Raumschiff schwirrt rum |
||
|---|---|---|
| #0
| ||
|
08.06.2014, 00:17
Member
Beiträge: 16 |
||
 
|
|
|
|
12.06.2014, 00:38
Member
Beiträge: 34 |
#2
Könntest du mal einen Screenshot von dem Raumschiff hochladen ?
__________ https://einbruchsicherung-info.de |
|
|
|
|
|
|
14.06.2014, 17:58
Member
Themenstarter Beiträge: 16 |
#3
Hat sich erledigt. War ein Programm (Websteroids), welches ich unabsichtigt installiert habe. Ich konnte es wieder deinstallieren.
|
|
|
|
|
|
Um auf dieses Thema zu ANTWORTEN
bitte erst » hier kostenlos registrieren!!
bitte erst » hier kostenlos registrieren!!
Folgende Themen könnten Dich auch interessieren:
Seite(n): 1
Copyright © 2024, Protecus.de - Protecus Team - Impressum / Mediadaten
ich weiß gar nicht wie ich es erklären soll, aber beim surfen schwirrt immer so ein Raumschiff auf meinem Bildschirm herum und nervt. Mein Virusprogramm schlägt auch immer Alarm, kann das Problem aber nicht beheben:
"";"Potentiell gefährliches Programm: Downloader.AUX, C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\WebsteroidsService.exe";"Gesichert"
"";"MalSign.CreativeIsland gefunden, C:\ProgramData\Websteroids\up\2.6.80\Websteroids.exe";"Gesichert"
OTL logfile created on: 07.06.2014 23:52:09 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Netter\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,05 Gb Available Physical Memory | 51,43% Memory free
7,99 Gb Paging File | 5,80 Gb Available in Paging File | 72,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,59 Gb Total Space | 7,50 Gb Free Space | 12,80% Space Free | Partition Type: NTFS
Drive D: | 229,63 Gb Total Space | 108,39 Gb Free Space | 47,20% Space Free | Partition Type: NTFS
Drive G: | 1,87 Gb Total Space | 1,85 Gb Free Space | 98,97% Space Free | Partition Type: FAT
Computer Name: NETTERNOTEBOOK | User Name: Netter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Processes (SafeList) ==========[/color]
PRC - [2014.06.07 23:42:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Netter\Desktop\OTL.exe
PRC - [2014.05.20 02:45:22 | 033,322,312 | ---- | M] (Dropbox, Inc.) -- C:\Users\Netter\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014.05.15 19:41:02 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe
PRC - [2014.05.15 19:24:15 | 001,863,856 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
PRC - [2014.05.13 14:23:04 | 003,644,432 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
PRC - [2014.05.13 14:18:32 | 005,181,456 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgui.exe
PRC - [2014.05.13 14:15:28 | 000,292,424 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
PRC - [2014.04.17 21:07:28 | 004,672,920 | ---- | M] (Akamai Technologies, Inc.) -- C:\Users\Netter\AppData\Local\Akamai\netsession_win.exe
PRC - [2014.03.22 01:03:26 | 000,061,816 | ---- | M] (Creative Island Media, LLC) -- C:\ProgramData\Websteroids\WebsteroidsService.exe
PRC - [2014.03.22 01:02:54 | 000,151,416 | ---- | M] (Creative Island Media, LLC) -- C:\ProgramData\Websteroids\Websteroids.exe
PRC - [2014.01.17 18:04:50 | 001,729,024 | ---- | M] () -- C:\Program Files (x86)\ZOOM\HandyShare\HandyShare_startup.exe
PRC - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013.07.22 11:09:08 | 000,162,856 | ---- | M] (Geek Software GmbH) -- C:\Program Files (x86)\pdf24\pdf24.exe
PRC - [2013.06.21 05:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
PRC - [2012.12.13 17:37:26 | 000,012,288 | ---- | M] (Autodesk, Inc.) -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
PRC - [2009.12.29 16:35:38 | 000,140,520 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe
PRC - [2009.10.13 11:25:54 | 000,186,904 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
PRC - [2009.10.13 11:25:30 | 000,354,840 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
PRC - [2009.09.13 00:09:10 | 000,103,768 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
PRC - [2009.09.13 00:09:04 | 000,550,232 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
[color=#E56717]========== Modules (No Company Name) ==========[/color]
MOD - [2014.06.07 18:29:31 | 000,043,008 | ---- | M] () -- c:\users\netter\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp0gejzo.dll
MOD - [2014.05.16 21:56:30 | 011,922,944 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\70dbdd46969daf2bea2443c75b7629d4\System.Web.ni.dll
MOD - [2014.05.15 19:41:01 | 003,839,088 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2014.05.15 19:24:14 | 016,361,136 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
MOD - [2014.03.22 01:02:56 | 001,161,080 | ---- | M] () -- C:\Windows\SysWOW64\Websteroids.B324755F3F87.dll
MOD - [2014.02.16 18:26:32 | 005,464,064 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll
MOD - [2014.02.16 18:26:25 | 000,978,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll
MOD - [2014.02.16 18:26:23 | 007,989,760 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll
MOD - [2014.02.16 18:26:06 | 011,499,520 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll
MOD - [2014.01.17 18:04:50 | 001,729,024 | ---- | M] () -- C:\Program Files (x86)\ZOOM\HandyShare\HandyShare_startup.exe
MOD - [2014.01.03 03:09:26 | 003,610,624 | ---- | M] () -- C:\Users\Netter\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2013.08.23 21:01:44 | 025,100,288 | ---- | M] () -- C:\Users\Netter\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2010.11.13 02:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
[color=#E56717]========== Services (SafeList) ==========[/color]
SRV:64bit: - File not found [Auto | Stopped] -- C:\Program Files\Dell\DellDock\DockLogin.exe -- (DockLoginService)
SRV:64bit: - [2014.05.16 04:40:06 | 002,266,296 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe -- (ClickToRunSvc)
SRV:64bit: - [2014.03.06 10:29:14 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV - [2014.05.15 19:24:15 | 000,257,712 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014.05.13 14:23:04 | 003,644,432 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2014.05.13 14:15:28 | 000,292,424 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2014.04.01 20:54:12 | 001,471,352 | ---- | M] (Flexera Software LLC) [On_Demand | Stopped] -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FlexNet Licensing Service 64)
SRV - [2014.03.30 06:17:18 | 005,132,888 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2014.03.22 01:03:26 | 000,061,816 | ---- | M] (Creative Island Media, LLC) [Auto | Running] -- C:\ProgramData\Websteroids\WebsteroidsService.exe -- (Websteroids)
SRV - [2013.12.21 08:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013.10.23 08:15:08 | 000,172,192 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2013.09.11 22:21:54 | 000,105,144 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2013.06.21 05:15:56 | 000,413,472 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2013.06.13 11:17:51 | 004,150,112 | ---- | M] (TeamViewer GmbH) [Auto | Stopped] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8)
SRV - [2012.12.13 17:37:26 | 000,012,288 | ---- | M] (Autodesk, Inc.) [Auto | Running] -- C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe -- (Autodesk Content Service)
SRV - [2010.11.20 14:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS)
SRV - [2010.11.20 14:19:20 | 000,397,824 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC)
SRV - [2010.11.20 14:18:03 | 000,061,440 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc)
SRV - [2010.06.19 19:12:06 | 000,040,960 | ---- | M] () [Auto | Stopped] -- C:\Users\Netter\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe -- (SearchAnonymizer)
SRV - [2009.10.13 11:25:30 | 000,354,840 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe -- (IAANTMON)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2009.05.21 09:59:08 | 000,206,064 | ---- | M] (SupportSoft, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Dell Support Center\bin\sprtsvc.exe -- (sprtsvc_DellSupportCenter)
SRV - [2009.04.28 20:21:52 | 000,436,736 | ---- | M] (Conexant Systems, Inc.) [Auto | Stopped] -- C:\Windows\SysWOW64\ACFXAU64.dll -- (AcfXAudioService)
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
DRV:64bit: - [2014.05.13 14:20:26 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2014.05.13 14:20:06 | 000,273,176 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2014.05.13 14:06:06 | 000,323,352 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2014.05.13 14:05:40 | 000,191,768 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2014.05.13 14:05:08 | 000,152,344 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2014.05.13 14:05:06 | 000,130,328 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2014.05.13 14:04:56 | 000,236,312 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2014.05.13 14:04:30 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2013.08.29 03:29:52 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser)
DRV:64bit: - [2013.04.07 10:41:47 | 000,564,824 | ---- | M] (Duplex Secure Ltd.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\sptd.sys -- (sptd)
DRV:64bit: - [2013.02.25 23:26:08 | 000,470,256 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2013.02.25 07:27:45 | 000,194,848 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2012.12.13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012.12.04 01:13:00 | 000,095,344 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerIb.sys -- (BrSerIb)
DRV:64bit: - [2012.12.04 01:13:00 | 000,021,872 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrUsbSib.sys -- (BrUsbSIb)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.08.20 14:48:50 | 000,019,032 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdrvio.sys -- (pwdrvio)
DRV:64bit: - [2012.08.20 14:48:48 | 000,012,384 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\pwdspio.sys -- (pwdspio)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.06.10 06:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011.03.11 08:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 08:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.07.12 20:36:10 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2009.10.13 12:16:40 | 000,409,624 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.09.15 12:40:42 | 006,952,960 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETw5s64.sys -- (NETw5s64)
DRV:64bit: - [2009.09.08 19:13:16 | 000,087,600 | ---- | M] (Citrix Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ctxusbm.sys -- (ctxusbm)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.07.14 02:39:20 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV:64bit: - [2009.06.29 18:00:50 | 000,132,608 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2009.06.29 18:00:50 | 000,116,096 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbfake.sys -- (hwusbfake)
