gupdatem);c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-13 136176]

R3 GVTDrv64;GVTDrv64;c:\windows\GVTDrv64.sys [2012-06-06 30528]

R3 ks2avs;Kontrol S2 WDM Audio;c:\windows\system32\Drivers\ks2avs.sys [2012-02-22 358480]

R3 ks2usb_svc;Traktor Kontrol S2;c:\windows\system32\Drivers\ks2usb.sys [2012-02-22 80464]

R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys [2012-01-18 351136]

R3 LVUVC64;Logitech HD Webcam C270(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys [2012-01-18 4865568]

R3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv_x64.sys [2012-01-11 34304]

R3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys [2012-02-22 28160]

R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 51740536]

R3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-09-06 114144]

R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]

R3 OverwolfUpdaterService;Overwolf Updater Service;c:\program files (x86)\Overwolf\OverwolfUpdater.exe [2012-08-21 18360]

R3 Point64;Microsoft IntelliPoint Filter Driver;c:\windows\system32\DRIVERS\point64.sys [2011-08-01 45416]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2010-11-21 20992]

R3 RoxMediaDB12;RoxMediaDB12;c:\program files (x86)\Common Files\Roxio Shared\12.0\SharedCOM\RoxMediaDB12.exe [2009-07-24 1116656]

R3 SNP325;USB PC Camera (SNPSTD325);c:\windows\system32\DRIVERS\snp325.sys [2007-11-22 10733184]

R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys [2011-06-02 157672]

R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys [2011-06-02 16872]

R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys [2011-06-02 177640]

R3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys [2012-07-30 203104]

R3 ssudobex;SAMSUNG Mobile USB OBEX Serial Port(DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudobex.sys [2012-07-30 203104]

R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]

R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-21 88960]

R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2010-11-21 34816]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-21 117248]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [2012-02-15 52736]

R3 VBoxUSB;VirtualBox USB;c:\windows\system32\Drivers\VBoxUSB.sys [2012-03-14 117040]

R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]

R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe [2011-04-19 1255736]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys [2011-11-03 56208]

S0 Sahdad64;HDD Filter Driver;c:\windows\System32\Drivers\Sahdad64.sys [2009-06-01 27120]

S0 Saibad64;Volume Filter Driver;c:\windows\System32\Drivers\Saibad64.sys [2009-06-01 19952]

S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NISx64\1308000.00E\SYMDS64.SYS [2011-07-25 451192]

S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NISx64\1308000.00E\SYMEFA64.SYS [2012-05-22 1129120]

S1 AppleCharger;AppleCharger;c:\windows\system32\DRIVERS\AppleCharger.sys [2011-01-10 21104]

S1 BHDrvx64;BHDrvx64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\BASHDefs\20120928.001\BHDrvx64.sys [2012-08-31 1385120]

S1 ccSet_NIS;Norton Internet Security Settings Manager;c:\windows\system32\drivers\NISx64\1308000.00E\ccSetx64.sys [2012-06-07 167072]

S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-05-06 283200]

S1 IDSVia64;IDSVia64;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.1.0.28\Definitions\IPSDefs\20121003.001\IDSvia64.sys [2012-09-01 513184]

S1 SaibVdAd64;Virtual Disk Driver;c:\windows\system32\Drivers\SaibVdAd64.sys [2009-06-01 27632]

S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NISx64\1308000.00E\Ironx64.SYS [2012-04-18 190072]

S1 SymNetS;Symantec Network Security WFP Driver;c:\windows\System32\Drivers\NISx64\1308000.00E\SYMNETS.SYS [2012-04-18 405624]

S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2012-05-22 224088]

S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2012-05-22 130904]

S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

S2 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;c:\program files (x86)\Roxio\BackOnTrack\Disaster Recovery\SaibSVC.exe [2009-06-02 457200]

S2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-07-27 63960]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

S2 DES2 Service;DES2 Service for Energy Saving.;c:\program files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [2009-06-17 68136]

S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2009-08-27 1253376]

S2 GEST Service;GEST Service for program management.;c:\program files (x86)\GIGABYTE\EnergySaver\GSvr.exe [2009-12-02 68136]

S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [2012-08-29 2369960]

S2 iPodDrv;iPodDrv;c:\windows\system32\drivers\iPodDrv.sys [2011-07-27 14952]

S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2012-09-05 6364024]

S2 NIS;Norton Internet Security;c:\program files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe [2012-06-16 138272]

S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [2012-08-30 1258856]

S2 Smart TimeLock;Smart TimeLock Service;c:\program files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [2009-10-13 114688]

S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2012-08-30 382312]

S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [2012-08-24 2735528]

S2 UMVPFSrv;UMVPFSrv;c:\program files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe [2012-01-18 450848]

S3 a2djavs;Audio 2 DJ WDM Audio;c:\windows\system32\Drivers\a2djavs.sys [2012-02-22 358480]

S3 a2djusb_svc;Audio 2 DJ;c:\windows\system32\Drivers\a2djusb.sys [2012-02-22 96336]

S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys [2011-03-07 40832]

S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys [2011-03-07 65280]

S3 MEIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2010-10-19 56344]

S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [2012-07-03 189288]

S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

S3 phc710;USB PC Camera (SPC710NC);c:\windows\system32\DRIVERS\phc710.sys [2006-10-16 867712]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [2011-06-10 539240]

S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2012-05-22 147288]

S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2012-05-22 166232]

.

.

Inhalt des "geplante Tasks" Ordners

.

2012-10-04 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-18 13:22]

.

2012-10-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1771800032-78958699-3666061034-1000Core.job

- c:\users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-20 13:28]

.

2012-10-04 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1771800032-78958699-3666061034-1000UA.job

- c:\users\Marc\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-09-20 13:28]

.

2012-10-04 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-13 19:33]

.

2012-10-04 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2011-10-13 19:33]

.

2012-10-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1771800032-78958699-3666061034-1000Core.job

- c:\users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-24 15:34]

.

2012-10-04 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1771800032-78958699-3666061034-1000UA.job

- c:\users\Marc\AppData\Local\Google\Update\GoogleUpdate.exe [2012-09-24 15:34]

.

.

--------- X64 Entries -----------

.

.

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{45d30484-7ded-43d9-957a-d2fd1f046511}]

2010-11-21 03:23        444752        ----a-w-        c:\windows\System32\mscoree.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

"{1d09c093-f71e-43c3-b948-19316cbd695e}"= "mscoree.dll" [2010-11-21 444752]

.

[HKEY_CLASSES_ROOT\CLSID\{1d09c093-f71e-43c3-b948-19316cbd695e}]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]

@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12        97792        ----a-w-        c:\users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]

@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12        97792        ----a-w-        c:\users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]

@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12        97792        ----a-w-        c:\users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]

@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"

[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]

2011-02-18 05:12        97792        ----a-w-        c:\users\Marc\AppData\Roaming\Dropbox\bin\DropboxExt64.14.dll

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-08-26 12681320]

"phc710"="c:\windows\vphc710.exe" [2006-10-16 344064]

"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]

"IntelliPoint"="c:\program files\Microsoft IntelliPoint\ipoint.exe" [2011-08-01 2417032]

"itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2011-08-01 1873288]

"BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 112512]

"snp325"="c:\windows\vsnp325.exe" [2007-05-10 835584]

.

