| |  Firefox Browser wird immer Langsamer bzw hängt sich auf
 Hallo ,
seit einiger Zeit fällt mir auf das mein Firefox immer langsamer wird und sich von Zeit zu Zeit aufhängt.
Nach einem Viren scan auf gestern fand Avira 6 Funde. Ich wäre euch dankbar wenn ihr euch mal die Log Files angucken könntet. Zitat:
OTL logfile created on: 26.12.2012 10:37:09 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Headhunter\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,87 Gb Total Physical Memory | 2,50 Gb Available Physical Memory | 64,68% Memory free
7,73 Gb Paging File | 6,30 Gb Available in Paging File | 81,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,66 Gb Total Space | 323,19 Gb Free Space | 71,56% Space Free | Partition Type: NTFS
Computer Name: HEADHUNTER-PC | User Name: Headhunter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2012.12.26 10:20:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Headhunter\Desktop\OTL.exe
PRC - [2012.12.26 08:53:25 | 000,295,072 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
PRC - [2012.12.15 22:04:25 | 003,093,624 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
PRC - [2012.11.29 20:31:04 | 000,038,608 | ---- | M] () -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
PRC - [2012.11.29 20:07:52 | 000,076,888 | ---- | M] () -- C:\Windows\SysWOW64\PnkBstrA.exe
PRC - [2012.09.23 19:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2012.07.26 13:16:14 | 000,092,632 | ---- | M] (TomTom) -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe
PRC - [2012.07.18 17:04:33 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
PRC - [2012.07.18 17:04:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
PRC - [2012.07.18 17:04:22 | 000,348,664 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010.04.08 05:18:39 | 000,298,064 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LMworker.exe
PRC - [2010.04.08 05:18:38 | 000,908,368 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\LManager.exe
PRC - [2010.04.08 05:18:38 | 000,312,400 | ---- | M] (Dritek System Inc.) -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe
PRC - [2010.03.18 05:57:02 | 002,320,920 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
PRC - [2010.03.18 05:56:56 | 000,268,824 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
PRC - [2010.03.09 00:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
PRC - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe
PRC - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
PRC - [2009.12.24 01:39:04 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
PRC - [2009.12.24 01:39:02 | 000,284,696 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
========== Modules (No Company Name) ==========
MOD - [2012.12.15 22:04:25 | 003,093,624 | ---- | M] () -- C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MOD - [2012.11.17 05:06:37 | 001,595,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f961fb1ec279c14554f5580a457ef542\System.Drawing.ni.dll
MOD - [2012.11.17 05:05:59 | 011,493,376 | ---- | M] () -- C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll
MOD - [2012.08.31 11:59:23 | 003,198,976 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
MOD - [2012.03.21 23:32:36 | 005,025,792 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
MOD - [2012.02.11 00:31:42 | 001,253,376 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\WindowsBase\3.0.0.0__31bf3856ad364e35\WindowsBase.dll
MOD - [2010.11.13 01:08:41 | 000,315,392 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll
MOD - [2010.11.05 02:58:14 | 002,048,000 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.Xml.dll
MOD - [2010.11.05 02:58:10 | 000,303,104 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
MOD - [2010.11.05 02:58:04 | 000,425,984 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll
MOD - [2009.06.10 22:22:40 | 000,010,752 | ---- | M] () -- C:\Windows\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
MOD - [2009.05.20 07:02:02 | 000,072,200 | ---- | M] () -- C:\Program Files (x86)\Launch Manager\CdDirIo.dll
========== Services (SafeList) ==========
SRV:64bit: - [2010.01.22 02:01:12 | 000,202,752 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2012.12.11 21:16:29 | 000,250,808 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012.11.29 20:31:04 | 000,038,608 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe -- (RealNetworks Downloader Resolver Service)
SRV - [2012.11.29 20:07:52 | 000,076,888 | ---- | M] () [Auto | Running] -- C:\Windows\SysWOW64\PnkBstrA.exe -- (PnkBstrA)
SRV - [2012.09.23 19:43:34 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.07.26 13:16:14 | 000,092,632 | ---- | M] (TomTom) [Auto | Running] -- C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe -- (TomTomHOMEService)
SRV - [2012.07.18 17:04:33 | 000,086,224 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2012.07.18 17:04:23 | 000,110,032 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Running] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2012.07.13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2012.05.22 20:24:08 | 000,129,976 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2010.04.17 06:56:48 | 000,305,520 | ---- | M] (Egis Technology Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe -- (MWLService)
SRV - [2010.04.08 05:18:38 | 000,312,400 | ---- | M] (Dritek System Inc.) [Auto | Running] -- C:\Program Files (x86)\Launch Manager\dsiwmis.exe -- (DsiWMIService)
SRV - [2010.03.18 12:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.03.18 05:57:02 | 002,320,920 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2010.03.18 05:56:56 | 000,268,824 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2010.03.17 09:56:12 | 000,866,336 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc)
SRV - [2010.03.09 00:58:24 | 000,250,368 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2010.01.29 00:27:36 | 000,243,232 | ---- | M] (Acer Group) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service)
SRV - [2010.01.08 14:21:22 | 000,023,584 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GREGsvc.exe -- (GREGService)
SRV - [2009.12.24 01:39:04 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2009.06.10 22:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
========== Driver Services (SafeList) ==========
DRV:64bit: - [2012.07.18 17:04:42 | 000,132,832 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2012.07.18 17:04:42 | 000,027,760 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.07.18 17:04:41 | 000,098,848 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2012.05.11 12:53:45 | 000,096,376 | ---- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\SMR250.SYS -- (SMR250)
DRV:64bit: - [2012.04.20 16:45:36 | 000,087,040 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2012.03.01 07:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2011.07.22 19:55:55 | 000,272,448 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2011.04.13 14:04:38 | 000,045,432 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\point64.sys -- (Point64)
DRV:64bit: - [2011.03.11 07:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011.03.11 07:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010.11.20 14:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.11.20 12:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010.04.01 09:18:30 | 003,060,800 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX)
DRV:64bit: - [2010.03.21 02:59:08 | 000,321,064 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2010.03.01 08:20:56 | 000,239,136 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.01.22 02:13:24 | 006,233,088 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.01.22 01:07:56 | 000,161,280 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2009.12.17 18:42:08 | 000,538,136 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2009.12.10 12:25:10 | 000,301,104 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2009.12.02 08:01:24 | 000,213,280 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\RtHDMIVX.sys -- (RTHDMIAzAudService)
DRV:64bit: - [2009.10.02 09:58:38 | 000,514,144 | ---- | M] (ITETech ) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AF15BDA.sys -- (AF9035BDA)
DRV:64bit: - [2009.09.17 06:54:54 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (HECIx64)
DRV:64bit: - [2009.07.14 02:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 02:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 02:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.22 20:01:16 | 000,132,608 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbnet.sys -- (ewusbnet)
DRV:64bit: - [2009.06.22 19:38:34 | 000,116,992 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2009.06.22 19:26:40 | 000,113,792 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ewusbdev.sys -- (hwusbdev)
DRV:64bit: - [2009.06.10 21:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 21:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 21:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 21:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009.06.03 03:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk)
DRV:64bit: - [2009.06.03 03:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter)