DRV:64bit: - [2009.06.15 14:06:42 | 000,172,704 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CtClsFlt.sys -- (CtClsFlt)
DRV:64bit: - [2009.06.10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2009.06.10 22:35:28 | 005,434,368 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netw5v64.sys -- (netw5v64)
DRV:64bit: - [2009.06.10 22:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.04 17:46:50 | 000,216,064 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2009.04.29 16:28:30 | 000,030,208 | ---- | M] (Windows (R) Codename Longhorn DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\KMWDFILTER.sys -- (KMWDFILTER)
DRV:64bit: - [2009.04.28 20:21:36 | 000,010,240 | ---- | M] (Conexant Systems, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ACFXAU64.sys -- (XAudio)
DRV:64bit: - [2009.04.09 13:38:24 | 000,116,864 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2007.03.15 01:08:46 | 000,017,024 | ---- | M] (Conexant) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\ACFSDK64.sys -- (mdmxsdk)
DRV:64bit: - [2006.12.12 02:29:02 | 000,097,280 | ---- | M] (Brother Industries Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BrSerIf.sys -- (BrSerIf)
DRV - [2010.07.01 19:11:24 | 000,012,352 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Programme\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
[color=#E56717]========== Internet Explorer ==========[/color]
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {DECFBEF2-9903-4F9A-A827-87E3C67BA0E4}
IE:64bit: - HKLM\..\SearchScopes\{DECFBEF2-9903-4F9A-A827-87E3C67BA0E4}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {4F1EF4AF-4A0F-4383-AFFA-04E348310D7E}
IE - HKLM\..\SearchScopes\{4F1EF4AF-4A0F-4383-AFFA-04E348310D7E}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDC&src=IE-SearchBox
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.uk.msn.com/USCON/8
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M0B27D81D-96A4-4E0C-9F98-883578A928EF&SearchSource=55&CUI=&UM=2&UP=SP3ED815E2-B06E-4A5C-9A9F-4AAC787DC3C0&SSPV=
IE - HKCU\..\URLSearchHook: - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{080FBDF6-B230-4e4d-A4E7-7C7A56D7BABC}: "URL" = http://searchservice.myspace.com/index.cfm?fuseaction=sitesearch.results&qry={searchTerms}&type=Web&orig=IMC-IEDS
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://search.babylon.com/?q={searchTerms}&affID=110186&babsrc=SP_ss&mntrId=6c7728c90000000000000024d69111fc
IE - HKCU\..\SearchScopes\{17CC6C7E-3607-4738-98B9-67E9423602CB}: "URL" = http://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=2697fe03-6973-4540-a867-ae7b8e4a5573&pid=murb&mode=bounce
IE - HKCU\..\SearchScopes\{346175DB-662C-483D-8051-C21DD027FD7B}: "URL" = http://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=2697fe03-6973-4540-a867-ae7b8e4a5573&pid=murb&mode=bounce
IE - HKCU\..\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}: "URL" = http://search.icq.com.anonymize-me.de/?anonymto=687474703A2F2F7365617263682E6963712E636F6D2F7365617263682F726573756C74732E7068703F713D7B7365617263685465726D737D2663685F69643D6F7364&st={searchTerms}&clid=2697fe03-6973-4540-a867-ae7b8e4a5573&pid=murb
IE - HKCU\..\SearchScopes\{68F00B09-D1A2-4C99-A3FD-FC16AE4FF928}: "URL" = http://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=2697fe03-6973-4540-a867-ae7b8e4a5573&pid=murb&mode=bounce
IE - HKCU\..\SearchScopes\{6AB68187-BB22-4D19-A2FF-FC6BE3BEC73B}: "URL" = http://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=2697fe03-6973-4540-a867-ae7b8e4a5573&pid=murb&mode=bounce
IE - HKCU\..\SearchScopes\{A782A96A-38DD-487D-A6B7-348AD188D241}: "URL" = http://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=2697fe03-6973-4540-a867-ae7b8e4a5573&pid=murb&mode=bounce
IE - HKCU\..\SearchScopes\{DCC93764-93B6-4835-8596-AB4CC875561A}: "URL" = http://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=2697fe03-6973-4540-a867-ae7b8e4a5573&pid=murb&mode=bounce
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = 127.0.0.1:9421;<local>;*.local
[color=#E56717]========== FireFox ==========[/color]
FF - prefs.js..browser.search.order.1: "Search the web (Babylon)"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "http://search.conduit.com/?gd=&ctid=CT3325585&octid=EB_ORIGINAL_CTID&ISID=M0B27D81D-96A4-4E0C-9F98-883578A928EF&SearchSource=55&CUI=&UM=2&UP=SP3ED815E2-B06E-4A5C-9A9F-4AAC787DC3C0&SSPV="
FF - prefs.js..extensions.enabledAddons: battlefieldheroespatcher%40ea.com:5.0.127.0
FF - prefs.js..extensions.enabledAddons: battlefieldplay4free%40ea.com:1.0.66.2
FF - prefs.js..extensions.enabledAddons: %7B9e1d7c80-43d1-11db-b0de-0800200c9a66%7D:1.0.3.0
FF - prefs.js..extensions.enabledAddons: %7BDB9127A2-3381-41ec-82B3-1B6ED4C6F29A%7D:1.0
FF - prefs.js..extensions.enabledAddons: %7Be4a8a97b-f2ed-450b-b12d-ee082ba24781%7D:1.15
FF - prefs.js..extensions.enabledAddons: %7Bdc572301-7619-498c-a57d-39143191b318%7D:0.4.1.3.1
FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.22
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:29.0.1
FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6
FF - prefs.js..extensions.enabledItems: {e4a8a97b-f2ed-450b-b12d-ee082ba24781}:0.9.2
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.1
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21
FF - prefs.js..extensions.enabledItems: {9e1d7c80-43d1-11db-b0de-0800200c9a66}:1.0.2.6
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}:1.0
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6906
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {6904342A-8307-11DF-A508-4AE2DFD72085}:2.1.1.94
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://search.babylon.com/?affID=110186&babsrc=KW_ss&mntrId=6c7728c90000000000000024d69111fc&q="
FF - prefs.js..network.proxy.autoconfig_url: "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*')%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fnew.songza.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpreview.grooveshark.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*'))%20%7B%20return%20'PROXY%20nq-us06.personalitycores.com%3A8000%3B%20PROXY%20nq-us10.personalitycores.com%3A8000%3B%20PROXY%20nq-us11.personalitycores.com%3A8000%3B%20PROXY%20nq-us08.personalitycores.com%3A8000%3B%20PROXY%20nq-us12.personalitycores.com%3A8000%3B%20PROXY%20nq-us09.personalitycores.com%3A8000%3B%20PROXY%20nq-us05.personalitycores.com%3A8000%3B%20PROXY%20nq-us04.personalitycores.com%3A8000%3B%20PROXY%20nq-us07.personalitycores.com%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF - prefs.js..network.proxy.type: 2
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.55.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014.05.15 19:40:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 29.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014.05.15 19:40:53 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.06.16 17:16:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014.05.15 18:23:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.06.16 17:16:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014.05.15 18:23:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.06.16 17:16:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014.05.15 18:23:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.06.16 17:16:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014.05.15 18:23:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.06.16 17:16:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014.05.15 18:23:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.06.16 17:16:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014.05.15 18:23:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.06.16 17:16:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014.05.15 18:23:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.06.16 17:16:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014.05.15 18:23:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.06.16 17:16:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014.05.15 18:23:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.06.16 17:16:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014.05.15 18:23:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.06.16 17:16:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014.05.15 18:23:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.06.16 17:16:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014.05.15 18:23:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.06.16 17:16:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014.05.15 18:23:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.06.16 17:16:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014.05.15 18:23:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.06.16 17:16:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014.05.15 18:23:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.06.16 17:16:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014.05.15 18:23:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.06.16 17:16:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014.05.15 18:23:34 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2013.06.16 17:16:47 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2014.05.15 18:23:34 | 000,000,000 | ---D | M]
[2010.05.28 21:40:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Netter\AppData\Roaming\mozilla\Extensions
[2010.05.28 21:40:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Netter\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2014.06.07 15:19:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Netter\AppData\Roaming\mozilla\Firefox\Profiles\catcspwb.default\extensions
[2011.05.11 12:04:43 | 000,000,000 | ---D | M] ("ThreeShips Helper Extension") -- C:\Users\Netter\AppData\Roaming\mozilla\Firefox\Profiles\catcspwb.default\extensions\{9e1d7c80-43d1-11db-b0de-0800200c9a66}
[2014.03.26 22:18:23 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Netter\AppData\Roaming\mozilla\Firefox\Profiles\catcspwb.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2010.12.27 01:18:00 | 000,000,000 | ---D | M] (flashget3 Extension) -- C:\Users\Netter\AppData\Roaming\mozilla\Firefox\Profiles\catcspwb.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}
[2011.09.29 10:29:00 | 000,000,000 | ---D | M] (Battlefield Heroes Updater) -- C:\Users\Netter\AppData\Roaming\mozilla\Firefox\Profiles\catcspwb.default\extensions\battlefieldheroespatcher@ea.com