------- Zusätzlicher Suchlauf -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local;127.0.0.1:9421;<local>

IE: An OneNote s&enden - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105

IE: An vorhandene PDF-Datei anfügen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html

IE: In Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html

IE: Linkziel an vorhandene PDF-Datei anhängen - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

IE: Linkziel in Adobe PDF konvertieren - c:\program files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

IE: Nach Microsoft &Excel exportieren - c:\progra~2\MICROS~1\OFFICE11\EXCEL.EXE/3000

IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000

IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe

TCP: DhcpNameServer = 192.168.2.1

FF - ProfilePath - c:\users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\r28uct31.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.wisedock.de/m.php?id=2332406674768a7e760877fb50ef6c1161c7

.

- - - - Entfernte verwaiste Registrierungseinträge - - - -

.

Wow6432Node-HKCU-Run-AdobeBridge - (no file)

Wow6432Node-HKLM-Run-<NO NAME> - (no file)

.

.

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\NIS]

"ImagePath"="\"c:\program files (x86)\Norton Internet Security\Engine\19.8.0.14\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files (x86)\Norton Internet Security\Engine\19.8.0.14\diMaster.dll\" /prefetch:1"

.

--------------------- Gesperrte Registrierungsschluessel ---------------------

.

[HKEY_USERS\S-1-5-21-1771800032-78958699-3666061034-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*m*p*3*3â÷q\OpenWithList]

@Class="Shell"

"a"="vlc.exe"

"MRUList"="a"

.

[HKEY_USERS\S-1-5-21-1771800032-78958699-3666061034-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{F6C3A976-80A1-894B-D985-1EA6030CF0D3}*]

"hafjnmijjagpnomk"=hex:69,61,70,6e,67,63,6d,68,6e,6d,64,66,6d,63,6a,68,62,61,

   00,77

"iadilonndclckbmkii"=hex:63,61,6d,6e,65,64,00,00

"iapidopeablphfibgc"=hex:69,61,70,6e,67,63,6d,68,6e,6d,64,66,6d,63,6a,68,62,61,

   00,77

"dbaoobcbffhmbcgihabihihhbcbcgkekacjpaoip"=hex:68,61,69,6c,6d,67,6e,67,68,68,

   69,6f,62,67,6f,6d,00,00

"jbaoobcbffhmbcgihabiijfjiophoonlnnjldfffbchlhjdppjpd"=hex:68,61,69,6c,6d,67,

   6e,67,68,68,69,6f,62,67,6f,6d,00,00

"dbaoobcbffhmbcgihabigjeinflkpfcddignjdke"=hex:62,61,66,70,00,fa

.

[HKEY_USERS\S-1-5-21-1771800032-78958699-3666061034-1000\Software\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC]

@Denied: (C D) (Everyone)

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_4_402_278_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_4_402_278_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_4_402_278.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC\Channels]

@Denied: (C D) (Everyone)

"ccSvcHst_UserSession_3260"="{7AD13F65-10E5-4087-8D07-70ADAE091903}"

"g_coUserCommandChannel"="{0E4D14DB-8DC6-429F-BADF-4FC30ED1A2CA}"

"ccSvcHst_UserSession_3036"="{FEEF351E-734E-4737-8E0A-48A10EFB02C9}"

"ccSvcHst_UserSession_5760"="{8C65AD0F-04B5-413C-90CF-509DBC052D8B}"

"ccSvcHst_UserSession_3632"="{0CCF73C1-FEAA-4AA0-BCEE-9850A251B643}"

"ccSvcHst_UserSession_5096"="{D6E60F79-AE4F-4B1C-8B85-1A8F2A7111BB}"

"ccSvcHst_UserSession_2300"="{49AFFE68-3D4F-4F08-8FBC-0632857C43B8}"

"ccSvcHst_UserSession_3368"="{DE6A5807-7505-46C3-8CDA-58DEFDA7B745}"

"ccSvcHst_UserSession_2448"="{083942F0-EBA4-4AD0-8281-E14496BEA3D8}"

"ccSvcHst_UserSession_1992"="{14A5F078-4460-4D7A-A08B-5A16CC9BA29F}"

"ccSvcHst_UserSession_1036"="{B66A1EDF-2721-4562-A432-A9D8AFD9ACAF}"

"ccSvcHst_UserSession_2944"="{FE3B354E-4196-4AAB-A569-2EFB0FAAFC4D}"

"ccSvcHst_UserSession_2104"="{EF6A4C12-813C-4D9E-88D8-BD64B48FAAC0}"

"ccSvcHst_UserSession_3576"="{12A54274-C7EC-4590-BF52-8FDE56424A49}"

"ccSvcHst_UserSession_2584"="{99E38C87-BA20-4A65-B0CC-7648091B1EEA}"

"ccSvcHst_UserSession_3724"="{4AA45098-4DA2-4FFC-AA95-7FAFE790D308}"

"ccSvcHst_UserSession_2356"="{75E5EF4F-8C0A-4052-B745-3B9CF265499F}"

"ccSvcHst_UserSession_3140"="{9718306E-5223-4014-B83F-43DD5C749926}"

"ccSvcHst_UserSession_3800"="{5F623640-979A-4DA7-B57D-42367C0CB067}"

"ccSvcHst_UserSession_3464"="{52E2BDF0-97FA-4446-8E2C-492964AB1719}"

"ccSvcHst_UserSession_3740"="{C08195F3-15E6-449E-95E1-205E0ADE39A3}"

"ccSvcHst_UserSession_3796"="{A2E25DB8-9CFB-40BB-930C-8493A0F93DC6}"

"ccSvcHst_UserSession_3108"="{E00008B5-1115-48CB-85DB-F4A3E533A7A8}"

"ccSvcHst_UserSession_3136"="{1109EFDB-4823-492F-8BFF-5CAD3F1A79D8}"

"ccSvcHst_UserSession_3092"="{23DC5769-8F61-4306-A8B4-7F482B330B1D}"

"ccSvcHst_UserSession_3524"="{0C749241-47AD-462A-92D0-D8354204F79B}"

"ccSvcHst_UserSession_2784"="{1F7AA2CA-1EB5-4F51-9DE7-EAFD0ACE9E43}"

"ccSvcHst_UserSession_3100"="{C5BF6593-CDF6-4829-B051-EA9752425CDF}"

"ccSvcHst_UserSession_3160"="{CDB4783F-CA09-4CA7-A953-10C10EF448E9}"

"ccSvcHst_UserSession_3572"="{D9618681-6100-4628-B32D-23C24BAEBF12}"

"ccSvcHst_UserSession_3948"="{DB42BE2D-BBE2-428F-B246-D7D524C3AAAA}"

"ccSvcHst_UserSession_1760"="{0FDA1CD7-5D22-4B8A-87BE-6F6F5FAB9E02}"

"ccSvcHst_UserSession_2404"="{430DA3AF-25C2-425D-AF61-24B742738471}"

"g_coVistaProxyChannel"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"{A1B48937-0778-4e7c-885B-271F65B485D2}"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"ccSvcHst_NIS"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"ccSvcHst_UserSession_3988"="{71DA9B7A-31F6-451A-B433-2DD9A0543720}"

"{9BBA000F-092F-432f-B9DF-9D64FD1C2978}"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"

"g_coUserCommandChannel_S-1-5-21-1771800032-78958699-3666061034-1000"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"