DRV:64bit: - [2009.06.03 03:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ)
DRV:64bit: - [2009.05.05 09:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2009.05.05 09:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV - [2009.07.14 02:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5741zg&r=27360411x915l04e4z1m5t4602q220
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5741zg&r=27360411x915l04e4z1m5t4602q220
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0407&m=aspire_5741zg&r=27360411x915l04e4z1m5t4602q220
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://startsear.ch/?aff=1&cf=ae6d6432-2e89-11e1-b609-705ab6f8fd1d
IE - HKLM\..\SearchScopes,DefaultScope = {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://startsear.ch/?aff=1&src=sp&cf=ae6d6432-2e89-11e1-b609-705ab6f8fd1d&q={searchTerms}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.facebook.com/
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://startsear.ch/?aff=1&src=sp&cf=ae6d6432-2e89-11e1-b609-705ab6f8fd1d&q={searchTerms}
IE - HKCU\..\SearchScopes\{33C664BC-4630-406A-BBCB-DA16330F2AFA}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=kw&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=6A870F41-D4D1-4671-A778-0E357435147D&apn_sauid=EEEB2301-5634-4E49-804E-70F966AFE49C
IE - HKCU\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_de___DE429
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKCU\..\SearchScopes\{BA751953-27D1-4EDA-BC00-04319B1FADCD}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&AF=100480&babsrc=SP_ss&mntrId=40e189e3000000000000705ab6f8fd1d
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.order.1: "Ask.com"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "https://www.facebook.com/"
FF - prefs.js..extensions.enabledAddons: geolocater@3liz.com:1.6
FF - prefs.js..extensions.enabledAddons: foxyproxy@eric.h.jung:4.1
FF - prefs.js..network.proxy.socks_remote_dns: true
FF - prefs.js..network.proxy.type: 0
FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..browser.search.defaultenginename: "Google"
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_135.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@esn.me/esnsonar,version=0.70.4: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.118.0: C:\Program Files (x86)\Battlelog Web Plugins\1.118.0\npesnlaunch.dll File not found
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=1.140.0: C:\Program Files (x86)\Battlelog Web Plugins\1.140.0\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@esn/esnlaunch,version=2.1.2: C:\Program Files (x86)\Battlelog Web Plugins\2.1.2\npesnlaunch.dll (ESN Social Software AB)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.9.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.0.282: c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.0: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.0.282: c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.123\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetleCorePlugin,version=0.9.18: C:\Program Files (x86)\Veetle\plugins\npVeetle.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\@veetle.com/veetlePlayerPlugin,version=0.9.18: C:\Program Files (x86)\Veetle\Player\npvlc.dll (Veetle Inc)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.03.10 20:44:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\ff-bmboc@bytemobile.com: C:\Program Files (x86)\Vodafone\Vodafone Mobile Broadband\Optimization Client\addon\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{34712C68-7391-4c47-94F3-8F88D49AD632}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2012.12.26 08:53:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2012.05.22 20:24:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 12.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2012.12.26 08:53:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Components: C:\Program Files (x86)\Mozilla Thunderbird\components [2012.12.26 08:53:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Thunderbird\plugins [2012.12.26 08:53:36 | 000,000,000 | ---D | M]
[2012.03.20 21:13:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Headhunter\AppData\Roaming\mozilla\Extensions
[2011.04.30 16:16:23 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Headhunter\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2011.11.19 20:44:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Headhunter\AppData\Roaming\mozilla\Extensions\home2@tomtom.com
[2012.12.26 09:57:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Headhunter\AppData\Roaming\mozilla\Firefox\Profiles\xm00u5xh.default\extensions
[2012.11.23 07:18:58 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\Headhunter\AppData\Roaming\mozilla\Firefox\Profiles\xm00u5xh.default\extensions\foxyproxy@eric.h.jung
[2012.05.19 21:15:48 | 000,000,000 | ---D | M] (Geolocater) -- C:\Users\Headhunter\AppData\Roaming\mozilla\Firefox\Profiles\xm00u5xh.default\extensions\geolocater@3liz.com
[2012.12.01 16:33:43 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\Headhunter\AppData\Roaming\mozilla\firefox\profiles\xm00u5xh.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.08.28 18:59:27 | 000,002,344 | ---- | M] () -- C:\Users\Headhunter\AppData\Roaming\mozilla\firefox\profiles\xm00u5xh.default\searchplugins\askcom.xml
[2012.03.20 21:21:43 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2012.05.22 20:24:08 | 000,097,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll
[2012.12.26 08:53:31 | 000,124,056 | ---- | M] (RealPlayer) -- C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll
[2011.10.03 10:14:54 | 000,083,456 | ---- | M] (vShare.tv ) -- C:\Program Files (x86)\mozilla firefox\plugins\npvsharetvplg.dll
[2011.10.26 19:49:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll
[2012.05.22 20:24:05 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml
[2011.12.24 08:56:39 | 000,002,310 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml
[2012.05.22 20:24:05 | 000,002,252 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml
[2012.05.22 20:24:05 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml
[2012.05.22 20:24:05 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.05.22 20:24:05 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.05.22 20:24:05 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml
========== Chrome ==========
CHR - homepage: hxxp://search.avira.com/?l=dis&o=APN10395&gct=hp&dc=EU&locale=de_DE
CHR - default_search_provider: Web Search (Enabled)
CHR - default_search_provider: search_url = hxxp://startsear.ch/?aff=1&src=sp&cf=ae6d6432-2e89-11e1-b609-705ab6f8fd1d&q={searchTerms}
CHR - default_search_provider: suggest_url =
CHR - homepage: hxxp://search.avira.com/?l=dis&o=APN10395&gct=hp&dc=EU&locale=de_DE
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: Veetle TV Player (Enabled) = C:\Program Files (x86)\Veetle\Player\npvlc.dll
CHR - plugin: Veetle TV Core (Enabled) = C:\Program Files (x86)\Veetle\plugins\npVeetle.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: YouTube = C:\Users\Headhunter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\Headhunter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Headhunter\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: vshare plugin = C:\Users\Headhunter\AppData\Local\Google\Chrome\User Data\Default\Extensions\kpionmjnkbpcdpcflammlgllecmejgjj\1.3_0\
CHR - Extension: Mehr Leistung und Videoformate f\u00FCr dein HTML5 \u003Cvideo\u003E = C:\Users\Headhunter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Users\Headhunter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (IE5BarLauncherBHO Class) - {78F3A323-798E-4AEA-9A57-88F4B05FD5DD} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (VShareToolBar) - {7AC3E13B-3BCA-4158-B330-F66DBB03C1B5} - C:\Program Files (x86)\vShare.tv plugin\BarLcher.dll (VShare Inc.)
O3 - HKLM\..\Toolbar: (TerraTec Home Cinema) - {AD6E6555-FB2C-47D4-8339-3E2965509877} - C:\PROGRA~2\TerraTec\TERRAT~1\THCDES~1.DLL (TerraTec Electronic GmbH)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated)
O4:64bit: - HKLM..\Run: [IntelliPoint] c:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [mwlDaemon] C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe (Egis Technology Inc.)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [EgisTecPMMUpdate] C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [EgisUpdate] C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Intel Corporation)
O4 - HKLM..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe (Dritek System Inc.)
O4 - HKLM..\Run: [SuiteTray] C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.)
O4 - HKLM..\Run: [TkBellExe] c:\program files (x86)\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8:64bit: - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 File not found
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\SysWow64\GPhotos.scr (Google Inc.)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - Reg Error: Value error. File not found
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://download.divx.com/player/DivXBrowserPlugin.cab (Reg Error: Key error.)
O16:64bit: - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Reg Error: Value error.)