[2011.09.27 10:33:05 | 000,000,000 | ---D | M] (Battlefield Play4Free) -- C:\Users\Netter\AppData\Roaming\mozilla\Firefox\Profiles\catcspwb.default\extensions\battlefieldplay4free@ea.com
[2013.09.18 19:28:29 | 000,377,153 | ---- | M] () (No name found) -- C:\Users\Netter\AppData\Roaming\mozilla\firefox\profiles\catcspwb.default\extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi
[2012.12.12 13:01:51 | 000,036,098 | ---- | M] () (No name found) -- C:\Users\Netter\AppData\Roaming\mozilla\firefox\profiles\catcspwb.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[2014.06.07 15:19:25 | 000,967,387 | ---- | M] () (No name found) -- C:\Users\Netter\AppData\Roaming\mozilla\firefox\profiles\catcspwb.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2014.02.24 17:46:05 | 000,787,979 | ---- | M] () (No name found) -- C:\Users\Netter\AppData\Roaming\mozilla\firefox\profiles\catcspwb.default\extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi
[2014.02.17 00:32:41 | 000,287,566 | ---- | M] () (No name found) -- C:\Users\Netter\AppData\Roaming\mozilla\firefox\profiles\catcspwb.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
[2009.04.09 16:03:38 | 000,057,407 | ---- | M] (flashget) (No name found) -- C:\Users\Netter\AppData\Roaming\mozilla\firefox\profiles\catcspwb.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}\components\FlashgetXpi.dll
[2008.10.17 11:03:56 | 000,000,205 | ---- | M] () (No name found) -- C:\Users\Netter\AppData\Roaming\mozilla\firefox\profiles\catcspwb.default\extensions\{DB9127A2-3381-41ec-82B3-1B6ED4C6F29A}\components\IFlashgetXpi.xpt
[2014.04.01 20:19:49 | 000,000,916 | ---- | M] () -- C:\Users\Netter\AppData\Roaming\mozilla\firefox\profiles\catcspwb.default\searchplugins\conduit-search.xml
[2010.06.19 19:12:10 | 000,001,064 | ---- | M] () -- C:\Users\Netter\AppData\Roaming\mozilla\firefox\profiles\catcspwb.default\searchplugins\icqplugin.xml
[2009.12.01 20:50:20 | 000,002,160 | ---- | M] () -- C:\Users\Netter\AppData\Roaming\mozilla\firefox\profiles\catcspwb.default\searchplugins\MySpace.xml
[2010.10.16 20:17:54 | 000,001,032 | ---- | M] () -- C:\Users\Netter\AppData\Roaming\mozilla\firefox\profiles\catcspwb.default\searchplugins\wikipedia-eng.xml
[2010.06.19 19:12:10 | 000,002,152 | ---- | M] () -- C:\Users\Netter\AppData\Roaming\mozilla\firefox\profiles\catcspwb.default\searchplugins\{A43F39B7-8B10-42B9-A9A3-9C211B12F8FB}.xml
[2010.06.19 19:12:10 | 000,002,041 | ---- | M] () -- C:\Users\Netter\AppData\Roaming\mozilla\firefox\profiles\catcspwb.default\searchplugins\{B6CCB940-063E-4D8A-8210-9743E31C3E59}.xml
[2010.06.19 19:12:10 | 000,001,834 | ---- | M] () -- C:\Users\Netter\AppData\Roaming\mozilla\firefox\profiles\catcspwb.default\searchplugins\{BD56BF6E-1FBC-4C73-A6CB-C25887F6DC0A}.xml
[2014.05.15 19:40:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2014.05.15 19:40:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2014.05.15 19:40:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2014.05.15 19:40:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
[2014.05.15 19:40:51 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0038-ABCDEFFEDCBA}
[2014.05.15 19:40:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2014.05.15 19:41:02 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009.09.13 00:05:42 | 000,124,240 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll
[2009.09.13 00:06:22 | 000,070,488 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll
[2009.09.13 00:06:32 | 000,091,480 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll
[2009.09.13 00:06:28 | 000,022,360 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll
[2009.09.13 00:08:36 | 000,406,864 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll
[2009.09.13 00:06:24 | 000,023,896 | ---- | M] (Citrix Systems, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll
O1 HOSTS File: ([2010.11.14 18:17:24 | 000,000,998 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 im.adtech.de
O1 - Hosts: 127.0.0.1 adserver.adtech.de
O1 - Hosts: 127.0.0.1 adtech.de
O1 - Hosts: 127.0.0.1 atwola.com
O1 - Hosts: 127.0.0.1 adserver.71i.de
O1 - Hosts: 127.0.0.1 adicqserver.71i.de
O1 - Hosts: 127.0.0.1 71i.de
O2:64bit: - BHO: (Lync Browser Helper) - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Microsoft SkyDrive Pro Browser Helper) - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office 15\root\office15\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4:64bit: - HKLM..\Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Ocs_SM] C:\Users\Netter\AppData\Roaming\OCS\SM\SearchAnonymizer.exe (OCS)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_UI] C:\Program Files (x86)\AVG\AVG2014\avgui.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [ConnectionCenter] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe (Citrix Systems, Inc.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe File not found
O4 - HKLM..\Run: [EaseUS EPM tray] C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.3.0\bin\EpmNews.exe File not found
O4 - HKLM..\Run: [HandyShareStartup] C:\Program Files (x86)\ZOOM\HandyShare\HandyShare_startup.exe ()
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe File not found
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\pdf24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [PDVDDXSrv] C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UnlockerAssistant] "C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe" File not found
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Netter\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [Autodesk Sync] C:\Programme\Autodesk\Autodesk Sync\AdSync.exe (Autodesk, Inc.)
O4 - HKCU..\Run: [DAEMON Tools Lite] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe (Disc Soft Ltd)
O4 - HKCU..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart File not found
O4 - HKCU..\Run: [SkyDrive] C:\Users\Netter\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe (Microsoft Corporation)
O4 - Startup: C:\Users\Netter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Netter\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: =
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MIF5BA~1\Office15\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8:64bit: - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8:64bit: - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office15\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MIF5BA~1\Office15\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: An vorhandene PDF-Datei anfügen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Linkziel an vorhandene PDF-Datei anhängen - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Linkziel in Adobe PDF konvertieren - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office15\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office12\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office 15\root\office15\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIF5BA~1\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: fritz.box ([]* in Lokales Intranet)
O15 - HKCU\..Trusted Domains: kuaiche.com ([software] http in Trusted sites)
O15 - HKCU\..Trusted Ranges: Range1 (• in Lokales Intranet)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab (Java Plug-in 1.6.0_14)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{96B33A90-D4EF-4497-A98E-D5D72E6D991D}: NameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9A121276-D55F-4B56-BCEC-B89270D56F8D}: DhcpNameServer = 192.168.178.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\osf - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\osf {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Programme\Microsoft Office 15\root\office15\MSOSB.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2014.04.01 18:40:03 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O33 - MountPoints2\{56d10f61-b48e-11e0-bd75-98d8eb347075}\Shell - "" = AutoRun
O33 - MountPoints2\{56d10f61-b48e-11e0-bd75-98d8eb347075}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{56d10f6c-b48e-11e0-bd75-98d8eb347075}\Shell - "" = AutoRun
O33 - MountPoints2\{56d10f6c-b48e-11e0-bd75-98d8eb347075}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{56d10f7d-b48e-11e0-bd75-98d8eb347075}\Shell - "" = AutoRun
O33 - MountPoints2\{56d10f7d-b48e-11e0-bd75-98d8eb347075}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{56d10f8c-b48e-11e0-bd75-98d8eb347075}\Shell - "" = AutoRun
O33 - MountPoints2\{56d10f8c-b48e-11e0-bd75-98d8eb347075}\Shell\AutoRun\command - "" = G:\setup_vmc_lite.exe /checkApplicationPresence
O33 - MountPoints2\{634ec4f6-a153-11e2-905f-8a6313b61306}\Shell - "" = AutoRun
O33 - MountPoints2\{634ec4f6-a153-11e2-905f-8a6313b61306}\Shell\AutoRun\command - "" = "I:\WD SmartWare.exe" autoplay=true
O33 - MountPoints2\{71d23bae-1dc2-11e2-8606-f469e4b1d868}\Shell - "" = AutoRun
O33 - MountPoints2\{71d23bae-1dc2-11e2-8606-f469e4b1d868}\Shell\AutoRun\command - "" = C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL ºÍ·áÏîÄ¿¸Å¿ö1.doc
O33 - MountPoints2\{7bbb01cb-c400-11e0-815d-c6d3a55fcf68}\Shell - "" = AutoRun
O33 - MountPoints2\{7bbb01cb-c400-11e0-815d-c6d3a55fcf68}\Shell\AutoRun\command - "" = G:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
ActiveX:64bit: {04C17CAF-C196-54FF-9871-1CBD84756208} - Microsoft Windows Media Player
ActiveX:64bit: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX:64bit: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C41005B-D496-FD73-5767-07C550AA239B} - Microsoft Windows Media Player 12.0
ActiveX:64bit: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX:64bit: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX:64bit: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX:64bit: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX:64bit: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX:64bit: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX:64bit: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX:64bit: {5EAF1B5F-8825-BB52-E065-994F6A85EAD8} - Themes Setup
ActiveX:64bit: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX:64bit: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX:64bit: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX:64bit: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX:64bit: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX:64bit: {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX:64bit: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -UserConfig
