GVU Trojaner entfernt, System jetzt sauber? Hallo liebe Gemeinde,
ich hatte am 2.7.2012 das "schöne" Erlebnis den GVU Trojaner nach dem Hochfahren meines Laptops zu sehen.
Hab dann am 2.7. abends via Kaspersky Rescue Disk 10 den Windows Unlocker gestartet und danach einen vollständigen Scan mit Kaspersky Rescue Disk durchgeführt. Alle gefunden Objekte habe ich desinfiziert bzw. gelöscht. Den Scan hab ich dann gestern abend erneut durchgeführt, dabei wurde nichts mehr gefunden.
Achso, nachdem ich meinen Laptop nach der Säuberungsaktion wieder im normaln Modus hochgefahren habe, kam ein Pop-Up mit dem Hinweis, dass irgendwas nicht gestartet werden konnte, weil die Datei "...AppData\Local\Temp\0_0u_l.exe" nicht gefunden werden konnte. Im Autostart Ordner hab ich dann mal nachgeschaut und gesehen, dass dort eine Programm namens "ctfmon" oder so Ähnlich drin stand, welches laut Eigenschaften auf diese o.g. Datei angewiesen ist....
Hier meine Daten:
Win 7 64bit Version
GVU Trojaner vermutlich der neusten Generation (oben rechts gab es eine Art Webcambild)
Avira Internet Security 2012 (jeden Tag geupdatet, mehrfach gescannt, Funde im Mai 2012: Dropper.gen und diverse Exploits)
Firewall von Win7 muss nach dem Hochfahren immer manuell gestartet werden (wird immer von Avira geblockt...)
Nachfolgend meine vier LogFiles von
OTL/Extras, Malware Bytes (vollständiger Scan) & CCleaner (Liste der installierten Programme).
Besten Dank für eure Hilfe!!!!
VG,
Julia
Hier die LogFiles:
OTL.txt Code:
Alles auswählen Aufklappen ATTFilter
OTL logfile created on: 07.07.2012 10:42:02 - Run 2
OTL by OldTimer - Version 3.2.44.0 Folder = C:\Users\Julia\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,87 Gb Total Physical Memory | 2,34 Gb Available Physical Memory | 60,59% Memory free
7,73 Gb Paging File | 5,73 Gb Available in Paging File | 74,13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581,42 Gb Total Space | 508,17 Gb Free Space | 87,40% Space Free | Partition Type: NTFS
Computer Name: JUJUSDELLI | User Name: Julia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Users\Julia\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
PRC - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
PRC - C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
PRC - C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE (SoftThinks - Dell)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE ()
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
PRC - C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpd.exe (SoftThinks - Dell)
PRC - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
PRC - C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
PRC - C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Programme\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe (Broadcom Corporation.)
PRC - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
PRC - C:\Windows\SysWOW64\brss01a.exe (brother Industries Ltd)
PRC - C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
PRC - C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
PRC - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcmon.exe (Brother Industries, Ltd.)
PRC - C:\Windows\SysWOW64\NMSAccess32.exe ()
PRC - C:\Windows\SysWOW64\brsvc01a.exe (brother Industries Ltd)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\7b7fbe651c6e72f12099a298654c9594\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\6bb439b3f87736d3248ae27d43e2c0d6\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\199683f6e79076b634ee6cc0a82c0654\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\3971e166cf827b6726e142f344061dc9\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\8c40f40ef36622109793788049fbe9ab\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0c2b0d52156447592f33edf4116b7e7d\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\65f0d70169a0e73b45307dddbd86f92b\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\06269663e6482bc4ceeb48c2a7d1ad34\IAStorUtil.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\dfd33f59a5803a3c73cf408362e6e0b7\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\8e56489276063ededde74e597a121df3\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\03dee80574f4ec770b6f77ca030ded6c\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\ba3d70b651454c7d49b407b93663bfed\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\cfa9c506bfb9254c89dace7b83bc9f9d\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a5fa2a1cfc6e9fdc39d9a8f2baa57bc9\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d1f299160424bad90fe9f658661389e2\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll ()
MOD - C:\Users\Julia\AppData\Local\Temp\c06086cf-47b1-4760-b263-4e4271d9922f\CliSecureRT.dll ()
MOD - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
MOD - C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll ()
MOD - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
MOD - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting.resources\2.0.0.0_de_b77a5c561934e089\System.Runtime.Remoting.resources.dll ()
MOD - C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
MOD - C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll ()
========== Win32 Services (SafeList) ==========
SRV:64bit: - (Mcx2Svc) -- C:\Windows\SysNative\Mcx2Svc.dll (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (wltrysvc) -- C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE (Dell Inc.)
SRV:64bit: - (RemoteAccess) -- C:\Windows\SysNative\mprdim.dll (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AntiVirFirewallService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avfwsvc.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE (Avira Operations GmbH & Co. KG)
SRV - (AntiVirMailService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (BBSvc) -- C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (SftService) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE (SoftThinks SAS)
SRV - (STacSV) -- C:\Programme\IDT\WDM\stacsv64.exe (IDT, Inc.)
SRV - (IAStorDataMgrSvc) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (CVPND) -- C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe (Cisco Systems, Inc.)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (UNS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) Intel(R) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.)
SRV - (RemoteAccess) -- C:\Windows\SysWOW64\mprdim.dll (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_64) -- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (DockLoginService) -- C:\Programme\Dell\DellDock\DockLogin.exe (Stardock Corporation)
SRV - (GameConsoleService) -- C:\Program Files (x86)\WildTangent\Dell Games\Dell Game Console\GameConsoleService.exe (WildTangent, Inc.)