O16:64bit: - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16:64bit: - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx (WRC Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{00E52E09-FCB0-4229-9B77-B2C18F388A29}: DhcpNameServer = 139.7.30.125 139.7.30.126
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{36BCDB3D-BF14-429D-AC0D-8387D582912F}: DhcpNameServer = 139.7.30.125 139.7.30.126
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4608E4CF-27CD-421B-A4DF-B0A7902EB4F7}: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4C5B9233-3967-4E18-97DB-9D8D48A5DD62}: DhcpNameServer = 139.7.30.125 139.7.30.126
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{5D521CA1-B199-4D8A-9BC4-6C5216EE1FDD}: DhcpNameServer = 139.7.30.125 139.7.30.126
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DBC5C151-18EB-4A13-8659-FBC436C295B8}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-itss - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{16a89aec-0d85-11e2-b27c-f07bcb4addcf}\Shell - "" = AutoRun
O33 - MountPoints2\{16a89aec-0d85-11e2-b27c-f07bcb4addcf}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{2672316c-476f-11e2-aebc-f07bcb4addcf}\Shell - "" = AutoRun
O33 - MountPoints2\{2672316c-476f-11e2-aebc-f07bcb4addcf}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{5849e68c-4786-11e2-aad5-f07bcb4addcf}\Shell - "" = AutoRun
O33 - MountPoints2\{5849e68c-4786-11e2-aad5-f07bcb4addcf}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{7a00ea27-4778-11e2-a06d-f07bcb4addcf}\Shell - "" = AutoRun
O33 - MountPoints2\{7a00ea27-4778-11e2-a06d-f07bcb4addcf}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{96ee9770-ea88-11e1-b24d-f07bcb4addcf}\Shell - "" = AutoRun
O33 - MountPoints2\{96ee9770-ea88-11e1-b24d-f07bcb4addcf}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{bc409387-202c-11e1-a48f-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{bc409387-202c-11e1-a48f-806e6f6e6963}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{bc4093a4-202c-11e1-a48f-e119e7728137}\Shell - "" = AutoRun
O33 - MountPoints2\{bc4093a4-202c-11e1-a48f-e119e7728137}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{e7b7be1c-2278-11e1-a4c4-f07bcb4addcf}\Shell - "" = AutoRun
O33 - MountPoints2\{e7b7be1c-2278-11e1-a4c4-f07bcb4addcf}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\{fc13a211-4746-11e2-a901-705ab6f8fd1d}\Shell - "" = AutoRun
O33 - MountPoints2\{fc13a211-4746-11e2-a901-705ab6f8fd1d}\Shell\AutoRun\command - "" = F:\AutoRun.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\AutoRun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
File not found -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Neue Funktion 1
[2012.12.26 10:20:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Headhunter\Desktop\OTL.exe
[2012.12.26 08:54:17 | 000,000,000 | ---D | C] -- C:\Users\Headhunter\AppData\Roaming\RealNetworks
[2012.12.26 08:53:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\RealNetworks
[2012.12.26 08:53:49 | 000,000,000 | ---D | C] -- C:\ProgramData\RealNetworks
[2012.12.26 08:53:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\xing shared
[2012.12.26 08:53:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks
[2012.12.26 08:53:27 | 000,272,896 | ---- | C] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2012.12.17 19:21:28 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012.12.16 08:59:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BILDmobil
[2012.12.16 08:59:48 | 000,132,608 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbnet.sys
[2012.12.16 08:59:48 | 000,116,992 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys
[2012.12.16 08:59:48 | 000,113,792 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbdev.sys
[2012.12.16 08:59:48 | 000,029,696 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\SysNative\drivers\ewdcsc.sys
[2012.12.15 22:54:33 | 000,000,000 | ---D | C] -- C:\Riot Games
[2012.12.15 22:04:05 | 000,000,000 | ---D | C] -- C:\Users\Headhunter\.swt
[2012.11.28 22:44:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Opera x64
[2012.11.28 22:44:17 | 000,000,000 | ---D | C] -- C:\Program Files\Opera x64
[2012.11.28 22:41:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012.11.28 22:41:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
========== Files - Modified Within 30 Days ==========
[2012.12.26 10:22:54 | 000,000,000 | ---- | M] () -- C:\Users\Headhunter\defogger_reenable
[2012.12.26 10:20:38 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Headhunter\Desktop\OTL.exe
[2012.12.26 10:20:18 | 000,050,477 | ---- | M] () -- C:\Users\Headhunter\Desktop\Defogger.exe
[2012.12.26 10:18:00 | 000,001,118 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012.12.26 10:07:55 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.12.26 10:07:55 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.12.26 10:01:01 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.26 09:59:31 | 000,001,114 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012.12.26 09:59:17 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.12.26 08:53:57 | 000,001,046 | ---- | M] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012.12.26 08:53:27 | 000,272,896 | ---- | M] (Progressive Networks) -- C:\Windows\SysWow64\pncrt.dll
[2012.12.25 12:20:29 | 000,000,000 | ---- | M] () -- C:\Users\Headhunter\Desktop\Neue Bitmap (2).bmp
[2012.12.25 12:20:09 | 000,000,000 | ---- | M] () -- C:\Users\Headhunter\Desktop\Neue Bitmap.bmp
[2012.12.21 20:06:13 | 000,566,592 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012.12.17 19:56:43 | 000,281,152 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.xtr
[2012.12.17 19:56:43 | 000,281,152 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2012.12.17 19:21:22 | 363,553,447 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012.12.17 11:23:50 | 000,281,152 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrB.ex0
[2012.12.17 08:36:31 | 001,627,016 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012.12.17 08:36:31 | 000,701,920 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2012.12.17 08:36:31 | 000,656,502 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012.12.17 08:36:31 | 000,150,882 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2012.12.17 08:36:31 | 000,123,236 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012.12.16 08:59:51 | 000,000,753 | ---- | M] () -- C:\Users\Public\Desktop\BILDmobil.lnk
[2012.12.15 23:03:03 | 000,001,726 | ---- | M] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk
[2012.12.13 22:19:21 | 000,002,382 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.12.11 16:18:20 | 000,003,232 | ---- | M] () -- C:\Users\Headhunter\AppData\Roaming\wklnhst.dat
[2012.11.29 20:07:52 | 000,076,888 | ---- | M] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2012.11.28 22:44:20 | 000,001,823 | ---- | M] () -- C:\Users\Public\Desktop\Opera 12.12 1707.lnk
========== Files Created - No Company Name ==========
[2012.12.26 10:22:54 | 000,000,000 | ---- | C] () -- C:\Users\Headhunter\defogger_reenable
[2012.12.26 10:20:18 | 000,050,477 | ---- | C] () -- C:\Users\Headhunter\Desktop\Defogger.exe
[2012.12.26 08:53:57 | 000,001,046 | ---- | C] () -- C:\Users\Public\Desktop\RealPlayer.lnk