ActiveX:64bit: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX:64bit: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX:64bit: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX:64bit: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX:64bit: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX:64bit: {F417F133-FDC6-4DEA-BCCA-B3A33C1CD222} - Internet Explorer
ActiveX:64bit: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX:64bit: {F67AF1A0-07C3-A554-8EA6-29B90A1F885C} - Java (Sun)
ActiveX:64bit: {FEBEF00C-046D-438D-8A88-BF94A6C9E703} - .NET Framework
ActiveX:64bit: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {25FFAAD0-F4A3-4164-95FF-4461E9F35D51} - .NET Framework
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2D46B6DC-2207-486B-B523-A557E6D54B47} - C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles(x86)%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {533CD09E-0081-FD3A-70BD-63D9CFCC6341} - Browser Customizations
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {7DEBE4EB-6B40-3766-BB35-5CBBC385DA37} - .NET Framework
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} -
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\SysWOW64\Rundll32.exe C:\Windows\SysWOW64\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {B9D48B06-DF87-16CD-136A-48D22E396381} - Internet Explorer
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: {F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4} - .NET Framework
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
[2014.06.07 23:42:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Netter\Desktop\OTL.exe
[2014.05.31 11:08:59 | 000,000,000 | ---D | C] -- C:\Users\Netter\Documents\Freemake
[2014.05.31 11:08:58 | 000,000,000 | ---D | C] -- C:\Users\Netter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
[2014.05.31 11:08:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
[2014.05.31 11:08:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Freemake
[2014.05.31 11:08:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Freemake
[2014.05.27 19:30:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ZOOM
[2014.05.27 19:30:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ZOOM
[2014.05.25 22:32:21 | 000,000,000 | ---D | C] -- C:\Users\Netter\AppData\Roaming\DVDVideoSoft
[2014.05.23 18:38:51 | 000,000,000 | ---D | C] -- C:\Windows\rescache
[2014.05.23 17:19:51 | 000,000,000 | -HSD | C] -- C:\Users\Netter\AppData\Local\EmieUserList
[2014.05.23 17:19:51 | 000,000,000 | -HSD | C] -- C:\Users\Netter\AppData\Local\EmieSiteList
[2014.05.22 20:14:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2014.05.15 19:40:50 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014.05.13 14:20:26 | 000,235,800 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2014.05.13 14:20:06 | 000,273,176 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2014.05.13 14:06:06 | 000,323,352 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys
[2014.05.13 14:05:40 | 000,191,768 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsha.sys
[2014.05.13 14:05:08 | 000,152,344 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys
[2014.05.13 14:05:06 | 000,130,328 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2014.05.13 14:04:56 | 000,236,312 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[2014.05.13 14:04:30 | 000,031,512 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys
[2014.05.11 18:07:17 | 000,016,384 | R--- | C] (AVM Berlin GmbH) -- C:\Windows\SysWow64\avmprmon.dll
[2014.05.10 10:12:03 | 000,069,120 | R--- | C] (AVM Berlin) -- C:\Windows\SysWow64\avmadd32.dll
[2014.05.10 10:12:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FRITZ!Box
[2014.05.10 10:12:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FRITZ!BoxPrint
[2014.05.10 10:11:55 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\FRITZ!Box
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
[2014.06.07 23:53:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014.06.07 23:42:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Netter\Desktop\OTL.exe
[2014.06.07 23:24:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014.06.07 23:17:06 | 001,844,724 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014.06.07 23:17:06 | 000,787,676 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2014.06.07 23:17:06 | 000,727,544 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014.06.07 23:17:06 | 000,182,556 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2014.06.07 23:17:06 | 000,148,326 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014.06.07 23:13:46 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014.06.07 18:35:08 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014.06.07 18:35:08 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014.06.07 18:30:57 | 000,000,548 | ---- | M] () -- C:\Windows\tasks\MATLAB R2014a Startup Accelerator.job
[2014.06.07 18:28:22 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014.06.07 18:27:15 | 3217,268,736 | -HS- | M] () -- C:\hiberfil.sys
[2014.05.29 12:50:53 | 000,001,060 | ---- | M] () -- C:\Users\Netter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014.05.26 17:26:08 | 000,000,085 | -HS- | M] () -- C:\ProgramData\.zreglib
[2014.05.25 13:47:02 | 000,000,432 | ---- | M] () -- C:\Windows\BRWMARK.INI
[2014.05.25 13:47:02 | 000,000,034 | ---- | M] () -- C:\Windows\SysWow64\BD2030.DAT
[2014.05.13 14:20:26 | 000,235,800 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgldx64.sys
[2014.05.13 14:20:06 | 000,273,176 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgtdia.sys
[2014.05.13 14:06:06 | 000,323,352 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgloga.sys
[2014.05.13 14:05:40 | 000,191,768 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsha.sys
[2014.05.13 14:05:08 | 000,152,344 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgdiska.sys
[2014.05.13 14:05:06 | 000,130,328 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgmfx64.sys
[2014.05.13 14:04:56 | 000,236,312 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgidsdrivera.sys
[2014.05.13 14:04:30 | 000,031,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\SysNative\drivers\avgrkx64.sys
[color=#E56717]========== Files Created - No Company Name ==========[/color]
[2014.05.25 22:51:13 | 000,000,085 | -HS- | C] () -- C:\ProgramData\.zreglib
[2014.04.25 20:26:55 | 000,000,153 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2014.04.13 22:00:59 | 000,000,193 | ---- | C] () -- C:\Windows\WORDPAD.INI
[2014.03.22 01:02:56 | 001,161,080 | ---- | C] () -- C:\Windows\SysWow64\Websteroids.B324755F3F87.dll
[2013.06.16 18:56:33 | 000,000,138 | ---- | C] () -- C:\Windows\vsfilter.INI
[2013.05.26 23:18:28 | 000,000,746 | ---- | C] () -- C:\Windows\XaraX.INI
[2013.01.03 16:16:58 | 000,140,968 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2012.03.22 16:57:05 | 000,028,261 | ---- | C] () -- C:\Users\Netter\AppData\Roaming\Kommagetrennte Werte (Windows).ADR
[2011.03.20 15:45:11 | 000,000,690 | ---- | C] () -- C:\Users\Netter\Netter - Verknüpfung.lnk
[2010.07.20 17:45:34 | 000,006,144 | ---- | C] () -- C:\Users\Netter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[color=#E56717]========== ZeroAccess Check ==========[/color]
[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.03.25 04:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.03.25 04:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
[color=#E56717]========== LOP Check ==========[/color]
[2014.04.01 21:08:36 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\Autodesk
[2013.09.27 15:40:34 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\AVG2014
[2012.07.14 18:30:57 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\Babylon
[2013.06.16 18:56:07 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\Baidu
[2013.07.09 11:14:04 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\BITS
[2013.09.03 14:58:25 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\BOM
[2014.06.01 20:05:46 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\DAEMON Tools Lite
[2014.06.07 18:30:02 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\Dropbox
[2014.06.07 18:29:50 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\DropboxMaster
[2014.05.25 22:45:29 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\DVDVideoSoft
[2010.06.24 22:16:33 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\DVDVideoSoftIEHelpers
[2013.07.09 11:14:32 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\FlashgetSetup
[2013.06.23 22:55:17 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\Guitar Pro 6
[2011.02.22 11:08:33 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\ICAClient
[2012.12.21 16:11:13 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\ICQ
[2013.05.26 11:32:09 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\MAGIX
[2010.12.02 19:00:11 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\McGraw-HillLicensing
[2014.04.18 11:58:50 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\Notepad++
[2010.06.19 19:12:06 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\OCS
[2014.04.01 20:06:07 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\OpenCandy
[2010.06.19 19:12:10 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\Opera
[2013.04.09 19:53:39 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\RouterControl
[2013.05.26 13:00:08 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\simplitec
[2014.04.18 11:02:58 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\Subversion
[2013.06.25 17:40:47 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\Synaptics
[2013.12.06 09:31:19 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\TeamViewer
[2012.01.08 20:03:03 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\Thinstall
[2010.05.28 21:40:44 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\Thunderbird
[2010.05.29 00:12:43 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\TS3Client
[2014.04.01 20:07:36 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\TuneUp Software
[2010.12.30 01:58:36 | 000,000,000 | ---D | M] -- C:\Users\Netter\AppData\Roaming\XMedia Recode
[color=#E56717]========== Purity Check ==========[/color]
[color=#E56717]========== Custom Scans ==========[/color]
[color=#A23BEC]< %SYSTEMDRIVE%\*. >[/color]
[2013.10.10 18:21:14 | 000,000,000 | -H-D | M] -- C:\$AVG
[2010.05.28 19:43:22 | 000,000,000 | -HSD | M] -- C:\$Recycle.Bin
[2014.04.01 18:40:03 | 000,000,000 | ---D | M] -- C:\Autodesk
[2011.06.28 11:03:59 | 000,000,000 | -HSD | M] -- C:\Boot
[2014.05.29 12:46:12 | 000,000,000 | -HSD | M] -- C:\Config.Msi