"DING_{4467AB8F-68C8-4ab5-9B48-B3E6EB65F6A1}"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"ccGenericEvent_Global_EM"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"ccGenericEvent_Global_LM"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"ccGenericLog_Manager"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"ccJobMgr_general_{ABD582DE-8F75-412d-81CF-6A180F1203DD}"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"ccJobMgr_session_{ABD582DE-8F75-412d-81CF-6A180F1203DD}"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"{3F11C6A7-CEA8-40c9-88EE-E5461341AE97}_ccSubmissionEngineIPC"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"{A2DE0E79-877C-485b-B604-78B170313E9E}_IronIPC"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"SNDServiceRequestChannel"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"SymRedirSvcRequestChannel"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"NortonNetServiceIPC"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"ncw_performance_IPC"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"_NCWSvcComm_NortonCommunityWatchConfiguration"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"_ProcessDetection_"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"NetMapServiceIPC"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"SNDLocationChannel"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"isError_Service_IPC"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"QuickStart{4302D82E-BA29-4be2-A0EF-72589D61BCD3}"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"BashIPCChannel"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"ipcChannel_ShastaServer"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"_ISPOCClient_"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"_isDataPrComm_"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"_IDataStoreMgr_"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"_AvProdSvcComm_"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"_NortonOnlineCommFeatureRequest_"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"_HSPlayerCommand_"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"{C4A09495-F6BC-4166-B717-F3F3250462BB}"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"FWAlert"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"IPS_COMMAND_CHANNEL"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"ccSvcHst_UserSession_3696"="{7E219DC3-FC66-4479-95A4-8B4CBE92D613}"

"AvProdSession_01"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"

"AvProdSession_Options_01"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"

"AvProdSession_MessageCenter_01"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"

"AvProdSession_Scanless_01"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"

"AvProdSession_IPUA_01"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"

"AvProdSession_CanIRun_01"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"

"_IPCChannel_PerformAutoLogin_1_"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"

"_ReputationSvcComm_ReputationPublisher"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"ncw_reputation_scan_server_IPC"="{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"

"ccSvcHst_UserSession_3420"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"

"{B44E7D73-F081-414B-ADD2-CD66675A190D}1"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"

"CO_PS_{55DBA8A2-CF13-4600-8FC8-C7B989ABF841}_1"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"

"clt::AlertChannel2_01"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"

"QuickStart{4A16DDA3-2513-41ea-90C8-E34A67781129}1"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"

"TRUSTCHANNEL"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"

"SDKCHANNEL1"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"

"ToasterNotify\\SessionID_1"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"

"{436E95FE-192E-469f-8F34-5038FBA89BF4}1"="{3BD88611-85D3-4A37-818A-3644A2DBEB84}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Common Client\ccIPC\Endpoints]

@Denied: (C D) (Everyone)

"{31D28890-BC66-4548-94B9-C84E409A6586}"=""

"{7AD13F65-10E5-4087-8D07-70ADAE091903}"=""

"{43384C25-FD59-4894-B4DD-D27EE379DA30}"=""

"{BA4ADA64-C6A3-4814-82F2-E9DC4BB39D0E}"=""

"{BFCB0218-0CF8-45C2-8423-7003023D466D}"=""

"{CAF69B79-5031-4406-90D1-112E86C049B7}"=""

"{63197D6D-D81A-48E5-86DC-C4D0847F764A}"=""

"{FEEF351E-734E-4737-8E0A-48A10EFB02C9}"=""

"{F0210051-8F30-45DF-907E-B586638D623E}"=""

"{893724B2-D1A9-450F-8B17-77FC0D9C90DA}"=""

"{47F63204-2B8E-4240-B45D-9A8B7FA7190C}"=""

"{45E65594-F8E7-4CE9-A2AC-2748CD7A924C}"=""

"{5F339DB0-D0BF-4A1A-B96A-7E40FB1869F7}"=""

"{1177D39F-90BB-4405-B57C-5CAB92F144E8}"=""

"{C87CC020-8D98-4797-81B2-AF2B78341DED}"=""

"{D23C226A-27C7-4A60-B65D-8E197BCFF1DE}"=""

"{0DD0D708-9E74-44C9-A850-C488F2358B92}"=""

"{0E4D14DB-8DC6-429F-BADF-4FC30ED1A2CA}"=""

"{3DACB72D-1481-433C-921C-B708684A8522}"=""

"{8C65AD0F-04B5-413C-90CF-509DBC052D8B}"=""

"{7586277D-07FF-4A21-ADEE-76486A007810}"=""

"{3CED894F-B4CA-4985-9F11-51DA8AFE7FC4}"=""

"{D1A71491-FF0E-422E-A0A1-200E63E932C5}"=""

"{B840492E-B3EE-4B9A-8562-FF9D3B919C3F}"=""

"{E7731816-2D75-4C3D-BA49-CEF43FBFC7A8}"=""

"{525E402C-9E18-4332-B3BC-DE7BB5A6D8BC}"=""

"{1AE995A7-A21F-4E2C-82DA-0037961DC756}"=""

"{03537630-4B0B-46DD-A286-7A906E3EFF38}"=""

"{21B988A6-DB68-47F9-A882-AC6FFCBBE1FC}"=""

"{0EEFF4C4-C254-4401-91D1-75CC7796DD0C}"=""

"{1A0D516D-D352-4FD5-AE85-9E64B2F5C7C0}"=""

"{C22802B1-7874-4BD7-B4D5-C06799E91DA8}"=""

"{F2D19814-85DD-4141-ABF0-77576D46CA1C}"=""

"{3432DE6F-4DB9-4EE3-80EB-37609C90313A}"=""

"{1E5759FE-00AC-4965-B8E7-40D94BA4E1DF}"=""

"{72621F17-F8D2-4898-933A-5562163ACACF}"=""

"{A7BE95DE-8A3F-498E-9D46-75FDFEA6F830}"=""

"{77A12E1E-54AD-4A56-8393-C026E7A364C3}"=""

"{9E7187B1-4E88-4002-AD94-4F1A0D081073}"=""

"{7B7DC8AA-A4B4-4F3A-B2B4-B5EB888829F0}"=""

"{C85B0FDB-04F0-4501-8BC8-F36D1598DE52}"=""

"{4E983FFB-F450-40AB-8B4E-EE1E78E336FF}"=""

"{518073EB-767B-4BBD-8040-81484F747D96}"=""

"{1612E17F-6787-4ED2-98D0-2E8B0A0C009B}"=""

"{B7073CFB-DBD8-4431-A20E-7550A4AD463E}"=""

"{90123824-B6F0-4331-8390-5E6A3995B813}"=""

"{AE88CCC9-1198-49B7-AD34-FAC03152A465}"=""

"{00D9F2A7-2B8E-4C25-B640-2133916FFE1E}"=""

"{028A0711-6EE2-458D-BD37-697E660DB569}"=""

"{5540F35D-D52B-4DE3-B825-0B47A132BA68}"=""

"{C6CC6190-E3A2-484A-94F9-325ED2A2FBBF}"=""

"{0254BE81-2401-4DFC-8AC6-54BC15331A77}"=""

"{2105FC74-2191-484E-A70C-D51C61E8433B}"=""

"{0CCF73C1-FEAA-4AA0-BCEE-9850A251B643}"=""

"{0340C946-E9A0-4DBE-B47C-41F3FB812931}"=""

"{EF8EABC8-B0FD-4C6D-9212-0B62927E81E8}"=""

"{3F516BEA-644D-4A93-9746-8BFBC00840FA}"=""

"{9887B0AE-4686-4269-A31A-922B350AFD96}"=""