[2012.12.25 12:20:29 | 000,000,000 | ---- | C] () -- C:\Users\Headhunter\Desktop\Neue Bitmap (2).bmp
[2012.12.25 12:20:09 | 000,000,000 | ---- | C] () -- C:\Users\Headhunter\Desktop\Neue Bitmap.bmp
[2012.12.17 19:21:22 | 363,553,447 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012.12.16 08:59:51 | 000,000,753 | ---- | C] () -- C:\Users\Public\Desktop\BILDmobil.lnk
[2012.12.15 23:03:03 | 000,001,726 | ---- | C] () -- C:\Users\Public\Desktop\League of Legends spielen .lnk
[2012.11.28 22:44:20 | 000,001,835 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera 12.12 1707.lnk
[2012.11.28 22:44:20 | 000,001,823 | ---- | C] () -- C:\Users\Public\Desktop\Opera 12.12 1707.lnk
[2012.11.06 21:22:24 | 000,000,074 | ---- | C] () -- C:\Windows\wininit.ini
[2012.05.11 12:53:52 | 000,000,769 | ---- | C] () -- C:\Users\Headhunter\AppData\Roaming\SMRBackup250.dat
[2012.02.26 08:46:13 | 000,007,605 | ---- | C] () -- C:\Users\Headhunter\AppData\Local\Resmon.ResmonCfg
[2011.07.26 13:26:46 | 000,003,584 | ---- | C] () -- C:\Users\Headhunter\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.07.04 17:17:24 | 001,604,910 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011.05.13 15:47:15 | 000,281,152 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe
[2011.05.13 15:47:13 | 000,682,280 | ---- | C] () -- C:\Windows\SysWow64\pbsvc.exe
[2011.05.13 15:47:13 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe
[2011.05.01 21:00:23 | 000,003,232 | ---- | C] () -- C:\Users\Headhunter\AppData\Roaming\wklnhst.dat
[2011.04.30 16:16:23 | 000,000,000 | ---- | C] () -- C:\Windows\nsreg.dat
[2010.04.21 11:41:04 | 000,131,472 | ---- | C] () -- C:\ProgramData\FullRemove.exe
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 06:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2011.12.11 10:45:31 | 000,000,000 | ---D | M] -- C:\Users\Headhunter\AppData\Roaming\.minecraft
[2011.12.24 08:56:37 | 000,000,000 | ---D | M] -- C:\Users\Headhunter\AppData\Roaming\Babylon
[2012.01.22 18:34:26 | 000,000,000 | ---D | M] -- C:\Users\Headhunter\AppData\Roaming\DAEMON Tools Pro
[2012.03.12 21:45:12 | 000,000,000 | ---D | M] -- C:\Users\Headhunter\AppData\Roaming\Downloaded Installations
[2011.11.04 08:32:11 | 000,000,000 | ---D | M] -- C:\Users\Headhunter\AppData\Roaming\eSobi
[2012.12.25 13:10:58 | 000,000,000 | ---D | M] -- C:\Users\Headhunter\AppData\Roaming\Liteon
[2012.02.22 14:40:01 | 000,000,000 | ---D | M] -- C:\Users\Headhunter\AppData\Roaming\LolClient
[2012.05.11 09:52:30 | 000,000,000 | ---D | M] -- C:\Users\Headhunter\AppData\Roaming\Nitro PDF
[2012.11.28 22:44:24 | 000,000,000 | ---D | M] -- C:\Users\Headhunter\AppData\Roaming\Opera
[2012.11.06 21:24:25 | 000,000,000 | ---D | M] -- C:\Users\Headhunter\AppData\Roaming\Origin
[2012.01.10 15:22:20 | 000,000,000 | ---D | M] -- C:\Users\Headhunter\AppData\Roaming\ScreeNet iSaver
[2011.12.15 15:28:37 | 000,000,000 | ---D | M] -- C:\Users\Headhunter\AppData\Roaming\TeamViewer
[2011.05.03 16:07:57 | 000,000,000 | ---D | M] -- C:\Users\Headhunter\AppData\Roaming\Template
[2011.05.05 16:12:50 | 000,000,000 | ---D | M] -- C:\Users\Headhunter\AppData\Roaming\TerraTec
[2011.04.30 16:16:23 | 000,000,000 | ---D | M] -- C:\Users\Headhunter\AppData\Roaming\Thunderbird
[2011.11.19 20:44:47 | 000,000,000 | ---D | M] -- C:\Users\Headhunter\AppData\Roaming\TomTom
[2012.12.16 16:12:39 | 000,000,000 | ---D | M] -- C:\Users\Headhunter\AppData\Roaming\TS3Client
[2012.05.17 08:13:50 | 000,000,000 | ---D | M] -- C:\Users\Headhunter\AppData\Roaming\TuneUp Software
[2012.10.03 19:08:33 | 000,000,000 | ---D | M] -- C:\Users\Headhunter\AppData\Roaming\Vodafone
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 186 bytes -> C:\ProgramData\Temp:B946D9EE
@Alternate Data Stream - 145 bytes -> C:\ProgramData\Temp:AB689DEA
@Alternate Data Stream - 129 bytes -> C:\ProgramData\Temp:0B9176C0
@Alternate Data Stream - 128 bytes -> C:\ProgramData\Temp:E1F04E8D
< End of report >
| Zitat:
OTL Extras logfile created on: 26.12.2012 10:37:09 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Headhunter\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,87 Gb Total Physical Memory | 2,50 Gb Available Physical Memory | 64,68% Memory free
7,73 Gb Paging File | 6,30 Gb Available in Paging File | 81,50% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 451,66 Gb Total Space | 323,19 Gb Free Space | 71,56% Space Free | Partition Type: NTFS
Computer Name: HEADHUNTER-PC | User Name: Headhunter | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
htmlfile [print] -- "C:\Windows\system32\rundll32.exe" "C:\Windows\system32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [edit] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Winamp.Bookmark] -- "C:\Program Files (x86)\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files (x86)\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files (x86)\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06AA9963-B0C8-4EB9-A203-6C31BBD04814}" = rport=137 | protocol=17 | dir=out | app=system |
"{081283FD-295F-4301-B5AB-EC21DFEA0901}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{105C29FE-D626-43B2-82B8-B1000EDACF56}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{1C1FB4B8-B118-4652-9D33-13FD5358FBF0}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{1F4B1D25-A3AB-4BEA-9145-1E8DCE3B96DC}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{290E955F-B97C-4355-836A-D9449AD80380}" = rport=10243 | protocol=6 | dir=out | app=system |
"{30FBF33E-3B6B-4111-BF2C-257A7FC967AE}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{5210BF33-4F2B-43CA-9EDC-441090BD750A}" = lport=445 | protocol=6 | dir=in | app=system |
"{57B5BD7D-A616-4734-AB2A-076497CE9762}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{68FD345E-B64A-4107-B631-93451244BE65}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{69302771-6A5B-4426-BF46-9D02DFDC3795}" = rport=138 | protocol=17 | dir=out | app=system |
"{6BFB8ACF-2E86-451D-9BB5-872080DE29A7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6D8D3907-D554-4083-BC87-2A1B2A1E6857}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6EABD915-2F38-4905-9781-B62CDC82E202}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe |
"{700EF0A5-3FB6-4B11-ABD3-6FE7F864A86B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{79CAC9D0-9550-4BB1-9AFE-3E3AC1BB875C}" = lport=10243 | protocol=6 | dir=in | app=system |
"{84E73AC3-17BF-44A9-9491-A55669A65A9D}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{8B4B44A7-FE9A-46AA-ACDB-262C72538817}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{8E7A9111-71C9-452E-BB04-B6D12B08ACA2}" = rport=445 | protocol=6 | dir=out | app=system |
"{A6C9CB76-1D47-4F3F-8379-E88A7BB296C0}" = rport=139 | protocol=6 | dir=out | app=system |
"{ABB3D7A6-93D1-4422-8CA0-2101714697A6}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{B918D01B-2721-48DE-A1AA-1D103F390029}" = lport=139 | protocol=6 | dir=in | app=system |
"{B95A17E5-9C93-4D67-8DF8-49367473013C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C203860E-ABFD-4967-B006-75E7C993616E}" = lport=138 | protocol=17 | dir=in | app=system |