[2010.05.28 19:39:15 | 000,000,000 | ---D | M] -- C:\Dell
[2009.07.14 07:08:56 | 000,000,000 | -HSD | M] -- C:\Documents and Settings
[2010.05.28 19:38:48 | 000,000,000 | -HSD | M] -- C:\Dokumente und Einstellungen
[2012.07.04 09:10:52 | 000,000,000 | ---D | M] -- C:\Downloads
[2013.06.23 16:34:01 | 000,000,000 | ---D | M] -- C:\drivers
[2010.05.21 22:16:05 | 000,000,000 | ---D | M] -- C:\inetpub
[2014.04.01 10:34:03 | 000,000,000 | ---D | M] -- C:\midacoVB
[2013.10.25 18:27:25 | 000,000,000 | RH-D | M] -- C:\MSOCache
[2013.10.25 20:19:58 | 000,000,000 | ---D | M] -- C:\NVIDIA
[2014.04.25 18:56:01 | 000,000,000 | R--D | M] -- C:\Program Files
[2014.05.31 11:23:43 | 000,000,000 | R--D | M] -- C:\Program Files (x86)
[2014.05.31 11:08:53 | 000,000,000 | -H-D | M] -- C:\ProgramData
[2010.05.28 19:38:48 | 000,000,000 | -HSD | M] -- C:\Programme
[2010.05.28 19:38:48 | 000,000,000 | -HSD | M] -- C:\Recovery
[2012.03.31 17:45:34 | 000,000,000 | ---D | M] -- C:\Sent
[2014.06.07 23:55:54 | 000,000,000 | -HSD | M] -- C:\System Volume Information
[2013.10.25 20:26:03 | 000,000,000 | ---D | M] -- C:\temp
[2011.06.28 14:53:40 | 000,000,000 | R--D | M] -- C:\Users
[2014.06.07 23:38:07 | 000,000,000 | ---D | M] -- C:\Windows
[color=#A23BEC]< %PROGRAMFILES%\*.exe >[/color]
[color=#A23BEC]< %LOCALAPPDATA%\*.exe >[/color]
[color=#A23BEC]< %systemroot%\*. /mp /s >[/color]
[color=#A23BEC]< MD5 for: EXPLORER.EXE >[/color]
[2009.10.06 08:06:36 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=00B0358734CAA32C39D181FE6916B178 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_b8b0208ee0ce1889\explorer.exe
[2011.02.26 08:23:14 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=0862495E0C825893DB75EF44FAEA8E93 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_adc24107935a7e25\explorer.exe
[2011.02.26 07:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_ba87e574ddfe652d\explorer.exe
[2009.07.14 03:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_b7fe430bc7ce3761\explorer.exe
[2011.02.26 07:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_b8ce9756e0b786a4\explorer.exe
[2009.10.31 07:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_b819b343c7ba6202\explorer.exe
[2011.02.26 07:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_b816eb59c7bb4020\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\explorer.exe
[2011.02.25 08:19:30 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=332FEAB1435662FC6C672E25BEB37BE3 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_afa79dc39081d0ba\explorer.exe
[2011.02.26 08:14:34 | 002,871,808 | ---- | M] (Microsoft Corporation) MD5=3B69712041F3D63605529BD66DC00C48 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_b0333b22a99da332\explorer.exe
[2010.11.20 14:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_ba2f56d3c4bcbafb\explorer.exe
[2009.10.06 08:35:29 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=6D4F9E4B640B413C6F73414327484C80 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_addea9f19345cd81\explorer.exe
[2009.08.03 08:19:07 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=700073016DAC1C3D2E7E2CE4223334B6 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_ae84b558ac4eb41c\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\SysWOW64\explorer.exe
[2011.02.25 07:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_b9fc4815c4e292b5\explorer.exe
[2009.10.31 08:34:59 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=9AAAEC8DAC27AA17B053E6352AD233AE -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_adc508f19359a007\explorer.exe
[2009.08.03 07:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_b8d95faae0af7617\explorer.exe
[2010.11.20 15:24:45 | 002,872,320 | ---- | M] (Microsoft Corporation) MD5=AC4C51EB24AA95B77F705AB159189E24 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_afdaac81905bf900\explorer.exe
[2009.10.31 08:38:38 | 002,870,272 | ---- | M] (Microsoft Corporation) MD5=B8EC4BD49CE8F6FC457721BFC210B67F -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_ae46d6aeac7ca7c7\explorer.exe
[2009.08.03 07:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_b853c407c78e3ba9\explorer.exe
[2009.07.14 03:39:10 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=C235A51CB740E45FFA0EBFB9BAFCDA64 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_ada998b9936d7566\explorer.exe
[2009.10.31 08:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_b89b8100e0dd69c2\explorer.exe
[2009.10.06 08:31:09 | 002,868,736 | ---- | M] (Microsoft Corporation) MD5=CA17F8620815267DC838E30B68CB5052 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20542_none_ae5b763cac6d568e\explorer.exe
[2011.02.26 08:26:45 | 002,870,784 | ---- | M] (Microsoft Corporation) MD5=E38899074D4951D31B4040E994DD7C8D -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_ae79ed04ac56c4a9\explorer.exe
[2009.08.03 08:17:37 | 002,868,224 | ---- | M] (Microsoft Corporation) MD5=F170B4A061C9E026437B193B4D571799 -- C:\Windows\winsxs\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_adff19b5932d79ae\explorer.exe
[2009.10.06 07:53:03 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=FC89FACA0473641CB625EDA9277D0885 -- C:\Windows\winsxs\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16434_none_b8335443c7a68f7c\explorer.exe
[color=#A23BEC]< MD5 for: REGEDIT.EXE >[/color]
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=2E2C937846A0B8789E5E91739284D17A -- C:\Windows\winsxs\amd64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5023a70bf589ad3e\regedit.exe
[2009.07.14 03:39:29 | 000,427,008 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\SysWOW64\regedit.exe
[2009.07.14 03:14:30 | 000,398,336 | ---- | M] (Microsoft Corporation) MD5=8A4883F5E7AC37444F23279239553878 -- C:\Windows\winsxs\wow64_microsoft-windows-registry-editor_31bf3856ad364e35_6.1.7600.16385_none_5a78515e29ea6f39\regedit.exe
[color=#A23BEC]< MD5 for: USERINIT.EXE >[/color]
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SysWOW64\userinit.exe
[2010.11.20 14:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009.07.14 03:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe
[2009.07.14 03:39:48 | 000,030,208 | ---- | M] (Microsoft Corporation) MD5=6F8F1376A13114CC10C0E69274F5A4DE -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_381dabbceb60feb2\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\SysNative\userinit.exe
[2010.11.20 15:25:24 | 000,030,720 | ---- | M] (Microsoft Corporation) MD5=BAFE84E637BF7388C96EF48D4D3FDD53 -- C:\Windows\winsxs\amd64_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_3a4ebf84e84f824c\userinit.exe
[color=#A23BEC]< MD5 for: WININIT.EXE >[/color]
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\SysNative\wininit.exe
[2009.07.14 03:39:52 | 000,129,024 | ---- | M] (Microsoft Corporation) MD5=94355C28C1970635A31B3FE52EB7CEBA -- C:\Windows\winsxs\amd64_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_8ce7aa761e01ad49\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\SysWOW64\wininit.exe
[2009.07.14 03:14:45 | 000,096,256 | ---- | M] (Microsoft Corporation) MD5=B5C5DCAD3899512020D135600129D665 -- C:\Windows\winsxs\x86_microsoft-windows-wininit_31bf3856ad364e35_6.1.7600.16385_none_30c90ef265a43c13\wininit.exe
[color=#A23BEC]< MD5 for: WINLOGON.EXE >[/color]
[2010.11.20 15:25:30 | 000,390,656 | ---- | M] (Microsoft Corporation) MD5=1151B1BAA6F350B1DB6598E0FEA7C457 -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_cde90685eb910636\winlogon.exe
[2009.07.14 03:39:52 | 000,389,120 | ---- | M] (Microsoft Corporation) MD5=132328DF455B0028F13BF0ABEE51A63A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_cbb7f2bdeea2829c\winlogon.exe
[2014.03.04 13:08:14 | 000,455,680 | ---- | M] (Microsoft Corporation) MD5=6CE2AE073BD21C542FC2C707CAE944CC -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.22616_none_ce748d1d04acf24f\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\SysNative\winlogon.exe
[2014.03.04 11:43:50 | 000,455,168 | ---- | M] (Microsoft Corporation) MD5=88AB9B72B4BF3963A0DE0820B4B0B06C -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.18409_none_cdf8bf35eb848572\winlogon.exe
[2009.10.28 09:01:57 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=A93D41A4D4B0D91C072D11DD8AF266DE -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_cc522fd507b468f8\winlogon.exe
[2009.10.28 08:24:40 | 000,389,632 | ---- | M] (Microsoft Corporation) MD5=DA3E2A6FA9660CC75B471530CE88453A -- C:\Windows\winsxs\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_cbe534e7ee8042ad\winlogon.exe
[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >[/color]
[color=#A23BEC]< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >[/color]
< End of report >
OTL Extras logfile created on: 07.06.2014 23:52:09 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Netter\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17041)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,05 Gb Available Physical Memory | 51,43% Memory free
7,99 Gb Paging File | 5,80 Gb Available in Paging File | 72,60% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 58,59 Gb Total Space | 7,50 Gb Free Space | 12,80% Space Free | Partition Type: NTFS
Drive D: | 229,63 Gb Total Space | 108,39 Gb Free Space | 47,20% Space Free | Partition Type: NTFS
Drive G: | 1,87 Gb Total Space | 1,85 Gb Free Space | 98,97% Space Free | Partition Type: FAT
Computer Name: NETTERNOTEBOOK | User Name: Netter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
[color=#E56717]========== Extra Registry (SafeList) ==========[/color]
[color=#E56717]========== File Associations ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[color=#E56717]========== Shell Spawning ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "D:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Programme\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "D:\Programme\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" ()
Directory [Winamp.Bookmark] -- "D:\Programme\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "D:\Programme\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "D:\Programme\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
[color=#E56717]========== Security Center Settings ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
[color=#E56717]========== Firewall Settings ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[color=#E56717]========== Authorized Applications List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"D:\Programme\FlashGet Network\FlashGet 3\FlashGet3.exe" = D:\Programme\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"D:\FlashGet 3\FlashGet Network\FlashGet 3\FlashGet3.exe" = D:\FlashGet 3\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"D:\Programme\FlashGet Network\FlashGet 3\FlashGet3.exe" = D:\Programme\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