SRV - (AESTFilters) -- C:\Programme\IDT\WDM\AESTSr64.exe (Andrea Electronics Corporation)
SRV - (NMSAccess) -- C:\Windows\SysWOW64\NMSAccess32.exe ()
SRV - (Brother XP spl Service) -- C:\Windows\SysWOW64\brsvc01a.exe (brother Industries Ltd)
========== Driver Services (SafeList) ==========
DRV:64bit: - (avfwot) -- C:\Windows\SysNative\drivers\avfwot.sys (Avira GmbH)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira GmbH)
DRV:64bit: - (avfwim) -- C:\Windows\SysNative\drivers\avfwim.sys (Avira GmbH)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira GmbH)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (ssudmdm) SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.) -- C:\Windows\SysNative\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (dg_ssudbus) SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:64bit: - (ss_mdm) -- C:\Windows\SysNative\drivers\ss_mdm.sys (MCCI Corporation)
DRV:64bit: - (ss_bus) SAMSUNG Mobile USB Device 1.0 driver (WDM) -- C:\Windows\SysNative\drivers\ss_bus.sys (MCCI Corporation)
DRV:64bit: - (ss_mdfl) -- C:\Windows\SysNative\drivers\ss_mdfl.sys (MCCI Corporation)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira GmbH)
DRV:64bit: - (UimBus) -- C:\Windows\SysNative\drivers\uimx64.sys (Windows (R) 2000 DDK provider)
DRV:64bit: - (Uim_IM) -- C:\Windows\SysNative\drivers\Uim_IMx64.sys (Paragon)
DRV:64bit: - (hotcore3) -- C:\Windows\SysNative\drivers\hotcore3.sys (Paragon Software Group)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (udfs) -- C:\Windows\SysNative\drivers\udfs.sys (Microsoft Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Sonic Solutions)
DRV:64bit: - (STHDA) -- C:\Windows\SysNative\drivers\stwrt64.sys (IDT, Inc.)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHdmiService) -- C:\Windows\SysNative\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV:64bit: - (btwavdt) -- C:\Windows\SysNative\drivers\btwavdt.sys (Broadcom Corporation.)
DRV:64bit: - (btwaudio) -- C:\Windows\SysNative\drivers\btwaudio.sys (Broadcom Corporation.)
DRV:64bit: - (btusbflt) -- C:\Windows\SysNative\drivers\btusbflt.sys (Broadcom Corporation.)
DRV:64bit: - (btwl2cap) -- C:\Windows\SysNative\drivers\btwl2cap.sys (Broadcom Corporation.)
DRV:64bit: - (btwrchid) -- C:\Windows\SysNative\drivers\btwrchid.sys (Broadcom Corporation.)
DRV:64bit: - (CVPNDRVA) -- C:\Windows\SysNative\drivers\CVPNDRVA.sys ()
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (HECIx64) Intel(R) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (CVirtA) -- C:\Windows\SysNative\drivers\CVirtA64.sys (Cisco Systems, Inc.)
DRV:64bit: - (BCM42RLY) -- C:\Windows\SysNative\drivers\bcm42rly.sys (Broadcom Corporation)
DRV:64bit: - (BcmVWL) -- C:\Windows\SysNative\drivers\bcmvwl64.sys (Broadcom Corporation)
DRV:64bit: - (BCM43XX) -- C:\Windows\SysNative\drivers\BCMWL664.SYS (Broadcom Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (crcdisk) -- C:\Windows\SysNative\drivers\crcdisk.sys (Microsoft Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (cdfs) -- C:\Windows\SysNative\drivers\cdfs.sys (Microsoft Corporation)
DRV:64bit: - (CtClsFlt) -- C:\Windows\SysNative\drivers\CtClsFlt.sys (Creative Technology Ltd.)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (yukonw7) -- C:\Windows\SysNative\drivers\yk62x64.sys (Marvell)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (DNE) -- C:\Windows\SysNative\drivers\dne64x.sys (Deterministic Networks, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (PCDSRVC{1E208CE0-FB7451FF-06020101}_0) -- c:\Programme\Dell Support Center\pcdsrvc_x64.pkms (PC-Doctor, Inc.)
DRV - (avfwot) -- C:\Windows\SysWOW64\drivers\avfwot.sys (Avira GmbH)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.spiegel.de/
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{ED17B270-2342-4E62-9725-2EB98A1DFE6D}: "URL" = hxxp://de.search.yahoo.com/search?fr=mcafee&p={SearchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Sichere Suche"
FF - prefs.js..browser.search.selectedEngine: "Sichere Suche"
FF - prefs.js..browser.startup.homepage: "hxxp://www.spiegel-online.de"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126
FF - prefs.js..extensions.enabledItems: {ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.5
FF - prefs.js..keyword.URL: "hxxp://de.search.yahoo.com/search?fr=mcafee&p="
FF - prefs.js..network.proxy.http: "24.184.76.36"
FF - prefs.js..network.proxy.http_port: 8123
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_257.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.02.18 18:10:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.17 17:39:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.11.11 22:59:47 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.06.17 17:39:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 13.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2011.11.11 22:59:47 | 000,000,000 | ---D | M]
[2011.02.02 22:40:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Julia\AppData\Roaming\mozilla\Extensions
[2012.05.23 22:35:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Julia\AppData\Roaming\mozilla\Firefox\Profiles\bltf2rxq.default\extensions
[2012.04.28 22:41:19 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\Julia\AppData\Roaming\mozilla\Firefox\Profiles\bltf2rxq.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2011.10.27 15:01:41 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\Julia\AppData\Roaming\mozilla\Firefox\Profiles\bltf2rxq.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2012.05.23 22:35:57 | 000,000,000 | ---D | M] (Greasemonkey) -- C:\Users\Julia\AppData\Roaming\mozilla\Firefox\Profiles\bltf2rxq.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}
[2012.05.18 11:55:56 | 000,000,000 | ---D | M] (ProxTube - Unblock YouTube) -- C:\Users\Julia\AppData\Roaming\mozilla\Firefox\Profiles\bltf2rxq.default\extensions\ich@maltegoetz.de
[2011.11.12 11:46:51 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.06.17 17:39:56 | 000,085,472 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2011.10.16 17:35:17 | 000,611,224 | ---- | M] (Oracle Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\npdeployJava1.dll
[2012.02.07 20:36:37 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.02.07 20:36:37 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.02.07 20:36:37 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.02.07 20:36:37 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.09.21 11:13:24 | 000,001,952 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\McSiteAdvisor.xml
[2012.02.07 20:36:37 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.02.07 20:36:37 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - Extension: SiteAdvisor = C:\Users\Julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.31.137.7_0\
CHR - Extension: SiteAdvisor = C:\Users\Julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.40.135.1_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Julia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll File not found
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MIF5BA~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Broadcom Wireless Manager UI] C:\Programme\Dell\DW WLAN Card\WLTRAY.EXE (Dell Inc.)
O4:64bit: - HKLM..\Run: [QuickSet] C:\Programme\Dell\QuickSet\quickset.exe (Dell Inc.)
O4:64bit: - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray64.exe (IDT, Inc.)
O4 - HKLM..\Run: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin File not found
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [ControlCenter3] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe (Brother Industries, Ltd.)
