Ich bin mir trotz diverser Hinweise in einschlägigen Foren und Web Sites nicht sicher, was mein Rechner hat, bzw was ich mir ggf. für einen Virus/Trojaner o.ä. eingefangen habe::
Nach augenscheinlich problemfrei abgeschlossenem initialem Booten lassen sich keine Programme starten (z.B. die Browser wie Google Chrome, Firefox, Internet Explorer; oder Mozllia Thunderbird und Outlook 2007); nach einem Neustart (ich brauche den Rechner also nicht gänzlich wieder runterfahren!), manchmal auch erst nach einem weiteren Neustart lassen sich die o.g. Programme dann problemfrei starten!
Ich habe unter Windows 7 "Microsoft Security Essentials" installiert.

Hallo und

Hast du noch weitere Logs (mit Funden)? Malwarebytes und/oder andere Virenscanner?
Ich frage deswegen nach => http://www.trojaner-board.de/125889-...tml#post941520

Bitte keine neuen Virenscans machen sondern erst nur schon vorhandene Logs posten!

Zitat:

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

• Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
• Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
• Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
• Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

OTL Logfile:

Code: Alles auswählenAufklappen

ATTFilter

OTL logfile created on: 02.01.2013 18:03:15 - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\strama\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 2,16 Gb Available Physical Memory | 66,64% Memory free
6,50 Gb Paging File | 5,26 Gb Available in Paging File | 80,98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 1376,16 Gb Total Space | 1291,18 Gb Free Space | 93,82% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 11,67 Gb Free Space | 58,35% Space Free | Partition Type: NTFS
 
Computer Name: STRAMA-PC | User Name: strama | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\strama\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Google\Update\1.3.21.124\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Users\strama\AppData\Local\Apps\2.0\5MR43N9R.H6L\T6OQ6A4H.D9L\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe (AVM Berlin)
PRC - C:\Users\strama\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
PRC - c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Programme\Boxore\BoxoreClient\boxore.exe (Boxore OU)
PRC - C:\Programme\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Users\strama\AppData\Roaming\Juniper Networks\Host Checker\dsHostChecker.exe (Juniper Networks")
PRC - C:\Users\strama\AppData\Roaming\Juniper Networks\Setup Client\JuniperSetupClient.exe (Juniper Networks, Inc.)
PRC - C:\Windows\System32\ieconfig_1und1_svc.exe ()
PRC - C:\Programme\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
PRC - C:\Programme\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Programme\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Juniper Networks\Common Files\dsNcService.exe (Juniper Networks)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Programme\Logitech\Logitech WebCam Software\LWS.exe ()
PRC - C:\Programme\Common Files\logishrd\LQCVFX\COCIManager.exe ()
PRC - C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Programme\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
PRC - C:\Programme\1&1\IGDCTRL.EXE (AVM Berlin)
PRC - c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\5e3ccfdf88ccd6a9ff4e6ddae7e3fec6\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\c881e2d2ec912499834feb85c4c2e483\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\58f50a891bafb8fd7149e6eebc2b7b52\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\05ebffcb5aac31412fea8c38cbac8df8\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\cbb227c0a77a5b15a1255220984239f2\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\caffbced23ee85b40b919ad4a122b7aa\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9422d0c052186760a4645e10995487f5\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\cb0c00757e89f0b1fe282913ed667212\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ed886fb71addf400705481dcf8de12da\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\811a7bc79f8f0a5be8065292a320819e\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\16126cae96ea2422253ae06eeb672abc\mscorlib.ni.dll ()
MOD - C:\Users\strama\AppData\Roaming\Juniper Networks\Host Checker\dsCacheCleaner.dll ()
MOD - C:\Programme\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3660.33486__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3660.33443__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3660.33319__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3660.33396__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3660.33345__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3660.33397__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3660.33417__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3660.33329__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3660.33444__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3660.33395__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3660.33388__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3660.33376__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3660.33338__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3660.33330__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3660.33487__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3660.33482__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3660.33379__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3660.33458__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3660.33346__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3660.33410__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3660.33371__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3660.33345__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3660.33378__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3660.33385__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3660.33457__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3660.33376__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3660.33384__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3660.33351__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3660.33386__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3660.33377__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3639.21544__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3639.21529__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3639.21799__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3639.21677__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3639.21772__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3660.33377__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3639.21517__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3639.21518__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3639.21922__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3639.21571__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3639.21582__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3639.21557__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3639.21776__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3639.21569__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3639.21562__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3639.21599__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3639.21620__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3639.21566__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3639.21663__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3639.21591__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3639.21613__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3639.21806__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3639.21789__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3639.21606__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3639.21788__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3660.33325__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3660.33479__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3660.33428__90ba9c70f846762e\CLI.Component.Systemtray.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3660.33337__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3660.33436__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3660.33434__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3639.21679__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3660.33316__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3639.21608__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3660.33315__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3660.33318__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3639.21609__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3639.21670__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3639.21589__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3660.33314__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3660.33451__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3639.21551__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3639.21578__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3639.21577__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3639.21601__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3639.21521__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3639.21666__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3639.21623__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3639.21565__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3639.21594__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3639.21673__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3639.21539__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3639.21592__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3639.21596__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3639.21681__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3639.21611__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3639.21604__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3660.33435__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3639.21570__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3660.33313__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\Programme\Logitech\Logitech WebCam Software\LWS.exe ()
MOD - C:\Programme\Common Files\logishrd\LQCVFX\COCIManager.exe ()
MOD - C:\Programme\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Programme\CyberLink\Power2Go\CLMediaLibrary.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (supdate) -- C:\Program Files\Software\Update\SoftwareUpdate.exe (Boxore OU.)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (serviceIEConfig) -- C:\Windows\System32\ieconfig_1und1_svc.exe ()
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (McComponentHostService) -- C:\Programme\McAfee Security Scan\3.0.207\McCHSvc.exe (McAfee, Inc.)
SRV - (BBSvc) -- C:\Programme\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (dsNcService) -- C:\Programme\Juniper Networks\Common Files\dsNcService.exe (Juniper Networks)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (LVPrcSrv) -- C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Microsoft Office Groove Audit Service) -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (BRA_Scheduler) -- C:\Programme\Brother\BRAdmin Professional 3\bratimer.exe ()
SRV - (AAV UpdateService) -- C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (IGDCTRL) -- C:\Programme\1&1\IGDCTRL.EXE (AVM Berlin)
SRV - (PSI_SVC_2) -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (Profos) -- C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys File not found
DRV - (MpKslf799f04b) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{BC1E9A5F-A415-475C-820B-C6348F87E4E8}\MpKslf799f04b.sys File not found
DRV - (avmaura) -- C:\Windows\System32\drivers\avmaura.sys (AVM Berlin)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (avmaudio) -- C:\Windows\System32\drivers\avmaudio.sys (AVM Berlin)
DRV - (RTL8192su) -- C:\Windows\System32\drivers\RTL8192su.sys (Realtek Semiconductor Corporation                           )
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (dsNcAdpt) -- C:\Windows\System32\drivers\dsNcAdpt.sys (Juniper Networks)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atipmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (amdide) -- C:\Windows\System32\drivers\amdide.sys (Advanced Micro Devices Inc.)
DRV - (usbfilter) -- C:\Windows\System32\drivers\usbfilter.sys (Advanced Micro Devices)
DRV - (AtiPcie) -- C:\Windows\System32\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV - (GigasetGenericUSB) -- C:\Windows\System32\drivers\GigasetGenericUSB.sys (Siemens Home and Office Communication Devices GmbH & Co. KG)
DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (PID_0928) -- C:\Windows\System32\drivers\LV561AV.SYS (Logitech Inc.)
DRV - (Gigusb) -- C:\Windows\System32\drivers\Gigusb.sys (Siemens AG)
DRV - (siellif) -- C:\Windows\System32\drivers\siellif.sys (Siemens AG)
DRV - (IUAPIWDM) -- C:\Windows\System32\drivers\IUAPIWDM.sys (SIEMENS AG)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
IE - HKLM\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKLM\..\SearchScopes,DefaultScope = {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=303&systemid=406&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sueddeutsche.de/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKCU\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - No CLSID value found
IE - HKCU\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
IE - HKCU\..\SearchScopes,DefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKCU\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://search.babylon.com/?q={searchTerms}&AF=109101&babsrc=SP_ss&mntrId=a03a8f6200000000000000ff9818f287
IE - HKCU\..\SearchScopes\{1248A9A0-33C3-4B77-94D0-6959FAE9BBAD}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
IE - HKCU\..\SearchScopes\{1440438C-2F25-4724-A98B-D500568A9EFB}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
IE - HKCU\..\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E}: "URL" = hxxp://websearch.ask.com/redirect?client=ie&tb=SPC2&o=15000&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=PV&apn_dtid=YYYYYYYYDE&apn_uid=C6B3CB05-9F23-4FBD-AAE7-C8884BCE103B&apn_sauid=FD1BC8A8-1695-456B-B20A-06A5D8018383
IE - HKCU\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=a03a8f6200000000000000ffa8c8bd87&tlver=1.4.19.19&affID=17161
IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searc
IE - HKCU\..\SearchScopes\{6B699F94-B458-420E-AF75-491E0067103F}: "URL" = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms}
IE - HKCU\..\SearchScopes\{8BEED4D2-79D6-4F61-BECC-D74D2A647C42}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
IE - HKCU\..\SearchScopes\{8E53319A-837E-423B-87CC-2D8D7E98E7B1}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKCU\..\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}: "URL" = hxxp://dts.search-results.com/sr?src=ieb&appid=303&systemid=406&sr=0&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultengine: "Ask.com"
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaultthis.engineName: "Winload Customized Web Search"
FF - prefs.js..browser.search.defaulturl: "hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p="
FF - prefs.js..browser.search.order.1: "Search Results"
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=827316&ilc=12"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.sueddeutsche.de/"
FF - prefs.js..extensions.enabledAddons: donottrackplus%40abine.com:2.2.5.1205
FF - prefs.js..extensions.enabledAddons: FirefoxAddon%40similarWeb.com:1.4.35
FF - prefs.js..extensions.enabledAddons: %7B40c3cc16-7269-4b32-9531-17f2950fb06f%7D:3.16.0.3
FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.0.3
FF - prefs.js..extensions.enabledAddons: %7BC9B68337-E93A-44EA-94DC-CB300EC06444%7D:5.30.4
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0033-ABCDEFFEDCBA%7D:6.0.33
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0035-ABCDEFFEDCBA%7D:6.0.35
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.0
FF - prefs.js..extensions.enabledItems: FirefoxAddon@similarWeb.com:1.2.06
FF - prefs.js..extensions.enabledItems: {40c3cc16-7269-4b32-9531-17f2950fb06f}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.14019
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3
FF - prefs.js..keyword.URL: "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&q="
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2012.10.01 16:14:16 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@rim.com/npappworld: C:\Program Files\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll ()
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@www.dlmanager.net/omaha/tools//Software Update;version=8: C:\Program Files\Software\Update\1.2.201.0\npSoftwareOneClick8.dll (Boxore OU.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.08.17 13:40:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.08.17 13:40:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.08.17 13:40:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\webbooster@iminent.com: C:\Program Files\Iminent\webbooster@iminent.com
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.29 16:34:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.29 16:34:04 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.29 16:34:49 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2012.12.29 16:34:04 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
 
[2012.03.18 10:01:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\strama\AppData\Roaming\mozilla\Extensions
[2010.07.12 19:37:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\strama\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2012.12.21 08:29:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\strama\AppData\Roaming\mozilla\Firefox\Profiles\rxfgip4i.default\extensions
[2012.11.27 20:32:06 | 000,000,000 | ---D | M] (Winload Community Toolbar) -- C:\Users\strama\AppData\Roaming\mozilla\Firefox\Profiles\rxfgip4i.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}
[2012.09.02 17:49:33 | 000,000,000 | ---D | M] (IMinent Toolbar) -- C:\Users\strama\AppData\Roaming\mozilla\Firefox\Profiles\rxfgip4i.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2012.12.12 09:04:52 | 000,000,000 | ---D | M] (DoNotTrackMe) -- C:\Users\strama\AppData\Roaming\mozilla\Firefox\Profiles\rxfgip4i.default\extensions\donottrackplus@abine.com
[2012.12.21 08:29:24 | 000,000,000 | ---D | M] (SimilarWeb) -- C:\Users\strama\AppData\Roaming\mozilla\Firefox\Profiles\rxfgip4i.default\extensions\FirefoxAddon@similarWeb.com
[2012.12.12 09:04:52 | 000,109,804 | ---- | M] () (No name found) -- C:\Users\strama\AppData\Roaming\mozilla\firefox\profiles\rxfgip4i.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2012.11.27 20:38:15 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\strama\AppData\Roaming\mozilla\firefox\profiles\rxfgip4i.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.12.05 16:11:56 | 000,007,919 | ---- | M] () (No name found) -- C:\Users\strama\AppData\Roaming\mozilla\firefox\profiles\rxfgip4i.default\extensions\donottrackplus@abine.com\chrome\content\ff\view_expiry.js
[2011.12.24 17:26:42 | 000,001,737 | ---- | M] () -- C:\Users\strama\AppData\Roaming\mozilla\firefox\profiles\rxfgip4i.default\searchplugins\bing.xml
[2011.12.18 14:53:57 | 000,001,123 | ---- | M] () -- C:\Users\strama\AppData\Roaming\mozilla\firefox\profiles\rxfgip4i.default\searchplugins\conduit.xml
[2012.03.17 19:35:26 | 000,002,519 | ---- | M] () -- C:\Users\strama\AppData\Roaming\mozilla\firefox\profiles\rxfgip4i.default\searchplugins\Search_Results.xml
[2012.12.29 16:34:04 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.12.29 16:34:03 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.12.29 16:34:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.12.29 16:34:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.12.29 16:34:04 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.12.29 16:34:04 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.12.29 16:34:49 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.05.28 09:58:11 | 000,378,880 | ---- | M] (InfiniAd GmbH) -- C:\Program Files\mozilla firefox\plugins\npmieze.dll
[2012.08.17 13:39:46 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2012.07.14 10:29:35 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.12.01 19:48:55 | 000,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.09.25 15:49:46 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.07.14 10:29:35 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.14 10:29:35 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2011.07.03 12:44:09 | 000,002,501 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\SearchResults.xml
[2012.03.17 19:35:26 | 000,002,519 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
[2012.07.14 10:29:35 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 10:29:35 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.sueddeutsche.de/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://www.sueddeutsche.de/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\strama\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\strama\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\strama\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\strama\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: DoNotTrackMe = C:\Users\strama\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkeiedlemmabfclbdkalidkolgdphij\2.2.5.1211_0\
CHR - Extension: YouTube = C:\Users\strama\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google-Suche = C:\Users\strama\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\strama\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: komoot = C:\Users\strama\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbgbaicglaiooophhbkpkdhpglkbhohb\1.0.2_0\
CHR - Extension: Smart Display = C:\Users\strama\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbpohikckhbcljgombipcdoinkaedlfa\1.2_0\
CHR - Extension: Google Mail = C:\Users\strama\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2012.01.27 13:40:30 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Programme\BabylonToolbar\BabylonToolbar\1.8.3.8\bh\BabylonToolbar.dll (Babylon BHO)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Do Not Track Plus) - {6E45F3E8-2683-4824-A6BE-08108022FB36} - C:\Programme\DoNotTrackPlus\ScriptHost.dll (Abine)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (1&&1 Internet AG Browser Configuration by mquadr.at) - {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} - C:\Windows\System32\ieconfig_1und1.dll (mquadr.at software engineering und consulting GmbH)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Programme\BabylonToolbar\BabylonToolbar\1.8.3.8\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKLM\..\Toolbar: (softonic-de3 Toolbar) - {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - {DFEFCDEE-CF1A-4FC8-88AD-129872198372} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {40C3CC16-7269-4B32-9531-17F2950FB06F} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (softonic-de3 Toolbar) - {CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065} - C:\Programme\softonic-de3\tbsoft.dll (Conduit Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [Boxore Client] C:\Programme\Boxore\BoxoreClient\boxore.exe (Boxore OU)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Programme\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] c:\program files\real\realplayer\Update\realsched.exe (RealNetworks, Inc.)
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\strama\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [AVMUSBFernanschluss] C:\Users\strama\AppData\Local\Apps\2.0\5MR43N9R.H6L\T6OQ6A4H.D9L\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe (AVM Berlin)
O4 - HKCU..\Run: [Cache Cleaner] C:\Users\strama\AppData\Roaming\Juniper Networks\Host Checker\dsCCProc.exe ()
O4 - Startup: C:\Users\strama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Do Not Track Plus (c) Abine - {6E45F3E8-2683-4824-A6BE-08108022FB36} - C:\Programme\DoNotTrackPlus\ScriptHost.dll (Abine)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\1&1\\sarah.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\1&1\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\1&1\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\1&1\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\1&1\sarah.dll (AVM Berlin)
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: linde.com ([secure] https in Trusted sites)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} hxxp://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab (Microsoft Genuine Advantage Self Support Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A357FDAD-A89D-4409-AC28-EE05FCD82B89}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{46c78202-3a2e-11e1-96ad-1c4bd63fc0fb}\Shell - "" = AutoRun
O33 - MountPoints2\{46c78202-3a2e-11e1-96ad-1c4bd63fc0fb}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.01.01 21:08:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\xca
[2013.01.01 21:08:36 | 000,000,000 | ---D | C] -- C:\Program Files\xca
[2012.12.29 16:34:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.12.27 15:51:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2012.12.27 12:56:44 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.12.25 20:19:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012.12.25 16:07:49 | 000,000,000 | ---D | C] -- C:\Users\strama\.thumbnails
[2012.12.22 11:27:59 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.22 11:27:59 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.12.22 10:19:54 | 000,105,728 | ---- | C] (AVM Berlin) -- C:\Windows\System32\drivers\avmaura.sys
[2012.12.12 23:12:34 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.12.12 23:12:33 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.12.12 23:12:33 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.12.12 23:12:32 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.12.12 23:12:31 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.12.12 23:12:31 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.12.12 23:12:30 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.12.12 23:12:29 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.12.12 22:53:05 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.12.12 22:52:34 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2012.12.12 22:52:33 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012.12.12 22:52:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2012.12.12 22:52:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.12.12 22:52:26 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2012.12.12 22:52:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2012.12.12 22:52:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2012.12.12 22:52:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.12.12 22:52:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.12.12 22:52:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2012.12.12 22:52:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.12.12 22:52:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2012.12.12 22:52:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2012.12.12 22:52:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2012.12.12 22:52:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.12.12 22:52:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2012.12.12 22:52:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2012.12.12 22:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2012.12.12 22:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2012.12.12 22:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.12.12 22:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2012.12.12 22:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2012.12.12 22:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2012.12.12 22:52:23 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2012.12.12 22:52:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2012.12.12 22:52:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2012.12.12 22:52:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2012.12.12 22:52:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2012.12.12 22:52:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2012.12.12 22:52:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2012.12.12 22:51:57 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2012.12.12 22:51:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012.12.09 19:36:36 | 000,000,000 | ---D | C] -- C:\Users\strama\Documents\web
[2012.12.09 16:56:40 | 000,000,000 | ---D | C] -- C:\Users\strama\.FamilySearchIndexing
[2012.12.09 16:56:12 | 000,000,000 | ---D | C] -- C:\Program Files\FamilySearch Indexing
[2012.12.07 23:03:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2010.07.20 19:03:27 | 002,736,736 | ---- | C] (Conduit Ltd.) -- C:\Program Files\tbsoft.dll
 
========== Files - Modified Within 30 Days ==========
 
[2013.01.02 17:59:00 | 000,001,116 | ---- | M] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineUA.job
[2013.01.02 17:21:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.02 17:10:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.01.02 16:40:52 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.02 10:09:47 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.02 10:09:47 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.02 10:01:49 | 000,001,112 | ---- | M] () -- C:\Windows\tasks\SoftwareUpdateTaskMachineCore.job
[2013.01.02 10:01:49 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.02 10:01:48 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2013.01.02 10:01:35 | 2615,910,400 | -HS- | M] () -- C:\hiberfil.sys
[2012.12.31 16:09:32 | 000,000,900 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2012.12.31 12:05:46 | 000,007,064 | ---- | M] () -- C:\Users\strama\AppData\Local\recently-used.xbel
[2012.12.31 09:58:32 | 000,671,936 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.12.31 09:58:32 | 000,622,922 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.12.31 09:58:32 | 000,135,284 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.12.31 09:58:32 | 000,111,050 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.12.27 15:50:21 | 000,000,993 | ---- | M] () -- C:\Users\strama\Desktop\PhotoScape.lnk
[2012.12.27 12:58:10 | 000,002,193 | ---- | M] () -- C:\Users\Public\Desktop\BlackBerry Desktop Software.lnk
[2012.12.25 20:19:44 | 000,002,174 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012.12.25 20:17:43 | 000,002,239 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.12.25 11:20:17 | 000,012,288 | -H-- | M] () -- C:\Users\strama\Documents\photothumb.db
[2012.12.22 11:36:42 | 000,481,296 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.12.22 10:19:29 | 000,105,728 | ---- | M] (AVM Berlin) -- C:\Windows\System32\drivers\avmaura.sys
[2012.12.17 20:18:19 | 000,002,191 | ---- | M] () -- C:\Users\Public\Desktop\Steuer-Spar- Erklärung 2013.lnk
[2012.12.16 15:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.16 15:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.12.12 10:58:38 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.12.12 10:58:38 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.12.09 17:08:12 | 000,000,102 | ---- | M] () -- C:\Users\strama\jobq.dat
[2012.12.09 16:56:34 | 000,002,396 | ---- | M] () -- C:\Users\Public\Desktop\FamilySearch Indexing.lnk
 
========== Files Created - No Company Name ==========
 
[2012.12.31 12:05:46 | 000,007,064 | ---- | C] () -- C:\Users\strama\AppData\Local\recently-used.xbel
[2012.12.25 20:19:44 | 000,002,174 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012.12.25 11:20:14 | 000,012,288 | -H-- | C] () -- C:\Users\strama\Documents\photothumb.db
[2012.12.09 16:56:55 | 000,000,102 | ---- | C] () -- C:\Users\strama\jobq.dat
[2012.12.09 16:56:34 | 000,002,396 | ---- | C] () -- C:\Users\Public\Desktop\FamilySearch Indexing.lnk
[2011.12.18 14:53:57 | 000,338,432 | ---- | C] () -- C:\Windows\System32\sqlite36_engine.dll
[2011.11.10 20:13:00 | 001,053,848 | ---- | C] () -- C:\Windows\System32\ieconfig_1und1_svc.exe
[2011.06.10 05:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010.11.23 13:27:09 | 000,004,096 | -H-- | C] () -- C:\Users\strama\AppData\Local\keyfile3.drm
[2010.07.20 19:03:27 | 000,153,088 | ---- | C] () -- C:\Program Files\UNWISE.EXE
[2010.07.20 19:03:27 | 000,006,836 | ---- | C] () -- C:\Program Files\UNWISE.INI
[2010.07.16 21:39:23 | 000,010,240 | ---- | C] () -- C:\Users\strama\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.13 21:25:57 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.07.13 20:53:35 | 000,000,900 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.07.12 20:01:15 | 000,000,054 | ---- | C] () -- C:\Users\strama\AppData\Roaming\wklnhst.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== LOP Check ==========
 