"D:\FlashGet 3\FlashGet Network\FlashGet 3\FlashGet3.exe" = D:\FlashGet 3\FlashGet Network\FlashGet 3\FlashGet3.exe:*:Enabled:Flashget3
[color=#E56717]========== Vista Active Open Ports Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09355633-8717-4C93-8E63-4FEE23047386}" = lport=10243 | protocol=6 | dir=in | app=system |
"{0AF34F37-BBE9-4FDB-A8E3-25661AFE474C}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{164687CB-2968-4D56-9B5C-46CB56EF8E6D}" = rport=138 | protocol=17 | dir=out | app=system |
"{1D63EBB2-EE30-4622-8EDA-CD76DE928AD5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1D9772C9-1477-4E42-9CB7-32F118F67B9E}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{2A358F83-C5D6-4E1D-A86F-A44945ABA38F}" = rport=139 | protocol=6 | dir=out | app=system |
"{32BDD44C-F475-4C9D-B717-B7ADF7184C96}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{34F9A6A8-A2B1-4D4A-8FC3-312C8A1B5400}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{37D7A792-B3D8-4FB1-9FBC-DE1D33BA7EC5}" = lport=2869 | protocol=6 | dir=in | app=system |
"{38574674-3B77-40AB-B933-B6DA9F9B286B}" = rport=137 | protocol=17 | dir=out | app=system |
"{3EE756CB-08FE-40FB-A537-D9356988FF51}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{461B1D63-6960-4D2D-AEF0-22A7C07A3E9B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{486B84D7-8CF4-4A4B-9A4B-54610F9290AF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{50E26A93-7EEC-4148-AFD9-E0C32F13FE8D}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{525538D1-1148-4371-B286-C0E588F35260}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5651AB59-5C25-4A97-811E-D9FB32966B91}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5ABB3355-EF30-4131-B69A-E3EE0BF7F2FD}" = lport=50248 | protocol=6 | dir=in | name=autodesk content service |
"{5C74F7A1-B524-4C58-A4E4-E2F2B64B62C1}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{6027E82F-83DE-4BB6-80C3-02C5EBBD4C00}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{62B0E88B-C969-426E-88D9-E5146410A04F}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{62D9986F-D1EB-44C2-BE52-12A55BCDB6F7}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office15\outlook.exe |
"{64A5B610-9DAD-4C78-BA0E-EEE736DC75E4}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6883DAA4-AAD4-4A75-8041-2B8F83219D88}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{781E488E-4FCE-4954-A178-61AE8B622772}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{7950F6A7-A79A-472B-B53E-E735A2F848BA}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{806D37D3-0C7F-49FA-88D0-31B97B4A5244}" = lport=445 | protocol=6 | dir=in | app=system |
"{84139E5A-19CD-4203-8C8D-1C6BAA7E4197}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{87DAC743-E9CB-4EB3-98D4-256E63892084}" = rport=2869 | protocol=6 | dir=out | app=system |
"{8D41F10C-E630-4909-80DA-71BBB0B07C91}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{8F3DCC60-36A7-4B23-B750-B127F5E8939B}" = lport=139 | protocol=6 | dir=in | app=system |
"{986D3616-B2FE-48D8-A412-6DE1B05FEB56}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{9D1406EB-BC65-42AC-A7FD-C1ED511EFD52}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office 15\root\office15\outlook.exe |
"{9F029388-29A9-4EA0-81D8-63F66232AC6E}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B0F1B27C-4C73-40E4-AA5F-A953B89E6779}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{B22769D0-1DB7-4FB7-AFC1-F3EA183B0978}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BA12683E-0C00-49E8-B946-0D160A83E0E4}" = lport=49172 | protocol=6 | dir=in | name=akamai netsession interface |
"{BEDC5146-D6BE-4F54-B8BC-D9F911B35D8A}" = lport=8461 | protocol=6 | dir=in | name=mailstore server http-port 8461 |
"{BF0F264B-E087-44A4-9336-C6AF84CDB829}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{CBBCECDB-3034-4683-97F4-9830CA41E276}" = lport=5000 | protocol=17 | dir=in | name=akamai netsession interface |
"{CF798D55-1FB2-495D-AAB1-BEEC0BF817CB}" = rport=10243 | protocol=6 | dir=out | app=system |
"{D990E55E-FB40-40C3-B1C2-67FE11B05F94}" = lport=138 | protocol=17 | dir=in | app=system |
"{DD7FB223-E955-4BC3-95BB-17B610FB4727}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{E24D80E4-DD6E-4BBF-895D-7E2E192EEE1F}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{E7DF532B-C8EE-4849-A33B-D6EF46E7621C}" = lport=8462 | protocol=6 | dir=in | name=mailstore server https-port 8462 |
"{EDC4CB23-2B46-442D-B48D-7C1EB043C59E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EE212E0C-6221-49D0-9BF2-FAAEAB0E63B7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{EFCADA40-A410-4779-942F-F3BCF5E86D25}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{F013E4DE-DA89-4C7A-AF4A-77E178288DF3}" = rport=445 | protocol=6 | dir=out | app=system |
"{F99CEE3F-4EA8-46B6-849C-34BCDE250A3C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FE98064F-F0DD-41AF-87B7-6F153B96CFA2}" = lport=137 | protocol=17 | dir=in | app=system |
"{FF8C1473-1A3F-43ED-9E9E-EEECC85ACE76}" = lport=50546 | protocol=6 | dir=in | name=akamai netsession interface |
[color=#E56717]========== Vista Active Application Exception List ==========[/color]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0013691C-AEF7-46D8-9012-9EBF3686BF28}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{01F40529-C3CD-4A57-9008-B688D5D0B77F}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{034574E3-C35C-458E-9610-220554121337}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{04770C96-1B5E-4636-B796-6A919A794635}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{04CFB4E5-0F9B-4509-9A1B-5CD348CCAC86}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{09468FF8-6171-4E2B-91FF-FC2DD05C50AF}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{0D65091E-4500-4EB8-A243-85010CE2B212}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\powerdvd.exe |
"{0EB6E2BA-6305-47D1-8119-F3DDB968DC2A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{0FDE4EB9-3384-45C5-982F-0544A9230038}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{179F0EC1-862C-4261-AC90-DAE0D95D4398}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"{1B69D608-6E11-4612-89D7-C990F04E183B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{1C08BE67-F703-4C4C-8937-A10520BD0830}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{1E00F358-C0BF-4031-89E9-630F3B4918E2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{1EAF4092-9178-4A04-A34C-6EC052CC4726}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{2358E45B-1CE3-414E-AFD6-9F600825AFC9}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{2EA63005-126C-4A35-9E4D-EC27A12F47CC}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{32EDEBB9-F1D6-4E03-9245-C7E9BEFE9895}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{36BC7307-518E-4E71-80BC-F4CECE5DF7A2}" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"{37381D05-7A29-41F1-ABA4-BF03005101A9}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4107EF5B-039E-48D3-9734-AADE11B73E76}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{48C278D9-2BD5-404B-8C4B-8E3285A9BCCB}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{4B6C83A5-4E62-42E2-B480-18413F295EEC}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{51383C45-C506-4B28-8F82-775A755F38BE}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{52C744DF-1EEA-4146-B022-94BE363137AC}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{588829C1-32EA-495D-A696-DD9CBAA8ABEC}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{59B6B786-DB61-43FD-BCD7-16F6EC1B247B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5A919146-42C5-4185-9DD0-8B9B111F9BF3}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{6ACBED29-4436-4121-8B1C-C664A6AD8BB9}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{6B4BE04E-4966-40AF-9159-AE01DBE4F829}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"{6D22ADE3-CE76-4666-A582-05B1D77F71F5}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{71E797B0-3A00-4742-B780-B3D7291E6162}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{72AF5E10-475E-4B23-A769-371612E6E331}" = protocol=17 | dir=in | app=c:\users\netter\appdata\roaming\spotify\spotify.exe |
"{749A2F93-4D63-4A26-8351-DA85509438FB}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{75FE906C-3731-4890-B128-C760A6EF16B7}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{77E31F47-7E85-4E5E-9B8A-3AABCD9DD422}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{813544DD-1AB3-4925-9D2D-1407D7442000}" = protocol=6 | dir=in | app=c:\windows\system32\lxbvcoms.exe |
"{83B9C687-FC8E-4BA7-97BA-C91624DB7615}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{83F33657-5D13-4638-B069-5AAAA43BEFA3}" = protocol=17 | dir=in | app=c:\windows\system32\lxbvcoms.exe |
"{842E28EE-F8CD-416B-AE9A-A3FEA1B62C70}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{8498A170-AF75-4415-AC0A-EE19831D1797}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8EE2CB9D-73DB-462C-B3C9-26A2EF263DD9}" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{9760AEC9-E296-4032-88A8-19CE19D5A4F0}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{98B90A40-4AC7-4091-A070-E961DBA57E2A}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{9A0BEB1F-4113-41E1-8643-6333A52DA772}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{9AAC5AEB-7E32-46D7-97CA-5CDAFE40C975}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{9C0EE53C-8F60-4F57-85E3-D408DBE5B3F5}" = dir=in | app=c:\program files (x86)\skype\plugin manager\skypepm.exe |
"{9E011ED2-E903-4696-A88A-43AEFBDF1D92}" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"{9FBF1041-4F07-4925-9195-63E53C4B9973}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9FC9D088-12C9-4C24-A6E5-29828B2FE653}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A4093DD3-C434-469C-A8B1-40A2238C10C5}" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre6\bin\java.exe |
"{A8CA9030-8EDC-4E1B-80C5-97083D521CAA}" = protocol=17 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"{A9B5A561-FDE6-42A2-BA83-BE7968B54C05}" = protocol=6 | dir=out | app=system |
"{ABE2172B-1D64-4E74-BC58-48C82E364A20}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{AFE14925-273C-4C65-8251-F699EC5FFDE0}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{B15FA6B9-EAED-4EE7-A6B1-5A82424C8960}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{B3977915-BEA3-4FDD-BF06-0C34A3E46DA9}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\lync.exe |