O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd)
O4 - HKLM..\Run: [DellSupportCenter] "C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter File not found
O4 - HKLM..\Run: [Desktop Disc Tool] C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe ()
O4 - HKLM..\Run: [DivXUpdate] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe ()
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKCU..\Run: [AdobeBridge] File not found
O4 - HKCU..\Run: [KiesPDLR] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKCU..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\sidebar.exe (Microsoft Corporation)
O4 - HKLM..\RunOnce: ["C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe"] C:\Program Files (x86)\Dell DataSafe Local Backup\Components\DSUpdate\DSUpdate.exe (Dell)
O4 - Startup: C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk = File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0
O8:64bit: - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105 File not found
O8:64bit: - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Julia\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000 File not found
O8:64bit: - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O8 - Extra context menu item: An OneNote s&enden - res://C:\PROGRA~2\MIF5BA~1\Office14\ONBttnIE.dll/105 File not found
O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Julia\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xcel exportieren - res://C:\PROGRA~2\MIF5BA~1\Office14\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Verknüpfte &OneNote-Notizen - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Programme\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9:64bit: - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Senden an Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O9 - Extra 'Tools' menuitem : Senden an &Bluetooth-Gerät... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm ()
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 10.0.0)
O16 - DPF: {CAFEEFAC-0017-0000-0000-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0-windows-i586.cab (Java Plug-in 1.7.0)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{39508220-5D54-4F2D-A89C-F128C309A006}: DhcpNameServer = 192.168.0.1
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\skype-ie-addon-data - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~2\WIC4A1~1\MESSEN~1\MSGRAP~1.DLL (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MIF5BA~1\Office14\GROOVEEX.DLL (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.07.01 21:21:32 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Roaming\PhotoScape
[2012.07.01 21:21:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PhotoScape
[2012.07.01 21:21:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PhotoScape
[2012.07.01 21:03:21 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe Download Assistant
[2012.07.01 17:53:33 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth-Geräte
[2012.06.22 06:24:56 | 002,622,464 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wucltux.dll
[2012.06.22 06:24:56 | 000,057,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuauclt.exe
[2012.06.22 06:24:56 | 000,044,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups2.dll
[2012.06.22 06:24:44 | 000,701,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapi.dll
[2012.06.22 06:24:44 | 000,099,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wudriver.dll
[2012.06.22 06:24:44 | 000,038,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wups.dll
[2012.06.22 06:24:29 | 000,186,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuwebv.dll
[2012.06.22 06:24:29 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wuapp.exe
[2012.06.14 18:20:43 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012.06.14 18:20:43 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012.06.14 18:20:40 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012.06.14 18:20:40 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012.06.14 18:20:38 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012.06.14 18:20:38 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012.06.14 18:20:37 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012.06.14 18:20:37 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012.06.14 18:20:34 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012.06.14 18:20:34 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012.06.14 18:20:34 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012.06.14 18:20:34 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012.06.14 18:20:33 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012.06.13 20:25:16 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcorekmts.dll
[2012.06.13 20:25:16 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpwsx.dll
[2012.06.13 20:25:16 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdrmemptylst.exe
[2012.06.13 20:25:10 | 005,559,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ntoskrnl.exe
[2012.06.13 20:25:09 | 003,968,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntkrnlpa.exe
[2012.06.13 20:25:09 | 003,913,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ntoskrnl.exe
[2012.06.13 20:22:49 | 003,216,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msi.dll
[2012.06.13 20:22:45 | 001,462,272 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll
[2012.06.13 20:22:45 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll
[2012.06.13 20:14:59 | 000,000,000 | ---D | C] -- C:\Users\Julia\AppData\Local\Macromedia
[1 C:\Users\Julia\Desktop\*.tmp files -> C:\Users\Julia\Desktop\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2012.07.07 10:41:17 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.07.07 10:41:17 | 000,013,664 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.07.07 10:39:02 | 001,507,566 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.07.07 10:39:02 | 000,657,948 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.07.07 10:39:02 | 000,619,184 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.07.07 10:39:02 | 000,131,288 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.07.07 10:39:02 | 000,107,504 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.07.07 10:34:14 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.07.07 10:33:51 | 000,000,506 | ---- | M] () -- C:\Windows\tasks\SystemToolsDailyTest.job
[2012.07.07 10:33:49 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.07.07 10:33:46 | 3113,234,432 | -HS- | M] () -- C:\hiberfil.sys
[2012.07.07 10:33:16 | 000,003,288 | ---- | M] () -- C:\bootsqm.dat
[2012.07.07 00:59:06 | 000,001,108 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.07.07 00:34:58 | 001,526,976 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.07.03 19:52:54 | 004,503,728 | ---- | M] () -- C:\ProgramData\l_u0_0.pad
[2012.06.26 14:28:15 | 000,004,608 | ---- | M] () -- C:\Users\Julia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.06.26 14:25:58 | 000,092,962 | ---- | M] () -- C:\Users\Julia\Desktop\120626-142558.jpg