[2011.06.24 09:06:01 | 000,000,000 | ---D | M] -- C:\Users\strama\AppData\Roaming\1&1
[2011.06.22 15:49:58 | 000,000,000 | ---D | M] -- C:\Users\strama\AppData\Roaming\Akademische Arbeitsgemeinschaft
[2012.12.01 19:48:52 | 000,000,000 | ---D | M] -- C:\Users\strama\AppData\Roaming\Babylon
[2011.02.08 19:28:28 | 000,000,000 | ---D | M] -- C:\Users\strama\AppData\Roaming\Buhl Data Service
[2011.11.27 11:00:22 | 000,000,000 | ---D | M] -- C:\Users\strama\AppData\Roaming\Buhl Data Service GmbH
[2011.11.16 19:02:45 | 000,000,000 | ---D | M] -- C:\Users\strama\AppData\Roaming\Canneverbe Limited
[2012.04.14 11:59:05 | 000,000,000 | ---D | M] -- C:\Users\strama\AppData\Roaming\FileZilla
[2012.03.30 19:29:44 | 000,000,000 | ---D | M] -- C:\Users\strama\AppData\Roaming\FRITZ!
[2011.05.25 19:11:29 | 000,000,000 | ---D | M] -- C:\Users\strama\AppData\Roaming\ICAClient
[2011.03.02 19:21:03 | 000,000,000 | ---D | M] -- C:\Users\strama\AppData\Roaming\Juniper Networks
[2010.07.12 18:01:39 | 000,000,000 | ---D | M] -- C:\Users\strama\AppData\Roaming\Leadertech
[2012.09.04 20:07:40 | 000,000,000 | ---D | M] -- C:\Users\strama\AppData\Roaming\loadtbs
[2010.07.17 10:49:41 | 000,000,000 | ---D | M] -- C:\Users\strama\AppData\Roaming\MAGIX
[2011.12.18 14:53:53 | 000,000,000 | ---D | M] -- C:\Users\strama\AppData\Roaming\OCS
[2011.12.18 14:53:57 | 000,000,000 | ---D | M] -- C:\Users\strama\AppData\Roaming\Opera
[2012.12.31 15:52:45 | 000,000,000 | ---D | M] -- C:\Users\strama\AppData\Roaming\PhotoScape
[2012.05.06 10:54:20 | 000,000,000 | ---D | M] -- C:\Users\strama\AppData\Roaming\Research In Motion
[2011.04.22 07:51:42 | 000,000,000 | ---D | M] -- C:\Users\strama\AppData\Roaming\Reviversoft
[2010.07.18 17:00:26 | 000,000,000 | ---D | M] -- C:\Users\strama\AppData\Roaming\ScanSoft
[2010.07.12 20:01:29 | 000,000,000 | ---D | M] -- C:\Users\strama\AppData\Roaming\Template
[2010.07.12 19:37:26 | 000,000,000 | ---D | M] -- C:\Users\strama\AppData\Roaming\Thunderbird
[2012.09.22 12:18:03 | 000,000,000 | ---D | M] -- C:\Users\strama\AppData\Roaming\Windows Live Writer
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 304 bytes -> C:\Users\strama\Documents\Rund-um-den-Untersberg_01.tif:Updt_SummaryInformation
@Alternate Data Stream - 304 bytes -> C:\Users\strama\Documents\Kuehrointhuette_01.tif:Updt_SummaryInformation

< End of report >
         

--- --- ---

OTL ist kein Virenscanner!
Hatte irgendein Scanner auf deinem System jemals einen Funde oder nicht?!

Ich habe OTL nur laufen lassen, weil mir ein Kollege von Dir - ca. 1 Minute nach Deiner Erstantwort - mir dies angeraten hatte. (Ich kann diese Antwort bloß nicht mehr finden!?)
Sonst ist kein weiterer Scanner - wie mit meiner ersten e-mail angezeigt - außer MS Security Essential installiert, bzw. habe ich bewusst nur durch dieses Programm überwachen lassen! Das hat mir zwar in der länger zurück liegenden Vergangenheit immer wieder "mal etwas" angezeigt, aber seit der Zeit, seit dem das gegenständliche Problem auftaucht, nicht mehr!

Bevor wir uns an die Arbeit machen, möchte ich dich bitten, folgende Punkte vollständig und aufmerksam zu lesen.

• Lies dir meine Anleitungen, die ich im Laufe dieses Strangs hier posten werde, aufmerksam durch. Frag umgehend nach, wenn dir irgendetwas unklar sein sollte, bevor du anfängst meine Anleitungen umzusetzen.
  
  
• Solltest du bei einem Schritt Probleme haben, stoppe dort und beschreib mir das Problem so gut du kannst. Manchmal erfordert ein Schritt den vorhergehenden.
  
  
• Bitte nur Scans durchführen zu denen du von einem Helfer aufgefordert wurdest! Installiere / Deinstalliere keine Software ohne Aufforderung!
  
  
• Poste die Logfiles direkt in deinen Thread (bitte in CODE-Tags) und nicht als Anhang, ausser du wurdest dazu aufgefordert. Logs in Anhängen erschweren mir das Auswerten!
  
  
• Beachte bitte auch => Löschen von Logfiles und andere Anfragen

Note:
Sollte ich drei Tage nichts von mir hören lassen, so melde dich bitte in diesem Strang => Erinnerung an meinem Thread.
Nervige "Wann geht es weiter" Nachrichten enden mit Schließung deines Themas. Auch ich habe ein Leben abseits des Trojaner-Boards.

Malwarebytes Anti-Rootkit

Downloade dir bitte Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.

• Entpacke das Archiv auf deinem Desktop.
• Im neu erstellten Ordner starte bitte die mbar.exe.
• Folge den Anweisungen auf deinem Bildschirm und erlaube dem Tool, dein System zu scannen.
• Klicke auf den CleanUp Button und erlaube den Neustart.
• Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
• Nach dem Neustart starte die mbar.exe erneut.
• Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.

Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Malwarebytes Anti-Rootkit 1.01.0.1011
Malwarebytes : Free Anti-Malware download

Database version: v2013.01.02.09

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
strama :: STRAMA-PC [administrator]

02.01.2013 22:07:37
mbar-log-2013-01-02 (22-07-37).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 31306
Time elapsed: 21 minute(s), 5 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

1. aswMBR

Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.

Hinweis: Bitte den Virenscanner abstellen bevor du aswMBR ausführst, denn v.a. Avira meldet darin oft einen Fehlalarm!

• Starte die aswMBR.exe Vista und Win7 User aswMBR per Rechtsklick "als Administrator ausführen"
• Das Tool wird dich fragen, ob Du mit der aktuellen Virendefinition von AVAST! dein System scannen willst. Beantworte diese Frage bitte mit Ja. (Sollte deine Firewall fragen, bitte den Zugriff auf das Internet zulassen) Der Download der Definitionen kann je nach Verbindung eine Weile dauern.
• Klicke auf Scan.
• Warte bitte bis Scan finished successfully im DOS Fenster steht.
• Drücke auf Save Log und speichere diese auf dem Desktop.

Poste mir die aswMBR.txt in deiner nächsten Antwort. Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.

Noch ein Hinweis: Sollte aswMBR abstürzen und es kommt eine Meldung wie "aswMBR.exe funktioniert nicht mehr, dann mach Folgendes:
Starte aswMBR neu, wähle unten links im Drop-Down-Menü (unten links im Fenster von aswMBR) bei "AV scan" (none) aus und klick nochmal auf den Scan-Button.


2. TDSS-Killer

Download TDSS-Killer auf Desktop siehe => http://www.trojaner-board.de/82358-t...entfernen.html

Hinweis: Bitte den Virenscanner abstellen bevor du den TDSS-Killer ausführst, denn v.a. Avira meldet im TDSS-Tool oft einen Fehalalrm!

Das Tool so einstellen wie unten im Bild angegeben - klick auf change parameters und setze die Haken wie im folgenden Screenshot abgebildet,
Dann auf Start Scan klicken und wenn es durch ist auf den Button Report klicken um das Log anzuzeigen. Dieses bitte komplett posten.

Wenn du das Log nicht findest oder den Inhalt kopieren und in dein Posting übertragen kannst, dann schau bitte direkt auf deiner Windows-Systempartition ( meistens Laufwerk C: ) nach, da speichert der TDSS-Killer seine Logs.

Hinweis: Bitte nichts voreilig mit dem TDSS-Killer löschen! Falls Objekte vom TDSS-Killer bemängelt werden, alle mit der Aktion "skip" behandeln und hier nur das Log posten!

Code: Alles auswählenAufklappen

ATTFilter

aswMBR version 0.9.9.1707 Copyright(c) 2011 AVAST Software
Run date: 2013-01-02 22:17:38
-----------------------------
22:17:38.481    OS Version: Windows 6.1.7601 Service Pack 1
22:17:38.481    Number of processors: 4 586 0x402
22:17:38.496    ComputerName: STRAMA-PC  UserName: strama
22:17:41.281    Initialize success
22:21:58.294    AVAST engine defs: 13010200
22:22:03.194    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000005d
22:22:03.197    Disk 0 Vendor: WDC_WD15 80.0 Size: 1430799MB BusType: 11
22:22:03.213    Disk 0 MBR read successfully
22:22:03.216    Disk 0 MBR scan
22:22:03.274    Disk 0 unknown MBR code
22:22:03.294    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
22:22:03.338    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS      1409191 MB offset 206848
22:22:03.390    Disk 0 Partition 3 00     07    HPFS/NTFS NTFS        20480 MB offset 2886230016
22:22:03.432    Disk 0 Partition 4 00     12  Compaq diag NTFS         1026 MB offset 2928173056
22:22:03.462    Disk 0 scanning sectors +2930275120
22:22:03.558    Disk 0 scanning C:\Windows\system32\drivers
22:22:21.403    Service scanning
22:22:41.824    Service MpKslf16bc0a2 c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{486B991B-4F95-4049-B1D2-844E6C98B8C5}\MpKslf16bc0a2.sys **LOCKED** 32
22:22:59.220    Modules scanning
22:23:07.145    Disk 0 trace - called modules:
22:23:07.176    ntkrnlpa.exe CLASSPNP.SYS disk.sys amdxata.sys storport.sys halmacpi.dll amdsata.sys 
22:23:07.176    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86aee030]
22:23:07.192    3 CLASSPNP.SYS[8c59759e] -> nt!IofCallDriver -> [0x86aa9468]
22:23:07.192    5 amdxata.sys[8c1967b6] -> nt!IofCallDriver -> \Device\0000005d[0x869784b0]
22:23:10.655    AVAST engine scan C:\Windows
22:23:15.117    AVAST engine scan C:\Windows\system32
22:27:30.540    AVAST engine scan C:\Windows\system32\drivers
22:27:50.867    AVAST engine scan C:\Users\strama
23:04:00.656    AVAST engine scan C:\ProgramData
23:08:17.640    Scan finished successfully
23:08:32.457    Disk 0 MBR has been saved successfully to "C:\Users\strama\Downloads\MBR.dat"
23:08:32.468    The log file has been saved successfully to "C:\Users\strama\Downloads\aswMBR.txt"
         