"{5B22E2EC-0D78-4542-8E01-94A9962168E1}"=""

"{495C292E-9F45-4322-859D-38C3835842E9}"=""

"{CF7EA717-2F29-4603-A36E-BAC679BEFB5A}"=""

"{B0C1493A-74F3-485B-93F7-95FEB57BC2E8}"=""

"{C91ECC38-1F10-4929-8BE7-B10F8E22C0BA}"=""

"{C21BECB9-ADD8-4FD5-B421-0492B70129A2}"=""

"{0D94EDF7-68F5-4941-8287-EC3C078CA014}"=""

"{25CEEA4D-4EFA-4DC2-ABBD-311F9AEB4F11}"=""

"{692B7235-E02D-4FE5-BEB8-FEBB17107DC6}"=""

"{7CA17BFF-E795-45D5-88EF-435B798633F7}"=""

"{ACBA6A0B-D626-4C52-8A8F-9E7C9397A38C}"=""

"{6F3B5D8A-9D68-45FF-891F-CE408D952E63}"=""

"{70DBDEF5-44AC-4C2A-94F3-56D6587A5D91}"=""

"{8360B87D-3A57-43CB-8880-0081DB4460A9}"=""

"{4A9CEFC8-C5ED-4C25-9D10-100FBB3D1365}"=""

"{796F2351-F739-4695-AE1C-8D5CFC55472C}"=""

"{374F44E9-B644-4D50-BDEC-3288ED1E5309}"=""

"{F4A96801-F822-4BF7-8505-CA0324C97FAD}"=""

"{71BC76F4-B12A-46B2-B9D9-A617F354FAB7}"=""

"{D3CC758A-496F-4758-865A-BB33CF37329E}"=""

"{0FA2B64B-5629-4A22-849A-A9EEE153F6E9}"=""

"{73D95C5F-6317-44FF-A5B3-D8F3E1F251DC}"=""

"{36CA9874-2F09-4852-83B4-C2FDE4BB1FB0}"=""

"{1C67EAC1-2341-4397-A9C8-E24912E93D86}"=""

"{DC5019DD-4393-49E6-A949-CC468291A7E8}"=""

"{D6E60F79-AE4F-4B1C-8B85-1A8F2A7111BB}"=""

"{F0519DBB-8A97-4643-B44E-5CCD7957C487}"=""

"{DC6B1A17-B27A-4CF4-B53E-DAAE7791F024}"=""

"{7C8AD3E5-60DA-4B08-84DF-5095EA8E11B8}"=""

"{C66C4126-6A62-4345-AC0B-7472C1FA5AC3}"=""

"{B9A29325-26EC-41F1-A74F-14E8ED30C9C2}"=""

"{AA5C1182-4985-4291-AA06-E4739BEC6E27}"=""

"{E67118EC-D5D0-42F3-BB0E-0B3E7B25D34A}"=""

"{92B8F617-9944-4281-97AE-87B1EE80393E}"=""

"{BE1ADC3D-72DB-4903-9AFD-C0DE942489B0}"=""

"{1A5BBFC9-A0BC-4BD6-B2A7-87AEC138BFE8}"=""

"{A4578D28-CEBF-4E8F-88DA-422BCBEBD04E}"=""

"{49AFFE68-3D4F-4F08-8FBC-0632857C43B8}"=""

"{C130B069-79CB-4528-AE99-8FEA3EE29861}"=""

"{F23DD840-1CB5-47E3-A037-5777F8236EB4}"=""

"{1ED0F91B-9632-42F7-BE39-DA8D8B5E6FF5}"=""

"{74A59BAC-55C3-477B-BC7B-1E0F35F168DB}"=""

"{F8511691-8C63-431F-A860-D716A17338FA}"=""

"{DE6A5807-7505-46C3-8CDA-58DEFDA7B745}"=""

"{65F3D647-1F29-4C0F-A18B-F79449CE0A58}"=""

"{083942F0-EBA4-4AD0-8281-E14496BEA3D8}"=""

"{A1A32588-D81D-47BA-ADFF-0C517AD4C35D}"=""

"{C061CD22-CCCD-4D27-85C3-8FFCD49519BA}"=""

"{A8A7E560-ABE0-47FE-83C4-1C2317E26881}"=""

"{2DC3031F-A9AB-436D-94CC-747CE2B47587}"=""

"{85EA8F58-ADF0-4C54-BB72-E65FDFEDD92A}"=""

"{F930FD20-45DC-4F62-B07F-FFC0FAD2B922}"=""

"{2C855EF6-A66F-4B72-97EF-3A1E20027F1A}"=""

"{3131C8E0-6465-47C5-8FF3-4B278F2E3401}"=""

"{40434B11-B0C6-4D3E-A9E2-C89C377B15F5}"=""

"{5D346F65-B95A-48BD-9872-7DE0D5FB93B0}"=""

"{7C68554D-85E7-4181-A0EB-61549624CF74}"=""

"{1EBF3E40-DC1E-4413-857D-D3AC3B795FB3}"=""

"{CAB58E49-A42A-47B2-9E49-8EC5E3DC02E2}"=""

"{2E320FE5-7A58-43C0-98B0-55AC4E2BF5C7}"=""

"{36F05336-8BD0-45A8-9742-84BD144CB45E}"=""

"{F408D8DB-40AF-4464-86EC-B7A2B82EA67A}"=""

"{CC7CC34D-C387-495A-BED4-A19A13D90C8F}"=""

"{E91479B5-E90E-4CE9-ABBC-1D28B30A6B15}"=""

"{15A3D61D-43A7-4E4A-A58E-C389A7A841A7}"=""

"{0F6DF0EB-A764-472A-8D37-0513D86912D9}"=""

"{546984D1-C73C-4568-9F36-A01104CB257C}"=""

"{42ADEAEE-8831-481D-B83B-19B4C8AC9046}"=""

"{701CF786-1E00-456F-8ACC-CF7FC7F9CFF8}"=""

"{14A5F078-4460-4D7A-A08B-5A16CC9BA29F}"=""

"{6BAD6E98-81F6-49A6-AE19-20C8E0505C37}"=""

"{B66A1EDF-2721-4562-A432-A9D8AFD9ACAF}"=""

"{83F5A053-43DB-4998-8B65-2140A57F3AF3}"=""

"{B0E5A95F-7BFB-48FD-8130-468AB5831812}"=""

"{94591B92-AB45-45B0-8376-BFEE44CAA71C}"=""

"{FE3B354E-4196-4AAB-A569-2EFB0FAAFC4D}"=""

"{135DC4BD-525E-4A93-BCD4-606E1A26A65F}"=""

"{AF59F538-AB6C-4ACB-83F9-E5F8D4896F52}"=""

"{E860AC30-A3EE-4519-9127-33F8F2D27FDE}"=""

"{EF6A4C12-813C-4D9E-88D8-BD64B48FAAC0}"=""

"{30B1486D-A27B-44FD-9DF7-C436C7BB015D}"=""

"{FA8E0986-E8DD-4DCE-B6C3-34856108C4A7}"=""

"{BB93FA21-E208-41A0-94B1-5B3BE2F0894E}"=""

"{917D3358-F66E-4C4B-AFFF-B5A4A906B1FB}"=""

"{CE472A7E-18A5-4A7A-96CE-587B6EA33F1E}"=""

"{8A7E75B7-55C8-4C99-B384-7357FBF4C5A5}"=""