"{B4CCEC2C-D207-4540-9F1A-C80FBD3E34F8}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BC8E6051-76D7-4BC8-8CE7-868AFC2D1778}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BEEC6268-12E3-4507-870E-05F449B1F6A8}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{C435FE61-817F-4D1A-B377-7AFC37B06E2E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{C4A11DC7-68E3-401E-9F20-CE3BF830206F}" = protocol=17 | dir=in | app=c:\program files (x86)\deepinvent\mailstore server\mailstoreserver.exe |
"{C91FB15E-4160-41D4-9DFC-39A44E51A48C}" = protocol=6 | dir=in | app=c:\windows\syswow64\lxbvcoms.exe |
"{C94BD0D5-1BD3-4E37-81CD-48CA83BB1E81}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{CA37B179-AE0A-49AC-97DA-E0E047917603}" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.4\icq.exe |
"{CB12FEC1-6F8F-43C9-A292-7A32C61D1E85}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CC8B918C-675A-4619-9FE5-3B6CA18448A3}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{CCDAA022-B323-4C04-A32C-4E7467381FB8}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{CF245891-3FA3-43F8-8716-331261A9CD4D}" = dir=in | app=c:\users\netter\appdata\local\microsoft\skydrive\skydrive.exe |
"{D2E3C14A-1244-46A8-88D6-82188CF06FAA}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office15\ucmapi.exe |
"{D44C49C7-6FA2-4007-A7EB-DF2BC53427F0}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{D5293A44-15A0-4015-83E7-88B1EE172A44}" = protocol=6 | dir=in | app=c:\users\netter\appdata\roaming\spotify\spotify.exe |
"{D5652EB3-6451-4F9E-ADAD-980A1483DB5F}" = protocol=6 | dir=in | app=c:\program files (x86)\deepinvent\mailstore server\mailstoreserver.exe |
"{D876184B-1655-4F99-A23C-6090C2F5FAB6}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{DB85BB5B-5497-404B-96AE-3CE7A2485264}" = protocol=6 | dir=in | app=c:\users\netter\appdata\roaming\dropbox\bin\dropbox.exe |
"{DBB3B7C5-1CAF-47ED-8193-EAD7D6E9B6A2}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{DD62A6C8-8F16-46F6-9D2C-9D59B0D6D4FC}" = protocol=17 | dir=in | app=c:\users\netter\appdata\roaming\dropbox\bin\dropbox.exe |
"{DE52F989-CC58-4708-AD7D-5807FC1FFC65}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{E070611C-B0F4-4931-B482-118740DDF2A9}" = protocol=17 | dir=in | app=c:\windows\syswow64\lxbvcoms.exe |
"{E0ECA52F-F395-4828-B402-59A7E40E59E6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E282D5E4-938E-4740-8D5C-212218C2D1FA}" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre6\bin\javaw.exe |
"{E5AE3DE6-7AF2-4F7A-8042-AB3D4996638A}" = dir=in | app=c:\program files (x86)\common files\mcafee\mna\mcnasvc.exe |
"{E98ECB01-DCE5-41D7-9EF7-C130AC54550E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{F36E92A9-0D7C-487C-92DB-95FDCCE4EF86}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{F524B838-344F-42EE-AAAE-680F464C6B46}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FA0006A6-870D-429B-9DC8-B587E2D91B60}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{FB579E8D-123E-4AAC-A5A5-95BC15224E11}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{FC46DB41-E545-4781-8B93-1E13BE0A89FD}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{FCC8406C-28C6-4172-97B7-73E1EB68FE85}" = protocol=6 | dir=in | app=c:\program files (x86)\icq6.5\icq.exe |
"TCP Query User{05475999-4034-432C-B1AF-6DF39B7BFC8B}C:\program files\java\jre6\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"TCP Query User{133DE6EB-22E2-4C71-A175-90B9AAEC82EF}C:\program files\java\jre6\bin\java.exe" = protocol=6 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"TCP Query User{14E7C7CC-87CF-4630-9F34-657E24816D2A}D:\programme\cryptload\routerclient.exe" = protocol=6 | dir=in | app=d:\programme\cryptload\routerclient.exe |
"TCP Query User{1562C6BC-27F8-4DC7-9DCD-DD49B339845D}C:\program files (x86)\icq7.6\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"TCP Query User{194B3A77-1E9E-48A9-9499-0EE1141FE0BB}C:\users\netter\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\netter\appdata\local\akamai\netsession_win.exe |
"TCP Query User{1B63BF5B-0188-418A-81B9-336CDA5B241E}C:\program files (x86)\icq7.5\icq.exe" = protocol=6 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"TCP Query User{43B510C9-DCA3-46E6-9778-63CEE25477AB}D:\programme\ea games\battlefield play4free\bfp4f.exe" = protocol=6 | dir=in | app=d:\programme\ea games\battlefield play4free\bfp4f.exe |
"TCP Query User{4B577CB9-00A1-460A-BEE5-0FAAD7BAFD8A}C:\users\netter\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\netter\appdata\local\akamai\netsession_win.exe |
"TCP Query User{5034F709-B274-4D8B-B151-14B73F7F286B}C:\users\netter\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=6 | dir=in | app=c:\users\netter\appdata\roaming\dropbox\bin\dropbox.exe |
"TCP Query User{6C636E69-DA12-40E0-ACD5-F504C74E504F}D:\flashget 3\flashget network\flashget 3\flashget3.exe" = protocol=6 | dir=in | app=d:\flashget 3\flashget network\flashget 3\flashget3.exe |
"TCP Query User{6C6D47A1-DF02-4283-A8DC-4F5A05FAC865}D:\neuer ordner\bdhd\baidup2pservice.exe" = protocol=6 | dir=in | app=d:\neuer ordner\bdhd\baidup2pservice.exe |
"TCP Query User{7326701D-9C48-44C8-8115-4047880083AB}D:\programme\diablo ii\game.exe" = protocol=6 | dir=in | app=d:\programme\diablo ii\game.exe |
"TCP Query User{88079E7A-9A1D-432B-8F3D-354E6A5230C8}D:\programme\ea games\battlefield play4free\bfp4f.exe" = protocol=6 | dir=in | app=d:\programme\ea games\battlefield play4free\bfp4f.exe |
"TCP Query User{C02BF5D9-7B8F-401A-B853-62D72454F495}D:\neuer ordner\bdhd\baidup2pservice.exe" = protocol=6 | dir=in | app=d:\neuer ordner\bdhd\baidup2pservice.exe |
"TCP Query User{D51E0EF4-A852-460A-80DF-C158EB61EC7A}D:\programme\winamp\winamp.exe" = protocol=6 | dir=in | app=d:\programme\winamp\winamp.exe |
"TCP Query User{D61CF3C0-E388-451E-BC4B-14161CBDF024}D:\programme\flashget network\flashget 3\flashget3.exe" = protocol=6 | dir=in | app=d:\programme\flashget network\flashget 3\flashget3.exe |
"TCP Query User{D994A364-D406-4052-977A-FE4C8068DD34}D:\programme\flashget network\flashget 3\flashget3.exe" = protocol=6 | dir=in | app=d:\programme\flashget network\flashget 3\flashget3.exe |
"TCP Query User{DA1A7D8D-3AAF-469B-BC3B-36FE15B04B62}D:\programme\winamp\winamp.exe" = protocol=6 | dir=in | app=d:\programme\winamp\winamp.exe |
"UDP Query User{06AD8133-790A-4CCD-A612-BA4A15CE9BCA}C:\program files\java\jre6\bin\java.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\java.exe |
"UDP Query User{0D070FE9-F1FA-4A39-A5F2-793D53176CAC}D:\programme\flashget network\flashget 3\flashget3.exe" = protocol=17 | dir=in | app=d:\programme\flashget network\flashget 3\flashget3.exe |
"UDP Query User{0EC340BA-E566-48AC-BA75-6704F0673E08}C:\users\netter\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\netter\appdata\local\akamai\netsession_win.exe |
"UDP Query User{35235D3B-E7F8-494A-8A0E-298C4CCBB3CE}D:\programme\winamp\winamp.exe" = protocol=17 | dir=in | app=d:\programme\winamp\winamp.exe |
"UDP Query User{55AF2071-1150-4C41-B54D-BC4086C3D5C6}D:\flashget 3\flashget network\flashget 3\flashget3.exe" = protocol=17 | dir=in | app=d:\flashget 3\flashget network\flashget 3\flashget3.exe |
"UDP Query User{6251FA79-928C-4F0C-B5FD-E34F244971EF}C:\users\netter\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\netter\appdata\local\akamai\netsession_win.exe |
"UDP Query User{627D73D0-B5E6-40EA-A9DA-2826FE5DB6CE}D:\programme\ea games\battlefield play4free\bfp4f.exe" = protocol=17 | dir=in | app=d:\programme\ea games\battlefield play4free\bfp4f.exe |
"UDP Query User{6B15F1BC-3F0C-47A1-93DD-CBA2C7B7DEF6}D:\neuer ordner\bdhd\baidup2pservice.exe" = protocol=17 | dir=in | app=d:\neuer ordner\bdhd\baidup2pservice.exe |
"UDP Query User{6B9BDCB9-850C-4F51-9087-E4551CF7FA9B}D:\programme\winamp\winamp.exe" = protocol=17 | dir=in | app=d:\programme\winamp\winamp.exe |
"UDP Query User{6ECC1E9F-764E-4B90-B58C-AEE8D5E545DC}D:\programme\ea games\battlefield play4free\bfp4f.exe" = protocol=17 | dir=in | app=d:\programme\ea games\battlefield play4free\bfp4f.exe |
"UDP Query User{7C0366EA-5E14-4775-9ABC-08D143406B5F}D:\programme\diablo ii\game.exe" = protocol=17 | dir=in | app=d:\programme\diablo ii\game.exe |
"UDP Query User{90245CBC-9675-4A88-A972-E00312F0A9CC}D:\neuer ordner\bdhd\baidup2pservice.exe" = protocol=17 | dir=in | app=d:\neuer ordner\bdhd\baidup2pservice.exe |
"UDP Query User{9A2EE993-3F88-4654-8477-B687DAC691C3}C:\program files (x86)\icq7.5\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.5\icq.exe |
"UDP Query User{C5A4C49C-6231-4154-AE77-BF6533C5E5F6}C:\program files\java\jre6\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre6\bin\javaw.exe |
"UDP Query User{C9D3D36B-B3B4-4FF3-8D85-6EDD143DBBF5}D:\programme\flashget network\flashget 3\flashget3.exe" = protocol=17 | dir=in | app=d:\programme\flashget network\flashget 3\flashget3.exe |
"UDP Query User{D33A6997-687C-4166-BB80-1552A16252B4}C:\program files (x86)\icq7.6\icq.exe" = protocol=17 | dir=in | app=c:\program files (x86)\icq7.6\icq.exe |
"UDP Query User{D9775A2C-BAB1-4DBB-9EEA-BC4B305A3DCE}C:\users\netter\appdata\roaming\dropbox\bin\dropbox.exe" = protocol=17 | dir=in | app=c:\users\netter\appdata\roaming\dropbox\bin\dropbox.exe |
"UDP Query User{FE5A2E4E-FCD0-4A1E-A4B3-37A5238EF1BE}D:\programme\cryptload\routerclient.exe" = protocol=17 | dir=in | app=d:\programme\cryptload\routerclient.exe |
[color=#E56717]========== HKEY_LOCAL_MACHINE Uninstall List ==========[/color]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{26A24AE4-039D-4CA4-87B4-2F86416014FF}" = Java(TM) 6 Update 14 (64-bit)
"{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1" = Media Player Classic - Home Cinema 1.6.0.4014 x64
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{31ABA3F2-0000-1033-0102-111D43815377}" = Autodesk ReCap
"{31ABA3F2-0010-1033-0102-111D43815377}" = Autodesk ReCap Language Pack-English
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}" = Autodesk 360
"{5783F2D7-D001-0000-0102-0060B0CE6BBA}" = AutoCAD 2014 - Deutsch (German)
"{5783F2D7-D001-0407-1102-0060B0CE6BBA}" = AutoCAD 2014 Language Pack - Deutsch (German)
"{5783F2D7-D001-0407-2102-0060B0CE6BBA}" = AutoCAD 2014 - Deutsch (German)
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8B45608A-DC45-4F3B-921F-61CDA22C9A83}" = Intel(R) PROSet/Wireless WiFi-Software
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{90150000-008F-0000-1000-0000000FF1CE}" = Office 15 Click-to-Run Licensing Component
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel(R) Matrix Storage Manager