Code: Alles auswählenAufklappen

ATTFilter

23:09:43.0498 5928  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
23:09:43.0779 5928  ============================================================
23:09:43.0779 5928  Current date / time: 2013/01/02 23:09:43.0779
23:09:43.0779 5928  SystemInfo:
23:09:43.0779 5928  
23:09:43.0779 5928  OS Version: 6.1.7601 ServicePack: 1.0
23:09:43.0779 5928  Product type: Workstation
23:09:43.0779 5928  ComputerName: STRAMA-PC
23:09:43.0779 5928  UserName: strama
23:09:43.0779 5928  Windows directory: C:\Windows
23:09:43.0779 5928  System windows directory: C:\Windows
23:09:43.0779 5928  Processor architecture: Intel x86
23:09:43.0779 5928  Number of processors: 4
23:09:43.0779 5928  Page size: 0x1000
23:09:43.0779 5928  Boot type: Normal boot
23:09:43.0779 5928  ============================================================
23:09:45.0822 5928  Drive \Device\Harddisk0\DR0 - Size: 0x15D50F66000 (1397.27 Gb), SectorSize: 0x200, Cylinders: 0x2C881, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:09:45.0838 5928  ============================================================
23:09:45.0838 5928  \Device\Harddisk0\DR0:
23:09:45.0838 5928  MBR partitions:
23:09:45.0838 5928  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
23:09:45.0838 5928  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xAC053800
23:09:45.0838 5928  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xAC086000, BlocksNum 0x2800000
23:09:45.0838 5928  ============================================================
23:09:45.0869 5928  C: <-> \Device\Harddisk0\DR0\Partition2
23:09:45.0931 5928  D: <-> \Device\Harddisk0\DR0\Partition3
23:09:45.0931 5928  ============================================================
23:09:45.0931 5928  Initialize success
23:09:45.0931 5928  ============================================================
23:10:25.0732 4380  ============================================================
23:10:25.0732 4380  Scan started
23:10:25.0732 4380  Mode: Manual; SigCheck; TDLFS; 
23:10:25.0732 4380  ============================================================
23:10:26.0746 4380  ================ Scan system memory ========================
23:10:26.0746 4380  System memory - ok
23:10:26.0746 4380  ================ Scan services =============================
23:10:26.0902 4380  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
23:10:27.0011 4380  1394ohci - ok
23:10:27.0136 4380  [ 7EEB488346FBFA3731276C3EE8A8FD9E ] AAV UpdateService C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
23:10:27.0167 4380  AAV UpdateService - ok
23:10:27.0183 4380  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
23:10:27.0230 4380  ACPI - ok
23:10:27.0261 4380  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
23:10:27.0339 4380  AcpiPmi - ok
23:10:27.0432 4380  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
23:10:27.0464 4380  AdobeARMservice - ok
23:10:27.0510 4380  [ 95CE557D16A75606CCC2D7F3B0B0BCCB ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
23:10:27.0542 4380  AdobeFlashPlayerUpdateSvc - ok
23:10:27.0573 4380  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
23:10:27.0588 4380  adp94xx - ok
23:10:27.0635 4380  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
23:10:27.0651 4380  adpahci - ok
23:10:27.0682 4380  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
23:10:27.0698 4380  adpu320 - ok
23:10:27.0729 4380  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
23:10:27.0791 4380  AeLookupSvc - ok
23:10:27.0854 4380  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
23:10:27.0916 4380  AFD - ok
23:10:27.0963 4380  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
23:10:27.0994 4380  agp440 - ok
23:10:28.0025 4380  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
23:10:28.0056 4380  aic78xx - ok
23:10:28.0088 4380  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
23:10:28.0150 4380  ALG - ok
23:10:28.0166 4380  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
23:10:28.0181 4380  aliide - ok
23:10:28.0212 4380  [ 446A5644046B7C59C07221742C821A16 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
23:10:28.0290 4380  AMD External Events Utility - ok
23:10:28.0306 4380  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
23:10:28.0322 4380  amdagp - ok
23:10:28.0353 4380  [ 211FCE336502911EC03FC15A91344C98 ] amdide          C:\Windows\system32\DRIVERS\amdide.sys
23:10:28.0368 4380  amdide - ok
23:10:28.0384 4380  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
23:10:28.0431 4380  AmdK8 - ok
23:10:28.0556 4380  [ 8B37D7DBF153CF029141C8D82B3F53BA ] amdkmdag        C:\Windows\system32\DRIVERS\atipmdag.sys
23:10:28.0712 4380  amdkmdag - ok
23:10:28.0743 4380  [ 2A20C0B5CFE4CFF706856A7B1BF14D72 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
23:10:28.0790 4380  amdkmdap - ok
23:10:28.0821 4380  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
23:10:28.0868 4380  AmdPPM - ok
23:10:28.0914 4380  [ 6F64C768A9A48FAB7C6D6CEE1B30F97F ] amdsata         C:\Windows\system32\DRIVERS\amdsata.sys
23:10:28.0930 4380  amdsata - ok
23:10:28.0961 4380  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
23:10:28.0992 4380  amdsbs - ok
23:10:29.0008 4380  [ E27866684780606BCCE640A57937D88A ] amdxata         C:\Windows\system32\DRIVERS\amdxata.sys
23:10:29.0024 4380  amdxata - ok
23:10:29.0055 4380  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
23:10:29.0148 4380  AppID - ok
23:10:29.0164 4380  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
23:10:29.0226 4380  AppIDSvc - ok
23:10:29.0258 4380  [ FB1959012294D6AD43E5304DF65E3C26 ] Appinfo         C:\Windows\System32\appinfo.dll
23:10:29.0304 4380  Appinfo - ok
23:10:29.0336 4380  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\DRIVERS\arc.sys
23:10:29.0351 4380  arc - ok
23:10:29.0382 4380  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
23:10:29.0398 4380  arcsas - ok
23:10:29.0429 4380  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
23:10:29.0538 4380  AsyncMac - ok
23:10:29.0554 4380  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
23:10:29.0570 4380  atapi - ok
23:10:29.0616 4380  [ 430449D04B05348879244C9090D405B4 ] AtiHdmiService  C:\Windows\system32\drivers\AtiHdmi.sys
23:10:29.0663 4380  AtiHdmiService - ok
23:10:29.0694 4380  [ B73C832088DD54B55E04FF6F9646AD8C ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
23:10:29.0726 4380  AtiPcie - ok
23:10:29.0772 4380  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:10:29.0819 4380  AudioEndpointBuilder - ok
23:10:29.0835 4380  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
23:10:29.0850 4380  Audiosrv - ok
23:10:29.0882 4380  [ 728C4A6C722535C16D1025F51AA31E22 ] avmaudio        C:\Windows\system32\DRIVERS\avmaudio.sys
23:10:29.0897 4380  avmaudio - ok
23:10:29.0944 4380  [ D4920FA1E0DC90FF97D970971410EE64 ] avmaura         C:\Windows\system32\DRIVERS\avmaura.sys
23:10:30.0038 4380  avmaura - ok
23:10:30.0162 4380  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
23:10:30.0240 4380  AxInstSV - ok
23:10:30.0272 4380  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
23:10:30.0318 4380  b06bdrv - ok
23:10:30.0334 4380  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
23:10:30.0365 4380  b57nd60x - ok
23:10:30.0474 4380  [ 483F1162EEEBD10BF77FBB32DB963370 ] BBSvc           C:\Program Files\Microsoft\BingBar\BBSvc.EXE
23:10:30.0506 4380  BBSvc - ok
23:10:30.0693 4380  [ 78779EE07231C658B483B1F38B5088DF ] BBUpdate        C:\Program Files\Microsoft\BingBar\SeaPort.EXE
23:10:30.0771 4380  BBUpdate - ok
23:10:30.0849 4380  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
23:10:30.0974 4380  BDESVC - ok
23:10:30.0989 4380  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
23:10:31.0020 4380  Beep - ok
23:10:31.0067 4380  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
23:10:31.0114 4380  BFE - ok
23:10:31.0130 4380  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\System32\qmgr.dll
23:10:31.0176 4380  BITS - ok
23:10:31.0192 4380  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
23:10:31.0223 4380  blbdrive - ok
23:10:31.0254 4380  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
23:10:31.0286 4380  bowser - ok
23:10:31.0348 4380  [ AD5D76B93B7A277CBDB964BF678F9633 ] BRA_Scheduler   C:\Program Files\Brother\BRAdmin Professional 3\bratimer.exe
23:10:31.0364 4380  BRA_Scheduler ( UnsignedFile.Multi.Generic ) - warning
23:10:31.0364 4380  BRA_Scheduler - detected UnsignedFile.Multi.Generic (1)
23:10:31.0364 4380  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
23:10:31.0426 4380  BrFiltLo - ok
23:10:31.0457 4380  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
23:10:31.0488 4380  BrFiltUp - ok
23:10:31.0504 4380  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
23:10:31.0566 4380  Browser - ok
23:10:31.0598 4380  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\system32\DRIVERS\BrSerId.sys
23:10:31.0629 4380  Brserid - ok
23:10:31.0644 4380  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
23:10:31.0676 4380  BrSerWdm - ok
23:10:31.0769 4380  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
23:10:31.0816 4380  BrUsbMdm - ok
23:10:31.0863 4380  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\system32\DRIVERS\BrUsbSer.sys
23:10:31.0910 4380  BrUsbSer - ok
23:10:31.0941 4380  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
23:10:31.0988 4380  BTHMODEM - ok
23:10:32.0034 4380  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
23:10:32.0112 4380  bthserv - ok
23:10:32.0128 4380  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
23:10:32.0175 4380  cdfs - ok
23:10:32.0222 4380  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
23:10:32.0237 4380  cdrom - ok
23:10:32.0268 4380  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
23:10:32.0300 4380  CertPropSvc - ok
23:10:32.0300 4380  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
23:10:32.0346 4380  circlass - ok
23:10:32.0378 4380  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
23:10:32.0424 4380  CLFS - ok
23:10:32.0471 4380  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:10:32.0502 4380  clr_optimization_v2.0.50727_32 - ok
23:10:32.0580 4380  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:10:32.0612 4380  clr_optimization_v4.0.30319_32 - ok
23:10:32.0627 4380  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
23:10:32.0627 4380  CmBatt - ok
23:10:32.0643 4380  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
23:10:32.0658 4380  cmdide - ok
23:10:32.0690 4380  [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG             C:\Windows\system32\Drivers\cng.sys
23:10:32.0721 4380  CNG - ok
23:10:32.0752 4380  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
23:10:32.0752 4380  Compbatt - ok
23:10:32.0783 4380  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
23:10:32.0830 4380  CompositeBus - ok
23:10:32.0846 4380  COMSysApp - ok
23:10:32.0861 4380  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
23:10:32.0877 4380  crcdisk - ok
23:10:32.0924 4380  [ 96C0E38905CFD788313BE8E11DAE3F2F ] CryptSvc        C:\Windows\system32\cryptsvc.dll
23:10:32.0986 4380  CryptSvc - ok
23:10:33.0033 4380  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
23:10:33.0111 4380  DcomLaunch - ok
23:10:33.0142 4380  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
23:10:33.0173 4380  defragsvc - ok
23:10:33.0204 4380  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
23:10:33.0220 4380  DfsC - ok
23:10:33.0236 4380  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
23:10:33.0267 4380  Dhcp - ok
23:10:33.0282 4380  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
23:10:33.0298 4380  discache - ok
23:10:33.0329 4380  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\DRIVERS\disk.sys
23:10:33.0329 4380  Disk - ok
23:10:33.0360 4380  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
23:10:33.0407 4380  Dnscache - ok
23:10:33.0454 4380  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
23:10:33.0532 4380  dot3svc - ok
23:10:33.0563 4380  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
23:10:33.0610 4380  DPS - ok
23:10:33.0641 4380  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
23:10:33.0672 4380  drmkaud - ok
23:10:33.0704 4380  [ B2C3F71B86E25C3DF78339DDB40A7562 ] dsNcAdpt        C:\Windows\system32\DRIVERS\dsNcAdpt.sys
23:10:33.0750 4380  dsNcAdpt - ok
23:10:33.0813 4380  [ E2FD9B848394F385E74D6137E1A7D95E ] dsNcService     C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
23:10:33.0875 4380  dsNcService - ok
23:10:33.0906 4380  [ 23F5D28378A160352BA8F817BD8C71CB ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
23:10:33.0953 4380  DXGKrnl - ok
23:10:33.0984 4380  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
23:10:34.0016 4380  EapHost - ok
23:10:34.0109 4380  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
23:10:34.0218 4380  ebdrv - ok
23:10:34.0250 4380  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
23:10:34.0296 4380  EFS - ok
23:10:34.0359 4380  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
23:10:34.0437 4380  ehRecvr - ok
23:10:34.0468 4380  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
23:10:34.0515 4380  ehSched - ok
23:10:34.0530 4380  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
23:10:34.0577 4380  elxstor - ok
23:10:34.0608 4380  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
23:10:34.0640 4380  ErrDev - ok
23:10:34.0655 4380  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
23:10:34.0702 4380  EventSystem - ok
23:10:34.0733 4380  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
23:10:34.0796 4380  exfat - ok
23:10:34.0874 4380  Fabs - ok
23:10:34.0889 4380  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
23:10:34.0952 4380  fastfat - ok
23:10:34.0967 4380  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
23:10:34.0983 4380  fdc - ok
23:10:34.0998 4380  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
23:10:35.0030 4380  fdPHost - ok
23:10:35.0045 4380  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
23:10:35.0076 4380  FDResPub - ok
23:10:35.0108 4380  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
23:10:35.0108 4380  FileInfo - ok
23:10:35.0123 4380  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
23:10:35.0139 4380  Filetrace - ok
23:10:35.0232 4380  [ FFF1130F7C9FA01D093A1EDFC5CCE8FC ] FirebirdServerMAGIXInstance C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe
23:10:35.0357 4380  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - warning
23:10:35.0357 4380  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic (1)
23:10:35.0373 4380  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
23:10:35.0373 4380  flpydisk - ok
23:10:35.0388 4380  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
23:10:35.0404 4380  FltMgr - ok
23:10:35.0435 4380  [ B3A5EC6B6B6673DB7E87C2BCDBDDC074 ] FontCache       C:\Windows\system32\FntCache.dll
23:10:35.0513 4380  FontCache - ok
23:10:35.0544 4380  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:10:35.0560 4380  FontCache3.0.0.0 - ok
23:10:35.0591 4380  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
23:10:35.0591 4380  FsDepends - ok
23:10:35.0622 4380  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
23:10:35.0638 4380  Fs_Rec - ok
23:10:35.0638 4380  [ 8A73E79089B282100B9393B644CB853B ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
23:10:35.0654 4380  fvevol - ok
23:10:35.0685 4380  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
23:10:35.0700 4380  gagp30kx - ok
23:10:35.0747 4380  [ 185ADA973B5020655CEE342059A86CBB ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
23:10:35.0763 4380  GEARAspiWDM - ok
23:10:35.0794 4380  [ 997527391DEC418DC62D784D848D73BE ] GigasetGenericUSB C:\Windows\system32\DRIVERS\GigasetGenericUSB.sys
23:10:35.0841 4380  GigasetGenericUSB - ok
23:10:35.0888 4380  [ 5EC1AEA1364DA15BAF7CDD83A3F3CB0D ] Gigusb          C:\Windows\system32\Drivers\Gigusb.sys
23:10:35.0919 4380  Gigusb ( UnsignedFile.Multi.Generic ) - warning
23:10:35.0919 4380  Gigusb - detected UnsignedFile.Multi.Generic (1)
23:10:36.0090 4380  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
23:10:36.0215 4380  gpsvc - ok
23:10:36.0262 4380  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
23:10:36.0293 4380  gupdate - ok
23:10:36.0309 4380  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
23:10:36.0309 4380  gupdatem - ok
23:10:36.0340 4380  [ C1B577B2169900F4CF7190C39F085794 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
23:10:36.0340 4380  gusvc - ok
23:10:36.0371 4380  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
23:10:36.0434 4380  hcw85cir - ok
23:10:36.0449 4380  [ 3530CAD25DEBA7DC7DE8BB51632CBC5F ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:10:36.0496 4380  HdAudAddService - ok
23:10:36.0543 4380  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
23:10:36.0590 4380  HDAudBus - ok
23:10:36.0605 4380  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
23:10:36.0636 4380  HidBatt - ok
23:10:36.0683 4380  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
23:10:36.0730 4380  HidBth - ok
23:10:36.0761 4380  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
23:10:36.0792 4380  HidIr - ok
23:10:36.0839 4380  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\system32\hidserv.dll
23:10:36.0870 4380  hidserv - ok
23:10:36.0917 4380  [ 25072FB35AC90B25F9E4E3BACF774102 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
23:10:36.0948 4380  HidUsb - ok
23:10:36.0964 4380  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
23:10:37.0011 4380  hkmsvc - ok
23:10:37.0042 4380  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
23:10:37.0089 4380  HomeGroupListener - ok
23:10:37.0136 4380  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
23:10:37.0167 4380  HomeGroupProvider - ok
23:10:37.0198 4380  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
23:10:37.0229 4380  HpSAMD - ok
23:10:37.0276 4380  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
23:10:37.0323 4380  HTTP - ok
23:10:37.0338 4380  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
23:10:37.0354 4380  hwpolicy - ok
23:10:37.0370 4380  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
23:10:37.0385 4380  i8042prt - ok
23:10:37.0416 4380  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
23:10:37.0432 4380  iaStorV - ok
23:10:37.0479 4380  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:10:37.0526 4380  idsvc - ok
23:10:37.0572 4380  [ 62DD2F604DD1571C4E32D480DB2AB99A ] IGDCTRL         C:\Program Files\1&1\IGDCTRL.EXE
23:10:37.0604 4380  IGDCTRL - ok
23:10:37.0619 4380  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
23:10:37.0635 4380  iirsp - ok
23:10:37.0666 4380  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
23:10:37.0697 4380  IKEEXT - ok
23:10:37.0791 4380  [ 97FA95E4F486F37D60AD3744D86F3D7E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
23:10:37.0869 4380  IntcAzAudAddService - ok
23:10:37.0884 4380  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
23:10:37.0900 4380  intelide - ok
23:10:37.0916 4380  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
23:10:37.0916 4380  intelppm - ok
23:10:37.0931 4380  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
23:10:37.0962 4380  IPBusEnum - ok
23:10:37.0962 4380  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:10:37.0994 4380  IpFilterDriver - ok
23:10:38.0025 4380  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
23:10:38.0072 4380  iphlpsvc - ok
23:10:38.0103 4380  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
23:10:38.0134 4380  IPMIDRV - ok
23:10:38.0165 4380  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
23:10:38.0212 4380  IPNAT - ok
23:10:38.0243 4380  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
23:10:38.0306 4380  IRENUM - ok
23:10:38.0321 4380  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
23:10:38.0337 4380  isapnp - ok
23:10:38.0352 4380  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
23:10:38.0368 4380  iScsiPrt - ok
23:10:38.0415 4380  [ BA82938F02E7DEFFD2B33C8E56348F68 ] IUAPIWDM        C:\Windows\system32\DRIVERS\IUAPIWDM.sys
23:10:38.0430 4380  IUAPIWDM ( UnsignedFile.Multi.Generic ) - warning
23:10:38.0430 4380  IUAPIWDM - detected UnsignedFile.Multi.Generic (1)
23:10:38.0446 4380  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
23:10:38.0477 4380  kbdclass - ok
23:10:38.0508 4380  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
23:10:38.0540 4380  kbdhid - ok
23:10:38.0571 4380  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
23:10:38.0571 4380  KeyIso - ok
23:10:38.0602 4380  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
23:10:38.0618 4380  KSecDD - ok
23:10:38.0633 4380  [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
23:10:38.0664 4380  KSecPkg - ok
23:10:38.0680 4380  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
23:10:38.0711 4380  KtmRm - ok
23:10:38.0758 4380  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\system32\srvsvc.dll
23:10:38.0836 4380  LanmanServer - ok
23:10:38.0852 4380  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:10:38.0883 4380  LanmanWorkstation - ok
23:10:38.0898 4380  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
23:10:38.0930 4380  lltdio - ok
23:10:38.0945 4380  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
23:10:38.0961 4380  lltdsvc - ok
23:10:38.0976 4380  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
23:10:39.0023 4380  lmhosts - ok
23:10:39.0054 4380  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
23:10:39.0054 4380  LSI_FC - ok
23:10:39.0086 4380  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
23:10:39.0101 4380  LSI_SAS - ok
23:10:39.0117 4380  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
23:10:39.0117 4380  LSI_SAS2 - ok
23:10:39.0132 4380  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
23:10:39.0148 4380  LSI_SCSI - ok
23:10:39.0148 4380  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
23:10:39.0179 4380  luafv - ok
23:10:39.0226 4380  [ 1A7DB7A00A4B0D8DA24CD691A4547291 ] LVPr2Mon        C:\Windows\system32\DRIVERS\LVPr2Mon.sys
23:10:39.0242 4380  LVPr2Mon - ok
23:10:39.0288 4380  [ 0DDFDCAA92C7F553328DB06BA599BEA9 ] LVPrcSrv        C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
23:10:39.0320 4380  LVPrcSrv - ok
23:10:39.0335 4380  [ BE5E104BE263921D6842C555DB6A5C23 ] LVUSBSta        C:\Windows\system32\drivers\LVUSBSta.sys
23:10:39.0351 4380  LVUSBSta - ok
23:10:39.0413 4380  [ 22A7776C5D8EB5930EDF9C8DD0884259 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.0.207\McCHSvc.exe
23:10:39.0444 4380  McComponentHostService - ok
23:10:39.0476 4380  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
23:10:39.0491 4380  Mcx2Svc - ok
23:10:39.0522 4380  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
23:10:39.0522 4380  megasas - ok
23:10:39.0554 4380  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
23:10:39.0585 4380  MegaSR - ok
23:10:39.0647 4380  [ 123271BD5237AB991DC5C21FDF8835EB ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
23:10:39.0678 4380  Microsoft Office Groove Audit Service - ok
23:10:39.0678 4380  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
23:10:39.0756 4380  MMCSS - ok
23:10:39.0928 4380  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
23:10:40.0006 4380  Modem - ok
23:10:40.0053 4380  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
23:10:40.0068 4380  monitor - ok
23:10:40.0146 4380  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\drivers\mouclass.sys
23:10:40.0178 4380  mouclass - ok
23:10:40.0209 4380  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
23:10:40.0271 4380  mouhid - ok
23:10:40.0318 4380  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
23:10:40.0334 4380  mountmgr - ok
23:10:40.0380 4380  [ 8C7336950F1E69CDFD811CBBD9CF00A2 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:10:40.0396 4380  MozillaMaintenance - ok
23:10:40.0458 4380  [ EE728AF83850DDAD9A3FCAC0AAB3AD97 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
23:10:40.0505 4380  MpFilter - ok
23:10:40.0521 4380  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
23:10:40.0536 4380  mpio - ok
23:10:40.0677 4380  [ A69630D039C38018689190234F866D77 ] MpKslf16bc0a2   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{486B991B-4F95-4049-B1D2-844E6C98B8C5}\MpKslf16bc0a2.sys
23:10:40.0692 4380  MpKslf16bc0a2 - ok
23:10:40.0708 4380  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
23:10:40.0755 4380  mpsdrv - ok
23:10:40.0786 4380  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
23:10:40.0848 4380  MpsSvc - ok
23:10:40.0880 4380  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
23:10:40.0895 4380  MRxDAV - ok
23:10:40.0926 4380  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
23:10:41.0004 4380  mrxsmb - ok
23:10:41.0036 4380  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:10:41.0082 4380  mrxsmb10 - ok
23:10:41.0098 4380  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:10:41.0114 4380  mrxsmb20 - ok
23:10:41.0160 4380  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
23:10:41.0176 4380  msahci - ok
23:10:41.0192 4380  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
23:10:41.0207 4380  msdsm - ok
23:10:41.0238 4380  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
23:10:41.0254 4380  MSDTC - ok
23:10:41.0270 4380  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
23:10:41.0285 4380  Msfs - ok
23:10:41.0285 4380  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
23:10:41.0316 4380  mshidkmdf - ok
23:10:41.0316 4380  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
23:10:41.0332 4380  msisadrv - ok
23:10:41.0348 4380  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
23:10:41.0379 4380  MSiSCSI - ok
23:10:41.0379 4380  msiserver - ok
23:10:41.0394 4380  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
23:10:41.0457 4380  MSKSSRV - ok
23:10:41.0519 4380  [ E077FCA2A7E79FB9BF67D3E30B5CE593 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
23:10:41.0566 4380  MsMpSvc - ok
23:10:41.0582 4380  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
23:10:41.0597 4380  MSPCLOCK - ok
23:10:41.0613 4380  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
23:10:41.0628 4380  MSPQM - ok
23:10:41.0628 4380  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
23:10:41.0644 4380  MsRPC - ok
23:10:41.0644 4380  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
23:10:41.0660 4380  mssmbios - ok
23:10:41.0675 4380  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
23:10:41.0691 4380  MSTEE - ok
23:10:41.0706 4380  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
23:10:41.0738 4380  MTConfig - ok
23:10:41.0738 4380  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
23:10:41.0753 4380  Mup - ok
23:10:41.0784 4380  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
23:10:41.0816 4380  napagent - ok
23:10:41.0847 4380  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
23:10:41.0878 4380  NativeWifiP - ok
23:10:41.0909 4380  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
23:10:41.0940 4380  NDIS - ok
23:10:41.0972 4380  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
23:10:41.0987 4380  NdisCap - ok
23:10:42.0003 4380  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
23:10:42.0018 4380  NdisTapi - ok
23:10:42.0034 4380  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
23:10:42.0050 4380  Ndisuio - ok
23:10:42.0096 4380  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
23:10:42.0112 4380  NdisWan - ok
23:10:42.0112 4380  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
23:10:42.0159 4380  NDProxy - ok
23:10:42.0174 4380  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
23:10:42.0190 4380  NetBIOS - ok
23:10:42.0237 4380  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
23:10:42.0299 4380  NetBT - ok
23:10:42.0315 4380  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
23:10:42.0330 4380  Netlogon - ok
23:10:42.0362 4380  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
23:10:42.0408 4380  Netman - ok
23:10:42.0424 4380  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
23:10:42.0471 4380  netprofm - ok
23:10:42.0518 4380  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
23:10:42.0518 4380  NetTcpPortSharing - ok
23:10:42.0564 4380  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
23:10:42.0626 4380  nfrd960 - ok
23:10:42.0736 4380  [ 2CD24A6AF497D0E9B9BF3DA924ED05E6 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
23:10:42.0769 4380  NisDrv - ok
23:10:42.0812 4380  [ 3B846434055F80D9E89D0742F3ADAD34 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
23:10:42.0838 4380  NisSrv - ok
23:10:42.0868 4380  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\Windows\System32\nlasvc.dll
23:10:42.0904 4380  NlaSvc - ok
23:10:42.0944 4380  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
23:10:42.0978 4380  Npfs - ok
23:10:42.0992 4380  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
23:10:43.0027 4380  nsi - ok
23:10:43.0034 4380  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
23:10:43.0078 4380  nsiproxy - ok
23:10:43.0147 4380  [ 0D87503986BB3DFED58E343FE39DDE13 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
23:10:43.0196 4380  Ntfs - ok
23:10:43.0208 4380  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
23:10:43.0227 4380  Null - ok
23:10:43.0248 4380  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
23:10:43.0258 4380  nvraid - ok
23:10:43.0290 4380  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
23:10:43.0301 4380  nvstor - ok
23:10:43.0326 4380  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
23:10:43.0336 4380  nv_agp - ok
23:10:43.0412 4380  [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:10:43.0453 4380  odserv - ok
23:10:43.0479 4380  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
23:10:43.0498 4380  ohci1394 - ok
23:10:43.0554 4380  [ 5A432A042DAE460ABE7199B758E8606C ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:10:43.0578 4380  ose - ok
23:10:43.0608 4380  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
23:10:43.0667 4380  p2pimsvc - ok
23:10:43.0689 4380  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
23:10:43.0747 4380  p2psvc - ok
23:10:43.0771 4380  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
23:10:43.0786 4380  Parport - ok
23:10:43.0816 4380  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
23:10:43.0831 4380  partmgr - ok
23:10:43.0858 4380  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
23:10:43.0931 4380  Parvdm - ok
23:10:44.0038 4380  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
23:10:44.0182 4380  PcaSvc - ok
23:10:44.0220 4380  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
23:10:44.0254 4380  pci - ok
23:10:44.0299 4380  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
23:10:44.0326 4380  pciide - ok
23:10:44.0337 4380  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
23:10:44.0355 4380  pcmcia - ok
23:10:44.0368 4380  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
23:10:44.0377 4380  pcw - ok
23:10:44.0402 4380  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
23:10:44.0428 4380  PEAUTH - ok
23:10:44.0485 4380  [ 3551190E9CF1EB4C0971BDEF4269CA25 ] PID_0928        C:\Windows\system32\DRIVERS\LV561AV.SYS
23:10:44.0516 4380  PID_0928 - ok
23:10:44.0585 4380  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
23:10:44.0674 4380  pla - ok
23:10:44.0706 4380  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
23:10:44.0732 4380  PlugPlay - ok
23:10:44.0746 4380  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
23:10:44.0774 4380  PNRPAutoReg - ok
23:10:44.0779 4380  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
23:10:44.0790 4380  PNRPsvc - ok
23:10:44.0818 4380  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
23:10:44.0855 4380  PolicyAgent - ok
23:10:44.0881 4380  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
23:10:44.0901 4380  Power - ok
23:10:44.0917 4380  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
23:10:44.0937 4380  PptpMiniport - ok
23:10:44.0962 4380  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
23:10:45.0006 4380  Processor - ok
23:10:45.0040 4380  Profos - ok
23:10:45.0083 4380  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
23:10:45.0164 4380  ProfSvc - ok
23:10:45.0182 4380  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
23:10:45.0227 4380  ProtectedStorage - ok
23:10:45.0257 4380  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
23:10:45.0325 4380  Psched - ok
23:10:45.0366 4380  [ A6A7AD767BF5141665F5C675F671B3E1 ] PSI_SVC_2       c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
23:10:45.0378 4380  PSI_SVC_2 - ok
23:10:45.0413 4380  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
23:10:45.0447 4380  ql2300 - ok
23:10:45.0465 4380  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
23:10:45.0475 4380  ql40xx - ok
23:10:45.0484 4380  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
23:10:45.0498 4380  QWAVE - ok
23:10:45.0508 4380  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
23:10:45.0518 4380  QWAVEdrv - ok
23:10:45.0529 4380  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
23:10:45.0548 4380  RasAcd - ok
23:10:45.0558 4380  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
23:10:45.0621 4380  RasAgileVpn - ok
23:10:45.0636 4380  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
23:10:45.0663 4380  RasAuto - ok
23:10:45.0667 4380  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
23:10:45.0689 4380  Rasl2tp - ok
23:10:45.0731 4380  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
23:10:45.0796 4380  RasMan - ok
23:10:45.0800 4380  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
23:10:45.0839 4380  RasPppoe - ok
23:10:45.0843 4380  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
23:10:45.0864 4380  RasSstp - ok
23:10:45.0881 4380  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
23:10:45.0901 4380  rdbss - ok
23:10:45.0929 4380  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
23:10:45.0939 4380  rdpbus - ok
23:10:45.0963 4380  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
23:10:45.0980 4380  RDPCDD - ok
23:10:46.0008 4380  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
23:10:46.0025 4380  RDPENCDD - ok
23:10:46.0035 4380  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
23:10:46.0052 4380  RDPREFMP - ok
23:10:46.0085 4380  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
23:10:46.0161 4380  RDPWD - ok
23:10:46.0180 4380  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
23:10:46.0214 4380  rdyboost - ok
23:10:46.0231 4380  [ 7B5E1419717FAC363A31CC302895217A ] RemoteAccess    C:\Windows\System32\mprdim.dll
23:10:46.0274 4380  RemoteAccess - ok
23:10:46.0291 4380  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
23:10:46.0325 4380  RemoteRegistry - ok
23:10:46.0366 4380  [ 4F4A4C09CC5BE58A76CAC1C337E004E6 ] RimUsb          C:\Windows\system32\Drivers\RimUsb.sys
23:10:46.0402 4380  RimUsb - ok
23:10:46.0440 4380  [ 3A5633AD615E2B15291BD0B1B97CCD8A ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial.sys
23:10:46.0477 4380  RimVSerPort - ok
23:10:46.0507 4380  [ 564297827D213F52C7A3A2FF749568CA ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys
23:10:46.0578 4380  ROOTMODEM - ok
23:10:46.0598 4380  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
23:10:46.0625 4380  RpcEptMapper - ok
23:10:46.0635 4380  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
23:10:46.0644 4380  RpcLocator - ok
23:10:46.0662 4380  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
23:10:46.0683 4380  RpcSs - ok
23:10:46.0699 4380  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
23:10:46.0719 4380  rspndr - ok
23:10:46.0764 4380  [ 5283B9A27FF230F2FF70D92451FF409A ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
23:10:46.0794 4380  RTL8167 - ok
23:10:46.0821 4380  [ 9CE8DEFFAFFCCBF473015D76AE8EE514 ] RTL8192su       C:\Windows\system32\DRIVERS\RTL8192su.sys
23:10:46.0846 4380  RTL8192su - ok
23:10:46.0862 4380  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
23:10:46.0871 4380  SamSs - ok
23:10:46.0908 4380  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
23:10:46.0936 4380  sbp2port - ok
23:10:46.0958 4380  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
23:10:46.0984 4380  SCardSvr - ok
23:10:46.0994 4380  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
23:10:47.0025 4380  scfilter - ok
23:10:47.0072 4380  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
23:10:47.0118 4380  Schedule - ok
23:10:47.0143 4380  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
23:10:47.0161 4380  SCPolicySvc - ok
23:10:47.0186 4380  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
23:10:47.0257 4380  SDRSVC - ok
23:10:47.0278 4380  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
23:10:47.0311 4380  secdrv - ok
23:10:47.0328 4380  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
23:10:47.0366 4380  seclogon - ok
23:10:47.0391 4380  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\System32\sens.dll
23:10:47.0454 4380  SENS - ok
23:10:47.0457 4380  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
23:10:47.0476 4380  SensrSvc - ok
23:10:47.0507 4380  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
23:10:47.0507 4380  Serenum - ok
23:10:47.0523 4380  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
23:10:47.0554 4380  Serial - ok
23:10:47.0585 4380  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
23:10:47.0585 4380  sermouse - ok
23:10:47.0632 4380  serviceIEConfig - ok
23:10:47.0679 4380  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
23:10:47.0726 4380  SessionEnv - ok
23:10:47.0757 4380  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
23:10:47.0804 4380  sffdisk - ok
23:10:47.0819 4380  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
23:10:47.0866 4380  sffp_mmc - ok
23:10:47.0882 4380  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
23:10:47.0897 4380  sffp_sd - ok
23:10:47.0913 4380  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
23:10:47.0928 4380  sfloppy - ok
23:10:47.0960 4380  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
23:10:47.0991 4380  SharedAccess - ok
23:10:48.0006 4380  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:10:48.0022 4380  ShellHWDetection - ok
23:10:48.0069 4380  [ A684CE1204C1375479B2EEB0FF85B774 ] siellif         C:\Windows\system32\Drivers\siellif.sys
23:10:48.0084 4380  siellif ( UnsignedFile.Multi.Generic ) - warning
23:10:48.0084 4380  siellif - detected UnsignedFile.Multi.Generic (1)
23:10:48.0100 4380  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
23:10:48.0131 4380  sisagp - ok
23:10:48.0162 4380  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
23:10:48.0162 4380  SiSRaid2 - ok
23:10:48.0194 4380  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
23:10:48.0209 4380  SiSRaid4 - ok
23:10:48.0256 4380  [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
23:10:48.0287 4380  SkypeUpdate - ok
23:10:48.0318 4380  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
23:10:48.0350 4380  Smb - ok
23:10:48.0365 4380  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
23:10:48.0365 4380  SNMPTRAP - ok
23:10:48.0381 4380  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
23:10:48.0381 4380  spldr - ok
23:10:48.0428 4380  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
23:10:48.0506 4380  Spooler - ok
23:10:48.0615 4380  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
23:10:48.0693 4380  sppsvc - ok
23:10:48.0724 4380  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
23:10:48.0740 4380  sppuinotify - ok
23:10:48.0771 4380  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
23:10:48.0833 4380  srv - ok
23:10:48.0880 4380  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
23:10:48.0942 4380  srv2 - ok
23:10:48.0958 4380  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
23:10:48.0974 4380  srvnet - ok
23:10:48.0989 4380  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
23:10:49.0036 4380  SSDPSRV - ok
23:10:49.0067 4380  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
23:10:49.0098 4380  SstpSvc - ok
23:10:49.0114 4380  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
23:10:49.0130 4380  stexstor - ok
23:10:49.0145 4380  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
23:10:49.0161 4380  StiSvc - ok
23:10:49.0239 4380  [ 251A1AED2D4A26A47C0A4A3058AAE4A8 ] supdate         C:\Program Files\Software\Update\SoftwareUpdate.exe
23:10:49.0301 4380  supdate - ok
23:10:49.0395 4380  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\drivers\swenum.sys
23:10:49.0473 4380  swenum - ok
23:10:49.0504 4380  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
23:10:49.0535 4380  swprv - ok
23:10:49.0566 4380  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
23:10:49.0598 4380  SysMain - ok
23:10:49.0598 4380  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:10:49.0629 4380  TabletInputService - ok
23:10:49.0660 4380  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
23:10:49.0691 4380  TapiSrv - ok
23:10:49.0707 4380  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
23:10:49.0738 4380  TBS - ok
23:10:49.0785 4380  [ E23A56F843E2AEBBB209D0ACCA73C640 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
23:10:49.0832 4380  Tcpip - ok
23:10:49.0847 4380  [ E23A56F843E2AEBBB209D0ACCA73C640 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
23:10:49.0863 4380  TCPIP6 - ok
23:10:49.0894 4380  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
23:10:49.0925 4380  tcpipreg - ok
23:10:49.0988 4380  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
23:10:50.0034 4380  TDPIPE - ok
23:10:50.0050 4380  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
23:10:50.0081 4380  TDTCP - ok
23:10:50.0112 4380  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
23:10:50.0175 4380  tdx - ok
23:10:50.0190 4380  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\drivers\termdd.sys
23:10:50.0206 4380  TermDD - ok
23:10:50.0253 4380  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
23:10:50.0284 4380  TermService - ok
23:10:50.0300 4380  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
23:10:50.0346 4380  Themes - ok
23:10:50.0362 4380  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
23:10:50.0393 4380  THREADORDER - ok
23:10:50.0409 4380  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
23:10:50.0424 4380  TrkWks - ok
23:10:50.0534 4380  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:10:50.0627 4380  TrustedInstaller - ok
23:10:50.0658 4380  [ 254BB140EEE3C59D6114C1A86B636877 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
23:10:50.0674 4380  tssecsrv - ok
23:10:50.0736 4380  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
23:10:50.0814 4380  TsUsbFlt - ok
23:10:50.0877 4380  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
23:10:50.0939 4380  tunnel - ok
23:10:50.0955 4380  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
23:10:50.0970 4380  uagp35 - ok
23:10:51.0002 4380  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
23:10:51.0033 4380  udfs - ok
23:10:51.0048 4380  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
23:10:51.0064 4380  UI0Detect - ok
23:10:51.0095 4380  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
23:10:51.0111 4380  uliagpkx - ok
23:10:51.0142 4380  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\drivers\umbus.sys
23:10:51.0173 4380  umbus - ok
23:10:51.0189 4380  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
23:10:51.0220 4380  UmPass - ok
23:10:51.0236 4380  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
23:10:51.0267 4380  upnphost - ok
23:10:51.0314 4380  [ D4FB6ECC60A428564BA8768B0E23C0FC ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
23:10:51.0329 4380  USBAAPL ( UnsignedFile.Multi.Generic ) - warning
23:10:51.0329 4380  USBAAPL - detected UnsignedFile.Multi.Generic (1)
23:10:51.0376 4380  [ 8455C4ED038EFD09E99327F9D2D48FFA ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
23:10:51.0392 4380  usbccgp - ok
23:10:51.0438 4380  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
23:10:51.0470 4380  usbcir - ok
23:10:51.0516 4380  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
23:10:51.0548 4380  usbehci - ok
23:10:51.0579 4380  [ 19999CA8E83F16D271AFC467B84718D7 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
23:10:51.0610 4380  usbfilter - ok
23:10:51.0641 4380  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
23:10:51.0672 4380  usbhub - ok
23:10:51.0688 4380  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
23:10:51.0704 4380  usbohci - ok
23:10:51.0844 4380  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
23:10:51.0922 4380  usbprint - ok
23:10:52.0000 4380  [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
23:10:52.0062 4380  usbscan - ok
23:10:52.0187 4380  [ D8889D56E0D27E57ED4591837FE71D27 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:10:52.0250 4380  USBSTOR - ok
23:10:52.0265 4380  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
23:10:52.0281 4380  usbuhci - ok
23:10:52.0296 4380  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
23:10:52.0328 4380  UxSms - ok
23:10:52.0343 4380  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
23:10:52.0374 4380  VaultSvc - ok
23:10:52.0406 4380  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
23:10:52.0421 4380  vdrvroot - ok
23:10:52.0452 4380  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
23:10:52.0515 4380  vds - ok
23:10:52.0530 4380  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
23:10:52.0546 4380  vga - ok
23:10:52.0562 4380  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
23:10:52.0577 4380  VgaSave - ok
23:10:52.0577 4380  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
23:10:52.0593 4380  vhdmp - ok
23:10:52.0624 4380  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
23:10:52.0624 4380  viaagp - ok
23:10:52.0655 4380  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
23:10:52.0655 4380  ViaC7 - ok
23:10:52.0671 4380  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
23:10:52.0686 4380  viaide - ok
23:10:52.0686 4380  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
23:10:52.0702 4380  volmgr - ok
23:10:52.0718 4380  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
23:10:52.0733 4380  volmgrx - ok
23:10:52.0749 4380  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
23:10:52.0764 4380  volsnap - ok
23:10:52.0796 4380  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
23:10:52.0827 4380  vsmraid - ok
23:10:52.0858 4380  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
23:10:52.0936 4380  VSS - ok
23:10:52.0952 4380  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
23:10:52.0967 4380  vwifibus - ok
23:10:52.0983 4380  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
23:10:52.0998 4380  vwififlt - ok
23:10:53.0014 4380  [ A3F04CBEA6C2A10E6CB01F8B47611882 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
23:10:53.0030 4380  vwifimp - ok
23:10:53.0045 4380  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
23:10:53.0076 4380  W32Time - ok
23:10:53.0092 4380  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
23:10:53.0123 4380  WacomPen - ok
23:10:53.0154 4380  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
23:10:53.0186 4380  WANARP - ok
23:10:53.0186 4380  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
23:10:53.0217 4380  Wanarpv6 - ok
23:10:53.0248 4380  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
23:10:53.0295 4380  wbengine - ok
23:10:53.0310 4380  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
23:10:53.0326 4380  WbioSrvc - ok
23:10:53.0357 4380  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
23:10:53.0388 4380  wcncsvc - ok
23:10:53.0404 4380  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:10:53.0451 4380  WcsPlugInService - ok
23:10:53.0482 4380  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\DRIVERS\wd.sys
23:10:53.0498 4380  Wd - ok
23:10:53.0529 4380  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
23:10:53.0560 4380  Wdf01000 - ok
23:10:53.0576 4380  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
23:10:53.0638 4380  WdiServiceHost - ok
23:10:53.0654 4380  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
23:10:53.0669 4380  WdiSystemHost - ok
23:10:53.0700 4380  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
23:10:53.0732 4380  WebClient - ok
23:10:53.0747 4380  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
23:10:53.0778 4380  Wecsvc - ok
23:10:53.0794 4380  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
23:10:53.0825 4380  wercplsupport - ok
23:10:53.0856 4380  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
23:10:53.0888 4380  WerSvc - ok
23:10:53.0919 4380  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
23:10:53.0934 4380  WfpLwf - ok
23:10:53.0950 4380  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
23:10:53.0950 4380  WIMMount - ok
23:10:54.0012 4380  [ 3FAE8F94296001C32EAB62CD7D82E0FD ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
23:10:54.0075 4380  WinDefend - ok
23:10:54.0075 4380  WinHttpAutoProxySvc - ok
23:10:54.0137 4380  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
23:10:54.0184 4380  Winmgmt - ok
23:10:54.0215 4380  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
23:10:54.0262 4380  WinRM - ok
23:10:54.0309 4380  [ A67E5F9A400F3BD1BE3D80613B45F708 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
23:10:54.0309 4380  WinUsb - ok
23:10:54.0340 4380  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
23:10:54.0371 4380  Wlansvc - ok
23:10:54.0402 4380  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
23:10:54.0449 4380  WmiAcpi - ok
23:10:54.0480 4380  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
23:10:54.0527 4380  wmiApSrv - ok
23:10:54.0621 4380  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
23:10:54.0746 4380  WMPNetworkSvc - ok
23:10:54.0761 4380  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
23:10:54.0808 4380  WPCSvc - ok
23:10:54.0839 4380  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
23:10:54.0917 4380  WPDBusEnum - ok
23:10:54.0933 4380  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
23:10:55.0011 4380  ws2ifsl - ok
23:10:55.0042 4380  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\System32\wscsvc.dll
23:10:55.0073 4380  wscsvc - ok
23:10:55.0073 4380  WSearch - ok
23:10:55.0151 4380  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
23:10:55.0245 4380  wuauserv - ok
23:10:55.0260 4380  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
23:10:55.0323 4380  WudfPf - ok
23:10:55.0370 4380  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
23:10:55.0416 4380  WUDFRd - ok
23:10:55.0463 4380  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
23:10:55.0526 4380  wudfsvc - ok
23:10:55.0541 4380  [ FF2D745B560F7C71B31F30F4D49F73D2 ] WwanSvc         C:\Windows\System32\wwansvc.dll
23:10:55.0588 4380  WwanSvc - ok
23:10:55.0635 4380  ================ Scan global ===============================
23:10:55.0650 4380  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
23:10:55.0697 4380  [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\Windows\system32\winsrv.dll
23:10:55.0728 4380  [ 93F86C5CCC37D70EA09CE5E76F3E4338 ] C:\Windows\system32\winsrv.dll
23:10:55.0806 4380  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
23:10:55.0994 4380  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
23:10:55.0994 4380  [Global] - ok
23:10:55.0994 4380  ================ Scan MBR ==================================
23:10:56.0025 4380  [ 4624822E540EC83CD0819525C65846BA ] \Device\Harddisk0\DR0
23:10:58.0458 4380  \Device\Harddisk0\DR0 - ok
23:10:58.0458 4380  ================ Scan VBR ==================================
23:10:58.0458 4380  [ 0ADCD0EB588D44BD4C70CAE75E35B383 ] \Device\Harddisk0\DR0\Partition1
23:10:58.0474 4380  \Device\Harddisk0\DR0\Partition1 - ok
23:10:58.0490 4380  [ 878BBDA660F8B2D3971C9BFF9EE7C850 ] \Device\Harddisk0\DR0\Partition2
23:10:58.0505 4380  \Device\Harddisk0\DR0\Partition2 - ok
23:10:58.0521 4380  [ E3D44A51B61605B1FB6375050A87CC54 ] \Device\Harddisk0\DR0\Partition3
23:10:58.0521 4380  \Device\Harddisk0\DR0\Partition3 - ok
23:10:58.0521 4380  ============================================================
23:10:58.0521 4380  Scan finished
23:10:58.0521 4380  ============================================================
23:10:58.0552 3688  Detected object count: 6
23:10:58.0552 3688  Actual detected object count: 6
23:11:22.0342 3688  BRA_Scheduler ( UnsignedFile.Multi.Generic ) - skipped by user
23:11:22.0342 3688  BRA_Scheduler ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:11:22.0342 3688  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - skipped by user
23:11:22.0358 3688  FirebirdServerMAGIXInstance ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:11:22.0358 3688  Gigusb ( UnsignedFile.Multi.Generic ) - skipped by user
23:11:22.0358 3688  Gigusb ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:11:22.0358 3688  IUAPIWDM ( UnsignedFile.Multi.Generic ) - skipped by user
23:11:22.0358 3688  IUAPIWDM ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:11:22.0358 3688  siellif ( UnsignedFile.Multi.Generic ) - skipped by user
23:11:22.0358 3688  siellif ( UnsignedFile.Multi.Generic ) - User select action: Skip 
23:11:22.0358 3688  USBAAPL ( UnsignedFile.Multi.Generic ) - skipped by user
23:11:22.0358 3688  USBAAPL ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Ist alles bislang sehr unauffällig