[2012.06.14 19:22:59 | 004,982,752 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.06.13 20:14:16 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012.06.13 20:14:16 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012.06.13 20:11:50 | 000,000,564 | ---- | M] () -- C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job
[1 C:\Users\Julia\Desktop\*.tmp files -> C:\Users\Julia\Desktop\*.tmp -> ]
========== Files Created - No Company Name ==========
[2012.07.07 10:33:16 | 000,003,288 | ---- | C] () -- C:\bootsqm.dat
[2012.07.07 00:34:58 | 001,526,976 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.07.02 19:41:53 | 004,503,728 | ---- | C] () -- C:\ProgramData\l_u0_0.pad
[2012.06.26 14:31:06 | 000,092,962 | ---- | C] () -- C:\Users\Julia\Desktop\120626-142558.jpg
[2012.06.26 14:27:36 | 000,004,608 | ---- | C] () -- C:\Users\Julia\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.04.25 19:37:37 | 000,007,605 | ---- | C] () -- C:\Users\Julia\AppData\Local\Resmon.ResmonCfg
[2012.03.13 19:53:10 | 000,001,475 | ---- | C] () -- C:\Users\Julia\AppData\Local\RecConfig.xml
[2012.01.31 19:15:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2012.01.31 19:15:42 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.01.31 19:15:42 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.01.31 19:15:42 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.01.31 19:15:42 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2011.08.11 10:27:16 | 000,000,030 | ---- | C] () -- C:\Windows\SysWow64\brss01a.ini
[2011.08.11 10:27:15 | 000,000,468 | ---- | C] () -- C:\Windows\BRWMARK.INI
[2011.08.11 10:27:15 | 000,000,027 | ---- | C] () -- C:\Windows\BRPP2KA.INI
[2011.07.29 22:15:05 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2011.05.27 09:59:31 | 000,071,096 | ---- | C] () -- C:\Windows\SysWow64\NMSAccess32.exe
[2011.05.16 12:56:13 | 000,241,664 | ---- | C] () -- C:\Windows\SysWow64\MLResUtil.dll
[2010.12.06 23:24:42 | 000,073,728 | ---- | C] () -- C:\Windows\SysWow64\FastCRC.dll
[2010.10.06 12:26:08 | 000,002,137 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2010.10.06 12:19:52 | 000,000,324 | ---- | C] () -- C:\Windows\Prelaunch.ini
[2010.10.06 12:19:52 | 000,000,271 | ---- | C] () -- C:\Windows\WisPriority.ini
[2010.10.06 12:19:52 | 000,000,035 | ---- | C] () -- C:\Windows\DELL_LANGCODE.ini
[2010.10.06 12:19:52 | 000,000,033 | ---- | C] () -- C:\Windows\DELL_OSTYPE.ini
[2010.10.06 12:19:52 | 000,000,032 | ---- | C] () -- C:\Windows\WisHWDest.ini
[2010.10.06 12:19:52 | 000,000,028 | ---- | C] () -- C:\Windows\WisLangCode.ini
[2010.10.06 12:19:52 | 000,000,023 | ---- | C] () -- C:\Windows\WisSysInfo.ini
[2010.10.06 10:33:12 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2010.10.06 10:28:42 | 000,000,074 | RHS- | C] () -- C:\Windows\CT4CET.bin
========== LOP Check ==========
[2011.07.05 15:34:55 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\aborange
[2012.05.05 15:24:03 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2012.02.25 18:36:20 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\DVDVideoSoft
[2011.10.27 15:01:40 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.04.03 16:05:36 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\elsterformular
[2012.04.26 15:46:13 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\Ixyfuk
[2011.01.31 22:12:52 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\PCDr
[2012.07.01 21:24:04 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\PhotoScape
[2012.02.19 16:17:10 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\Samsung
[2011.09.13 19:32:11 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\ScanSoft
[2011.08.15 18:19:28 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\Static Outlook Backup
[2012.02.19 20:45:46 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\Temp
[2012.04.27 22:25:47 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\Veyhr
[2011.11.24 23:30:26 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\WildTangent
[2011.02.02 22:36:13 | 000,000,000 | ---D | M] -- C:\Users\Julia\AppData\Roaming\Windows Live Writer
[2012.06.13 20:11:50 | 000,000,564 | ---- | M] () -- C:\Windows\Tasks\PCDoctorBackgroundMonitorTask.job
[2012.05.12 18:16:23 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
[2012.07.07 10:33:51 | 000,000,506 | ---- | M] () -- C:\Windows\Tasks\SystemToolsDailyTest.job
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 164 bytes -> C:\Users\Julia\Haftpflicht_S4.jpeg:�3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 164 bytes -> C:\Users\Julia\Haftpflicht_S3.jpeg:�3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 164 bytes -> C:\Users\Julia\Haftpflicht_S2.jpeg:�3or4kl4x13tuuug3Byamue2s4b
@Alternate Data Stream - 164 bytes -> C:\Users\Julia\Haftpflicht_S1.jpeg:�3or4kl4x13tuuug3Byamue2s4b
< End of report >
Extras.txt Code:
Alles auswählen Aufklappen ATTFilter
OTL Extras logfile created on: 07.07.2012 10:42:02 - Run 2
OTL by OldTimer - Version 3.2.44.0 Folder = C:\Users\Julia\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,87 Gb Total Physical Memory | 2,34 Gb Available Physical Memory | 60,59% Memory free
7,73 Gb Paging File | 5,73 Gb Available in Paging File | 74,13% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 581,42 Gb Total Space | 508,17 Gb Free Space | 87,40% Space Free | Partition Type: NTFS
Computer Name: JUJUSDELLI | User Name: Julia | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{1500AAB0-ADC5-4EBF-91BE-EFF7E3516931}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{16EDFDDD-6F03-48B1-B26A-B7AADE13B512}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{1BCFE4A4-9417-46E8-8AB9-05ABE3584E08}" = rport=139 | protocol=6 | dir=out | app=system |
"{1D42733C-F497-40D7-8580-94A923A6D96F}" = lport=138 | protocol=17 | dir=in | app=system |
"{1DF947D7-AABE-4E96-AB25-A51E4E5C0A37}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{27819B56-65FE-46B5-9620-BBE428426279}" = lport=137 | protocol=17 | dir=in | app=system |
"{2BBB8170-9C3A-4B7D-9EAA-9DC6AA673026}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{409E81E8-B9E9-4D22-926E-D8507F48250D}" = lport=2869 | protocol=6 | dir=in | app=system |
"{46C88C40-99B7-49B8-9616-1F2289654E3F}" = lport=139 | protocol=6 | dir=in | app=system |
"{4B4E137D-617B-44A6-A0CF-FBA6221B0CF3}" = lport=2869 | protocol=6 | dir=in | app=system |
"{4E18B639-7F8E-407C-8049-65E59188E2C5}" = rport=138 | protocol=17 | dir=out | app=system |
"{524330F5-495A-4BD1-AC7D-487AA1F2B21A}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{52B3622A-F32E-4211-B987-4FA20227ACE6}" = lport=2869 | protocol=6 | dir=in | app=system |
"{6B1561F7-560A-4B71-AF61-890D2D3DFEBE}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7A5D4DF4-AD16-440A-9E1F-8D3B3C4E7E55}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe |
"{8570EEFF-CF1E-432B-8172-CA7E470E7281}" = rport=10243 | protocol=6 | dir=out | app=system |
"{90A2D4FC-69D0-4392-BC26-7E3C6062038E}" = lport=445 | protocol=6 | dir=in | app=system |
"{9586A809-2611-4DF1-8A81-57B38816B521}" = rport=137 | protocol=17 | dir=out | app=system |