"{AF74F5F8-D7D4-463A-A70D-681C63CC03DA}"=""

"{12A54274-C7EC-4590-BF52-8FDE56424A49}"=""

"{901992BF-F816-40AC-874F-E51B54CAB887}"=""

"{C266CD48-3BD7-43A4-983A-2BF4D9440C25}"=""

"{44DF0806-BBF9-40E8-86D1-68316BC7C51F}"=""

"{A145B174-2305-415F-9288-330A95F7E515}"=""

"{2983047B-83DD-4B1B-A98A-2C05818CFCAA}"=""

"{99E38C87-BA20-4A65-B0CC-7648091B1EEA}"=""

"{F9B1E1FC-95D4-4699-AA2A-78BA5A613B41}"=""

"{4AA45098-4DA2-4FFC-AA95-7FAFE790D308}"=""

"{50A05E3E-E32D-496E-B5EE-E56442D2739A}"=""

"{75E5EF4F-8C0A-4052-B745-3B9CF265499F}"=""

"{D8B3E8E1-4C54-4E10-85D0-94F967E8B916}"=""

"{511AA929-4FB9-4589-8C5F-E1BD58852400}"=""

"{2764B993-3488-4418-8B21-8729B778863B}"=""

"{9718306E-5223-4014-B83F-43DD5C749926}"=""

"{99699088-F146-472B-B4A0-D5E7CA0FF90E}"=""

"{085C3D26-CFD2-4A6C-9F83-A0422B6CA899}"=""

"{0D8C1E40-6EF0-4606-A5CA-79CB9C5A4DDE}"=""

"{931E3908-863E-43ED-B459-883229D4959F}"=""

"{0F23675C-B908-4DBF-912A-EAA4FB8283EE}"=""

"{5F623640-979A-4DA7-B57D-42367C0CB067}"=""

"{98273B17-4754-4D9E-82A4-0416C9774B71}"=""

"{52E2BDF0-97FA-4446-8E2C-492964AB1719}"=""

"{1514F77F-5D81-4AC9-9773-CC092DFC4658}"=""

"{EA3C8F8B-1452-4561-B79C-37519D8C40F6}"=""

"{4489C55D-458F-4575-9DE5-D613F55AA40A}"=""

"{28EDF0F6-1149-469F-949A-2F7F065B5452}"=""

"{A63FC71F-7B63-4E35-A687-D58227E240EB}"=""

"{C08195F3-15E6-449E-95E1-205E0ADE39A3}"=""

"{7BF2DB7F-0270-4095-9E83-25E16051F899}"=""

"{A2E25DB8-9CFB-40BB-930C-8493A0F93DC6}"=""

"{63154596-0252-4B44-89F2-B3B55EEACCE9}"=""

"{E00008B5-1115-48CB-85DB-F4A3E533A7A8}"=""

"{6F5A8B14-6CE6-47EA-85DE-C481D0638A42}"=""

"{74FE06E0-81FF-45CC-A957-29588E6A0DF4}"=""

"{0E785B00-361E-438A-98C5-EB7EC8727854}"=""

"{26DA05CB-0A9A-44D5-B073-8031525DB4E7}"=""

"{1C7DFB73-F76A-417F-BCEC-78149BC0AB0F}"=""

"{1109EFDB-4823-492F-8BFF-5CAD3F1A79D8}"=""

"{E8C8226C-6708-43B7-99BE-623FB0BFCC7C}"=""

"{23DC5769-8F61-4306-A8B4-7F482B330B1D}"=""

"{A57BAD4F-A7FC-4307-BE51-F37C0E04D71D}"=""

"{0C749241-47AD-462A-92D0-D8354204F79B}"=""

"{7A546934-ED8D-4237-8714-39B8B9A45A7B}"=""

"{1F7AA2CA-1EB5-4F51-9DE7-EAFD0ACE9E43}"=""

"{F55192E0-2549-4BFD-85D1-80B1589267A0}"=""

"{C5BF6593-CDF6-4829-B051-EA9752425CDF}"=""

"{4B4079F1-8AD3-4A3E-AC97-AEEB55436A7B}"=""

"{CDB4783F-CA09-4CA7-A953-10C10EF448E9}"=""

"{E56B72B8-896E-481E-B4AF-02C4F77C885A}"=""

"{90420AB4-35B2-495C-B461-E7EDDEB308E1}"=""

"{4F307491-60BE-4CE1-B7F9-9FD2741F6974}"=""

"{D9618681-6100-4628-B32D-23C24BAEBF12}"=""

"{7C15BF70-CE5D-435A-885A-EFE305B2D857}"=""

"{DB42BE2D-BBE2-428F-B246-D7D524C3AAAA}"=""

"{8BCBFFF8-25E6-4A15-BD90-BA964E68FF61}"=""

"{0FDA1CD7-5D22-4B8A-87BE-6F6F5FAB9E02}"=""

"{C30CC5B2-AE13-4010-BB0C-55C4053D0D32}"=""

"{430DA3AF-25C2-425D-AF61-24B742738471}"=""

"{F624B18D-E73D-433D-94AF-2E70C018ACF6}"=""

"{0E7F2971-B1F3-49C8-B116-E77CB003E6B1}"=""

"{AFE73930-322D-4D9E-8B28-FE4C02D2C95B}"=""

"{EC8226F4-E89F-44E9-ACA7-BFFDB9EB795B}"=""

"{568664A6-2FBD-4A5F-A70D-71A2AD42F804}"=""

"{1D97F805-80DD-45EC-B96A-D0D6459139A1}"=""

"{C0A6FD55-B848-429D-84AB-3DC474F1BAC8}"=""

"{71DA9B7A-31F6-451A-B433-2DD9A0543720}"=""

"{1FCB60C1-8A22-4547-8404-457809EAC292}"=""

"{7E219DC3-FC66-4479-95A4-8B4CBE92D613}"=""

"{E7A91E1D-C2BE-4125-A7A7-4B8104FD2EFD}"=""

"{3BD88611-85D3-4A37-818A-3644A2DBEB84}"=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0005\AllUserSettings]

@Denied: (A) (Users)

@Denied: (A) (Everyone)

@Allowed: (B 1 2 3 4 5) (S-1-5-20)

"BlindDial"=dword:00000000

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Zeit der Fertigstellung: 2012-10-04  16:13:18

ComboFix-quarantined-files.txt  2012-10-04 14:13

.

Vor Suchlauf: 15 Verzeichnis(se), 69.348.085.760 Bytes frei

Nach Suchlauf: 26 Verzeichnis(se), 108.885.303.296 Bytes frei

.

- - End Of File - - 5BC3EBDE5D94D5EDB67A39253BA65FFE

--- --- ---

hi

malwarebytes:
Downloade Dir bitte Malwarebytes

Installiere
das Programm in den vorgegebenen Pfad.
Vista und Win7 User mit Rechtsklick "als Administrator starten"
Starte Malwarebytes, klicke auf Aktualisierung --> Suche
nach Aktualisierung
Wenn das Update beendet wurde, aktiviere vollständiger Scan durchführen und drücke auf Scannen.
Wenn der Scan beendet
ist, klicke auf Ergebnisse anzeigen.
Versichere Dich, dass alle Funde markiert sind und drücke Entferne Auswahl.
Poste
das Logfile, welches sich in Notepad öffnet, hier in den Thread.
Nachträglich kannst du den Bericht unter "Log Dateien" finden.