"{D02DEDA9-C956-4812-B325-6BC9338F69AE}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{D07B2CFF-74D7-4406-A848-4E02B5CDB8A8}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{DB27D2A4-9CBE-479F-B55C-78B40A8AB837}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{DFE6B3B1-3AC4-40A9-8EB7-E63C79429EED}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe |
"{F9AA64BA-A2AD-4E3B-87B4-E4AC58EA392D}" = lport=137 | protocol=17 | dir=in | app=system |
"{FD457913-FA8C-4776-A0FE-B52737E140A4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{FE03EBBC-75CF-4E25-8F20-7509054852B8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{FFE1F116-571C-4AEC-AB0E-C37A437A4400}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{000B2B51-129A-4121-A76B-F2F2ABABF55C}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{062199F9-8155-4365-A637-C90A8BB7381F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{14DDDE22-4B03-401D-985D-48628CCC2306}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\insttool.exe |
"{16F3090B-D1B5-4E33-86F5-D884F86CDE43}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{1D7FE477-82C1-4F6D-96FD-63DF4E750DD0}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{1EB388D1-2150-467A-8AFA-61FD15522962}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{1F0A1E3D-8E7E-4382-9789-0AB224E0DFEE}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{20019205-CF67-4566-8AF2-974068A71652}" = protocol=17 | dir=in | app=c:\program files\opera x64\opera.exe |
"{214F63C3-D4C9-4E9B-A67F-BB5D4CD9D8A9}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{221FB86A-7D8D-45E9-A1F8-0423CE9C95D7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{2A5A7BBA-ED5B-4550-A719-D0C8F9F9C939}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{2BFE7575-0320-46F9-8258-57E939E480AE}" = protocol=6 | dir=in | app=c:\program files (x86)\origin games\battlefield 1942\bf1942.exe |
"{2CF19878-8C8A-4863-B219-E1E7ECB0C1EB}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{307B6D24-A9A1-4466-B3BD-C2EE56D544D2}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe |
"{30B767F1-92B5-447D-8A21-05E73357AAA0}" = protocol=6 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe |
"{32AB7369-DEEB-4EA3-B893-A20A7CD40BAF}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{334F9789-77C2-4A96-A80D-37C8E9826AC0}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{3501A139-A425-48E8-A929-0BDC9A4223C5}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{35CCA248-7DE1-4F0B-BD1B-6936450660AC}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{3997FBCC-1BF8-4536-824F-170A065A3A01}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{3CFF71F1-7173-4ADA-BDCA-4DEA151929B2}" = protocol=17 | dir=in | app=c:\program files (x86)\sony ericsson\update service\update service.exe |
"{44BD6935-CAE2-47FA-9151-8F7DAB46489A}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{49467BB8-B4F8-4CE6-83DF-DD5019FC68A1}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{4972A658-10AC-4281-8618-6255755E771B}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{541982C0-1FBE-4A40-8939-ABFDDFC2D472}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe |
"{5B6AD9D3-FD5C-4EC1-A9B6-70DACE8C351C}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe |
"{644094E7-37D9-4C77-AE7D-0502AC128320}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\cinergydvr.exe |
"{673A48BD-5E0D-4910-ABCA-D400DAA7FE11}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{67A51617-FF8C-47A1-9CD2-5B0D05D56469}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{685F7BE1-DAC8-46BB-8FC6-72AB37FC6DB2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{6B2211BF-DE5C-4FAF-B044-9AE1F88C6B4B}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{70C06F64-1C7D-4A97-AACF-837D9FCDAD9F}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{77390FAC-C30C-4C98-89A0-2B62BFA7489A}" = protocol=6 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{79063DD1-B101-4424-A9F4-253428C3F82D}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{7BC2D7FA-3509-45CF-ACC2-6CAA17BDE314}" = protocol=6 | dir=out | app=system |
"{81374397-0B23-4922-857F-A2135FC5BB59}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{8670D58B-1508-46BB-B66D-F6C9B7220D32}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{8E45D441-B2BB-4595-BAD2-8A616B9C1FFB}" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe |
"{8E7D5A75-3FBA-4A13-94AD-CBD917C804A9}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{93282AA1-E7C5-4753-B05C-39DF0F86A9DA}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{97034878-6238-4DBD-BE7E-FE7785C91A85}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{9B0EDF37-2C7B-4F21-8807-487A6B7A5D8D}" = protocol=17 | dir=in | app=c:\spiele\ea games\battlefield 2\bf2.exe |
"{A3B6D3D6-4C2A-496D-85DE-FFDDCC237156}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A4ACA145-7087-40AB-9D64-843651D2A6FD}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\pluginwrapper\opera_plugin_wrapper.exe |
"{A7F118C2-CABD-469B-A631-626A5FAC2FEC}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{A9363D54-5C09-40D1-9809-38CD25829C40}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe |
"{B47F2E6E-2B5F-4304-86DA-60188D468A4A}" = protocol=17 | dir=in | app=c:\program files (x86)\battlelog web plugins\sonar\0.70.4\sonarhost.exe |
"{B5A342A0-2856-4F5D-B59C-2DF14AC006DB}" = protocol=6 | dir=in | app=c:\program files (x86)\sony ericsson\update service\update service.exe |
"{B904F141-D85D-418C-9A2D-20CAC3B4DFFC}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{BA0EAF85-E987-4F1F-9748-AFFD9044415B}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{BB3EC5AB-095F-43E0-98EE-393844D54386}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper.exe |
"{BC40361E-CBC7-4875-9402-9A5DF7FC216B}" = protocol=6 | dir=in | app=c:\spiele\ea games\battlefield 2\bf2.exe |
"{C52CF021-5D0E-4A59-B40A-F7FFDDCD4F72}" = protocol=17 | dir=in | app=c:\program files\opera x64\pluginwrapper\opera_plugin_wrapper_32.exe |
"{CA33A5B6-37D1-4B32-A008-C33D8A83D18B}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{CE749339-2CDC-4E95-925B-56AD1F1293DB}" = protocol=6 | dir=in | app=c:\program files\opera x64\opera.exe |
"{D0801243-74D0-4225-8CF6-152C9214C4B7}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{D716AC5F-7017-4331-9BFD-6807691200A6}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{D9D39BA5-5A58-42BD-A5C8-6887EAE0DA56}" = protocol=17 | dir=in | app=c:\program files (x86)\origin games\battlefield 1942\bf1942.exe |
"{DAEC9628-63AB-4FA0-9287-6C99BFCB3189}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\insttool.exe |
"{DCD8DEAB-56D8-4C31-A96E-4596480AF6D5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{E2EBBC83-989A-44F7-AA6F-9031B600C8E9}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{E8C695E4-D80B-4548-8BB7-DEBEDA13B74B}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe |
"{ED065072-B558-464B-8403-E836E33655CF}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe |
"{EE3259C3-2A34-4A0D-BC82-634E28330BF3}" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\tvtvsetup\tvtv_wizard.exe |
"TCP Query User{22A8E098-F345-4753-BC4E-5C8E3625BADC}C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=6 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe |
"TCP Query User{31BB619F-E52D-45D3-94DE-CBAEB6371F02}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"TCP Query User{32C4E519-AAF9-4B76-A522-D62A982920B6}C:\internet tv\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\internet tv\sopcast\sopcast.exe |
"TCP Query User{586FBBBC-0BE5-472F-BD80-22B2EF317700}C:\internet tv\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\internet tv\sopcast\sopcast.exe |
"TCP Query User{76FF40C4-6DBC-4B69-923A-DB44F1DD920F}C:\internet tv\streamtorrent 1.0\streamtorrent.exe" = protocol=6 | dir=in | app=c:\internet tv\streamtorrent 1.0\streamtorrent.exe |
"TCP Query User{B0EDE73B-8B06-493A-A3A0-1B518D27654D}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{B8DF60B6-E73B-4C7A-A449-73D90028452E}C:\spiele\ea games\battlefield 2\bf2.exe" = protocol=6 | dir=in | app=c:\spiele\ea games\battlefield 2\bf2.exe |
"TCP Query User{BBAB5585-729A-4211-B872-F8110824CE50}C:\program files (x86)\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"TCP Query User{DCAE83A4-6020-43EB-9CF3-86128B1AA2B0}C:\internet tv\streamtorrent 1.0\streamtorrent.exe" = protocol=6 | dir=in | app=c:\internet tv\streamtorrent 1.0\streamtorrent.exe |
"TCP Query User{F13BBE78-B3E3-4ECD-BDE8-49033FEEFEA8}C:\internet tv\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\internet tv\sopcast\adv\sopadver.exe |
"UDP Query User{19A818B7-CFD8-44CE-B5C0-2BB629E855DA}C:\spiele\ea games\battlefield 2\bf2.exe" = protocol=17 | dir=in | app=c:\spiele\ea games\battlefield 2\bf2.exe |
"UDP Query User{344EB7B7-3792-4C59-8F14-060DE3DDD8AB}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{453E78C6-0AC7-4ED2-B731-4DF5A81E60C2}C:\internet tv\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\internet tv\sopcast\sopcast.exe |
"UDP Query User{51A38BFC-E552-4833-BDE9-7A9591A06473}C:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe" = protocol=17 | dir=in | app=c:\program files (x86)\terratec\terratec home cinema\versioncheck\versioncheck.exe |
"UDP Query User{57375467-6C35-4FCD-83B2-3A49C7CBB654}C:\internet tv\streamtorrent 1.0\streamtorrent.exe" = protocol=17 | dir=in | app=c:\internet tv\streamtorrent 1.0\streamtorrent.exe |
"UDP Query User{5CE1D3A8-7F5E-446F-A8A7-3AC117FA062B}C:\internet tv\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\internet tv\sopcast\sopcast.exe |
"UDP Query User{6BCCC511-F094-494D-9BE7-79DFB0FE6D5F}C:\program files (x86)\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files (x86)\google\google earth\client\googleearth.exe |
"UDP Query User{91EA337D-2842-4D01-9079-B43292767443}C:\internet tv\streamtorrent 1.0\streamtorrent.exe" = protocol=17 | dir=in | app=c:\internet tv\streamtorrent 1.0\streamtorrent.exe |
"UDP Query User{ABF4F8F4-B757-4715-A33F-EF849FFDEFC0}C:\program files (x86)\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files (x86)\winamp\winamp.exe |
"UDP Query User{E9F75412-3D0A-4E01-9C2F-0BDB0AD402EB}C:\internet tv\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\internet tv\sopcast\adv\sopadver.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{02382870-19C7-3ACD-BBAE-F6E3760947DC}" = Microsoft .NET Framework 4 Extended DEU Language Pack
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1F557316-CFC0-41BD-AFF7-8BC49CE444D7}" = Shredder
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{26A24AE4-039D-4CA4-87B4-2F86416030FF}" = Java(TM) 6 Update 30 (64-bit)
"{26A24AE4-039D-4CA4-87B4-2F86417009FF}" = Java 7 Update 9 (64-bit)
"{3ED4AD02-F631-4A4C-AAC8-2325996E5A56}" = Microsoft IntelliPoint 8.1
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{8338783A-0968-3B85-AFC7-BAAE0A63DC50}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8B79B3A9-6E49-5FFB-2017-A822BBDC4992}" = ATI Catalyst Install Manager
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{A84DB02B-9C2B-4272-9D2D-A80E00A56513}" = Broadcom Gigabit NetLink Controller
"{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}" = Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B0B97CF2-5032-A645-7FFC-BD1E39FC4E3F}" = ccc-utility64
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"CutePDF Writer Installation" = CutePDF Writer 2.8
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Microsoft .NET Framework 4 Extended DEU Language Pack" = Microsoft .NET Framework 4 Extended DEU Language Pack
"Microsoft IntelliPoint 8.1" = Microsoft IntelliPoint 8.1
"Opera 12.12.1707" = Opera 12.12
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{02A414EA-0E5F-CD08-61EF-E155F31DFF76}" = Catalyst Control Center Graphics Previews Vista
"{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}" = Battlefield 2(TM)
"{08938019-97FA-1C7A-19E0-0C8D56ED7CB2}" = CCC Help Hungarian
"{0A4D717B-E6E8-11FA-E7D2-385EBB1A4A85}" = CCC Help Japanese
"{0D7CD0D9-4A88-4A63-8F91-3F4E8F371768}" = MyWinLocker
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{13BA5548-1065-4DBE-B115-681AFB77263B}" = CCC Help Swedish
"{16890D7F-1C77-733B-D8E4-F5D4315A5F93}" = Catalyst Control Center Localization All
"{1CBDB473-E303-EFAE-88D1-6F741ACD5B31}" = CCC Help Czech
"{1D8912B0-343C-EB1F-28EE-B672D444C192}" = Catalyst Control Center InstallProxy
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{26A24AE4-039D-4CA4-87B4-2F83217009FF}" = Java 7 Update 9
"{287ECFA4-719A-2143-A09B-D6A12DE54E40}" = Acrobat.com
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}" = Microsoft XNA Framework Redistributable 4.0
"{2C59BF0E-66A5-681E-60FE-8D18CE6319A1}" = CCC Help German
"{2C9D4FCA-3E7F-9368-6955-EA6D65F7DC78}" = CCC Help English
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{3788B9B7-C15F-4C64-D52B-3DD1BA494B7A}" = CCC Help Korean
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3D200EB9-44FC-432F-1E35-C20AB5FDCD77}" = CCC Help Thai
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{44D52071-5077-2839-1AE6-863563AEA269}" = CCC Help Russian
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4BCBC4D0-1D88-462D-809E-506F34EA11C0}" = Catalyst Control Center - Branding
"{50D4CB89-AF34-4978-96DC-C3034062E901}" = Battlefield 2: Special Forces
"{51F026FA-5146-4232-A8BA-1364740BD053}" = Acer Crystal Eye webcam
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{5449FB4F-1802-4D5B-A6D8-087DB1142147}" = Realtek HDMI Audio Driver for ATI
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5BE7BD06-512B-43bf-AD78-3BD2A5F5F7B3}" = Battlefield 1942™
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{62F7DA7E-CCCB-439C-A760-00C3926E761F}" = Microsoft Works
"{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}" = TerraTec Home Cinema
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{87976D85-DBF6-F263-39B6-500ACB658CE0}" = Catalyst Control Center Graphics Full Existing
"{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}" = TomTom HOME Visual Studio Merge Modules
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{2733AA87-26FC-41B0-9D2F-3092345BC370}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.de-de_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.de-de_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9017CEAF-BE5A-4F73-8A0E-C87E26971E55}" = TomTom HOME
"{92606477-9366-4D3B-8AE3-6BE4B29727AB}" = League of Legends
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BBB29A1-C71D-DD1D-66B1-352AAAB13FC6}" = CCC Help Danish
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9F4D1D9E-5542-B572-81A7-9DCB0AEED1BE}" = CCC Help French