"{98433CD1-8A01-4346-91D0-42FB6E48FE6E}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A85629FF-3631-46A1-B582-C6EC9B30CEFD}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B0B74826-1669-4E25-A580-03FDCC2BDF77}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{B2B3752F-3845-4DE9-912C-F19211619A0A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{C5C58DB4-4C25-4423-9CCD-8F20B8FC0907}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{D9F8C628-7E12-4451-9A1B-9ADDE0F2C821}" = rport=445 | protocol=6 | dir=out | app=system |
"{DB7D7CEC-7DDB-40EF-8C26-791E406E123B}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{F826183B-CE4C-4EBB-B54D-5899D6495613}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FB080D2D-EB16-4534-AC5D-9E562A1FF714}" = lport=10243 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{042E3B6B-722F-440D-AA2A-23862690BEE2}" = protocol=6 | dir=out | app=%systemroot%\system32\wudfhost.exe |
"{06CE3DF8-CE80-42D5-B9FC-F6314DB49C4A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1AC76017-770B-44D8-A8CF-E5651318674B}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1CE08359-E8D9-4A6B-A6CC-251852713027}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{238C6609-255E-4D37-AA43-E06CD061699E}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{364ABCE7-C1E0-4CD2-9336-E75D8F983327}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{38905943-0D74-458E-8647-D5FDE86D84FD}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3D430290-E59E-43E9-8B9D-C06B697C3D18}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{4317DAB0-CB79-404E-84E6-6F001CA6FFBC}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{50DCCA6F-726F-4D5A-9B62-A5B5F91320E1}" = protocol=6 | dir=out | app=system |
"{53041453-BEC4-4113-8428-F79DB61DFB04}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{6A352EC3-007F-4C90-B52C-70DD1EEC4991}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{7459A348-38F0-43E3-830F-9792C6B6CF37}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{7DCFFDA7-64D4-4371-B095-F44E00FE0791}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{84BD89B5-B5A3-4AD4-9A2B-9E1D19F6332E}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{89400C5D-C5E8-4441-82EC-F53B9A02B2DB}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{89B310B8-7407-4279-BD49-B6FD3548788F}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |
"{930D46F4-1A1D-44FD-A0ED-C1AADC17ADC8}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{961981D1-C5C1-4694-9511-AC2F33AC154D}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{9C09FA46-94AF-48EF-96B3-93DE3AA17DAE}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{A1318C82-2B43-4557-99D8-7230683AD582}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{A8FE07D5-A309-4557-AC74-44874E5A1DC7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B54F501C-B685-4BAF-802F-AB6CF97C37E4}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{B565182E-3200-4BF8-9BC3-7954F927DF56}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C62F90EB-ADD8-41EA-9B04-92D520DF6122}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{C827356B-949B-490F-ABE8-A8A4FB8AB050}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{CFFC84A3-8F7F-4073-B97D-3D2FF033B16C}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{D442624C-78B9-40DA-BCD3-F72B67F30039}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{D5331532-A70A-4F9B-BD08-CB53AA166B83}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{DEA6AC12-BBAE-42BB-9799-8C75CFCB2644}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{EEF15491-9A11-4996-B2A6-89710DDAC62A}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{F8F733A1-EA79-4A5B-A871-28A526131134}" = protocol=6 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{F904D373-76E0-4372-971D-AF88D781338B}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{FE0724DC-0189-4DD2-B395-B18033F9AD85}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"TCP Query User{7E062BB9-0FA7-4018-93DA-4E10A7414EBC}C:\program files (x86)\spssinc\spss16\spss.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spssinc\spss16\spss.exe |
"UDP Query User{93F714B5-ED10-4CAB-8614-37482774876B}C:\program files (x86)\spssinc\spss16\spss.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spssinc\spss16\spss.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0090A87C-3E0E-43D4-AA71-A71B06563A4A}" = Dell Support Center
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0B591597-EE32-F353-ECAA-FB4F58474691}" = ATI AVIVO64 Codecs
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1E9FC118-651D-4934-97BE-E53CAE5C7D45}" = Microsoft_VC80_MFCLOC_x86_x64
"{4569AD91-47F4-4D9E-8FC9-717EC32D7AE1}" = Microsoft_VC80_CRT_x86_x64
"{467D5E81-8349-4892-9E81-C3674ED8E451}" = Cisco Systems VPN Client 5.0.07.0290
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{8557397C-A42D-486F-97B3-A2CBC2372593}" = Microsoft_VC90_ATL_x86_x64
"{87CF757E-C1F1-4D22-865C-00C6950B5258}" = Quickset64
"{8F59A8AC-1D7B-8578-38F7-8F5166FA8580}" = ccc-utility64
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{90BF0360-A1DB-4599-A643-95AB90A52C1E}" = Microsoft_VC90_MFCLOC_x86_x64
"{925D058B-564A-443A-B4B2-7E90C6432E55}" = Microsoft_VC80_ATL_x86_x64
"{92A3CA0D-55CD-4C5D-BA95-5C2600C20F26}" = Microsoft_VC90_CRT_x86_x64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{A472B9E4-0AFF-4F7B-B25D-F64F8E928AAB}" = Microsoft_VC90_MFC_x86_x64
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{C73A3942-84C8-4597-9F9B-EE227DCBA758}" = Dell Dock
"{C862EC05-1C15-4327-B15D-C7788D6CFF73}" = Image Resizer Powertoy Clone for Windows (64 bit)
"{C8C1BAD5-54E6-4146-AD07-3A8AD36569C3}" = Microsoft_VC80_MFC_x86_x64
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{EF5745D9-C0A7-4D40-2900-AD093F232827}" = ATI Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"AF09E130E2FD4D1BEFD1B9132AE624BAE0364719" = Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth (03/24/2010 6.3.0.2501)
"Dell Support Center" = Dell Support Center
"DW WLAN Card Utility" = DW WLAN Card Utility
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Samsung Mobile phone USB driver Drive" = Samsung Mobile phone USB driver Drive Software
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{052bac4a-6f79-46d4-a024-1ce1b4f73cd4}" = Microsoft Visual C++ 2005 Redistributable
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1B2BDFB3-3786-A62F-F498-83F9EE3FBD0F}" = CCC Help Japanese
"{20068980-5702-5CA7-F335-6592852F7F59}" = CCC Help Italian
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B0E143-2B0B-435B-9F56-136A3D16065F}" = No23 Recorder
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{26A24AE4-039D-4CA4-87B4-2F83217000FF}" = Java(TM) 7
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{3521BDBD-D453-5D9F-AA55-44B75D214629}" = Adobe Community Help
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D6F16CA-13B8-6425-A71A-B91DB3E14F51}" = CCC Help Danish
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4DE43CB4-9FB5-82E1-780C-9D38E2F1391E}" = CCC Help Dutch
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{597BBBD5-8A69-CF88-2DE3-67194CE5C071}" = Catalyst Control Center Graphics Previews Common