adwCleaner - Toolbars und ungewollte Start-/Suchseiten aufspüren

Downloade Dir bitte AdwCleaner auf deinen Desktop.

Falls der adwCleaner schon mal in der runtergeladen wurde, bitte die alte adwcleaner.exe löschen und neu runterladen!!

• Starte die adwcleaner.exe mit einem Doppelklick.
• Klicke auf Suche.
• Nach Ende des Suchlaufs öffnet sich eine Textdatei.
• Poste mir den Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner[Rx].txt. (x=fortlaufende Nummer)

Vielleicht ist die bisherige Übermittlung meiner posts natürlich auch aus dem Grund unauffällig, weil ich Dir nur den log file von Malwarebytes Anti-Rootkit 1.01.0.1011 nach dem zweiten Lauf übersandt habe!? (Der log file nach dem ersten scan enthielt 28 malware Anzeigen, die mit dem Neustart / Clean up natürlich entfernt wurden; macht das die Sache für Dich durchsichtiger?)
Nichtsdestoweniger, hier die Ergebnisse mit AdwCleaner:

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v2.104 - Datei am 03/01/2013 um 15:56:58 erstellt
# Aktualisiert am 29/12/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : strama - STRAMA-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\strama\Downloads\adwcleaner.exe
# Option [Suche]


**** [Dienste] ****

Gefunden : supdate

***** [Dateien / Ordner] *****

Datei Gefunden : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Datei Gefunden : C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml
Datei Gefunden : C:\Program Files\Mozilla Firefox\searchplugins\SearchResults.xml
Datei Gefunden : C:\Users\strama\AppData\Local\Temp\Searchqu.ini
Datei Gefunden : C:\Users\strama\AppData\Local\Temp\searchqutoolbar-manifest.xml
Datei Gefunden : C:\Users\strama\AppData\Roaming\Mozilla\Firefox\Profiles\rxfgip4i.default\searchplugins\Conduit.xml
Datei Gefunden : C:\Users\strama\AppData\Roaming\Mozilla\Firefox\Profiles\rxfgip4i.default\searchplugins\Search_Results.xml
Datei Gefunden : C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job
Datei Gefunden : C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job
Ordner Gefunden : C:\Program Files\BabylonToolbar
Ordner Gefunden : C:\Program Files\Boxore
Ordner Gefunden : C:\Program Files\Conduit
Ordner Gefunden : C:\Program Files\softonic-de3
Ordner Gefunden : C:\Program Files\Software
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\ProgramData\boost_interprocess
Ordner Gefunden : C:\ProgramData\Tarma Installer
Ordner Gefunden : C:\Users\strama\AppData\Local\Babylon
Ordner Gefunden : C:\Users\strama\AppData\Local\Conduit
Ordner Gefunden : C:\Users\strama\AppData\Local\Ilivid Player
Ordner Gefunden : C:\Users\strama\AppData\Local\Software
Ordner Gefunden : C:\Users\strama\AppData\Local\Temp\AskSearch
Ordner Gefunden : C:\Users\strama\AppData\Local\Temp\CT2319825
Ordner Gefunden : C:\Users\strama\AppData\Local\Temp\Iminent
Ordner Gefunden : C:\Users\strama\AppData\Local\Wajam
Ordner Gefunden : C:\Users\strama\AppData\LocalLow\BabylonToolbar
Ordner Gefunden : C:\Users\strama\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\strama\AppData\LocalLow\searchquband
Ordner Gefunden : C:\Users\strama\AppData\LocalLow\softonic-de3
Ordner Gefunden : C:\Users\strama\AppData\LocalLow\Toolbar4
Ordner Gefunden : C:\Users\strama\AppData\Roaming\Babylon
Ordner Gefunden : C:\Users\strama\AppData\Roaming\Mozilla\Firefox\Profiles\rxfgip4i.default\Conduit
Ordner Gefunden : C:\Users\strama\AppData\Roaming\Mozilla\Firefox\Profiles\rxfgip4i.default\ConduitCommon
Ordner Gefunden : C:\Users\strama\AppData\Roaming\Mozilla\Firefox\Profiles\rxfgip4i.default\ConduitEngine
Ordner Gefunden : C:\Users\strama\AppData\Roaming\Mozilla\Firefox\Profiles\rxfgip4i.default\CT2319825
Ordner Gefunden : C:\Users\strama\AppData\Roaming\Mozilla\Firefox\Profiles\rxfgip4i.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}
Ordner Gefunden : C:\Users\strama\AppData\Roaming\Mozilla\Firefox\Profiles\rxfgip4i.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}
Ordner Gefunden : C:\Users\strama\AppData\Roaming\Mozilla\Firefox\Profiles\rxfgip4i.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
Ordner Gefunden : C:\Windows\Installer\{D745B017-4336-4718-83A6-3AE1A9DE88C3}
Ordner Gefunden : C:\Windows\Installer\{D745B017-4336-4718-83A6-3AE1A9DE88C3}

***** [Registrierungsdatenbank] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\pdfforge
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\searchqutoolbar
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\softonic-de3
Schlüssel Gefunden : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gefunden : HKCU\Software\BabylonToolbar
Schlüssel Gefunden : HKCU\Software\Conduit
Schlüssel Gefunden : HKCU\Software\DataMngr
Schlüssel Gefunden : HKCU\Software\ilivid
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84CD526A-4E47-4F29-9DAD-D3BEC47E5848}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gefunden : HKCU\Software\Softonic
Schlüssel Gefunden : HKCU\Software\Toolbar
Schlüssel Gefunden : HKLM\Software\Babylon
Schlüssel Gefunden : HKLM\Software\BabylonToolbar
Schlüssel Gefunden : HKLM\Software\Bandoo
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{32451DFC-C23B-4E12-866C-FC7982238504}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\b
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{092A2C6B-43EE-4F9F-8F8E-14ED5E11C14B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{257A6158-1416-4B31-9BF8-29FF49F3814F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{32451DFC-C23B-4E12-866C-FC7982238504}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{42AEFAF9-09D6-4185-87AE-DEDF6E955CB4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{84CD526A-4E47-4F29-9DAD-D3BEC47E5848}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AC5C4189-A8A0-4C9D-8910-C9CEF8360077}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Features\64A6E60055D801F4BB8AC269354B72B8
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\Products\64A6E60055D801F4BB8AC269354B72B8
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{736EF78E-5A04-46F9-893E-EDEC6EA5DF45}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{7A1BCE27-099C-4628-B63A-AEC00C6376B3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{AF3AFF7C-B9E9-48DD-9002-212B6DEAAC02}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DBE82879-914A-422F-BAE9-2ECC80BE536F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E12D7149-73EF-45E4-A1E9-99FD7DAE62D3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F2B184F1-547C-4EE9-BFC4-AC489C7077D9}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/x-vnd.software.oneclickctrl.8
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Software.OneClickCtrl.8
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreClass
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreClass.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachine
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2319825
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar.CT2431245
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gefunden : HKLM\Software\Conduit
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Schlüssel Gefunden : HKLM\Software\Iminent
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{42AEFAF9-09D6-4185-87AE-DEDF6E955CB4}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{42AEFAF9-09D6-4185-87AE-DEDF6E955CB4}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{84CD526A-4E47-4F29-9DAD-D3BEC47E5848}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D745B017-4336-4718-83A6-3AE1A9DE88C3}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gefunden : HKLM\SOFTWARE\MozillaPlugins\@www.dlmanager.net/omaha/tools//Software Update;version=8
Schlüssel Gefunden : HKLM\SOFTWARE\MozillaPlugins\@www.dlmanager.net/omaha/tools//Software Update;version=8\
Schlüssel Gefunden : HKLM\Software\softonic-de3
Schlüssel Gefunden : HKLM\SOFTWARE\Software
Schlüssel Gefunden : HKLM\Software\Tarma Installer
Schlüssel Gefunden : HKLM\Software\Toolbar
Schlüssel Gefunden : HKU\S-1-5-21-3887269607-449999235-3499335998-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gefunden : HKU\S-1-5-21-3887269607-449999235-3499335998-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schlüssel Gefunden : HKU\S-1-5-21-3887269607-449999235-3499335998-1000\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Schlüssel Gefunden : HKU\S-1-5-21-3887269607-449999235-3499335998-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{40C3CC16-7269-4B32-9531-17F2950FB06F}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{40C3CC16-7269-4B32-9531-17F2950FB06F}]
Wert Gefunden : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{DFEFCDEE-CF1A-4FC8-88AD-129872198372}]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]
Wert Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [webbooster@iminent.com]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v17.0.1 (de)

Datei : C:\Users\strama\AppData\Roaming\Mozilla\Firefox\Profiles\rxfgip4i.default\prefs.js