Sorry das ich so lange nicht geschrieben habe, war im Urlaub ;)
Also Maleware Byts hat nichts gefunden, hier trotzdem die Log:

Code:

Malwarebytes Anti-Malware (Test) 1.65.0.1400

www.malwarebytes.org
 

Datenbank Version: v2012.10.13.07
 

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

Marc :: MARC-PC [Administrator]
 

Schutz: Aktiviert
 

13.10.2012 19:22:08

mbam-log-2012-10-13 (19-22-08).txt
 

Art des Suchlaufs: Vollständiger Suchlauf (C:\|E:\|H:\|I:\|K:\|)

Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM

Deaktivierte Suchlaufeinstellungen: P2P

Durchsuchte Objekte: 729683

Laufzeit: 2 Stunde(n), 2 Minute(n), 25 Sekunde(n)
 

Infizierte Speicherprozesse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Speichermodule: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungsschlüssel: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Registrierungswerte: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateiobjekte der Registrierung: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Verzeichnisse: 0

(Keine bösartigen Objekte gefunden)
 

Infizierte Dateien: 0

(Keine bösartigen Objekte gefunden)
 

(Ende)

Mfg Marc

hi
lade den CCleaner standard:
CCleaner Download - CCleaner 3.23.1823
falls der CCleaner
bereits instaliert, überspringen.
instalieren, öffnen, extras, liste der instalierten programme, als txt speichern. öffnen.
hinter, jedes von dir benötigte programm, schreibe notwendig.
hinter, jedes, von dir nicht benötigte, unnötig.
hinter, dir unbekannte, unbekannt.
liste posten.

hier die Liste:

Code:

325 USB PC Camera        Sonix        11.08.2012                0.6.0.001                                                unbekannt

@BIOS        GIGABYTE        06.07.2011                2.11                                                                wichtig

Ableton Live 8        Ableton        03.04.2012        902MB        8.0.0.0                                                                wichtig

Adobe Acrobat X Pro - English, Français, Deutsch        Adobe Systems        13.10.2012        2,81GB        10.1.4                wichtig        

Adobe AIR        Adobe Systems Incorporated        13.10.2012                3.4.0.2710                                wichtig

Adobe Creative Suite 6 Master Collection        Adobe Systems Incorporated        05.10.2012        9,83GB        6        wichtig

Adobe Flash Media Live Encoder 3.2        Adobe Systems Incorporated        11.03.2012        44,0MB        3.2.0                wichtig

Adobe Flash Player 11 ActiveX        Adobe Systems Incorporated        13.10.2012        6,00MB        11.4.402.287                wichtig

Adobe Flash Player 11 Plugin        Adobe Systems Incorporated        13.10.2012        6,00MB        11.4.402.287                wichtig

Adobe Help Manager        Adobe Systems Incorporated        31.07.2012                4.0.244                                wichtig

Adobe Photoshop Lightroom 4.1 64-bit        Adobe        31.07.2012        806MB        4.1.2                                        wichtig

Adobe Widget Browser        Adobe Systems Incorporated.        31.07.2012                2.0 Build 348                        wichtig

Adobe® Content Viewer        Adobe Systems Incorporated        18.10.2012                2.8.0                                wichtig

Akamai NetSession Interface                02.01.2012                                                                ungekannt

Akamai NetSession Interface Service                02.01.2012                                                        unbekannt

Amazon MP3-Downloader 1.0.15        Amazon Services LLC        01.08.2012                1.0.15                                wichtig

Anno 1701        Sunflowers        22.06.2011                1.00                                                        muss nicht

Anno 1701 - Der Fluch des Drachen        Sunflowers        22.06.2011                2.03                                muss nicht

Any DVD Converter Professional 4.0.1        Any-DVD-Converter.com        20.04.2011                                        wichtig

Apple Application Support        Apple Inc.        20.09.2012        64,4MB        2.2.2                                        wichtig

Apple Mobile Device Support        Apple Inc.        20.09.2012        23,7MB        6.0.0.59                                wichtig

Apple Software Update        Apple Inc.        07.07.2011        2,38MB        2.1.3.127                                        wichtig

ASIO4ALL        Michael Tippach        02.01.2012                2.10                                                        wichtig

Battlefield 3™        Electronic Arts        10.09.2012                1.4.0.0                                                        wichtig

Battlefield Play4Free        EA Digital illusions        02.01.2012                                                        wichtig

Battlelog Web Plugins        EA Digital Illusions CE AB        09.09.2012                1.132.0                                wichtig

Beatport Downloader        Beatport LLC        01.08.2012                1.4                                                wichtig

BeatportDownloader        Beatport LLC        25.02.2012                1.003                                                wichtig

BEHRINGER USB AUDIO DRIVER                19.01.2012                                                                wichtig

Bonjour        Apple Inc.        17.10.2011        2,00MB        3.0.0.10                                                        wichtig

Borderlands        2K Games        20.04.2011        6,88GB        1.0.295                                                        wichtig

Borderlands 2        Gearbox Software        21.09.2012                                                                wichtig

Brother MFL-Pro Suite DCP-130C        Brother Industries, Ltd.        01.09.2011                1.0.3.0                        wichtig

butt                02.01.2012                                                                                        wichtig

Canon Utilities EOS Utility        Canon Inc.        03.09.2012                2.10.0.0                                wichtig

Canon Utilities PhotoStitch        Canon Inc.        03.09.2012                3.1.22.46                                wichtig

CCleaner        Piriform        24.09.2012                3.23                                                        wichtig

CINEMA 4D 12.016        MAXON Computer GmbH        17.08.2012        3,81GB        12.016                                        wichtig

Clonk Rage        RedWolf Design GmbH        02.01.2012                                                                muss nicht

Combat Arms EU                04.04.2012                                                                                muss nicht

ConvertXtoDVD 4.1.10.348                24.05.2011        68,1MB        4.1.10.348                                        wichtig

DAEMON Tools Lite        DT Soft Ltd        06.05.2012                4.45.4.0315                                        wichtig

Dead Space™ 2        Electronic Arts        23.12.2011        10,0GB        1.0.948.0                                                wichtig

DES 2.0        Gigabyte        06.07.2011                1.00.0000                                                        wichtig

doubleTwist        doubleTwist Corporation        25.02.2012                3.2.0.12944                                        unwichtig

Dreamload        Dreamload LLC        08.04.2011                1.297                                                        unwichtig

Dropbox        Dropbox, Inc.        10.07.2012                1.4.7                                                                wichtig

Easy Migration        Samsung Electronics Co., Ltd.        05.07.2012                1.0                                        muss nicht

Edcast Standalone 3.37.2011        PCGraFix        17.09.2012                3.37.2011.1214                                wichtig

Energy Saver Advance B10.0309.1        GIGABYTE        07.04.2011                1.10.0000                                wichtig

EOS Camera Movie Record 0.3.1.1 Beta        Chernov A.A.        03.09.2012                                                wichtig

EPSON SX100 Series Printer Uninstall        SEIKO EPSON Corporation        06.08.2012                                        wichtig

ESN Sonar        ESN Social Software AB        06.06.2012                0.70.4                                                wichtig

Etron USB3.0 Host Controller        Etron Technology        06.07.2011        5,18MB        0.98                                wichtig

Facebook Desktop        UNKNOWN        02.01.2012                0.84                                                        muss nicht