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{65CB4C08-C47B-4A7E-A6A4-50C06ADA5FC6}" = Adobe AIR
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71E015CC-52DA-4536-AF0C-C643BA1E45FB}" = Catalyst Control Center - Branding
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{7677040A-E5AA-998C-8810-59F0B5D3E0A8}" = Catalyst Control Center InstallProxy
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7CC90569-A7DB-5EA0-A9FE-0C5799A28B11}" = CCC Help Chinese Traditional
"{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}" = Dell Getting Started Guide
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 3.2.0
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8DEB7DD7-FC6D-76C6-712D-40968A736963}" = CCC Help Swedish
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0015-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{65A2328E-FDFB-4CA3-8582-357EA6825FEA}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-001F-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{C0743197-FFEE-4C19-BAEB-8F7437DC4C8A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0407-1000-0000000FF1CE}_Office14.PROPLUSR_{594128C9-2CDF-43CE-8103-DC100CF013B6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-002C-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{4275FB46-ABDF-4456-876C-17CF64294D9A}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{98EDFD9F-EA76-40CC-BCE9-92C69413F65B}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{69E54534-4569-4639-89E9-305B60A11601}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{91140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{9158FF30-78D7-40EF-B83E-451AC5334640}" = Adobe Photoshop CS5.1
"{92531F24-21E5-C8EC-30E6-D56536FD61C7}" = CCC Help Finnish
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{981029E0-7FC9-4CF3-AB39-6F133621921A}" = Skype Toolbars
"{9866E5F0-121F-E018-E2D1-2E1770847ABF}" = Adobe Download Assistant
"{9A657E90-E2B7-44DE-8929-055948162595}" = SPSS 16.0
"{9BC422FB-175A-0191-C141-B8B453DAF06E}" = Catalyst Control Center Graphics Previews Vista
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{a0fe116e-9a8a-466f-aee0-625cb7c207e3}" = Microsoft Visual C++ 2005 Redistributable - KB2467175
"{A1C21906-351B-685E-7263-A4C30DF381E0}" = CCC Help German
"{A33E7B0C-B99C-4EC9-B702-8A328B161AF9}" = Roxio Burn
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AB6EE148-B13E-C19D-2732-CD0EB23C39B8}" = CCC Help Portuguese
"{AC76BA86-7AD7-1031-7B44-A91000000001}" = Adobe Reader 9.1 - Deutsch
"{B2E47DE7-800B-40BB-BD1F-9F221C3AEE87}" = Roxio Burn
"{B4089055-D468-45A4-A6BA-5A138DD715FC}" = Bing Bar
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{BB9AC6BF-71B6-42A4-9689-C17D9F44E79A}" = Brother MFL-Pro Suite DCP-115C
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{BE6A55A2-C71F-57DD-E498-7B8F317C0E15}" = ccc-core-static
"{C268B5E1-A5DA-11DF-A289-005056C00008}" = Paragon Backup & Recovery™ 2011 Free
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.2
"{D11D2A79-78FA-EA15-CC16-8F24817EAED2}" = CCC Help Korean
"{D165A6B1-6985-072E-969E-333D759D6777}" = CCC Help Spanish
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D67B1C57-0E05-4F8C-9011-1C8BAE293782}" = Samsung PC Studio
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{DD65DDE9-73FB-4ACA-8A7B-31003546A11A}" = Z-Journal
"{DF28B648-9636-5DE8-A072-54A5323B0CDA}" = CCC Help Norwegian
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E8DEB138-8DAC-EB25-87CE-D38A2C1C35CE}" = CCC Help French
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F2DA54F3-F7FB-4AE8-9B33-BEA5391E4A03}" = Z-DBackup
"{F393B7C2-136F-2956-30A3-1099C8394B51}" = CCC Help Chinese Standard
"{F6F4AF75-109A-638B-80D5-87283B00CD5E}" = Catalyst Control Center Localization All
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FB46EFDE-44F4-83F1-3044-68F5E95E3D4E}" = CCC Help English
"{FBCCCFB0-D89D-C91F-B9B1-8AB1760C1DD0}" = CCC Help Russian
"{FFB768E4-E427-4553-BC36-A11F5E62A94D}" = Adobe Flash Player 10 ActiveX
"aborange Crypter_is1" = aborange Crypter - Deinstallation
"Adobe AIR" = Adobe AIR
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"AudibleManager" = AudibleManager
"Avira AntiVir Desktop" = Avira Internet Security 2012
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Community Help
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Dell Dock" = Dell Dock
"Dell Webcam Central" = Dell Webcam Central
"DivX Setup" = DivX-Setup
"ElsterFormular für Privatanwender und Unternehmer 12.1.1.6214k" = ElsterFormular-Update
"Free Audio Dub_is1" = Free Audio Dub version 1.7.9.908
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.10.11.923
"Google Chrome" = Google Chrome
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.61.0.1400
"Mozilla Firefox 13.0.1 (x86 de)" = Mozilla Firefox 13.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Office14.PROPLUSR" = Microsoft Office Professional Plus 2010
"pdfsam" = pdfsam
"PhotoScape" = PhotoScape
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"SecureW2 EAP Suite" = SecureW2 EAP Suite 1.1.3 for Windows
"Static Outlook Backup_is1" = Static Outlook Backup 2.9
"UltraStar" = UltraStar 0.8.4
"WildTangent dell Master Uninstall" = WildTangent-Spiele
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"f031ef6ac137efc5" = Dell Driver Download Manager
"MyFreeCodec" = MyFreeCodec
========== Last 10 Event Log Errors ==========
[ Application Events ]
Error - 02.07.2012 13:42:09 | Computer Name = JuJusDelli | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_3_300_257.exe,
Version: 11.3.300.257, Zeitstempel: 0x4fc82063 Name des fehlerhaften Moduls: NPSWF32_11_3_300_257.dll,
Version: 11.3.300.257, Zeitstempel: 0x4fc821fc Ausnahmecode: 0xc0000005 Fehleroffset:
0x0016b4a9 ID des fehlerhaften Prozesses: 0x688 Startzeit der fehlerhaften Anwendung:
0x01cd5879350fa494 Pfad der fehlerhaften Anwendung: C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_257.exe
Pfad
des fehlerhaften Moduls: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_257.dll
Berichtskennung:
3ec0cff9-c46d-11e1-876c-ab9ea9d4c6bd
Error - 06.07.2012 18:17:54 | Computer Name = JuJusDelli | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567,
Zeitstempel: 0x4d672ee4 Name des fehlerhaften Moduls: btwapi.dll, Version: 6.2.1.1100,
Zeitstempel: 0x4b3a770e Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000004e08d
ID
des fehlerhaften Prozesses: 0x7c Startzeit der fehlerhaften Anwendung: 0x01cd5bc3158e28fb
Pfad
der fehlerhaften Anwendung: C:\Windows\Explorer.EXE Pfad des fehlerhaften Moduls:
C:\Program Files\WIDCOMM\Bluetooth Software\btwapi.dll Berichtskennung: 6e4832c8-c7b8-11e1-9fc0-9dbf57a793c9
Error - 06.07.2012 18:35:00 | Computer Name = JuJusDelli | Source = Outlook | ID = 34
Description = Fehler beim Abrufen des Durchforstungsbereichs-Managers. Fehler=0x8007043c.
Error - 06.07.2012 18:35:00 | Computer Name = JuJusDelli | Source = Outlook | ID = 35
Description = Fehler beim Bestimmen, ob sich der Speicher im Durchforstungsbereich
befindet (Fehler=0x8007043c).