Gefunden : user_pref("CT2319825..clientLogIsEnabled", false);
Gefunden : user_pref("CT2319825..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gefunden : user_pref("CT2319825..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gefunden : user_pref("CT2319825.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Gefunden : user_pref("CT2319825.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gefunden : user_pref("CT2319825.CTID", "CT2319825");
Gefunden : user_pref("CT2319825.CurrentServerDate", "2-1-2013");
Gefunden : user_pref("CT2319825.DialogsAlignMode", "LTR");
Gefunden : user_pref("CT2319825.DialogsGetterLastCheckTime", "Sun Dec 30 2012 15:38:03 GMT+0100");
Gefunden : user_pref("CT2319825.DownloadReferralCookieData", "");
Gefunden : user_pref("CT2319825.EMailNotifierPollDate", "Thu Jul 29 2010 17:42:53 GMT+0200");
Gefunden : user_pref("CT2319825.FeedLastCount128902288263982011", 102);
Gefunden : user_pref("CT2319825.FeedLastCount129056115025381886", 10);
Gefunden : user_pref("CT2319825.FeedPollDate11908299", "Thu Jul 29 2010 17:22:53 GMT+0200");
Gefunden : user_pref("CT2319825.FeedPollDate128902288263982011", "Thu Jul 29 2010 17:22:49 GMT+0200");
Gefunden : user_pref("CT2319825.FeedPollDate129056115025381886", "Thu Jul 29 2010 17:22:49 GMT+0200");
Gefunden : user_pref("CT2319825.FeedPollDate129228016461601757", "Thu Jul 29 2010 17:22:48 GMT+0200");
Gefunden : user_pref("CT2319825.FeedPollDate129228019840048158", "Thu Jul 29 2010 17:22:49 GMT+0200");
Gefunden : user_pref("CT2319825.FeedPollDate129228021559110981", "Thu Jul 29 2010 17:22:48 GMT+0200");
Gefunden : user_pref("CT2319825.FeedPollDate129228022849107630", "Thu Jul 29 2010 17:22:49 GMT+0200");
Gefunden : user_pref("CT2319825.FirstServerDate", "29-7-2010");
Gefunden : user_pref("CT2319825.FirstTime", true);
Gefunden : user_pref("CT2319825.FirstTimeFF3", true);
Gefunden : user_pref("CT2319825.FirstTimeSettingsDone", true);
Gefunden : user_pref("CT2319825.FixPageNotFoundErrors", true);
Gefunden : user_pref("CT2319825.GroupingServerCheckInterval", 1440);
Gefunden : user_pref("CT2319825.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gefunden : user_pref("CT2319825.HasUserGlobalKeys", true);
Gefunden : user_pref("CT2319825.Initialize", true);
Gefunden : user_pref("CT2319825.InitializeCommonPrefs", true);
Gefunden : user_pref("CT2319825.InstallationAndCookieDataSentCount", 3);
Gefunden : user_pref("CT2319825.InstallationType", "Unknown");
Gefunden : user_pref("CT2319825.InstalledDate", "Thu Jul 29 2010 14:44:41 GMT+0200");
Gefunden : user_pref("CT2319825.InvalidateCache", false);
Gefunden : user_pref("CT2319825.IsGrouping", false);
Gefunden : user_pref("CT2319825.IsMulticommunity", false);
Gefunden : user_pref("CT2319825.IsOpenThankYouPage", false);
Gefunden : user_pref("CT2319825.IsOpenUninstallPage", true);
Gefunden : user_pref("CT2319825.LanguagePackLastCheckTime", "Wed Jan 02 2013 12:25:28 GMT+0100");
Gefunden : user_pref("CT2319825.LanguagePackReloadIntervalMM", 1440);
Gefunden : user_pref("CT2319825.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gefunden : user_pref("CT2319825.LastLogin_2.7.1.3", "Thu Jul 29 2010 14:44:43 GMT+0200");
Gefunden : user_pref("CT2319825.LastLogin_3.14.1.0", "Tue Aug 21 2012 18:30:10 GMT+0200");
Gefunden : user_pref("CT2319825.LastLogin_3.15.1.0", "Thu Nov 15 2012 18:53:35 GMT+0100");
Gefunden : user_pref("CT2319825.LastLogin_3.16.0.3", "Wed Jan 02 2013 12:25:28 GMT+0100");
Gefunden : user_pref("CT2319825.LatestVersion", "3.16.0.3");
Gefunden : user_pref("CT2319825.Locale", "de");
Gefunden : user_pref("CT2319825.LoginCache", 4);
Gefunden : user_pref("CT2319825.MCDetectTooltipHeight", "83");
Gefunden : user_pref("CT2319825.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gefunden : user_pref("CT2319825.MCDetectTooltipWidth", "295");
Gefunden : user_pref("CT2319825.MyStuffEnabledAtInstallation", true);
Gefunden : user_pref("CT2319825.RadioIsPodcast", false);
Gefunden : user_pref("CT2319825.RadioLastCheckTime", "Thu Jul 29 2010 14:44:45 GMT+0200");
Gefunden : user_pref("CT2319825.RadioLastUpdateIPServer", "3");
Gefunden : user_pref("CT2319825.RadioLastUpdateServer", "129224641269630000");
Gefunden : user_pref("CT2319825.RadioMediaID", "11949532");
Gefunden : user_pref("CT2319825.RadioMediaType", "Media Player");
Gefunden : user_pref("CT2319825.RadioMenuSelectedID", "EBRadioMenu_CT231982511949532");
Gefunden : user_pref("CT2319825.RadioStationName", "1Live");
Gefunden : user_pref("CT2319825.RadioStationURL", "hxxp://gffstream.ic.llnwd.net/stream/gffstream_stream_wdr_ei[...]
Gefunden : user_pref("CT2319825.SHRINK_TOOLBAR", 1);
Gefunden : user_pref("CT2319825.SavedHomepage", "hxxp://www.sueddeutsche.de");
Gefunden : user_pref("CT2319825.SearchEngine", "Suchen||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Gefunden : user_pref("CT2319825.SearchFromAddressBarIsInit", true);
Gefunden : user_pref("CT2319825.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT231[...]
Gefunden : user_pref("CT2319825.SearchInNewTabEnabled", true);
Gefunden : user_pref("CT2319825.SearchInNewTabIntervalMM", 1440);
Gefunden : user_pref("CT2319825.SearchInNewTabLastCheckTime", "Wed Jan 02 2013 12:25:26 GMT+0100");
Gefunden : user_pref("CT2319825.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gefunden : user_pref("CT2319825.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gefunden : user_pref("CT2319825.ServiceMapLastCheckTime", "Wed Jan 02 2013 12:25:28 GMT+0100");
Gefunden : user_pref("CT2319825.SettingsCheckIntervalMin", 120);
Gefunden : user_pref("CT2319825.SettingsLastCheckTime", "Wed Jan 02 2013 12:25:25 GMT+0100");
Gefunden : user_pref("CT2319825.SettingsLastUpdate", "1357115052");
Gefunden : user_pref("CT2319825.ThirdPartyComponentsInterval", 504);
Gefunden : user_pref("CT2319825.ThirdPartyComponentsLastCheck", "Thu Jul 29 2010 14:44:39 GMT+0200");
Gefunden : user_pref("CT2319825.ThirdPartyComponentsLastUpdate", "1255348257");
Gefunden : user_pref("CT2319825.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2319825");
Gefunden : user_pref("CT2319825.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Gefunden : user_pref("CT2319825.UserID", "UN87638595347192937");
Gefunden : user_pref("CT2319825.ValidationData_Toolbar", 1);
Gefunden : user_pref("CT2319825.WeatherNetwork", "");
Gefunden : user_pref("CT2319825.WeatherPollDate", "Thu Jul 29 2010 17:22:53 GMT+0200");
Gefunden : user_pref("CT2319825.WeatherUnit", "C");
Gefunden : user_pref("CT2319825.alertChannelId", "715912");
Gefunden : user_pref("CT2319825.autoDisableScopes", 10);
Gefunden : user_pref("CT2319825.backendstorage.shpngrd_evnts", "31");
Gefunden : user_pref("CT2319825.backendstorage.shpngrdglblcfg", "7B202772656627203A2027776E6C64272C2027636E7472[...]
Gefunden : user_pref("CT2319825.clientLogIsEnabled", true);
Gefunden : user_pref("CT2319825.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Gefunden : user_pref("CT2319825.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Gefunden : user_pref("CT2319825.homepageProtectorEnableByLogin", true);
Gefunden : user_pref("CT2319825.initDone", true);
Gefunden : user_pref("CT2319825.myStuffEnabled", true);
Gefunden : user_pref("CT2319825.myStuffPublihserMinWidth", 400);
Gefunden : user_pref("CT2319825.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gefunden : user_pref("CT2319825.myStuffServiceIntervalMM", 1440);
Gefunden : user_pref("CT2319825.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gefunden : user_pref("CT2319825.revertSettingsEnabled", true);
Gefunden : user_pref("CT2319825.searchProtectorDialogDelayInSec", 10);
Gefunden : user_pref("CT2319825.searchProtectorEnableByLogin", true);
Gefunden : user_pref("CT2319825.testingCtid", "");
Gefunden : user_pref("CT2319825.toolbarAppMetaDataLastCheckTime", "Wed Jan 02 2013 12:25:28 GMT+0100");
Gefunden : user_pref("CT2319825.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Gefunden : user_pref("CT2319825.usagesFlag", 2);
Gefunden : user_pref("CT2431245.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gefunden : user_pref("CT2431245.CTID", "CT2431245");
Gefunden : user_pref("CT2431245.CurrentServerDate", "21-7-2010");
Gefunden : user_pref("CT2431245.DialogsAlignMode", "LTR");
Gefunden : user_pref("CT2431245.DownloadReferralCookieData", "");
Gefunden : user_pref("CT2431245.EMailNotifierPollDate", "Wed Jul 21 2010 20:11:59 GMT+0200");
Gefunden : user_pref("CT2431245.FeedLastCount129009402595187825", 229);
Gefunden : user_pref("CT2431245.FeedPollDate7470634014180506963", "Wed Jul 21 2010 19:52:56 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634014269327586", "Wed Jul 21 2010 19:52:55 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634014329599698", "Wed Jul 21 2010 19:52:55 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634014537505092", "Wed Jul 21 2010 19:52:55 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634014970726540", "Wed Jul 21 2010 19:52:56 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634015410831318", "Wed Jul 21 2010 19:52:57 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634015483395460", "Wed Jul 21 2010 19:52:56 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634015636754705", "Wed Jul 21 2010 19:52:56 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634015768347545", "Wed Jul 21 2010 19:52:56 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634015855543602", "Wed Jul 21 2010 19:52:55 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634016030710453", "Wed Jul 21 2010 19:52:55 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634016114705611", "Wed Jul 21 2010 19:52:57 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634016129205152", "Wed Jul 21 2010 19:52:57 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634016143724791", "Wed Jul 21 2010 19:52:57 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634016271239162", "Wed Jul 21 2010 19:52:57 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634016568520719", "Wed Jul 21 2010 19:52:56 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634016726993788", "Wed Jul 21 2010 19:52:55 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634017109031809", "Wed Jul 21 2010 19:52:56 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634017132743740", "Wed Jul 21 2010 19:52:56 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634017299547668", "Wed Jul 21 2010 19:52:57 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634017302327846", "Wed Jul 21 2010 19:52:56 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634017344111490", "Wed Jul 21 2010 19:52:56 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634017478360748", "Wed Jul 21 2010 19:52:57 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634017732797593", "Wed Jul 21 2010 19:52:55 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634017821686064", "Wed Jul 21 2010 19:52:57 GMT+0200");
Gefunden : user_pref("CT2431245.FeedPollDate7470634018090228721", "Wed Jul 21 2010 19:52:57 GMT+0200");
Gefunden : user_pref("CT2431245.FeedTTL7470634016568520719", 30);
Gefunden : user_pref("CT2431245.FirstServerDate", "21-7-2010");
Gefunden : user_pref("CT2431245.FirstTime", true);
Gefunden : user_pref("CT2431245.FirstTimeFF3", true);
Gefunden : user_pref("CT2431245.FirstTimeSettingsDone", true);
Gefunden : user_pref("CT2431245.FixPageNotFoundErrors", true);
Gefunden : user_pref("CT2431245.GroupingServerCheckInterval", 1440);
Gefunden : user_pref("CT2431245.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gefunden : user_pref("CT2431245.Initialize", true);
Gefunden : user_pref("CT2431245.InitializeCommonPrefs", true);
Gefunden : user_pref("CT2431245.InstallationAndCookieDataSentCount", 3);
Gefunden : user_pref("CT2431245.InstallationType", "UnknownIntegration");
Gefunden : user_pref("CT2431245.InstalledDate", "Wed Jul 21 2010 08:59:12 GMT+0200");
Gefunden : user_pref("CT2431245.InvalidateCache", false);
Gefunden : user_pref("CT2431245.IsGrouping", false);
Gefunden : user_pref("CT2431245.IsMulticommunity", false);
Gefunden : user_pref("CT2431245.IsOpenThankYouPage", false);
Gefunden : user_pref("CT2431245.IsOpenUninstallPage", true);
Gefunden : user_pref("CT2431245.LanguagePackLastCheckTime", "Wed Jul 21 2010 08:59:14 GMT+0200");
Gefunden : user_pref("CT2431245.LanguagePackReloadIntervalMM", 1440);
Gefunden : user_pref("CT2431245.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gefunden : user_pref("CT2431245.LastLogin_2.7.1.3", "Wed Jul 21 2010 08:59:14 GMT+0200");
Gefunden : user_pref("CT2431245.LatestVersion", "2.1.0.18");
Gefunden : user_pref("CT2431245.Locale", "de-de");
Gefunden : user_pref("CT2431245.LoginCache", 4);
Gefunden : user_pref("CT2431245.MCDetectTooltipHeight", "83");
Gefunden : user_pref("CT2431245.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gefunden : user_pref("CT2431245.MCDetectTooltipWidth", "295");
Gefunden : user_pref("CT2431245.RadioIsPodcast", false);
Gefunden : user_pref("CT2431245.RadioLastCheckTime", "Wed Jul 21 2010 08:59:31 GMT+0200");
Gefunden : user_pref("CT2431245.RadioLastUpdateIPServer", "3");
Gefunden : user_pref("CT2431245.RadioLastUpdateServer", "129167771525870000");
Gefunden : user_pref("CT2431245.RadioMediaID", "20503672");
Gefunden : user_pref("CT2431245.RadioMediaType", "Media Player");
Gefunden : user_pref("CT2431245.RadioMenuSelectedID", "EBRadioMenu_CT243124520503672");
Gefunden : user_pref("CT2431245.RadioStationName", "Team%20Radio%20Deutschland");
Gefunden : user_pref("CT2431245.RadioStationURL", "hxxp://trd.stream.w-u-s.org:6666/dsl.m3u");
Gefunden : user_pref("CT2431245.SHRINK_TOOLBAR", 1);
Gefunden : user_pref("CT2431245.SavedHomepage", "hxxp://de.msn.com/");
Gefunden : user_pref("CT2431245.SearchEngine", "Suchen||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Gefunden : user_pref("CT2431245.SearchFromAddressBarIsInit", true);
Gefunden : user_pref("CT2431245.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT243[...]
Gefunden : user_pref("CT2431245.SearchInNewTabEnabled", true);
Gefunden : user_pref("CT2431245.SearchInNewTabIntervalMM", 1440);
Gefunden : user_pref("CT2431245.SearchInNewTabLastCheckTime", "Wed Jul 21 2010 08:59:17 GMT+0200");
Gefunden : user_pref("CT2431245.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gefunden : user_pref("CT2431245.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gefunden : user_pref("CT2431245.SettingsCheckIntervalMin", 120);
Gefunden : user_pref("CT2431245.SettingsLastCheckTime", "Wed Jul 21 2010 19:52:54 GMT+0200");
Gefunden : user_pref("CT2431245.SettingsLastUpdate", "1279118128");
Gefunden : user_pref("CT2431245.ThirdPartyComponentsInterval", 504);
Gefunden : user_pref("CT2431245.ThirdPartyComponentsLastCheck", "Wed Jul 21 2010 08:59:07 GMT+0200");
Gefunden : user_pref("CT2431245.ThirdPartyComponentsLastUpdate", "1279118128");
Gefunden : user_pref("CT2431245.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Gefunden : user_pref("CT2431245.UserID", "UN05811928869299376");
Gefunden : user_pref("CT2431245.ValidationData_Toolbar", 1);
Gefunden : user_pref("CT2431245.WeatherNetwork", "");
Gefunden : user_pref("CT2431245.WeatherPollDate", "Wed Jul 21 2010 19:52:56 GMT+0200");
Gefunden : user_pref("CT2431245.WeatherUnit", "C");
Gefunden : user_pref("CT2431245.alertChannelId", "825452");
Gefunden : user_pref("CT2431245.backendstorage.hxxp://cmg1_conduit-widgets_com/pitsi.state", "4F50454E");
Gefunden : user_pref("CT2431245.clientLogIsEnabled", false);
Gefunden : user_pref("CT2431245.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Gefunden : user_pref("CT2431245.myStuffEnabled", true);
Gefunden : user_pref("CT2431245.myStuffPublihserMinWidth", 400);
Gefunden : user_pref("CT2431245.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gefunden : user_pref("CT2431245.myStuffServiceIntervalMM", 1440);
Gefunden : user_pref("CT2431245.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gefunden : user_pref("CT2431245.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2319825/CT2319825[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"")[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2319825", [...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2319825",[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Gefunden : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de", "\"c2d[...]
Gefunden : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Gefunden : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Gefunden : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Gefunden : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Gefunden : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Gefunden : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Gefunden : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Gefunden : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://www.bing.com/search?FORM=VE3D01&q[...]
Gefunden : user_pref("CommunityToolbar.ToolbarsList", "CT2431245,CT2319825,ConduitEngine");
Gefunden : user_pref("CommunityToolbar.ToolbarsList2", "CT2431245,CT2319825");
Gefunden : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Gefunden : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Jan 03 2011 20:02:48 GMT+0100");
Gefunden : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gefunden : user_pref("CommunityToolbar.alert.locale", "en");
Gefunden : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Gefunden : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Jan 03 2011 20:02:34 GMT+0100");
Gefunden : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291052234");
Gefunden : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Gefunden : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gefunden : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Gefunden : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Gefunden : user_pref("CommunityToolbar.alert.userId", "3a396b0c-5970-4895-a092-e043a0347a96");
Gefunden : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Jul 29 2010 14:44:44 GMT+0200");
Gefunden : user_pref("CommunityToolbar.globalUserId", "5204f17c-047a-4fb3-987b-9b17b4404f49");
Gefunden : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2319825");
Gefunden : user_pref("ConduitEngine.CTID", "ConduitEngine");
Gefunden : user_pref("ConduitEngine.FirstServerDate", "01/03/2011 22");
Gefunden : user_pref("ConduitEngine.FirstTime", true);
Gefunden : user_pref("ConduitEngine.FirstTimeFF3", true);
Gefunden : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Gefunden : user_pref("ConduitEngine.Initialize", true);
Gefunden : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Gefunden : user_pref("ConduitEngine.InstalledDate", "Mon Jan 03 2011 20:02:36 GMT+0100");
Gefunden : user_pref("ConduitEngine.IsMulticommunity", false);
Gefunden : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Gefunden : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Gefunden : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Mon Jan 03 2011 20:02:36 GMT+0100");
Gefunden : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Mon Jan 03 2011 20:02:36 GMT+0100");
Gefunden : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Gefunden : user_pref("ConduitEngine.SettingsLastCheckTime", "Mon Jan 03 2011 20:02:36 GMT+0100");
Gefunden : user_pref("ConduitEngine.UserID", "UN98693216102669472");
Gefunden : user_pref("ConduitEngine.componentAlertEnabled", true);
Gefunden : user_pref("ConduitEngine.engineLocale", "de");
Gefunden : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Mon Jan 03 2011 20:02:36 GMT+0100");
Gefunden : user_pref("ConduitEngine.initDone", true);
Gefunden : user_pref("browser.search.defaultengine", "Ask.com");
Gefunden : user_pref("browser.search.defaultthis.engineName", "Winload Customized Web Search");
Gefunden : user_pref("browser.search.order.1", "Search Results");
Gefunden : user_pref("extensions.BabylonToolbar.admin", false);
Gefunden : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Gefunden : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Gefunden : user_pref("extensions.BabylonToolbar.bbDpng", 27);
Gefunden : user_pref("extensions.BabylonToolbar.cntry", "DE");
Gefunden : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Gefunden : user_pref("extensions.BabylonToolbar.dfltSrch", true);
Gefunden : user_pref("extensions.BabylonToolbar.excTlbr", false);
Gefunden : user_pref("extensions.BabylonToolbar.firstRun", false);
Gefunden : user_pref("extensions.BabylonToolbar.hdrMd5", "82C010E91111F1BAA73D0C9CA6E3BA87");
Gefunden : user_pref("extensions.BabylonToolbar.hmpg", true);
Gefunden : user_pref("extensions.BabylonToolbar.id", "a03a8f6200000000000000ff9818f287");
Gefunden : user_pref("extensions.BabylonToolbar.instlDay", "15675");
Gefunden : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Gefunden : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?AF=109101&babsrc=adbar[...]
Gefunden : user_pref("extensions.BabylonToolbar.lastActv", "22");
Gefunden : user_pref("extensions.BabylonToolbar.lastDP", 27);
Gefunden : user_pref("extensions.BabylonToolbar.lastVrsn", "1.1.5");
Gefunden : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.8.3.819:49:10");
Gefunden : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "15.0");
Gefunden : user_pref("extensions.BabylonToolbar.newTab", true);
Gefunden : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?AF=109101&babsrc=NT_ss&[...]
Gefunden : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Gefunden : user_pref("extensions.BabylonToolbar.propectorlck", 92604951);
Gefunden : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Gefunden : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Gefunden : user_pref("extensions.BabylonToolbar.sg", "czb");
Gefunden : user_pref("extensions.BabylonToolbar.smplGrp", "czb");
Gefunden : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Gefunden : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Gefunden : user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8");
Gefunden : user_pref("extensions.BabylonToolbar.vrsnTs", "1.8.3.819:49:10");
Gefunden : user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8");
Gefunden : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Gefunden : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.819:49:10");
Gefunden : user_pref("extensions.wajam.affiliate_id", "6447");
Gefunden : user_pref("extensions.wajam.firstrun", "false");
Gefunden : user_pref("extensions.wajam.log_send_info", "false");
Gefunden : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21083\",\"supported_sites\":{\[...]
Gefunden : user_pref("extensions.wajam.no_trace", "false");
Gefunden : user_pref("extensions.wajam.server_current_mapping_version", "0.21083");
Gefunden : user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABE[...]
Gefunden : user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME[...]
Gefunden : user_pref("extensions.wajam.supported_sites.yahoo.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wa[...]
Gefunden : user_pref("extensions.wajam.trace_log", "1346604590069 - processInstallationUpgrade - version set to[...]
Gefunden : user_pref("extensions.wajam.unique_id", "8F0B7D26DE4D0F57520FA72039FB6C0D");
Gefunden : user_pref("extensions.wajam.user_current_mapping_version", "0");
Gefunden : user_pref("extensions.wajam.version", "1.25");
Gefunden : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&q=");

-\\ Google Chrome v23.0.1271.97

Datei : C:\Users\strama\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [50367 octets] - [03/01/2013 15:56:58]

########## EOF - C:\AdwCleaner[R1].txt - [50428 octets] ##########
         

adwCleaner - Toolbars und ungewollte Start-/Suchseiten entfernen

• Schließe alle offenen Programme und Browser.
• Starte die adwcleaner.exe mit einem Doppelklick.
• Klicke auf Löschen.
• Bestätige jeweils mit Ok.
• Dein Rechner wird neu gestartet. Nach dem Neustart öffnet sich eine Textdatei.
• Poste mir den Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner[Sx].txt. (x=fortlaufende Nummer)

Danach eine Kontrolle mit OTL bitte:

• Doppelklick auf die OTL.exe
• Vista User: Rechtsklick auf die OTL.exe und "als Administrator ausführen" wählen
• Setze oben mittig den Haken bei Scanne alle Benutzer
• Oben findest Du ein Kästchen mit Output. Wähle bitte Minimal Output
• Unter Extra Registry, wähle bitte Use SafeList
• Klicke nun auf Run Scan links oben
• Wenn der Scan beendet wurde werden 2 Logfiles erstellt
• Poste die Logfiles in CODE-Tags hier in den Thread.