"{A2BCA9F1-566C-4805-97D1-7FDC93386723}" = Adobe AIR
"{A3EF3FAD-6ABA-1551-AD3B-D09361C5EEC9}" = CCC Help Polish
"{A73FBC00-44F8-0ECF-76FB-14CF62120B55}" = ccc-core-static
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AACEAAE9-9CC3-5715-4539-EB13CA3C67BA}" = CCC Help Spanish
"{AAECF7BA-E83B-4A10-87EA-DE0B333F8734}" = RealNetworks - Microsoft Visual C++ 2010 Runtime
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI - Deutsch
"{AF7EBCA4-9FAF-4DC8-8D09-67854BB84D34}" = RealDownloader
"{B2463AD3-1334-A30E-A523-D38E8E7B09A2}" = CCC Help Dutch
"{BA2AD7F2-55AE-87B5-00DD-9B0C6F087FD0}" = Catalyst Control Center Graphics Light
"{BC940CD7-FC71-83C5-2001-CF6FD07BA3D1}" = CCC Help Chinese Traditional
"{BF847A60-119D-6888-B2DA-EC62F1B66BBB}" = CCC Help Chinese Standard
"{C2695E83-CF1D-43D1-84FE-B3BEC561012A}" = Shredder
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C97396A9-44BC-C856-0B92-93A6A417D6A8}" = Catalyst Control Center Graphics Full New
"{CA10114E-3941-E8ED-70A3-17CAA2226AFC}" = CCC Help Turkish
"{CAB89605-7C12-8082-32DF-B419C696BD12}" = Catalyst Control Center Core Implementation
"{D98C2191-0AE0-4087-9153-018A4810DF45}" = CCC Help Norwegian
"{DF7D3C5E-87FC-6AE6-D986-35E0F05FEFD9}" = CCC Help Italian
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3E71D07-CD27-46CB-8448-16D4FB29AA13}" = Microsoft WSE 3.0 Runtime
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EBA8538C-F0B1-A089-D555-44DBF3A47C9F}" = CCC Help Finnish
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F22E305E-BD02-5CC1-92D0-BD7170CDFE45}" = CCC Help Portuguese
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FD4B3108-0915-31E1-5A7C-AC5B3C33846C}" = CCC Help Greek
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Avira AntiVir Desktop" = Avira Free Antivirus
"Battlelog Web Plugins" = Battlelog Web Plugins
"BILDmobil" = BILDmobil
"Cinergy T Stick MKII" = Cinergy T Stick MKII V9.06.3.01
"DAEMON Tools Pro" = DAEMON Tools Pro
"DivX Setup" = DivX-Setup
"ESN Sonar-0.70.4" = ESN Sonar
"Free PDF to Word Doc Converter_is1" = Free PDF to Word Doc Converter v1.1
"Google Chrome" = Google Chrome
"Identity Card" = Identity Card
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}" = MyWinLocker Suite
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9
"LManager" = Launch Manager
"Mozilla Firefox 12.0 (x86 de)" = Mozilla Firefox 12.0 (x86 de)
"Mozilla Thunderbird (6.0)" = Mozilla Thunderbird (6.0)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"Origin" = Origin
"Picasa 3" = Picasa 3
"RealPlayer 16.0" = RealPlayer
"SopCast" = SopCast 3.3.2
"StreamTorrent 1.0" = StreamTorrent 1.0
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"Update Service" = Sony Ericsson Update Service
"Veetle TV" = Veetle TV 0.9.18
"vShare.tv plugin" = vShare.tv plugin 1.3
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
"Winamp Detect" = Winamp Erkennungs-Plug-in
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 24.12.2012 09:53:50 | Computer Name = Headhunter-PC | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Program Files
(x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll". Fehler in Manifest- oder
Richtliniendatei "c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe
AIR.dll" in Zeile 3. Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR"
des "version"-Attributs im assemblyIdentity-Element ist ungültig.
Error - 24.12.2012 09:56:01 | Computer Name = Headhunter-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\messenger\wlcsdk.exe". Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 24.12.2012 09:56:02 | Computer Name = Headhunter-PC | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.
Error - 25.12.2012 14:49:52 | Computer Name = Headhunter-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 25.12.2012 17:32:24 | Computer Name = Headhunter-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16457,
Zeitstempel: 0x50a333a6 Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0,
Zeitstempel: 0x00000000 Ausnahmecode: 0xc0000005 Fehleroffset: 0x0000000000000000
ID
des fehlerhaften Prozesses: 0x138c Startzeit der fehlerhaften Anwendung: 0x01cde2e752eb0377
Pfad
der fehlerhaften Anwendung: C:\Program Files\Internet Explorer\iexplore.exe Pfad
des fehlerhaften Moduls: unknown Berichtskennung: 923ad694-4eda-11e2-ae62-705ab6f8fd1d
Error - 26.12.2012 02:19:13 | Computer Name = Headhunter-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 26.12.2012 03:50:52 | Computer Name = Headhunter-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 26.12.2012 03:53:57 | Computer Name = Headhunter-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 26.12.2012 03:54:12 | Computer Name = Headhunter-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 26.12.2012 04:59:40 | Computer Name = Headhunter-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
[ System Events ]
Error - 18.12.2012 07:46:17 | Computer Name = Headhunter-PC | Source = Service Control Manager | ID = 7032
Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden
des Dienstes "DNS-Client" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen,
ist fehlgeschlagen. Fehler: %%1056
Error - 20.12.2012 00:59:31 | Computer Name = Headhunter-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Kryptografiedienste" wurde unerwartet beendet. Dies ist
bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
durchgeführt: Neustart des Diensts.
Error - 20.12.2012 00:59:31 | Computer Name = Headhunter-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "DNS-Client" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt:
Neustart des Diensts.
Error - 20.12.2012 00:59:31 | Computer Name = Headhunter-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Arbeitsstationsdienst" wurde unerwartet beendet. Dies
ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
durchgeführt: Neustart des Diensts.
Error - 20.12.2012 00:59:31 | Computer Name = Headhunter-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "NLA (Network Location Awareness)" wurde unerwartet beendet.
Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 100 Millisekunden
durchgeführt: Neustart des Diensts.
Error - 20.12.2012 00:59:31 | Computer Name = Headhunter-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Telefonie" wurde unerwartet beendet. Dies ist bereits
1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt:
Neustart des Diensts.
Error - 20.12.2012 01:01:31 | Computer Name = Headhunter-PC | Source = Service Control Manager | ID = 7032
Description = Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden
des Dienstes "DNS-Client" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen,
ist fehlgeschlagen. Fehler: %%1056
Error - 21.12.2012 15:06:05 | Computer Name = Headhunter-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
DNS-Client erreicht.
Error - 21.12.2012 15:06:05 | Computer Name = Headhunter-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DNS-Client" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error - 22.12.2012 00:54:34 | Computer Name = Headhunter-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst AntiVirSchedulerService erreicht.
< End of report >
| Zitat:
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Dienstag, 25. Dezember 2012 22:18
Es wird nach 4616125 Virenstämmen gesucht.