Error - 06.07.2012 18:35:00 | Computer Name = JuJusDelli | Source = Outlook | ID = 34
Description = Fehler beim Abrufen des Durchforstungsbereichs-Managers. Fehler=0x8007043c.
Error - 06.07.2012 18:35:00 | Computer Name = JuJusDelli | Source = Outlook | ID = 35
Description = Fehler beim Bestimmen, ob sich der Speicher im Durchforstungsbereich
befindet (Fehler=0x8007043c).
Error - 06.07.2012 18:35:18 | Computer Name = JuJusDelli | Source = System Restore | ID = 8193
Description =
Error - 06.07.2012 18:35:21 | Computer Name = JuJusDelli | Source = System Restore | ID = 8193
Description =
Error - 06.07.2012 18:38:09 | Computer Name = JuJusDelli | Source = Avira FireWall | ID = 0
Description = Ungültige Lizenz
Error - 06.07.2012 18:44:16 | Computer Name = JuJusDelli | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567,
Zeitstempel: 0x4d672ee4 Name des fehlerhaften Moduls: btwapi.dll, Version: 6.2.1.1100,
Zeitstempel: 0x4b3a770e Ausnahmecode: 0xc0000005 Fehleroffset: 0x000000000004e08d
ID
des fehlerhaften Prozesses: 0xb44 Startzeit der fehlerhaften Anwendung: 0x01cd5bc811f5c55a
Pfad
der fehlerhaften Anwendung: C:\Windows\Explorer.EXE Pfad des fehlerhaften Moduls:
C:\Program Files\WIDCOMM\Bluetooth Software\btwapi.dll Berichtskennung: 1d34a068-c7bc-11e1-a401-c0cb3817c4df
[ Broadcom Wireless LAN Events ]
Error - 16.04.2012 04:41:54 | Computer Name = JuJusDelli | Source = WLAN-Tray | ID = 0
Description = 10:41:45, Mon, Apr 16, 12 Error - Unable to gain access to user store
[ Dell Events ]
Error - 22.08.2011 11:17:31 | Computer Name = JuJusDelli | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
Error - 29.08.2011 14:04:28 | Computer Name = JuJusDelli | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
Error - 29.08.2011 14:04:28 | Computer Name = JuJusDelli | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
Error - 06.09.2011 10:27:05 | Computer Name = JuJusDelli | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
Error - 06.09.2011 10:27:05 | Computer Name = JuJusDelli | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
Error - 13.09.2011 13:34:14 | Computer Name = JuJusDelli | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
Error - 13.09.2011 13:34:14 | Computer Name = JuJusDelli | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
Error - 27.09.2011 15:09:22 | Computer Name = JuJusDelli | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
Error - 27.09.2011 15:09:22 | Computer Name = JuJusDelli | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
Error - 29.09.2011 13:40:50 | Computer Name = JuJusDelli | Source = DataSafe | ID = 17
Description = Der Vorgang wurde unterbrochen, bevor er abgeschlossen werden konnte.
[ System Events ]
Error - 06.07.2012 18:46:19 | Computer Name = JuJusDelli | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 06.07.2012 18:46:20 | Computer Name = JuJusDelli | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 06.07.2012 18:46:50 | Computer Name = JuJusDelli | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 06.07.2012 18:46:51 | Computer Name = JuJusDelli | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 06.07.2012 18:46:51 | Computer Name = JuJusDelli | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 06.07.2012 18:46:52 | Computer Name = JuJusDelli | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 06.07.2012 18:46:52 | Computer Name = JuJusDelli | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 07.07.2012 04:33:51 | Computer Name = JuJusDelli | Source = Microsoft-Windows-BitLocker-Driver | ID = 24620
Description = Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf
"\\?\Volume{a5ec6a5f-d11c-11df-abb7-806e6f6e6963}" können nicht gelesen werden.
Error - 07.07.2012 04:34:43 | Computer Name = JuJusDelli | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst SftService erreicht.
Error - 07.07.2012 04:35:13 | Computer Name = JuJusDelli | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst SftService erreicht.
< End of report >
Malware Bytes Scan Code:
Alles auswählen Aufklappen ATTFilter
Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org
Datenbank Version: v2012.07.06.14
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Julia :: JUJUSDELLI [Administrator]
07.07.2012 10:55:53
mbam-log-2012-07-07 (10-55-53).txt
Art des Suchlaufs: Vollständiger Suchlauf
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 417986
Laufzeit: 1 Stunde(n), 31 Minute(n), 40 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)
(Ende)
CCleaner Liste der installierten Programme: Code:
Alles auswählen Aufklappen ATTFilter
aborange Crypter - Deinstallation Mathias Gerlach [aborange.de] 05.07.2011 2.30
Adobe AIR Adobe Systems Incorporated 01.07.2012 3.3.0.3650
Adobe Community Help Adobe Systems Incorporated. 05.05.2012 3.4.980
Adobe Download Assistant Adobe Systems Incorporated 01.07.2012 1.2
Adobe Flash Player 10 ActiveX Adobe Systems Incorporated 06.10.2010 2,46MB 10.1.53.64
Adobe Flash Player 11 Plugin Adobe Systems Incorporated 13.06.2012 6,00MB 11.3.300.257
Adobe Photoshop CS5.1 Adobe Systems Incorporated 05.05.2012 2,96GB 12.1
Adobe Reader 9.1 - Deutsch Adobe Systems Incorporated 06.10.2010 233MB 9.1.0
Advanced Audio FX Engine Creative Technology Ltd 06.10.2010 1.12.05
ATI Catalyst Install Manager ATI Technologies, Inc. 06.10.2010 22,3MB 3.0.778.0
AudibleManager Audible, Inc. 05.11.2011 2005941454.48.56.6098154
Avira Internet Security 2012 Avira 12.06.2012 108MB 12.0.0.1088
Bing Bar Microsoft Corporation 10.01.2012 26,8MB 7.0.850.0
Brother MFL-Pro Suite DCP-115C Brother Industries, Ltd. 11.08.2011 1.0.1.0
CCleaner Piriform 22.06.2012 3.20
Cisco EAP-FAST Module Cisco Systems, Inc. 06.10.2010 1,55MB 2.2.14