Ich bekomme beim "CODE posten" der OTL.txt und Extras.txt eine Fehlermeldung "Datei ist zu groß"; der anschließende Versuch den Inhalt als Datei hochzuladen erzeugt die gleiche Fehlermeldung.
Was tun?

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v2.104 - Datei am 03/01/2013 um 16:08:46 erstellt
# Aktualisiert am 29/12/2012 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzer : strama - STRAMA-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\strama\Downloads\adwcleaner.exe
# Option [Löschen]


**** [Dienste] ****

Gestoppt & Gelöscht : supdate

***** [Dateien / Ordner] *****

Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
Datei Gelöscht : C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml
Datei Gelöscht : C:\Program Files\Mozilla Firefox\searchplugins\SearchResults.xml
Datei Gelöscht : C:\Users\strama\AppData\Local\Temp\Searchqu.ini
Datei Gelöscht : C:\Users\strama\AppData\Local\Temp\searchqutoolbar-manifest.xml
Datei Gelöscht : C:\Users\strama\AppData\Roaming\Mozilla\Firefox\Profiles\rxfgip4i.default\searchplugins\Conduit.xml
Datei Gelöscht : C:\Users\strama\AppData\Roaming\Mozilla\Firefox\Profiles\rxfgip4i.default\searchplugins\Search_Results.xml
Datei Gelöscht : C:\Windows\Tasks\SoftwareUpdateTaskMachineCore.job
Datei Gelöscht : C:\Windows\Tasks\SoftwareUpdateTaskMachineUA.job
Ordner Gelöscht : C:\Program Files\BabylonToolbar
Ordner Gelöscht : C:\Program Files\Boxore
Ordner Gelöscht : C:\Program Files\Conduit
Ordner Gelöscht : C:\Program Files\softonic-de3
Ordner Gelöscht : C:\Program Files\Software
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Users\strama\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\strama\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\strama\AppData\Local\Ilivid Player
Ordner Gelöscht : C:\Users\strama\AppData\Local\Software
Ordner Gelöscht : C:\Users\strama\AppData\Local\Temp\AskSearch
Ordner Gelöscht : C:\Users\strama\AppData\Local\Temp\CT2319825
Ordner Gelöscht : C:\Users\strama\AppData\Local\Temp\Iminent
Ordner Gelöscht : C:\Users\strama\AppData\Local\Wajam
Ordner Gelöscht : C:\Users\strama\AppData\LocalLow\BabylonToolbar
Ordner Gelöscht : C:\Users\strama\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\strama\AppData\LocalLow\searchquband
Ordner Gelöscht : C:\Users\strama\AppData\LocalLow\softonic-de3
Ordner Gelöscht : C:\Users\strama\AppData\LocalLow\Toolbar4
Ordner Gelöscht : C:\Users\strama\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\strama\AppData\Roaming\Mozilla\Firefox\Profiles\rxfgip4i.default\Conduit
Ordner Gelöscht : C:\Users\strama\AppData\Roaming\Mozilla\Firefox\Profiles\rxfgip4i.default\ConduitCommon
Ordner Gelöscht : C:\Users\strama\AppData\Roaming\Mozilla\Firefox\Profiles\rxfgip4i.default\ConduitEngine
Ordner Gelöscht : C:\Users\strama\AppData\Roaming\Mozilla\Firefox\Profiles\rxfgip4i.default\CT2319825
Ordner Gelöscht : C:\Users\strama\AppData\Roaming\Mozilla\Firefox\Profiles\rxfgip4i.default\extensions\{40c3cc16-7269-4b32-9531-17f2950fb06f}
Ordner Gelöscht : C:\Users\strama\AppData\Roaming\Mozilla\Firefox\Profiles\rxfgip4i.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
Ordner Gelöscht : C:\Windows\Installer\{D745B017-4336-4718-83A6-3AE1A9DE88C3}

***** [Registrierungsdatenbank] *****

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\pdfforge
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\searchqutoolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\softonic-de3
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{84CD526A-4E47-4F29-9DAD-D3BEC47E5848}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Toolbar
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\BabylonToolbar
Schlüssel Gelöscht : HKLM\Software\Bandoo
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{32451DFC-C23B-4E12-866C-FC7982238504}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\b
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{092A2C6B-43EE-4F9F-8F8E-14ED5E11C14B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{257A6158-1416-4B31-9BF8-29FF49F3814F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{32451DFC-C23B-4E12-866C-FC7982238504}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{42AEFAF9-09D6-4185-87AE-DEDF6E955CB4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{84CD526A-4E47-4F29-9DAD-D3BEC47E5848}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AC5C4189-A8A0-4C9D-8910-C9CEF8360077}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\64A6E60055D801F4BB8AC269354B72B8
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\64A6E60055D801F4BB8AC269354B72B8
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{736EF78E-5A04-46F9-893E-EDEC6EA5DF45}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7A1BCE27-099C-4628-B63A-AEC00C6376B3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AF3AFF7C-B9E9-48DD-9002-212B6DEAAC02}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DBE82879-914A-422F-BAE9-2ECC80BE536F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E12D7149-73EF-45E4-A1E9-99FD7DAE62D3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F2B184F1-547C-4EE9-BFC4-AC489C7077D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\MIME\Database\Content Type\application/x-vnd.software.oneclickctrl.8
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Software.OneClickCtrl.8
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SoftwareUpdate.CoreClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SoftwareUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2319825
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2431245
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{42AEFAF9-09D6-4185-87AE-DEDF6E955CB4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{42AEFAF9-09D6-4185-87AE-DEDF6E955CB4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{84CD526A-4E47-4F29-9DAD-D3BEC47E5848}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\1C875DDE39636004CA8CDAEC335B4160
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\BA086F2D38A8E1A47912955A68B3AD24
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D745B017-4336-4718-83A6-3AE1A9DE88C3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@www.dlmanager.net/omaha/tools//Software Update;version=8
Schlüssel Gelöscht : HKLM\Software\softonic-de3
Schlüssel Gelöscht : HKLM\SOFTWARE\Software
Schlüssel Gelöscht : HKLM\Software\Tarma Installer
Schlüssel Gelöscht : HKLM\Software\Toolbar
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{40C3CC16-7269-4B32-9531-17F2950FB06F}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{40C3CC16-7269-4B32-9531-17F2950FB06F}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{DFEFCDEE-CF1A-4FC8-88AD-129872198372}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{CC05A3E3-64C3-4AF2-BFC1-AF0D66B69065}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [webbooster@iminent.com]

***** [Internet Browser] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Die Registrierungsdatenbank ist sauber.

-\\ Mozilla Firefox v17.0.1 (de)

Datei : C:\Users\strama\AppData\Roaming\Mozilla\Firefox\Profiles\rxfgip4i.default\prefs.js

C:\Users\strama\AppData\Roaming\Mozilla\Firefox\Profiles\rxfgip4i.default\user.js ... Gelöscht !

Gelöscht : user_pref("CT2319825..clientLogIsEnabled", false);
Gelöscht : user_pref("CT2319825..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
Gelöscht : user_pref("CT2319825..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
Gelöscht : user_pref("CT2319825.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
Gelöscht : user_pref("CT2319825.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gelöscht : user_pref("CT2319825.CTID", "CT2319825");
Gelöscht : user_pref("CT2319825.CurrentServerDate", "2-1-2013");
Gelöscht : user_pref("CT2319825.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2319825.DialogsGetterLastCheckTime", "Sun Dec 30 2012 15:38:03 GMT+0100");
Gelöscht : user_pref("CT2319825.DownloadReferralCookieData", "");
Gelöscht : user_pref("CT2319825.EMailNotifierPollDate", "Thu Jul 29 2010 17:42:53 GMT+0200");
Gelöscht : user_pref("CT2319825.FeedLastCount128902288263982011", 102);
Gelöscht : user_pref("CT2319825.FeedLastCount129056115025381886", 10);
Gelöscht : user_pref("CT2319825.FeedPollDate11908299", "Thu Jul 29 2010 17:22:53 GMT+0200");
Gelöscht : user_pref("CT2319825.FeedPollDate128902288263982011", "Thu Jul 29 2010 17:22:49 GMT+0200");
Gelöscht : user_pref("CT2319825.FeedPollDate129056115025381886", "Thu Jul 29 2010 17:22:49 GMT+0200");
Gelöscht : user_pref("CT2319825.FeedPollDate129228016461601757", "Thu Jul 29 2010 17:22:48 GMT+0200");
Gelöscht : user_pref("CT2319825.FeedPollDate129228019840048158", "Thu Jul 29 2010 17:22:49 GMT+0200");
Gelöscht : user_pref("CT2319825.FeedPollDate129228021559110981", "Thu Jul 29 2010 17:22:48 GMT+0200");
Gelöscht : user_pref("CT2319825.FeedPollDate129228022849107630", "Thu Jul 29 2010 17:22:49 GMT+0200");
Gelöscht : user_pref("CT2319825.FirstServerDate", "29-7-2010");
Gelöscht : user_pref("CT2319825.FirstTime", true);
Gelöscht : user_pref("CT2319825.FirstTimeFF3", true);
Gelöscht : user_pref("CT2319825.FirstTimeSettingsDone", true);
Gelöscht : user_pref("CT2319825.FixPageNotFoundErrors", true);
Gelöscht : user_pref("CT2319825.GroupingServerCheckInterval", 1440);
Gelöscht : user_pref("CT2319825.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gelöscht : user_pref("CT2319825.HasUserGlobalKeys", true);
Gelöscht : user_pref("CT2319825.Initialize", true);
Gelöscht : user_pref("CT2319825.InitializeCommonPrefs", true);
Gelöscht : user_pref("CT2319825.InstallationAndCookieDataSentCount", 3);
Gelöscht : user_pref("CT2319825.InstallationType", "Unknown");
Gelöscht : user_pref("CT2319825.InstalledDate", "Thu Jul 29 2010 14:44:41 GMT+0200");
Gelöscht : user_pref("CT2319825.InvalidateCache", false);
Gelöscht : user_pref("CT2319825.IsGrouping", false);
Gelöscht : user_pref("CT2319825.IsMulticommunity", false);
Gelöscht : user_pref("CT2319825.IsOpenThankYouPage", false);
Gelöscht : user_pref("CT2319825.IsOpenUninstallPage", true);
Gelöscht : user_pref("CT2319825.LanguagePackLastCheckTime", "Wed Jan 02 2013 12:25:28 GMT+0100");
Gelöscht : user_pref("CT2319825.LanguagePackReloadIntervalMM", 1440);
Gelöscht : user_pref("CT2319825.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gelöscht : user_pref("CT2319825.LastLogin_2.7.1.3", "Thu Jul 29 2010 14:44:43 GMT+0200");
Gelöscht : user_pref("CT2319825.LastLogin_3.14.1.0", "Tue Aug 21 2012 18:30:10 GMT+0200");
Gelöscht : user_pref("CT2319825.LastLogin_3.15.1.0", "Thu Nov 15 2012 18:53:35 GMT+0100");
Gelöscht : user_pref("CT2319825.LastLogin_3.16.0.3", "Wed Jan 02 2013 12:25:28 GMT+0100");
Gelöscht : user_pref("CT2319825.LatestVersion", "3.16.0.3");
Gelöscht : user_pref("CT2319825.Locale", "de");
Gelöscht : user_pref("CT2319825.LoginCache", 4);
Gelöscht : user_pref("CT2319825.MCDetectTooltipHeight", "83");
Gelöscht : user_pref("CT2319825.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gelöscht : user_pref("CT2319825.MCDetectTooltipWidth", "295");
Gelöscht : user_pref("CT2319825.MyStuffEnabledAtInstallation", true);
Gelöscht : user_pref("CT2319825.RadioIsPodcast", false);
Gelöscht : user_pref("CT2319825.RadioLastCheckTime", "Thu Jul 29 2010 14:44:45 GMT+0200");
Gelöscht : user_pref("CT2319825.RadioLastUpdateIPServer", "3");
Gelöscht : user_pref("CT2319825.RadioLastUpdateServer", "129224641269630000");
Gelöscht : user_pref("CT2319825.RadioMediaID", "11949532");
Gelöscht : user_pref("CT2319825.RadioMediaType", "Media Player");
Gelöscht : user_pref("CT2319825.RadioMenuSelectedID", "EBRadioMenu_CT231982511949532");
Gelöscht : user_pref("CT2319825.RadioStationName", "1Live");
Gelöscht : user_pref("CT2319825.RadioStationURL", "hxxp://gffstream.ic.llnwd.net/stream/gffstream_stream_wdr_ei[...]
Gelöscht : user_pref("CT2319825.SHRINK_TOOLBAR", 1);
Gelöscht : user_pref("CT2319825.SavedHomepage", "hxxp://www.sueddeutsche.de");
Gelöscht : user_pref("CT2319825.SearchEngine", "Suchen||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Gelöscht : user_pref("CT2319825.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("CT2319825.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT231[...]
Gelöscht : user_pref("CT2319825.SearchInNewTabEnabled", true);
Gelöscht : user_pref("CT2319825.SearchInNewTabIntervalMM", 1440);
Gelöscht : user_pref("CT2319825.SearchInNewTabLastCheckTime", "Wed Jan 02 2013 12:25:26 GMT+0100");
Gelöscht : user_pref("CT2319825.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gelöscht : user_pref("CT2319825.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gelöscht : user_pref("CT2319825.ServiceMapLastCheckTime", "Wed Jan 02 2013 12:25:28 GMT+0100");
Gelöscht : user_pref("CT2319825.SettingsCheckIntervalMin", 120);
Gelöscht : user_pref("CT2319825.SettingsLastCheckTime", "Wed Jan 02 2013 12:25:25 GMT+0100");
Gelöscht : user_pref("CT2319825.SettingsLastUpdate", "1357115052");
Gelöscht : user_pref("CT2319825.ThirdPartyComponentsInterval", 504);
Gelöscht : user_pref("CT2319825.ThirdPartyComponentsLastCheck", "Thu Jul 29 2010 14:44:39 GMT+0200");
Gelöscht : user_pref("CT2319825.ThirdPartyComponentsLastUpdate", "1255348257");
Gelöscht : user_pref("CT2319825.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2319825");
Gelöscht : user_pref("CT2319825.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
Gelöscht : user_pref("CT2319825.UserID", "UN87638595347192937");
Gelöscht : user_pref("CT2319825.ValidationData_Toolbar", 1);
Gelöscht : user_pref("CT2319825.WeatherNetwork", "");
Gelöscht : user_pref("CT2319825.WeatherPollDate", "Thu Jul 29 2010 17:22:53 GMT+0200");
Gelöscht : user_pref("CT2319825.WeatherUnit", "C");
Gelöscht : user_pref("CT2319825.alertChannelId", "715912");
Gelöscht : user_pref("CT2319825.autoDisableScopes", 10);
Gelöscht : user_pref("CT2319825.backendstorage.shpngrd_evnts", "31");
Gelöscht : user_pref("CT2319825.backendstorage.shpngrdglblcfg", "7B202772656627203A2027776E6C64272C2027636E7472[...]
Gelöscht : user_pref("CT2319825.clientLogIsEnabled", true);
Gelöscht : user_pref("CT2319825.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Gelöscht : user_pref("CT2319825.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
Gelöscht : user_pref("CT2319825.homepageProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2319825.initDone", true);
Gelöscht : user_pref("CT2319825.myStuffEnabled", true);
Gelöscht : user_pref("CT2319825.myStuffPublihserMinWidth", 400);
Gelöscht : user_pref("CT2319825.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gelöscht : user_pref("CT2319825.myStuffServiceIntervalMM", 1440);
Gelöscht : user_pref("CT2319825.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gelöscht : user_pref("CT2319825.revertSettingsEnabled", true);
Gelöscht : user_pref("CT2319825.searchProtectorDialogDelayInSec", 10);
Gelöscht : user_pref("CT2319825.searchProtectorEnableByLogin", true);
Gelöscht : user_pref("CT2319825.testingCtid", "");
Gelöscht : user_pref("CT2319825.toolbarAppMetaDataLastCheckTime", "Wed Jan 02 2013 12:25:28 GMT+0100");
Gelöscht : user_pref("CT2319825.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Gelöscht : user_pref("CT2319825.usagesFlag", 2);
Gelöscht : user_pref("CT2431245.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Gelöscht : user_pref("CT2431245.CTID", "CT2431245");
Gelöscht : user_pref("CT2431245.CurrentServerDate", "21-7-2010");
Gelöscht : user_pref("CT2431245.DialogsAlignMode", "LTR");
Gelöscht : user_pref("CT2431245.DownloadReferralCookieData", "");
Gelöscht : user_pref("CT2431245.EMailNotifierPollDate", "Wed Jul 21 2010 20:11:59 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedLastCount129009402595187825", 229);
Gelöscht : user_pref("CT2431245.FeedPollDate7470634014180506963", "Wed Jul 21 2010 19:52:56 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634014269327586", "Wed Jul 21 2010 19:52:55 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634014329599698", "Wed Jul 21 2010 19:52:55 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634014537505092", "Wed Jul 21 2010 19:52:55 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634014970726540", "Wed Jul 21 2010 19:52:56 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634015410831318", "Wed Jul 21 2010 19:52:57 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634015483395460", "Wed Jul 21 2010 19:52:56 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634015636754705", "Wed Jul 21 2010 19:52:56 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634015768347545", "Wed Jul 21 2010 19:52:56 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634015855543602", "Wed Jul 21 2010 19:52:55 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634016030710453", "Wed Jul 21 2010 19:52:55 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634016114705611", "Wed Jul 21 2010 19:52:57 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634016129205152", "Wed Jul 21 2010 19:52:57 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634016143724791", "Wed Jul 21 2010 19:52:57 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634016271239162", "Wed Jul 21 2010 19:52:57 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634016568520719", "Wed Jul 21 2010 19:52:56 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634016726993788", "Wed Jul 21 2010 19:52:55 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634017109031809", "Wed Jul 21 2010 19:52:56 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634017132743740", "Wed Jul 21 2010 19:52:56 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634017299547668", "Wed Jul 21 2010 19:52:57 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634017302327846", "Wed Jul 21 2010 19:52:56 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634017344111490", "Wed Jul 21 2010 19:52:56 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634017478360748", "Wed Jul 21 2010 19:52:57 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634017732797593", "Wed Jul 21 2010 19:52:55 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634017821686064", "Wed Jul 21 2010 19:52:57 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedPollDate7470634018090228721", "Wed Jul 21 2010 19:52:57 GMT+0200");
Gelöscht : user_pref("CT2431245.FeedTTL7470634016568520719", 30);
Gelöscht : user_pref("CT2431245.FirstServerDate", "21-7-2010");
Gelöscht : user_pref("CT2431245.FirstTime", true);
Gelöscht : user_pref("CT2431245.FirstTimeFF3", true);
Gelöscht : user_pref("CT2431245.FirstTimeSettingsDone", true);
Gelöscht : user_pref("CT2431245.FixPageNotFoundErrors", true);
Gelöscht : user_pref("CT2431245.GroupingServerCheckInterval", 1440);
Gelöscht : user_pref("CT2431245.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Gelöscht : user_pref("CT2431245.Initialize", true);
Gelöscht : user_pref("CT2431245.InitializeCommonPrefs", true);
Gelöscht : user_pref("CT2431245.InstallationAndCookieDataSentCount", 3);
Gelöscht : user_pref("CT2431245.InstallationType", "UnknownIntegration");
Gelöscht : user_pref("CT2431245.InstalledDate", "Wed Jul 21 2010 08:59:12 GMT+0200");
Gelöscht : user_pref("CT2431245.InvalidateCache", false);
Gelöscht : user_pref("CT2431245.IsGrouping", false);
Gelöscht : user_pref("CT2431245.IsMulticommunity", false);
Gelöscht : user_pref("CT2431245.IsOpenThankYouPage", false);
Gelöscht : user_pref("CT2431245.IsOpenUninstallPage", true);
Gelöscht : user_pref("CT2431245.LanguagePackLastCheckTime", "Wed Jul 21 2010 08:59:14 GMT+0200");
Gelöscht : user_pref("CT2431245.LanguagePackReloadIntervalMM", 1440);
Gelöscht : user_pref("CT2431245.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
Gelöscht : user_pref("CT2431245.LastLogin_2.7.1.3", "Wed Jul 21 2010 08:59:14 GMT+0200");
Gelöscht : user_pref("CT2431245.LatestVersion", "2.1.0.18");
Gelöscht : user_pref("CT2431245.Locale", "de-de");
Gelöscht : user_pref("CT2431245.LoginCache", 4);
Gelöscht : user_pref("CT2431245.MCDetectTooltipHeight", "83");
Gelöscht : user_pref("CT2431245.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Gelöscht : user_pref("CT2431245.MCDetectTooltipWidth", "295");
Gelöscht : user_pref("CT2431245.RadioIsPodcast", false);
Gelöscht : user_pref("CT2431245.RadioLastCheckTime", "Wed Jul 21 2010 08:59:31 GMT+0200");
Gelöscht : user_pref("CT2431245.RadioLastUpdateIPServer", "3");
Gelöscht : user_pref("CT2431245.RadioLastUpdateServer", "129167771525870000");
Gelöscht : user_pref("CT2431245.RadioMediaID", "20503672");
Gelöscht : user_pref("CT2431245.RadioMediaType", "Media Player");
Gelöscht : user_pref("CT2431245.RadioMenuSelectedID", "EBRadioMenu_CT243124520503672");
Gelöscht : user_pref("CT2431245.RadioStationName", "Team%20Radio%20Deutschland");
Gelöscht : user_pref("CT2431245.RadioStationURL", "hxxp://trd.stream.w-u-s.org:6666/dsl.m3u");
Gelöscht : user_pref("CT2431245.SHRINK_TOOLBAR", 1);
Gelöscht : user_pref("CT2431245.SavedHomepage", "hxxp://de.msn.com/");
Gelöscht : user_pref("CT2431245.SearchEngine", "Suchen||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...]
Gelöscht : user_pref("CT2431245.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("CT2431245.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT243[...]
Gelöscht : user_pref("CT2431245.SearchInNewTabEnabled", true);
Gelöscht : user_pref("CT2431245.SearchInNewTabIntervalMM", 1440);
Gelöscht : user_pref("CT2431245.SearchInNewTabLastCheckTime", "Wed Jul 21 2010 08:59:17 GMT+0200");
Gelöscht : user_pref("CT2431245.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
Gelöscht : user_pref("CT2431245.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...]
Gelöscht : user_pref("CT2431245.SettingsCheckIntervalMin", 120);
Gelöscht : user_pref("CT2431245.SettingsLastCheckTime", "Wed Jul 21 2010 19:52:54 GMT+0200");
Gelöscht : user_pref("CT2431245.SettingsLastUpdate", "1279118128");
Gelöscht : user_pref("CT2431245.ThirdPartyComponentsInterval", 504);
Gelöscht : user_pref("CT2431245.ThirdPartyComponentsLastCheck", "Wed Jul 21 2010 08:59:07 GMT+0200");
Gelöscht : user_pref("CT2431245.ThirdPartyComponentsLastUpdate", "1279118128");
Gelöscht : user_pref("CT2431245.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=[...]
Gelöscht : user_pref("CT2431245.UserID", "UN05811928869299376");
Gelöscht : user_pref("CT2431245.ValidationData_Toolbar", 1);
Gelöscht : user_pref("CT2431245.WeatherNetwork", "");
Gelöscht : user_pref("CT2431245.WeatherPollDate", "Wed Jul 21 2010 19:52:56 GMT+0200");
Gelöscht : user_pref("CT2431245.WeatherUnit", "C");
Gelöscht : user_pref("CT2431245.alertChannelId", "825452");
Gelöscht : user_pref("CT2431245.backendstorage.hxxp://cmg1_conduit-widgets_com/pitsi.state", "4F50454E");
Gelöscht : user_pref("CT2431245.clientLogIsEnabled", false);
Gelöscht : user_pref("CT2431245.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...]
Gelöscht : user_pref("CT2431245.myStuffEnabled", true);
Gelöscht : user_pref("CT2431245.myStuffPublihserMinWidth", 400);
Gelöscht : user_pref("CT2431245.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
Gelöscht : user_pref("CT2431245.myStuffServiceIntervalMM", 1440);
Gelöscht : user_pref("CT2431245.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
Gelöscht : user_pref("CT2431245.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2319825/CT2319825[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/DE", "\"0\"")[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2319825", [...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.16[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2319825",[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...]
Gelöscht : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=de", "\"c2d[...]
Gelöscht : user_pref("CommunityToolbar.EngineOwner", "ConduitEngine");
Gelöscht : user_pref("CommunityToolbar.EngineOwnerGuid", "engine@conduit.com");
Gelöscht : user_pref("CommunityToolbar.EngineOwnerToolbarId", "conduitengine");
Gelöscht : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true);
Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwner", "ConduitEngine");
Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "engine@conduit.com");
Gelöscht : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "conduitengine");
Gelöscht : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://www.bing.com/search?FORM=VE3D01&q[...]
Gelöscht : user_pref("CommunityToolbar.ToolbarsList", "CT2431245,CT2319825,ConduitEngine");
Gelöscht : user_pref("CommunityToolbar.ToolbarsList2", "CT2431245,CT2319825");
Gelöscht : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Gelöscht : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Mon Jan 03 2011 20:02:48 GMT+0100");
Gelöscht : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Gelöscht : user_pref("CommunityToolbar.alert.locale", "en");
Gelöscht : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Gelöscht : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Mon Jan 03 2011 20:02:34 GMT+0100");
Gelöscht : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291052234");
Gelöscht : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Gelöscht : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Gelöscht : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Gelöscht : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Gelöscht : user_pref("CommunityToolbar.alert.userId", "3a396b0c-5970-4895-a092-e043a0347a96");
Gelöscht : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Jul 29 2010 14:44:44 GMT+0200");
Gelöscht : user_pref("CommunityToolbar.globalUserId", "5204f17c-047a-4fb3-987b-9b17b4404f49");
Gelöscht : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2319825");
Gelöscht : user_pref("ConduitEngine.CTID", "ConduitEngine");
Gelöscht : user_pref("ConduitEngine.FirstServerDate", "01/03/2011 22");
Gelöscht : user_pref("ConduitEngine.FirstTime", true);
Gelöscht : user_pref("ConduitEngine.FirstTimeFF3", true);
Gelöscht : user_pref("ConduitEngine.HasUserGlobalKeys", true);
Gelöscht : user_pref("ConduitEngine.Initialize", true);
Gelöscht : user_pref("ConduitEngine.InitializeCommonPrefs", true);
Gelöscht : user_pref("ConduitEngine.InstalledDate", "Mon Jan 03 2011 20:02:36 GMT+0100");
Gelöscht : user_pref("ConduitEngine.IsMulticommunity", false);
Gelöscht : user_pref("ConduitEngine.IsOpenThankYouPage", false);
Gelöscht : user_pref("ConduitEngine.IsOpenUninstallPage", true);
Gelöscht : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Mon Jan 03 2011 20:02:36 GMT+0100");
Gelöscht : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Mon Jan 03 2011 20:02:36 GMT+0100");
Gelöscht : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true);
Gelöscht : user_pref("ConduitEngine.SettingsLastCheckTime", "Mon Jan 03 2011 20:02:36 GMT+0100");
Gelöscht : user_pref("ConduitEngine.UserID", "UN98693216102669472");
Gelöscht : user_pref("ConduitEngine.componentAlertEnabled", true);
Gelöscht : user_pref("ConduitEngine.engineLocale", "de");
Gelöscht : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Mon Jan 03 2011 20:02:36 GMT+0100");
Gelöscht : user_pref("ConduitEngine.initDone", true);
Gelöscht : user_pref("browser.search.defaultengine", "Ask.com");
Gelöscht : user_pref("browser.search.defaultthis.engineName", "Winload Customized Web Search");
Gelöscht : user_pref("browser.search.order.1", "Search Results");
Gelöscht : user_pref("extensions.BabylonToolbar.admin", false);
Gelöscht : user_pref("extensions.BabylonToolbar.aflt", "babsst");
Gelöscht : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}");
Gelöscht : user_pref("extensions.BabylonToolbar.bbDpng", 27);
Gelöscht : user_pref("extensions.BabylonToolbar.cntry", "DE");
Gelöscht : user_pref("extensions.BabylonToolbar.dfltLng", "en");
Gelöscht : user_pref("extensions.BabylonToolbar.dfltSrch", true);
Gelöscht : user_pref("extensions.BabylonToolbar.excTlbr", false);
Gelöscht : user_pref("extensions.BabylonToolbar.firstRun", false);
Gelöscht : user_pref("extensions.BabylonToolbar.hdrMd5", "82C010E91111F1BAA73D0C9CA6E3BA87");
Gelöscht : user_pref("extensions.BabylonToolbar.hmpg", true);
Gelöscht : user_pref("extensions.BabylonToolbar.id", "a03a8f6200000000000000ff9818f287");
Gelöscht : user_pref("extensions.BabylonToolbar.instlDay", "15675");
Gelöscht : user_pref("extensions.BabylonToolbar.instlRef", "sst");
Gelöscht : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?AF=109101&babsrc=adbar[...]
Gelöscht : user_pref("extensions.BabylonToolbar.lastActv", "22");
Gelöscht : user_pref("extensions.BabylonToolbar.lastDP", 27);
Gelöscht : user_pref("extensions.BabylonToolbar.lastVrsn", "1.1.5");
Gelöscht : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.8.3.819:49:10");
Gelöscht : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "15.0");
Gelöscht : user_pref("extensions.BabylonToolbar.newTab", true);
Gelöscht : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?AF=109101&babsrc=NT_ss&[...]
Gelöscht : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");
Gelöscht : user_pref("extensions.BabylonToolbar.propectorlck", 92604951);
Gelöscht : user_pref("extensions.BabylonToolbar.prtnrId", "babylon");
Gelöscht : user_pref("extensions.BabylonToolbar.ptch_0717", true);
Gelöscht : user_pref("extensions.BabylonToolbar.sg", "czb");
Gelöscht : user_pref("extensions.BabylonToolbar.smplGrp", "czb");
Gelöscht : user_pref("extensions.BabylonToolbar.tlbrId", "base");
Gelöscht : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...]
Gelöscht : user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8");
Gelöscht : user_pref("extensions.BabylonToolbar.vrsnTs", "1.8.3.819:49:10");
Gelöscht : user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8");
Gelöscht : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Gelöscht : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.819:49:10");
Gelöscht : user_pref("extensions.wajam.affiliate_id", "6447");
Gelöscht : user_pref("extensions.wajam.firstrun", "false");
Gelöscht : user_pref("extensions.wajam.log_send_info", "false");
Gelöscht : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21083\",\"supported_sites\":{\[...]
Gelöscht : user_pref("extensions.wajam.no_trace", "false");
Gelöscht : user_pref("extensions.wajam.server_current_mapping_version", "0.21083");
Gelöscht : user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABE[...]
Gelöscht : user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME[...]
Gelöscht : user_pref("extensions.wajam.supported_sites.yahoo.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wa[...]
Gelöscht : user_pref("extensions.wajam.trace_log", "1346604590069 - processInstallationUpgrade - version set to[...]
Gelöscht : user_pref("extensions.wajam.unique_id", "8F0B7D26DE4D0F57520FA72039FB6C0D");
Gelöscht : user_pref("extensions.wajam.user_current_mapping_version", "0");
Gelöscht : user_pref("extensions.wajam.version", "1.25");
Gelöscht : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2319825&q=");