Facebook Video Calling 1.2.0.159        Skype Limited        22.03.2012        4,76MB        1.2.159                                wichtig

ffdshow [rev 2527] [2008-12-19]                25.02.2012                1.0                                                wichtig

FileZilla Client 3.5.3        FileZilla Project        12.02.2012        16,5MB        3.5.3                                        wichtig

FileZilla Server        FileZilla Project        12.02.2012        3,65MB        beta 0.9.40                                wichtig

Firebird SQL Server - MAGIX Edition        MAGIX AG        30.10.2011        10,1MB        2.1.27.0                        muss nicht

Fraps (remove only)                20.04.2012                                                                        wichtig

Google Earth Plug-in        Google        18.11.2011        40,8MB        6.1.0.5001                                                wichtig

Google Talk Plugin        Google        13.10.2012        19,1MB        3.9.1.9832                                                wichtig

GutscheinRausch.de - AddOn für Firefox        GutscheinRausch.de        13.01.2012        1,51MB        2.81                        muss nicht

Half-Life 2        Valve        13.10.2012                                                                                wichtig

Half-Life 2: Lost Coast        Valve        13.10.2012                                                                        wichtig

ICQ7.6        ICQ        07.11.2011                7.6                                                                        wichtig

Intel(R) Control Center        Intel Corporation        02.01.2012                1.2.1.1007                                wichtig

Intel(R) Management Engine Components        Intel Corporation        02.01.2012                7.0.0.1118                wichtig

iTunes        Apple Inc.        20.09.2012        182MB        10.7.0.21                                                        wichtig

Java 7 Update 7 (64-bit)        Oracle        13.10.2012        127MB        7.0.70                                                wichtig

Java(TM) 6 Update 27        Oracle        22.10.2011        97,0MB        6.0.270                                                        wenn 7 da ist könnne die doch weg oder? :D

Java(TM) 6 Update 27 (64-bit)        Oracle        22.10.2011        91,6MB        6.0.270                                                "

Java(TM) 6 Update 37        Oracle        08.09.2012        95,7MB        6.0.370                                                        "

JDownloader 0.9        AppWork GmbH        02.01.2012                0.9                                                        unbekannt

KORES Print Designer                13.03.2012                                                                        muss nicht

MAGIX Speed burnR        MAGIX AG        30.10.2011                6.0.1.4                                                muss nicht

Malwarebytes Anti-Malware Version 1.65.1.1000        Malwarebytes Corporation        18.10.2012        19,4MB        1.65.1.1000 wichtig

Michas Jingle-Player                13.03.2012                                                                        muss nicht

Microsoft .NET Framework 4 Client Profile        Microsoft Corporation        02.01.2012        38,8MB        4.0.30320        wichtig

Microsoft .NET Framework 4 Client Profile DEU Language Pack                07.04.2011                                wichtig

Microsoft .NET Framework 4 Client Profile DEU Language Pack        Microsoft Corporation        02.01.2012        2,93MB        4.0.30320 zweimal?

Microsoft .NET Framework 4 Extended        Microsoft Corporation        21.08.2012        51,9MB        4.0.30319                wichtig

Microsoft .NET Framework 4 Extended DEU Language Pack        Microsoft Corporation        21.08.2012        10,6MB        4.0.30319 wichtig

Microsoft LifeCam        Microsoft Corporation        21.08.2012        33,2MB        3.60.253.0                                wichtig

Microsoft Office Professional Plus 2010        Microsoft Corporation        05.07.2012                14.0.6029.1000                wichtig

Microsoft SQL Server 2005 Compact Edition [ENU]        Microsoft Corporation        11.04.2011        1,72MB        3.1.0000        wichtig

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053        Microsoft Corporation        24.01.2012        258KB        8.0.50727.4053        wichtig

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053        Microsoft Corporation        17.05.2011        252KB        8.0.50727.4053        wichtig

Microsoft Visual C++ 2005 Redistributable        Microsoft Corporation        22.09.2012        2,38MB        8.0.59193        wichtig

Microsoft Visual C++ 2005 Redistributable (x64)        Microsoft Corporation        08.12.2011        708KB        8.0.61000        wichtig

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148        Microsoft Corporation        13.04.2011        200KB        9.0.30729.4148        wichtig

Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570        Microsoft Corporation        15.04.2011        598KB        9.0.30729.5570 wichtig

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148        Microsoft Corporation        19.04.2012        788KB        9.0.30729.4148 wichtig

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161        Microsoft Corporation        20.04.2012        784KB        9.0.30729.6161 wichtig

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022        Microsoft Corporation        22.09.2012        1,41MB        9.0.21022 wichtig

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729        Microsoft Corporation        23.12.2011        234KB        9.0.30729 wichtig

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17        Microsoft Corporation        07.04.2011        596KB        9.0.30729 wichtig

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148        Microsoft Corporation        19.04.2012        230KB        9.0.30729.4148 wichtig

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161        Microsoft Corporation        16.06.2011        600KB        9.0.30729.6161 wichtig

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219        Microsoft Corporation        06.10.2011        13,8MB        10.0.40219 wichtig

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219        Microsoft Corporation        06.10.2011        12,2MB        10.0.40219 wichtig

Microsoft-Maus- und Tastatur-Center        Microsoft Corporation        18.10.2012                2.0.161.0                 wichtig

Microsoft_VC80_ATL_x86                22.04.2012                                                                        unbekannt

Microsoft_VC80_MFC_x86                22.04.2012                                                                        "

Microsoft_VC80_MFCLOC_x86                22.04.2012                                                                "

Microsoft_VC90_ATL_x86                22.04.2012                                                                        "

Mozilla Firefox 15.0.1 (x86 de)        Mozilla        25.09.2012        38,4MB        15.0.1                                                unwichtig

Mozilla Firefox 16.0.1 (x86 de)        Mozilla        13.10.2012        38,5MB        16.0.1                                                wichtig

Mozilla Maintenance Service        Mozilla        13.10.2012        329KB        16.0.1                                                wichtig

Mp3tag v2.52        Florian Heidenreich        01.08.2012                v2.52                                                wichtig

MSXML 4.0 SP2 (KB954430)        Microsoft Corporation        21.04.2011        1,27MB        4.20.9870.0                        unbekannt

MSXML 4.0 SP2 (KB973688)        Microsoft Corporation        21.04.2011        1,33MB        4.20.9876.0                        unbekannt

Native Instruments Audio 2 DJ Driver                24.05.2012                                                        kann weg, Update vorhanden

Native Instruments Audio 2 DJ Driver        Native Instruments        29.07.2012                                        wichtig

Native Instruments Controller Editor                21.09.2012                                                        wichtig

Native Instruments Controller Editor        Native Instruments        21.09.2012                                        zweimal?        

Native Instruments Service Center                24.05.2012                                                        kann weg, Update vorhanden

Native Instruments Service Center        Native Instruments        29.07.2012                                        wichtig

Native Instruments Traktor 2                29.07.2012                                                                wichtig

Native Instruments Traktor 2        Native Instruments        29.07.2012                                                zweimal?

Native Instruments Traktor Kontrol S2 Driver                24.05.2012                                                wichtig

Native Instruments Traktor Kontrol S2 Driver        Native Instruments        29.07.2012                                same again ...