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira Free Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows 7 Home Premium
Windowsversion : (Service Pack 1) [6.1.7601]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : HEADHUNTER-PC
Versionsinformationen:
BUILD.DAT : 12.1.9.1236 40872 Bytes 11.10.2012 15:29:00
AVSCAN.EXE : 12.3.0.48 468256 Bytes 15.11.2012 05:04:28
AVSCAN.DLL : 12.3.0.15 66256 Bytes 18.07.2012 16:04:38
LUKE.DLL : 12.3.0.15 68304 Bytes 18.07.2012 16:04:31
AVSCPLR.DLL : 12.3.0.27 97064 Bytes 18.07.2012 16:04:24
AVREG.DLL : 12.3.0.33 232232 Bytes 18.07.2012 16:04:23
VBASE000.VDF : 7.10.0.0 19875328 Bytes 06.11.2009 18:18:34
VBASE001.VDF : 7.11.0.0 13342208 Bytes 14.12.2010 23:22:12
VBASE002.VDF : 7.11.19.170 14374912 Bytes 20.12.2011 23:31:36
VBASE003.VDF : 7.11.21.238 4472832 Bytes 01.02.2012 09:58:50
VBASE004.VDF : 7.11.26.44 4329472 Bytes 28.03.2012 22:37:35
VBASE005.VDF : 7.11.34.116 4034048 Bytes 29.06.2012 16:04:37
VBASE006.VDF : 7.11.41.250 4902400 Bytes 06.09.2012 04:08:53
VBASE007.VDF : 7.11.50.230 3904512 Bytes 22.11.2012 13:46:15
VBASE008.VDF : 7.11.50.231 2048 Bytes 22.11.2012 13:46:15
VBASE009.VDF : 7.11.50.232 2048 Bytes 22.11.2012 13:46:15
VBASE010.VDF : 7.11.50.233 2048 Bytes 22.11.2012 13:46:15
VBASE011.VDF : 7.11.50.234 2048 Bytes 22.11.2012 13:46:16
VBASE012.VDF : 7.11.50.235 2048 Bytes 22.11.2012 13:46:16
VBASE013.VDF : 7.11.50.236 2048 Bytes 22.11.2012 13:46:16
VBASE014.VDF : 7.11.51.27 133632 Bytes 23.11.2012 21:48:29
VBASE015.VDF : 7.11.51.95 140288 Bytes 26.11.2012 05:02:56
VBASE016.VDF : 7.11.51.221 164352 Bytes 29.11.2012 05:15:06
VBASE017.VDF : 7.11.52.29 158208 Bytes 01.12.2012 14:18:14
VBASE018.VDF : 7.11.52.91 116736 Bytes 03.12.2012 14:18:17
VBASE019.VDF : 7.11.52.151 137728 Bytes 05.12.2012 19:30:53
VBASE020.VDF : 7.11.52.225 157696 Bytes 06.12.2012 19:30:59
VBASE021.VDF : 7.11.53.35 126976 Bytes 08.12.2012 16:47:20
VBASE022.VDF : 7.11.53.55 225792 Bytes 09.12.2012 17:43:59
VBASE023.VDF : 7.11.53.93 157184 Bytes 10.12.2012 17:43:57
VBASE024.VDF : 7.11.53.169 153088 Bytes 12.12.2012 20:19:47
VBASE025.VDF : 7.11.53.237 152064 Bytes 14.12.2012 21:20:39
VBASE026.VDF : 7.11.54.23 149504 Bytes 17.12.2012 07:35:28
VBASE027.VDF : 7.11.54.67 130048 Bytes 18.12.2012 04:59:39
VBASE028.VDF : 7.11.54.153 292352 Bytes 21.12.2012 04:59:38
VBASE029.VDF : 7.11.54.154 2048 Bytes 21.12.2012 04:59:38
VBASE030.VDF : 7.11.54.155 2048 Bytes 21.12.2012 04:59:39
VBASE031.VDF : 7.11.54.200 138240 Bytes 24.12.2012 05:44:09
Engineversion : 8.2.10.224
AEVDF.DLL : 8.1.2.10 102772 Bytes 23.08.2012 05:38:11
AESCRIPT.DLL : 8.1.4.78 467323 Bytes 21.12.2012 04:59:43
AESCN.DLL : 8.1.10.0 131445 Bytes 13.12.2012 21:20:55
AESBX.DLL : 8.2.5.12 606578 Bytes 18.07.2012 16:04:20
AERDL.DLL : 8.2.0.74 643445 Bytes 07.11.2012 19:02:37
AEPACK.DLL : 8.3.1.2 819574 Bytes 21.12.2012 04:59:43
AEOFFICE.DLL : 8.1.2.50 201084 Bytes 06.11.2012 15:39:49
AEHEUR.DLL : 8.1.4.168 5628280 Bytes 21.12.2012 04:59:42
AEHELP.DLL : 8.1.25.2 258423 Bytes 11.10.2012 16:30:43
AEGEN.DLL : 8.1.6.12 434549 Bytes 13.12.2012 21:20:54
AEEXP.DLL : 8.3.0.4 184692 Bytes 21.12.2012 04:59:43
AEEMU.DLL : 8.1.3.2 393587 Bytes 23.08.2012 05:38:07
AECORE.DLL : 8.1.30.0 201079 Bytes 13.12.2012 21:20:54
AEBB.DLL : 8.1.1.4 53619 Bytes 06.11.2012 15:39:47
AVWINLL.DLL : 12.3.0.15 27344 Bytes 18.07.2012 16:04:25
AVPREF.DLL : 12.3.0.32 50720 Bytes 15.11.2012 05:04:27
AVREP.DLL : 12.3.0.15 179208 Bytes 18.07.2012 16:04:23
AVARKT.DLL : 12.3.0.33 209696 Bytes 15.11.2012 05:04:27
AVEVTLOG.DLL : 12.3.0.15 169168 Bytes 18.07.2012 16:04:22
SQLITE3.DLL : 3.7.0.1 398288 Bytes 18.07.2012 16:04:34
AVSMTP.DLL : 12.3.0.32 63480 Bytes 18.07.2012 16:04:24
NETNT.DLL : 12.3.0.15 17104 Bytes 18.07.2012 16:04:31
RCIMAGE.DLL : 12.3.0.31 4444408 Bytes 18.07.2012 16:04:41
RCTEXT.DLL : 12.3.0.32 98848 Bytes 15.11.2012 05:04:26
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Beginn des Suchlaufs: Dienstag, 25. Dezember 2012 22:18
Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf nach versteckten Objekten wird begonnen.
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'avscan.exe' - '99' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'UNS.exe' - '54' Modul(e) wurden durchsucht
Durchsuche Prozess 'AVWEBGRD.EXE' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMworker.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '84' Modul(e) wurden durchsucht
Durchsuche Prozess 'Updater.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'LManager.exe' - '66' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAStorIcon.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'PMB.exe' - '70' Modul(e) wurden durchsucht
Durchsuche Prozess 'IAStorDataMgrSvc.exe' - '47' Modul(e) wurden durchsucht
Durchsuche Prozess 'UpdaterService.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'TomTomHOMEService.exe' - '12' Modul(e) wurden durchsucht
Durchsuche Prozess 'PnkBstrA.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'SchedulerSvc.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'IScheduleSvc.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'LMS.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'GREGsvc.exe' - '11' Modul(e) wurden durchsucht
Durchsuche Prozess 'dsiwmis.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '43' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '1557' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\' <Acer>
C:\Users\Headhunter\AppData\Local\Temp\jar_cache9011780958677570567.tmp
[0] Archivtyp: ZIP
--> kWccKddAS/bLoYrXxi.class
[FUND] Enthält Erkennungsmuster des Exploits EXP/2012-4681.CN
--> kWccKddAS/dOsVij.class
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Badorg.AW
--> kWccKddAS/fhslVIQE.class
[FUND] Enthält Erkennungsmuster des Exploits EXP/2012-1723.GE
--> kWccKddAS/QQzVZC.class
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Kara.O
--> kWccKddAS/SUhMtf.class
[FUND] Enthält Erkennungsmuster des Java-Virus JAVA/Kara.R
--> kWccKddAS/wXTQZnZ.class
[FUND] Enthält Erkennungsmuster des Exploits EXP/2012-1723.GE
Beginne mit der Desinfektion:
C:\Users\Headhunter\AppData\Local\Temp\jar_cache9011780958677570567.tmp
[FUND] Enthält Erkennungsmuster des Exploits EXP/2012-1723.GE
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '572d9a27.qua' verschoben!
Ende des Suchlaufs: Mittwoch, 26. Dezember 2012 00:34
Benötigte Zeit: 2:16:12 Stunde(n)
Der Suchlauf wurde vollständig durchgeführt.
36397 Verzeichnisse wurden überprüft
858041 Dateien wurden geprüft
6 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
1 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
858035 Dateien ohne Befall
5378 Archive wurden durchsucht
0 Warnungen
1 Hinweise
742003 Objekte wurden beim Rootkitscan durchsucht
0 Versteckte Objekte wurden gefunden
| Ich hoffe Ihr könnt mir helfen
Frohe Weihnacht
Novacec
|
26.12.2012, 10:59
Baum-Darstellung