-\\ Google Chrome v23.0.1271.97

Datei : C:\Users\strama\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] Die Datei ist sauber.

*************************

AdwCleaner[R1].txt - [50498 octets] - [03/01/2013 15:56:58]
AdwCleaner[S1].txt - [49565 octets] - [03/01/2013 16:08:46]

########## EOF - C:\AdwCleaner[S1].txt - [49626 octets] ##########
         

Code: Alles auswählenAufklappen

ATTFilter

OTL logfile created on: 03.01.2013 16:17:54 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\strama\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 1,82 Gb Available Physical Memory | 56,10% Memory free
6,50 Gb Paging File | 4,91 Gb Available in Paging File | 75,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 1376,16 Gb Total Space | 1290,69 Gb Free Space | 93,79% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 11,67 Gb Free Space | 58,35% Space Free | Partition Type: NTFS
 
Computer Name: STRAMA-PC | User Name: strama | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\strama\Downloads\OTL.exe (OldTimer Tools)
PRC - C:\Programme\Google\Update\1.3.21.124\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Users\strama\AppData\Local\Apps\2.0\5MR43N9R.H6L\T6OQ6A4H.D9L\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe (AVM Berlin)
PRC - C:\Programme\Mozilla Thunderbird\thunderbird.exe (Mozilla Corporation)
PRC - C:\Programme\Google\Chrome\Application\chrome.exe (Google Inc.)
PRC - C:\Users\strama\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
PRC - c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
PRC - C:\Programme\Microsoft Security Client\msseces.exe (Microsoft Corporation)
PRC - C:\Programme\Real\RealPlayer\Update\realsched.exe (RealNetworks, Inc.)
PRC - C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Windows\System32\ieconfig_1und1_svc.exe ()
PRC - C:\Programme\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
PRC - C:\Programme\McAfee Security Scan\3.0.207\SSScheduler.exe (McAfee, Inc.)
PRC - C:\Programme\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - C:\Programme\Juniper Networks\Common Files\dsNcService.exe (Juniper Networks)
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Programme\Logitech\Logitech WebCam Software\LWS.exe ()
PRC - C:\Programme\Common Files\logishrd\LQCVFX\COCIManager.exe ()
PRC - C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
PRC - C:\Programme\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Programme\Microsoft Office\Office12\GrooveMonitor.exe (Microsoft Corporation)
PRC - C:\Programme\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
PRC - C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
PRC - C:\Programme\1&1\IGDCTRL.EXE (AVM Berlin)
PRC - c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Programme\Mozilla Thunderbird\mozjs.dll ()
MOD - C:\Programme\Mozilla Thunderbird\nsldap32v60.dll ()
MOD - C:\Programme\Mozilla Thunderbird\nsldappr32v60.dll ()
MOD - C:\Programme\Google\Chrome\Application\23.0.1271.97\ppgooglenaclpluginchrome.dll ()
MOD - C:\Programme\Google\Chrome\Application\23.0.1271.97\pdf.dll ()
MOD - C:\Programme\Google\Chrome\Application\23.0.1271.97\libglesv2.dll ()
MOD - C:\Programme\Google\Chrome\Application\23.0.1271.97\libegl.dll ()
MOD - C:\Programme\Google\Chrome\Application\23.0.1271.97\avutil-51.dll ()
MOD - C:\Programme\Google\Chrome\Application\23.0.1271.97\avformat-54.dll ()
MOD - C:\Programme\Google\Chrome\Application\23.0.1271.97\avcodec-54.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\25e672ea505e50ab058258ac72a54f02\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\d040079bc7148afeca03c5abb6fc3c61\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\4e80768a2d88c7a333e43cbb7a6c0705\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dd758ac0bf7358ac6e4720610fcc63c\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\187d7c66735c533de851c76384f86912\mscorlib.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\5e3ccfdf88ccd6a9ff4e6ddae7e3fec6\System.Xaml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\c881e2d2ec912499834feb85c4c2e483\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\58f50a891bafb8fd7149e6eebc2b7b52\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\05ebffcb5aac31412fea8c38cbac8df8\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\cbb227c0a77a5b15a1255220984239f2\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\caffbced23ee85b40b919ad4a122b7aa\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\9422d0c052186760a4645e10995487f5\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\cb0c00757e89f0b1fe282913ed667212\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\ed886fb71addf400705481dcf8de12da\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\811a7bc79f8f0a5be8065292a320819e\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\16126cae96ea2422253ae06eeb672abc\mscorlib.ni.dll ()
MOD - C:\Programme\FileZilla FTP Client\fzshellext.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Wizard\2.0.3660.33486__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Wizard\2.0.3660.33443__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime\2.0.3660.33319__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Dashboard\2.0.3660.33396__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Wizard\2.0.3660.33345__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Wizard\2.0.3660.33397__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Runtime\2.0.3660.33417__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard\2.0.3660.33329__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Dashboard\2.0.3660.33444__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Runtime\2.0.3660.33395__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Runtime\2.0.3660.33388__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Runtime\2.0.3660.33376__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard\2.0.3660.33338__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Runtime\2.0.3660.33330__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Runtime\2.0.3660.33487__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysManager2.Graphics.Dashboard\2.0.3660.33482__90ba9c70f846762e\CLI.Aspect.DisplaysManager2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Dashboard\2.0.3660.33379__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Dashboard\2.0.3660.33458__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Dashboard\2.0.3660.33346__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Wizard\2.0.3660.33410__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Dashboard\2.0.3660.33371__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.InfoCentre.Graphics.Dashboard\2.0.3660.33345__90ba9c70f846762e\CLI.Aspect.InfoCentre.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Runtime\2.0.3660.33378__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Dashboard\2.0.3660.33385__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Runtime\2.0.3660.33457__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Runtime\2.0.3660.33376__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Runtime\2.0.3660.33384__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Runtime\2.0.3660.33351__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Runtime\2.0.3660.33386__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Dashboard\2.0.3660.33377__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Shared\2.0.3639.21544__90ba9c70f846762e\CLI.Caste.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation\2.0.3639.21529__90ba9c70f846762e\CLI.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.OverDrive5.Graphics.Shared\2.0.3639.21799__90ba9c70f846762e\CLI.Aspect.OverDrive5.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Radeon3D.Graphics.Shared\2.0.3639.21677__90ba9c70f846762e\CLI.Aspect.Radeon3D.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0601\2.0.2573.17685__90ba9c70f846762e\DEM.Graphics.I0601.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.TransCode.Graphics.Shared\2.0.3639.21772__90ba9c70f846762e\CLI.Aspect.TransCode.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Runtime\2.0.3660.33377__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation\2.0.3639.21517__90ba9c70f846762e\LOG.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\NEWAEM.Foundation\2.0.3639.21518__90ba9c70f846762e\NEWAEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.XManifest\2.0.3639.21922__90ba9c70f846762e\CLI.Foundation.XManifest.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared\2.0.3639.21571__90ba9c70f846762e\CLI.Component.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0703\2.0.2651.18802__90ba9c70f846762e\DEM.Graphics.I0703.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared\2.0.3639.21582__90ba9c70f846762e\CLI.Component.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared\2.0.3639.21557__90ba9c70f846762e\CLI.Component.Client.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.Welcome.Graphics.Shared\2.0.3639.21776__90ba9c70f846762e\CLI.Aspect.Welcome.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Hotkeys.Shared\2.0.3639.21569__90ba9c70f846762e\AEM.Plugin.Hotkeys.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Actions.CCAA.Shared\2.0.3639.21562__90ba9c70f846762e\AEM.Actions.CCAA.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Foundation\2.0.3639.21599__90ba9c70f846762e\MOM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics.I0706\2.0.2743.23304__90ba9c70f846762e\DEM.Graphics.I0706.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Graphics\2.0.3639.21620__90ba9c70f846762e\DEM.Graphics.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\DEM.Foundation\2.0.2573.17684__90ba9c70f846762e\DEM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared\2.0.3639.21566__90ba9c70f846762e\CLI.Component.Runtime.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Wizard.Shared\2.0.3639.21663__90ba9c70f846762e\CLI.Caste.Graphics.Wizard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Dashboard.Shared\2.0.3639.21591__90ba9c70f846762e\CLI.Caste.Graphics.Dashboard.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.WinMessages.Shared\2.0.3639.21613__90ba9c70f846762e\AEM.Plugin.WinMessages.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.REG.Shared\2.0.3639.21806__90ba9c70f846762e\AEM.Plugin.REG.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.GD.Shared\2.0.3639.21789__90ba9c70f846762e\AEM.Plugin.GD.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.EEU.Shared\2.0.3639.21606__90ba9c70f846762e\AEM.Plugin.EEU.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.DPPE.Shared\2.0.3639.21788__90ba9c70f846762e\AEM.Plugin.DPPE.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\atixclib\1.0.0.0__90ba9c70f846762e\atixclib.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard\2.0.3660.33325__90ba9c70f846762e\CLI.Component.Dashboard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Implementation\2.0.3660.33479__90ba9c70f846762e\ResourceManagement.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Systemtray\2.0.3660.33428__90ba9c70f846762e\CLI.Component.Systemtray.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard\2.0.3660.33337__90ba9c70f846762e\CLI.Component.Wizard.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\MOM.Implementation\2.0.3660.33436__90ba9c70f846762e\MOM.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation\2.0.3660.33434__90ba9c70f846762e\LOG.Foundation.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceTV.Graphics.Shared\2.0.3639.21679__90ba9c70f846762e\CLI.Aspect.DeviceTV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime\2.0.3660.33316__90ba9c70f846762e\CLI.Component.Runtime.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.MMVideo.Graphics.Shared\2.0.3639.21608__90ba9c70f846762e\CLI.Aspect.MMVideo.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Server\2.0.3660.33315__90ba9c70f846762e\APM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.SkinFactory\2.0.3660.33318__90ba9c70f846762e\CLI.Component.SkinFactory.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceDFP.Graphics.Shared\2.0.3639.21609__90ba9c70f846762e\CLI.Aspect.DeviceDFP.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCRT.Graphics.Shared\2.0.3639.21670__90ba9c70f846762e\CLI.Aspect.DeviceCRT.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Shared.Private\2.0.3639.21589__90ba9c70f846762e\CLI.Component.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server\2.0.3660.33314__90ba9c70f846762e\AEM.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Plugin.Source.Kit.Server\2.0.3660.33451__90ba9c70f846762e\AEM.Plugin.Source.Kit.Server.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Foundation.Private\2.0.3639.21551__90ba9c70f846762e\CLI.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Client.Shared.Private\2.0.3639.21578__90ba9c70f846762e\CLI.Component.Client.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceProperty.Graphics.Shared\2.0.3639.21577__90ba9c70f846762e\CLI.Aspect.DeviceProperty.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceCV.Graphics.Shared\2.0.3639.21601__90ba9c70f846762e\CLI.Aspect.DeviceCV.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Private\2.0.3639.21521__90ba9c70f846762e\LOG.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ATICCCom\2.0.0.0__90ba9c70f846762e\ATICCCom.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysColour2.Graphics.Shared\2.0.3639.21666__90ba9c70f846762e\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DeviceLCD.Graphics.Shared\2.0.3639.21623__90ba9c70f846762e\CLI.Aspect.DeviceLCD.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CustomFormats.Graphics.Shared\2.0.3639.21565__90ba9c70f846762e\CLI.Aspect.CustomFormats.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Wizard.Shared.Private\2.0.3639.21594__90ba9c70f846762e\CLI.Component.Wizard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.DisplaysOptions.Graphics.Shared\2.0.3639.21673__90ba9c70f846762e\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\ResourceManagement.Foundation.Private\2.0.3639.21539__90ba9c70f846762e\ResourceManagement.Foundation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\LOG.Foundation.Implementation.Private\2.0.3639.21592__90ba9c70f846762e\LOG.Foundation.Implementation.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Dashboard.Shared.Private\2.0.3639.21596__90ba9c70f846762e\CLI.Component.Dashboard.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Caste.Graphics.Runtime.Shared.Private\2.0.3639.21681__90ba9c70f846762e\CLI.Caste.Graphics.Runtime.Shared.Private.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Aspect.HotkeysHandling.Graphics.Shared\2.0.3639.21611__90ba9c70f846762e\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\APM.Foundation\2.0.3639.21604__90ba9c70f846762e\APM.Foundation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CCC.Implementation\2.0.3660.33435__90ba9c70f846762e\CCC.Implementation.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\AEM.Server.Shared\2.0.3639.21570__90ba9c70f846762e\AEM.Server.Shared.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\CLI.Component.Runtime.Extension.EEU\2.0.3660.33313__90ba9c70f846762e\CLI.Component.Runtime.Extension.EEU.dll ()
MOD - C:\Programme\Logitech\Logitech WebCam Software\LWS.exe ()
MOD - C:\Programme\Common Files\logishrd\LQCVFX\COCIManager.exe ()
MOD - C:\Programme\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Programme\CyberLink\Power2Go\CLMediaLibrary.dll ()
 
 
========== Services (SafeList) ==========
 
SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (NisSrv) -- c:\Programme\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV - (MsMpSvc) -- c:\Programme\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Programme\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (serviceIEConfig) -- C:\Windows\System32\ieconfig_1und1_svc.exe ()
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (McComponentHostService) -- C:\Programme\McAfee Security Scan\3.0.207\McCHSvc.exe (McAfee, Inc.)
SRV - (BBSvc) -- C:\Programme\Microsoft\BingBar\BBSvc.EXE (Microsoft Corporation.)
SRV - (BBUpdate) -- C:\Programme\Microsoft\BingBar\SeaPort.EXE (Microsoft Corporation)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (dsNcService) -- C:\Programme\Juniper Networks\Common Files\dsNcService.exe (Juniper Networks)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (LVPrcSrv) -- C:\Programme\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Microsoft Office Groove Audit Service) -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (Fabs) -- C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe (MAGIX AG)
SRV - (BRA_Scheduler) -- C:\Programme\Brother\BRAdmin Professional 3\bratimer.exe ()
SRV - (AAV UpdateService) -- C:\Programme\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe ()
SRV - (FirebirdServerMAGIXInstance) -- C:\Programme\Common Files\MAGIX Services\Database\bin\fbserver.exe (MAGIX®)
SRV - (IGDCTRL) -- C:\Programme\1&1\IGDCTRL.EXE (AVM Berlin)
SRV - (PSI_SVC_2) -- c:\Programme\Common Files\Protexis\License Service\PsiService_2.exe (Protexis Inc.)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
 