Nexon Game Manager                04.04.2012                                                                        unbekannt

Norton Bootable Recovery Tool Wizard        Symantec Corporation        20.04.2011                3.5.0.23                muss nicht

Norton Internet Security        Symantec Corporation        14.01.2012                19.8.0.14                        wichtig

NVIDIA 3D Vision Controller-Treiber 306.97        NVIDIA Corporation        13.10.2012                306.97                wichtig

NVIDIA 3D Vision Treiber 306.97        NVIDIA Corporation        13.10.2012                306.97                                wichtig

NVIDIA Grafiktreiber 306.97        NVIDIA Corporation        13.10.2012                306.97                                wichtig

NVIDIA HD-Audiotreiber 1.3.18.0        NVIDIA Corporation        13.10.2012                1.3.18.0                        wichtig

NVIDIA PhysX-Systemsoftware 9.12.0604        NVIDIA Corporation        14.09.2012                9.12.0604                wichtig

NVIDIA Update 1.10.8        NVIDIA Corporation        13.10.2012                1.10.8                                        wichtig

OF Dragon Rising        Codemasters        18.07.2011                1.00.0000                                        muss nicht

ON_OFF Charge B11.0110.1        GIGABYTE        06.07.2011                1.00.0001                                wichtig

Oracle VM VirtualBox 4.1.16        Oracle Corporation        06.06.2012        139MB        4.1.16                                wichtig

Origin        Electronic Arts, Inc.        05.04.2012                8.5.2.23                                                wichtig

Overwolf        Overwolf        02.09.2012        81,3MB        0.36.212                                                muss nicht

Philips SPC710NC Webcam                02.01.2012                                                                        wichtig

PhotoScape                19.08.2012                                                                                wichtig

Portal        Valve        02.01.2012                                                                                        wichtig

Portal 2        Valve        02.01.2012                                                                                wichtig

PunkBuster Services        Even Balance, Inc.        06.04.2012                0.991                                        wichtig

QuickTime        Apple Inc.        18.05.2012        73,2MB        7.72.80.56                                                wichtig

Radio Toolbox        www.radiotoolbox.com        05.01.2012                1.1.1                                                wichtig

Realtek Ethernet Controller Driver        Realtek        09.09.2011                7.46.610.2011                                wichtig

Realtek High Definition Audio Driver        Realtek Semiconductor Corp.        02.01.2012                6.0.1.6449        wichtig

reFX Nexus VSTi RTAS v2.2.0                11.04.2011                                                                wichtig

Roxio Creator 2010 Pro        Roxio        02.01.2012        3,34GB        12.0                                                        wichtig

Roxio PhotoShow        Roxio        02.01.2012                6.0                                                                wichtig

Samsung Kies        Samsung Electronics Co., Ltd.        04.05.2011        181MB        2.0.0.11044_11                                unwichtig

SAMSUNG USB Driver for Mobile Phones        SAMSUNG Electronics Co., Ltd.        02.01.2012        46,0MB        1.4.4.0                wichtig

Sanctum                04.05.2012                                                                                        wichtig

Shoot Many Robots                04.05.2012                                                                        wichtig

SHOUTcast DNAS (remove only)                02.01.2012                                                                wichtig

SHOUTcast DNAS Server v2                02.01.2012                                                                wichtig

simfy        simfy AG        07.09.2012                1.6.10                                                                wichtig

Skype Click to Call        Skype Technologies S.A.        29.03.2012        12,4MB        5.9.9216                                muss nicht

Skype™ 5.10        Skype Technologies S.A.        02.09.2012        19,4MB        5.10.116                                        wichtig

Smart 6 B10.1221.1        GIGABYTE        06.07.2011                1.00.0000                                        wichtig

Steam        Valve Corporation        20.12.2011        35,4MB        1.0.0.0                                                        wichtig

Steinberg Cubase 5        Steinberg Media Technologies GmbH        08.04.2011        291MB        5.1.0                        wichtig

Steinberg Drum Loop Expansion 01        Steinberg Media Technologies GmbH        08.04.2011        424MB        1.0.0.1        wichtig

Steinberg Groove Agent ONE Content        Steinberg Media Technologies GmbH        08.04.2011        142MB        1.0.0.003 wichtig

Steinberg HALionOne        Steinberg Media Technologies GmbH        08.04.2011        387MB        1.1.0.457                wichtig

Steinberg HALionOne Additional Content Set 01        Steinberg Media Technologies GmbH        08.04.2011        940MB        1.0.0.001 wichtig

Steinberg HALionOne Expression Set        Steinberg Media Technologies GmbH        08.04.2011        231MB        1.0.1.0        wichtig

Steinberg HALionOne GM Drum Set        Steinberg Media Technologies GmbH        08.04.2011        23,9MB        1.0.1.457        wichtig

Steinberg HALionOne GM Set        Steinberg Media Technologies GmbH        08.04.2011        63,6MB        1.0.1.457        wichtig

Steinberg HALionOne Pro Set        Steinberg Media Technologies GmbH        08.04.2011        123MB        1.0.1.457        wichtig

Steinberg HALionOne Studio Drum Set        Steinberg Media Technologies GmbH        08.04.2011        48,0MB        1.0.1.457 wichtig

Steinberg HALionOne Studio Set        Steinberg Media Technologies GmbH        08.04.2011        112MB        1.0.1.457        wichtig

Steinberg LoopMash Content        Steinberg Media Technologies GmbH        08.04.2011        612MB        1.0.0.005        wichtig

Steinberg REVerence Content 01        Steinberg Media Technologies GmbH        08.04.2011        169MB        1.0.0.006        wichtig

Synergy        Synergy Development Team        13.10.2012                                                                wichtig

TeamSpeak 3 Client        TeamSpeak Systems GmbH        06.09.2012                3.0.6                                        wichtig

TeamViewer 7        TeamViewer        05.10.2012                7.0.14563                                                wichtig

Text-To-Speech-Runtime        Magix Development GmbH        09.10.2011        260KB        1.0.0.0                                        muss nicht

UseNeXT        Tangysoft Ltd.        09.07.2012        5,23MB                                                                        wichtig

VLC media player 2.0.3        VideoLAN        05.10.2012                2.0.3                                                wichtig

VoiceOver Kit        Apple Inc.        22.04.2012        41,7MB        1.42.128.0                                                muss nicht

webcamXP 5        Moonware Studios        18.10.2012                5.5.1.5                                         wichtig

Winamp        Nullsoft, Inc        02.01.2012                5.621                                                                 wichtig

Winamp Erkennungs-Plug-in        Nullsoft, Inc        21.08.2011        75,0KB        1.0.0.1                                        wichtig

Windows Live Anmelde-Assistent        Microsoft Corporation        11.04.2011        1,93MB        5.000.818.5                        muss nicht

Windows Live Essentials        Microsoft Corporation        02.01.2012                14.0.8117.0416                                muss nicht

Windows Live Sync        Microsoft Corporation        11.04.2011        2,79MB        14.0.8117.416                                muss nicht

Windows Live-Uploadtool        Microsoft Corporation        11.04.2011        224KB        14.0.8014.1029                                muss nicht

Windows Mobile-Gerätecenter                02.01.2012                                                                wichtig

WinRAR archiver                02.01.2012                                                                                wichtig

World of Tanks v.0.6.7        Wargaming.net        22.11.2011                                                                muss nicht

XSplit        SplitMediaLabs        04.09.2012        92,1MB        1.1.1209.0401                                                        wichtig

Your Uninstaller! 2010        URSoft, Inc.        31.08.2011        10,7MB        7.0                                                wichtig

µTorrent        BitTorrent Inc.        16.09.2012                3.2.0                                                        wichtig