Cisco LEAP Module Cisco Systems, Inc. 06.10.2010 644KB 1.0.19
Cisco PEAP Module Cisco Systems, Inc. 06.10.2010 1,23MB 1.1.6
Cisco Systems VPN Client 5.0.07.0290 28.02.2011 10,6MB
Dell DataSafe Local Backup Dell 06.10.2010 9.4.60
Dell DataSafe Local Backup - Support Software Dell 06.10.2010 9.4.60
Dell Dock 06.10.2010
Dell Dock Stardock Corporation 06.10.2010
Dell Driver Download Manager Dell Inc. 26.10.2011 2.1.0.0
Dell Support Center Dell Inc. 10.03.2012 128MB 3.1.5907.23
Dell Webcam Central Creative Technology Ltd 06.10.2010 1.40.05
DivX-Setup DivX, LLC 18.02.2012 2.6.1.5
DW WLAN Card Utility Dell Inc. 06.10.2010 5.60.48.35
ElsterFormular-Update Landesfinanzdirektion Thüringen 29.04.2012 1.0
Free Audio Dub version 1.7.9.908 DVDVideoSoft Ltd. 25.02.2012 37,3MB 1.7.9.908
Free YouTube to MP3 Converter version 3.10.11.923 DVDVideoSoft Ltd. 27.10.2011 42,3MB
Google Chrome Google Inc. 28.09.2011 20.0.1132.47
Image Resizer Powertoy Clone for Windows (64 bit) Brice Lambson 16.11.2011 303KB 2.1.1
Intel(R) Control Center Intel Corporation 06.10.2010 1.2.1.1007
Intel(R) Management Engine Components Intel Corporation 06.10.2010 6.0.0.1179
Intel(R) Rapid Storage Technology Intel Corporation 06.10.2010 9.6.4.1002
Java(TM) 7 Oracle 16.10.2011 98,9MB 7.0.0
Live! Cam Avatar Creator Creative Technology Ltd 06.10.2010 4.6.3009.1
Malwarebytes Anti-Malware Version 1.61.0.1400 Malwarebytes Corporation 30.05.2012 18,0MB 1.61.0.1400
Microsoft .NET Framework 4 Client Profile Microsoft Corporation 13.02.2011 38,8MB 4.0.30319
Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Corporation 13.02.2011 2,93MB 4.0.30319
Microsoft Office 2010 Microsoft Corporation 06.10.2010 6,31MB 14.0.4763.1000
Microsoft Office Professional Plus 2010 Microsoft Corporation 02.08.2011 14.0.6029.1000
Microsoft Silverlight Microsoft Corporation 10.05.2012 188MB 4.1.10329.0
Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Corporation 06.10.2010 1,72MB 3.1.0000
Microsoft Sync Framework Runtime Native v1.0 (x86) Microsoft Corporation 06.10.2010 625KB 1.0.1215.0
Microsoft Sync Framework Services Native v1.0 (x86) Microsoft Corporation 06.10.2010 1,44MB 1.0.1215.0
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 Microsoft Corporation 13.02.2011 260KB 8.0.50727.4053
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Corporation 13.02.2011 250KB 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable Microsoft Corporation 16.06.2011 300KB 8.0.58299
Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Corporation 06.10.2010 708KB 8.0.61000
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 Microsoft Corporation 08.05.2011 580KB 8.0.51011
Microsoft Visual C++ 2005 Redistributable - KB2467175 Microsoft Corporation 15.09.2011 2,64MB 8.0.51011
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Corporation 09.03.2011 198KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Corporation 08.05.2011 790KB 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Corporation 08.05.2011 598KB 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Corporation 06.10.2010 788KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Corporation 06.10.2010 788KB 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Corporation 16.06.2011 788KB 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Corporation 15.09.2011 234KB 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Corporation 16.06.2011 600KB 9.0.30729.6161
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Corporation 18.10.2011 16,5MB 10.0.40219
Mozilla Firefox 13.0.1 (x86 de) Mozilla 17.06.2012 36,4MB 13.0.1
Mozilla Maintenance Service Mozilla 17.06.2012 309KB 13.0.1
MSXML 4.0 SP2 (KB954430) Microsoft Corporation 20.02.2012 1,27MB 4.20.9870.0
MSXML 4.0 SP2 (KB973688) Microsoft Corporation 23.02.2012 1,33MB 4.20.9876.0
MyFreeCodec 19.02.2012
No23 Recorder No23 13.03.2012 2,44MB 2.1.0.3
Paragon Backup & Recovery™ 2011 Free Paragon Software 07.10.2011 142MB 90.00.0003
PDF24 Creator 3.2.0 PDF24.org 29.06.2011 33,2MB
pdfsam 29.06.2011 2.2.1
PhotoScape 01.07.2012
Quickset64 Dell Inc. 06.10.2010 5,70MB 10.5.0
Roxio Burn Roxio 06.10.2010 36,1MB 1.01
Samsung Kies Samsung Electronics Co., Ltd. 19.02.2012 218MB 2.2.0.12014_18
Samsung Mobile phone USB driver Drive Software 26.10.2011
SAMSUNG Mobile USB Modem 1.0 Software 19.02.2012
Samsung PC Studio Samsung Electronics Co., Ltd. 19.02.2012 3.0.0.50903
Samsung PC Studio 3 USB Driver Installer Samsung Electronics Co., Ltd. 26.10.2011 3.2.0.70701
SAMSUNG USB Driver for Mobile Phones SAMSUNG Electronics Co., Ltd. 19.02.2012 42,8MB 1.4.103.0
SecureW2 EAP Suite 1.1.3 for Windows 23.04.2011
Skype Toolbars Skype Technologies S.A. 06.10.2010 5,36MB 1.0.4051
Skype™ 4.2 Skype Technologies S.A. 06.10.2010 31,7MB 4.2.169
SPSS 16.0 SPSS Inc. 01.07.2011 428MB 16.0.0
Static Outlook Backup 2.9 StaticBackup Inc. 21.02.2011 9,00MB
Synaptics Pointing Device Driver Synaptics Incorporated 06.10.2010 15.0.0.1
UltraStar 0.8.4 04.01.2012
WIDCOMM Bluetooth Software Broadcom Corporation 06.10.2010 144MB 6.2.1.1100
WildTangent-Spiele WildTangent 06.10.2010 1.0.0.71
Windows Driver Package - Broadcom Corporation (BTHUSB) Bluetooth (03/24/2010 6.3.0.2501) Broadcom Corporation 06.10.2010 03/24/2010 6.3.0.2501
Windows Live Anmelde-Assistent Microsoft Corporation 06.10.2010 1,93MB 5.000.818.5
Windows Live Essentials Microsoft Corporation 06.10.2010 14.0.8089.0726
Windows Live Sync Microsoft Corporation 06.10.2010 2,79MB 14.0.8089.726
Windows Live-Uploadtool Microsoft Corporation 06.10.2010 224KB 14.0.8014.1029
Z-DBackup IMU Andreas Baumann 15.08.2011 28,2MB 5.8.0.4
Z-Journal IMU Andreas Baumann 15.08.2011 3,63MB 3.4
Baum-Darstellung