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5.1 (Deutsch)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Treiber 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Systemsteuerung 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Grafiktreiber 320.49
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX-Systemsoftware 9.13.0604
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD-Audiotreiber 1.3.24.2
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{C513739C-5F16-37B5-9ACF-99925FF1C1F3}" = Microsoft .NET Framework 4.5.1 (DEU)
"{CB21CD89-A4D3-4240-9AAA-55DCE7F3D076}" = AVG 2014
"{CFF43477-05A9-466C-8399-A2C151D82CA0}" = AVG 2014
"{EE936C7A-EA40-31D5-9B65-8E3E089C3828}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148
"AutoCAD 2014 - Deutsch (German)" = Autodesk AutoCAD 2014 - Deutsch (German)
"Autodesk ReCap" = Autodesk ReCap
"AVG" = AVG 2014
"CCleaner" = CCleaner
"Matlab R2014a" = MATLAB R2014a
"O365HomePremRetail - de-de" = Microsoft Office 365 - de-de
"ProInst" = Intel PROSet Wireless
"SearchAnonymizer" = SearchAnonymizer
"SynTPDeinstKey" = Synaptics Pointing Device Driver
"Unlocker" = Unlocker 1.9.0-x64
"WinRAR archiver" = WinRAR
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0BCA9EFD-F2D6-4638-B053-8693BA0404BE}" = Citrix Online Plug-in (Web)
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83217045FF}" = Java 7 Update 55
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2BC21CD2-8053-406A-80F6-9AB61717B49D}" = ODF Add-In für Microsoft Office
"{3282FBE1-35FC-48D8-98CA-115A5EF1F9B4}" = NVIDIA PhysX
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{51BF3210-B825-4092-8E0D-66D689916E02}" = Autodesk Material Library Base Resolution Image Library 2014
"{55392E52-1AAD-44C4-BE49-258FFE72434F}" = Citrix Online Plug-in (USB)
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62F029AB-85F2-0000-866A-9FC0DD99DDBC}" = Autodesk Content Service
"{62F029AB-85F2-0001-866A-9FC0DD99DDBC}" = Autodesk Content Service Language Pack
"{644E9589-F73A-49A4-AC61-A953B9DE5669}" = SketchUp Import for AutoCAD 2014
"{644F9B19-A462-499C-BF4D-300ABC2A28B1}" = Autodesk Material Library 2014
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{6B3CA80E-6AC0-4725-BABF-9B0FEF880CB3}" = Power Tab Editor 1.7
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype™ 6.16
"{812424AC-A8B5-44E6-8D48-07E939D1AD9A}" = Citrix Online Plug-in (HDX)
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 5.7.0
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek 8136 8168 8169 Ethernet Driver
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_VISPRO_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_VISPRO_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_VISPRO_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_VISPRO_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_VISPRO_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0051-0000-0000-0000000FF1CE}" = Microsoft Office Visio Professional 2007
"{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}" = Microsoft Office Visio 2007 Service Pack 3 (SP3)
"{90120000-0054-0409-0000-0000000FF1CE}" = Microsoft Office Visio MUI (English) 2007
"{90120000-0054-0409-0000-0000000FF1CE}_VISPRO_{7DA87C7E-E8A7-473E-ADFF-1B6BECCCADA7}" = Microsoft Office Visio 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_VISPRO_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_VISPRO_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_VISPRO_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90150000-008C-0000-0000-0000000FF1CE}" = Office 15 Click-to-Run Extensibility Component
"{90150000-008C-0407-0000-0000000FF1CE}" = Office 15 Click-to-Run Localization Component
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.07) - Deutsch
"{B24839E5-A70C-48AD-B4D9-B9FB46B4B038}_is1" = Hydrogen 0.9.6 preview release for windows
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C070121A-C8C5-4D52-9A7D-D240631BD433}" = Autodesk App Manager
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{CF53CF7C-D996-43EB-9904-DBED57C25625}" = Citrix Online Plug-in (DV)
"{D025A394-FED7-44E8-8E16-E0CB4E534AD1}" = ZOOM HandyShare for Windows
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3BFEE55-39E2-4BE0-B966-89FE583822C1}" = Dell Support Center (Support Software)
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F732FEDA-7713-4428-934B-EF83B8DD65D0}" = Autodesk Featured Apps
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"Adobe Flash Player ActiveX" = Adobe Flash Player 13 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 13 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Autodesk Content Service" = Autodesk Content Service
"AVMFBox" = AVM FRITZ!Box Dokumentation
"AVMFBoxPrinter" = AVM FRITZ!Box Druckeranschluss
"Biet-O-Matic v2.14.8" = Biet-O-Matic v2.14.8
"CitrixOnlinePluginPackWeb" = Citrix Online Plug-in - Web
"DAEMON Tools Lite" = DAEMON Tools Lite
"Dell Webcam Central" = Dell Webcam Central
"Diablo II" = Diablo II
"Freemake Video Converter_is1" = Freemake Video Converter Version 4.1.4
"Guitar Pro 5_is1" = Guitar Pro 5.2
"Mozilla Firefox 29.0.1 (x86 de)" = Mozilla Firefox 29.0.1 (x86 de)
"Mozilla Thunderbird 17.0 (x86 de)" = Mozilla Thunderbird 17.0 (x86 de)
"Notepad++" = Notepad++
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"TeamViewer 8" = TeamViewer 8
"VISPRO" = Microsoft Office Visio Professional 2007
"VLC media player" = VLC media player 1.1.1
"Websteroids" = Websteroids
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"XMedia Recode" = XMedia Recode 3.0.0.0
"YTdetect" = Yahoo! Detect
[color=#E56717]========== HKEY_CURRENT_USER Uninstall List ==========[/color]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"OneDriveSetup.exe" = Microsoft OneDrive
[color=#E56717]========== Last 20 Event Log Errors ==========[/color]
[ Application Events ]
Error - 07.06.2014 14:02:27 | Computer Name = NetterNotebook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 07.06.2014 14:02:27 | Computer Name = NetterNotebook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 3588
Error - 07.06.2014 14:02:27 | Computer Name = NetterNotebook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 3588
Error - 07.06.2014 17:13:41 | Computer Name = NetterNotebook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 07.06.2014 17:13:41 | Computer Name = NetterNotebook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 11477571
Error - 07.06.2014 17:13:41 | Computer Name = NetterNotebook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 11477571
Error - 07.06.2014 17:13:42 | Computer Name = NetterNotebook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second
Error - 07.06.2014 17:13:42 | Computer Name = NetterNotebook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 11478678
Error - 07.06.2014 17:13:42 | Computer Name = NetterNotebook | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 11478678
Error - 07.06.2014 17:51:28 | Computer Name = NetterNotebook | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 14c8 Startzeit:
01cf829a4a7c5d18 Endzeit: 9 Anwendungspfad: C:\Users\Netter\Desktop\OTL.exe Berichts-ID:
[ OSession Events ]
Error - 09.09.2010 12:44:40 | Computer Name = NetterNotebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6541.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 3290
seconds with 2340 seconds of active time. This session ended with a crash.
Error - 13.09.2010 09:06:13 | Computer Name = NetterNotebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 1745
seconds with 1440 seconds of active time. This session ended with a crash.
Error - 11.10.2010 11:49:07 | Computer Name = NetterNotebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6535.5002, Microsoft Office Version: 12.0.6425.1000. This session lasted 1748
seconds with 0 seconds of active time. This session ended with a crash.
Error - 29.10.2010 07:47:20 | Computer Name = NetterNotebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 5195
seconds with 1560 seconds of active time. This session ended with a crash.
Error - 24.11.2010 09:12:00 | Computer Name = NetterNotebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 6348
seconds with 5760 seconds of active time. This session ended with a crash.
Error - 01.12.2010 07:23:36 | Computer Name = NetterNotebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 46
seconds with 0 seconds of active time. This session ended with a crash.
Error - 23.12.2010 06:09:19 | Computer Name = NetterNotebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 7959
seconds with 6960 seconds of active time. This session ended with a crash.
Error - 06.01.2011 07:49:47 | Computer Name = NetterNotebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 973
seconds with 0 seconds of active time. This session ended with a crash.
Error - 19.06.2012 07:21:57 | Computer Name = NetterNotebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 13429
seconds with 720 seconds of active time. This session ended with a crash.
Error - 14.11.2012 06:48:07 | Computer Name = NetterNotebook | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 20
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 07.06.2014 12:28:00 | Computer Name = NetterNotebook | Source = Service Control Manager | ID = 7000
Description = Der Dienst "AcfXAudioService" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 07.06.2014 12:28:01 | Computer Name = NetterNotebook | Source = APPHOSTSVC | ID = 9010
Description =
Error - 07.06.2014 12:28:43 | Computer Name = NetterNotebook | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
SearchAnonymizer erreicht.
Error - 07.06.2014 12:28:43 | Computer Name = NetterNotebook | Source = Service Control Manager | ID = 7000
Description = Der Dienst "SearchAnonymizer" wurde aufgrund folgenden Fehlers nicht
gestartet: %%1053
Error - 07.06.2014 12:29:17 | Computer Name = NetterNotebook | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
TeamViewer 8 erreicht.
Error - 07.06.2014 12:29:19 | Computer Name = NetterNotebook | Source = Service Control Manager | ID = 7000
Description = Der Dienst "TeamViewer 8" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error - 07.06.2014 12:29:25 | Computer Name = NetterNotebook | Source = W3SVC | ID = 1004
Description =
Error - 07.06.2014 12:29:25 | Computer Name = NetterNotebook | Source = HTTP | ID = 15005
Description =
Error - 07.06.2014 12:29:38 | Computer Name = NetterNotebook | Source = ipnathlp | ID = 34001
Description =
Error - 07.06.2014 12:29:38 | Computer Name = NetterNotebook | Source = ipnathlp | ID = 30013
Description =
< End of report >
Wirklich kurios.
Vielen Dank für die Hilfe.
Gruß,
Johannes