 
========== Driver Services (SafeList) ==========
 
DRV - (Profos) -- C:\Program Files\BullGuard Ltd\BullGuard\antirootkit\profos.sys File not found
DRV - (MpKsl1928747c) -- c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{486B991B-4F95-4049-B1D2-844E6C98B8C5}\MpKsl1928747c.sys (Microsoft Corporation)
DRV - (avmaura) -- C:\Windows\System32\drivers\avmaura.sys (AVM Berlin)
DRV - (NisDrv) -- C:\Windows\System32\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV - (avmaudio) -- C:\Windows\System32\drivers\avmaudio.sys (AVM Berlin)
DRV - (RTL8192su) -- C:\Windows\System32\drivers\RTL8192su.sys (Realtek Semiconductor Corporation                           )
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (dsNcAdpt) -- C:\Windows\System32\drivers\dsNcAdpt.sys (Juniper Networks)
DRV - (amdkmdag) -- C:\Windows\System32\drivers\atipmdag.sys (ATI Technologies Inc.)
DRV - (amdkmdap) -- C:\Windows\System32\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV - (AtiHdmiService) -- C:\Windows\System32\drivers\AtiHdmi.sys (ATI Technologies, Inc.)
DRV - (LVPr2Mon) -- C:\Windows\System32\drivers\LVPr2Mon.sys ()
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (amdide) -- C:\Windows\System32\drivers\amdide.sys (Advanced Micro Devices Inc.)
DRV - (usbfilter) -- C:\Windows\System32\drivers\usbfilter.sys (Advanced Micro Devices)
DRV - (AtiPcie) -- C:\Windows\System32\drivers\AtiPcie.sys (Advanced Micro Devices Inc.)
DRV - (GigasetGenericUSB) -- C:\Windows\System32\drivers\GigasetGenericUSB.sys (Siemens Home and Office Communication Devices GmbH & Co. KG)
DRV - (LVUSBSta) -- C:\Windows\System32\drivers\LVUSBSta.sys (Logitech Inc.)
DRV - (PID_0928) -- C:\Windows\System32\drivers\LV561AV.SYS (Logitech Inc.)
DRV - (Gigusb) -- C:\Windows\System32\drivers\Gigusb.sys (Siemens AG)
DRV - (siellif) -- C:\Windows\System32\drivers\siellif.sys (Siemens AG)
DRV - (IUAPIWDM) -- C:\Windows\System32\drivers\IUAPIWDM.sys (SIEMENS AG)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
IE - HKLM\..\SearchScopes,DefaultScope = 
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
 
 
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = 
 
IE - HKU\S-1-5-21-3887269607-449999235-3499335998-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.aldi.com
IE - HKU\S-1-5-21-3887269607-449999235-3499335998-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3887269607-449999235-3499335998-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://medion.msn.com [binary data]
IE - HKU\S-1-5-21-3887269607-449999235-3499335998-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = 
IE - HKU\S-1-5-21-3887269607-449999235-3499335998-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = 
IE - HKU\S-1-5-21-3887269607-449999235-3499335998-1000\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-3887269607-449999235-3499335998-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.sueddeutsche.de/
IE - HKU\S-1-5-21-3887269607-449999235-3499335998-1000\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3887269607-449999235-3499335998-1000\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com/ie
IE - HKU\S-1-5-21-3887269607-449999235-3499335998-1000\..\SearchScopes,DefaultScope = 
IE - HKU\S-1-5-21-3887269607-449999235-3499335998-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3887269607-449999235-3499335998-1000\..\SearchScopes\{1248A9A0-33C3-4B77-94D0-6959FAE9BBAD}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=MEDTDF&pc=MAMD&src=IE-SearchBox
IE - HKU\S-1-5-21-3887269607-449999235-3499335998-1000\..\SearchScopes\{1440438C-2F25-4724-A98B-D500568A9EFB}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=827316&p={searchTerms}
IE - HKU\S-1-5-21-3887269607-449999235-3499335998-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searc
IE - HKU\S-1-5-21-3887269607-449999235-3499335998-1000\..\SearchScopes\{6B699F94-B458-420E-AF75-491E0067103F}: "URL" = hxxp://go.1und1.de/suchbox/1und1suche?su={searchTerms}
IE - HKU\S-1-5-21-3887269607-449999235-3499335998-1000\..\SearchScopes\{8BEED4D2-79D6-4F61-BECC-D74D2A647C42}: "URL" = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2319825
IE - HKU\S-1-5-21-3887269607-449999235-3499335998-1000\..\SearchScopes\{8E53319A-837E-423B-87CC-2D8D7E98E7B1}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
IE - HKU\S-1-5-21-3887269607-449999235-3499335998-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3887269607-449999235-3499335998-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
 
========== FireFox ==========
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.defaulturl: "hxxp://search.yahoo.com/search?ei=UTF-8&fr=ytff-&p="
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=827316&ilc=12"
FF - prefs.js..browser.search.param.yahoo-fr-cjkt: "moz2-ytff-"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "hxxp://www.sueddeutsche.de/"
FF - prefs.js..extensions.enabledAddons: donottrackplus%40abine.com:2.2.5.1205
FF - prefs.js..extensions.enabledAddons: FirefoxAddon%40similarWeb.com:1.4.35
FF - prefs.js..extensions.enabledAddons: %7B40c3cc16-7269-4b32-9531-17f2950fb06f%7D:3.16.0.3
FF - prefs.js..extensions.enabledAddons: %7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.0.3
FF - prefs.js..extensions.enabledAddons: %7BC9B68337-E93A-44EA-94DC-CB300EC06444%7D:5.30.4
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0033-ABCDEFFEDCBA%7D:6.0.33
FF - prefs.js..extensions.enabledAddons: %7BCAFEEFAC-0016-0000-0035-ABCDEFFEDCBA%7D:6.0.35
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:17.0.1
FF - prefs.js..extensions.enabledItems: {9AA46F4F-4DC7-4c06-97AF-5035170634FE}:4.0
FF - prefs.js..extensions.enabledItems: FirefoxAddon@similarWeb.com:1.2.06
FF - prefs.js..extensions.enabledItems: {40c3cc16-7269-4b32-9531-17f2950fb06f}:3.2.5.2
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: toolbar@ask.com:3.9.1.14019
FF - prefs.js..extensions.enabledItems: ffxtlbr@babylon.com:1.1.3
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_5_502_135.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.9.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/VirtualEarth3D,version=4.0: C:\Program Files\Virtual Earth 3D\ [2012.10.01 16:14:16 | 000,000,000 | ---D | M]
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.6.14: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=15.0.6.14: c:\program files\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@rim.com/npappworld: C:\Program Files\Research In Motion Limited\BlackBerry App World Browser Plugin\npappworld.dll ()
FF - HKLM\Software\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0: C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.124\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.08.17 13:40:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.08.17 13:40:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0153E448-190B-4987-BDE1-F256CADA672F}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012.08.17 13:40:17 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.29 16:34:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.01.02 21:30:49 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 10.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 11.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 12.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 13.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 14.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 15.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 5.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 8.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Thunderbird 9.0.1\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2012.12.29 16:34:49 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 17.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.01.02 21:30:49 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 16.0.2\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Components: C:\Program Files\Mozilla Thunderbird\components [2012.12.07 23:03:51 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Thunderbird 17.0\extensions\\Plugins: C:\Program Files\Mozilla Thunderbird\plugins
 
[2012.03.18 10:01:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\strama\AppData\Roaming\mozilla\Extensions
[2010.07.12 19:37:27 | 000,000,000 | ---D | M] (No name found) -- C:\Users\strama\AppData\Roaming\mozilla\Extensions\{3550f703-e582-4d05-9a08-453d09bdfdc6}
[2013.01.03 16:08:57 | 000,000,000 | ---D | M] (No name found) -- C:\Users\strama\AppData\Roaming\mozilla\Firefox\Profiles\rxfgip4i.default\extensions
[2012.12.12 09:04:52 | 000,000,000 | ---D | M] (DoNotTrackMe) -- C:\Users\strama\AppData\Roaming\mozilla\Firefox\Profiles\rxfgip4i.default\extensions\donottrackplus@abine.com
[2012.12.21 08:29:24 | 000,000,000 | ---D | M] (SimilarWeb) -- C:\Users\strama\AppData\Roaming\mozilla\Firefox\Profiles\rxfgip4i.default\extensions\FirefoxAddon@similarWeb.com
[2012.12.12 09:04:52 | 000,109,804 | ---- | M] () (No name found) -- C:\Users\strama\AppData\Roaming\mozilla\firefox\profiles\rxfgip4i.default\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi
[2012.11.27 20:38:15 | 000,804,627 | ---- | M] () (No name found) -- C:\Users\strama\AppData\Roaming\mozilla\firefox\profiles\rxfgip4i.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2012.12.05 16:11:56 | 000,007,919 | ---- | M] () (No name found) -- C:\Users\strama\AppData\Roaming\mozilla\firefox\profiles\rxfgip4i.default\extensions\donottrackplus@abine.com\chrome\content\ff\view_expiry.js
[2011.12.24 17:26:42 | 000,001,737 | ---- | M] () -- C:\Users\strama\AppData\Roaming\mozilla\firefox\profiles\rxfgip4i.default\searchplugins\bing.xml
[2012.12.29 16:34:04 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions
[2012.12.29 16:34:03 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Programme\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2012.12.29 16:34:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.12.29 16:34:04 | 000,000,000 | ---D | M] (Java Console) -- C:\Programme\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
[2012.12.29 16:34:04 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
[2012.12.29 16:34:04 | 000,000,000 | ---D | M] (Java Console) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}
File not found (No name found) -- C:\USERS\STRAMA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXFGIP4I.DEFAULT\EXTENSIONS\{40C3CC16-7269-4B32-9531-17F2950FB06F}
File not found (No name found) -- C:\USERS\STRAMA\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\RXFGIP4I.DEFAULT\EXTENSIONS\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[2012.12.29 16:34:49 | 000,262,112 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2012.08.17 13:39:46 | 000,129,176 | ---- | M] (RealPlayer) -- C:\Program Files\mozilla firefox\plugins\nprpplugin.dll
[2012.07.14 10:29:35 | 000,001,392 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
[2012.09.25 15:49:46 | 000,002,465 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2012.07.14 10:29:35 | 000,001,153 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
[2012.07.14 10:29:35 | 000,006,805 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
[2012.07.14 10:29:35 | 000,001,178 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
[2012.07.14 10:29:35 | 000,001,105 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
 
========== Chrome  ==========
 
CHR - homepage: hxxp://www.sueddeutsche.de/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}&sugkey={google:suggestAPIKeyParameter},
CHR - homepage: hxxp://www.sueddeutsche.de/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Disabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files\Google\Chrome\Application\23.0.1271.97\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\strama\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Skype Click to Call (Enabled) = C:\Users\strama\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.11.0.9874_0\npSkypeChromePlugin.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 6.0.310.5 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\strama\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\strama\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: RIM Handheld Application Loader (Enabled) = C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - Extension: DoNotTrackMe = C:\Users\strama\AppData\Local\Google\Chrome\User Data\Default\Extensions\amkeiedlemmabfclbdkalidkolgdphij\2.2.5.1211_0\
CHR - Extension: YouTube = C:\Users\strama\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_1\
CHR - Extension: Google-Suche = C:\Users\strama\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_1\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\strama\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: komoot = C:\Users\strama\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbgbaicglaiooophhbkpkdhpglkbhohb\1.0.2_0\
CHR - Extension: Google Mail = C:\Users\strama\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2012.01.27 13:40:30 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Do Not Track Plus) - {6E45F3E8-2683-4824-A6BE-08108022FB36} - C:\Programme\DoNotTrackPlus\ScriptHost.dll (Abine)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O2 - BHO: (Bing Bar Helper) - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O2 - BHO: (1&&1 Internet AG Browser Configuration by mquadr.at) - {D48FF4B4-E68F-47D1-8E25-81A0F0EEB341} - C:\Windows\System32\ieconfig_1und1.dll (mquadr.at software engineering und consulting GmbH)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (Bing Bar) - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKU\S-1-5-21-3887269607-449999235-3499335998-1000\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [CLMLServer] C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
O4 - HKLM..\Run: [LogitechQuickCamRibbon] C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe ()
O4 - HKLM..\Run: [MSC] c:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4 - HKLM..\Run: [RIMBBLaunchAgent.exe] C:\Programme\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe (Research In Motion Limited)
O4 - HKLM..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKU\S-1-5-21-3887269607-449999235-3499335998-1000..\Run: [Akamai NetSession Interface] C:\Users\strama\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKU\S-1-5-21-3887269607-449999235-3499335998-1000..\Run: [AVMUSBFernanschluss] C:\Users\strama\AppData\Local\Apps\2.0\5MR43N9R.H6L\T6OQ6A4H.D9L\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe (AVM Berlin)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\strama\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk = C:\Programme\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: eBay - Der weltweite Online-Marktplatz - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra 'Tools' menuitem : eBay - {0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4 File not found
O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Do Not Track Plus (c) Abine - {6E45F3E8-2683-4824-A6BE-08108022FB36} - C:\Programme\DoNotTrackPlus\ScriptHost.dll (Abine)
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra 'Tools' menuitem : Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files\1&1\\sarah.dll ()
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\1&1\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\1&1\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files\1&1\sarah.dll (AVM Berlin)
O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\Program Files\1&1\sarah.dll (AVM Berlin)
O13 - gopher Prefix: missing
O15 - HKU\S-1-5-21-3887269607-449999235-3499335998-1000\..Trusted Domains: linde.com ([secure] https in Trusted sites)
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} hxxp://download.microsoft.com/download/C/B/F/CBF23A2C-3E55-4664-BC5C-762780D79BA0/OGAControl.cab (Office Genuine Advantage Validation Tool)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/C/0/C/C0CBBA88-A6F2-48D9-9B0E-1719D1177202/LegitCheckControl.cab (Windows Genuine Advantage Validation Tool)
O16 - DPF: {1E3F1348-4370-4BBE-A67A-CC7ED824CA85} hxxp://download.microsoft.com/download/7/4/9/749b0dc5-2175-4d5b-a6dd-9c4bc923683e/Selfhelpcontrol.cab (Microsoft Genuine Advantage Self Support Tool)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 1.6.0_35)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_35-windows-i586.cab (Java Plug-in 10.9.2)
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab (JuniperSetupClientControl Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A357FDAD-A89D-4409-AC28-EE05FCD82B89}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Programme\Common Files\microsoft shared\Information Retrieval\msitss.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Programme\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Programme\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009.06.10 22:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{46c78202-3a2e-11e1-96ad-1c4bd63fc0fb}\Shell - "" = AutoRun
O33 - MountPoints2\{46c78202-3a2e-11e1-96ad-1c4bd63fc0fb}\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O33 - MountPoints2\I\Shell - "" = AutoRun
O33 - MountPoints2\I\Shell\AutoRun\command - "" = I:\LaunchU3.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2013.01.02 21:06:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2013.01.01 21:08:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\xca
[2013.01.01 21:08:36 | 000,000,000 | ---D | C] -- C:\Program Files\xca
[2012.12.29 16:34:02 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2012.12.27 15:51:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
[2012.12.27 12:56:44 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2012.12.25 20:19:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
[2012.12.25 16:07:49 | 000,000,000 | ---D | C] -- C:\Users\strama\.thumbnails
[2012.12.22 11:27:59 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.22 11:27:59 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.12.22 10:19:54 | 000,105,728 | ---- | C] (AVM Berlin) -- C:\Windows\System32\drivers\avmaura.sys
[2012.12.12 23:12:34 | 002,382,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2012.12.12 23:12:33 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2012.12.12 23:12:33 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2012.12.12 23:12:32 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe
[2012.12.12 23:12:31 | 001,800,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll
[2012.12.12 23:12:31 | 000,607,744 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2012.12.12 23:12:30 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2012.12.12 23:12:29 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\inetcpl.cpl
[2012.12.12 22:53:05 | 002,345,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2012.12.12 22:52:34 | 000,271,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
[2012.12.12 22:52:33 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winsrv.dll
[2012.12.12 22:52:27 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processthreads-l1-1-0.dll
[2012.12.12 22:52:27 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-sysinfo-l1-1-0.dll
[2012.12.12 22:52:26 | 000,005,120 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-file-l1-1-0.dll
[2012.12.12 22:52:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-synch-l1-1-0.dll
[2012.12.12 22:52:26 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-misc-l1-1-0.dll
[2012.12.12 22:52:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-processenvironment-l1-1-0.dll
[2012.12.12 22:52:26 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-namedpipe-l1-1-0.dll
[2012.12.12 22:52:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-string-l1-1-0.dll
[2012.12.12 22:52:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-rtlsupport-l1-1-0.dll
[2012.12.12 22:52:26 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-profile-l1-1-0.dll
[2012.12.12 22:52:25 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localregistry-l1-1-0.dll
[2012.12.12 22:52:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-memory-l1-1-0.dll
[2012.12.12 22:52:25 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-libraryloader-l1-1-0.dll
[2012.12.12 22:52:25 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-io-l1-1-0.dll
[2012.12.12 22:52:24 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-interlocked-l1-1-0.dll
[2012.12.12 22:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-handle-l1-1-0.dll
[2012.12.12 22:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-fibers-l1-1-0.dll
[2012.12.12 22:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-errorhandling-l1-1-0.dll
[2012.12.12 22:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-delayload-l1-1-0.dll
[2012.12.12 22:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-debug-l1-1-0.dll
[2012.12.12 22:52:24 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-datetime-l1-1-0.dll
[2012.12.12 22:52:23 | 000,006,144 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-security-base-l1-1-0.dll
[2012.12.12 22:52:23 | 000,004,608 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-threadpool-l1-1-0.dll
[2012.12.12 22:52:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-xstate-l1-1-0.dll
[2012.12.12 22:52:23 | 000,003,584 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-heap-l1-1-0.dll
[2012.12.12 22:52:23 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-util-l1-1-0.dll
[2012.12.12 22:52:22 | 000,004,096 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-localization-l1-1-0.dll
[2012.12.12 22:52:21 | 000,003,072 | -H-- | C] (Microsoft Corporation) -- C:\Windows\System32\api-ms-win-core-console-l1-1-0.dll
[2012.12.12 22:51:57 | 000,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dpnet.dll
[2012.12.12 22:51:19 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tzres.dll
[2012.12.09 19:36:36 | 000,000,000 | ---D | C] -- C:\Users\strama\Documents\web
[2012.12.09 16:56:40 | 000,000,000 | ---D | C] -- C:\Users\strama\.FamilySearchIndexing
[2012.12.09 16:56:12 | 000,000,000 | ---D | C] -- C:\Program Files\FamilySearch Indexing
[2012.12.07 23:03:51 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Thunderbird
[2010.07.20 19:03:27 | 002,736,736 | ---- | C] (Conduit Ltd.) -- C:\Program Files\tbsoft.dll
 
========== Files - Modified Within 30 Days ==========
 
[2013.01.03 16:21:00 | 000,001,098 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2013.01.03 16:19:28 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.01.03 16:19:28 | 000,009,888 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.01.03 16:11:39 | 000,065,536 | ---- | M] () -- C:\Windows\System32\Ikeext.etl
[2013.01.03 16:11:39 | 000,001,094 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2013.01.03 16:11:26 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.01.03 16:11:20 | 2615,910,400 | -HS- | M] () -- C:\hiberfil.sys
[2013.01.03 16:10:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.12.31 16:09:32 | 000,000,900 | -HS- | M] () -- C:\ProgramData\KGyGaAvL.sys
[2012.12.31 12:05:46 | 000,007,064 | ---- | M] () -- C:\Users\strama\AppData\Local\recently-used.xbel
[2012.12.31 09:58:32 | 000,671,936 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.12.31 09:58:32 | 000,622,922 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.12.31 09:58:32 | 000,135,284 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.12.31 09:58:32 | 000,111,050 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.12.27 15:50:21 | 000,000,993 | ---- | M] () -- C:\Users\strama\Desktop\PhotoScape.lnk
[2012.12.27 12:58:10 | 000,002,193 | ---- | M] () -- C:\Users\Public\Desktop\BlackBerry Desktop Software.lnk
[2012.12.25 20:19:44 | 000,002,174 | ---- | M] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012.12.25 20:17:43 | 000,002,239 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2012.12.25 11:20:17 | 000,012,288 | -H-- | M] () -- C:\Users\strama\Documents\photothumb.db
[2012.12.22 11:36:42 | 000,481,296 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2012.12.22 10:19:29 | 000,105,728 | ---- | M] (AVM Berlin) -- C:\Windows\System32\drivers\avmaura.sys
[2012.12.17 20:18:19 | 000,002,191 | ---- | M] () -- C:\Users\Public\Desktop\Steuer-Spar- Erklärung 2013.lnk
[2012.12.16 15:13:28 | 000,295,424 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll
[2012.12.16 15:13:20 | 000,034,304 | ---- | M] (Adobe Systems) -- C:\Windows\System32\atmlib.dll
[2012.12.12 10:58:38 | 000,697,272 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.12.12 10:58:38 | 000,073,656 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.12.09 17:08:12 | 000,000,102 | ---- | M] () -- C:\Users\strama\jobq.dat
[2012.12.09 16:56:34 | 000,002,396 | ---- | M] () -- C:\Users\Public\Desktop\FamilySearch Indexing.lnk
 
========== Files Created - No Company Name ==========
 
[2012.12.31 12:05:46 | 000,007,064 | ---- | C] () -- C:\Users\strama\AppData\Local\recently-used.xbel
[2012.12.25 20:19:44 | 000,002,174 | ---- | C] () -- C:\Users\Public\Desktop\Google Earth.lnk
[2012.12.25 11:20:14 | 000,012,288 | -H-- | C] () -- C:\Users\strama\Documents\photothumb.db
[2012.12.09 16:56:55 | 000,000,102 | ---- | C] () -- C:\Users\strama\jobq.dat
[2012.12.09 16:56:34 | 000,002,396 | ---- | C] () -- C:\Users\Public\Desktop\FamilySearch Indexing.lnk
[2011.12.18 14:53:57 | 000,338,432 | ---- | C] () -- C:\Windows\System32\sqlite36_engine.dll
[2011.11.10 20:13:00 | 001,053,848 | ---- | C] () -- C:\Windows\System32\ieconfig_1und1_svc.exe
[2011.06.10 05:34:52 | 000,080,416 | ---- | C] () -- C:\Windows\System32\RtNicProp32.dll
[2010.11.23 13:27:09 | 000,004,096 | -H-- | C] () -- C:\Users\strama\AppData\Local\keyfile3.drm
[2010.07.20 19:03:27 | 000,153,088 | ---- | C] () -- C:\Program Files\UNWISE.EXE
[2010.07.20 19:03:27 | 000,006,836 | ---- | C] () -- C:\Program Files\UNWISE.INI
[2010.07.16 21:39:23 | 000,010,240 | ---- | C] () -- C:\Users\strama\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010.07.13 21:25:57 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010.07.13 20:53:35 | 000,000,900 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2010.07.12 20:01:15 | 000,000,054 | ---- | C] () -- C:\Users\strama\AppData\Roaming\wklnhst.dat
 
========== ZeroAccess Check ==========
 
[2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 05:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
"" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 304 bytes -> C:\Users\strama\Documents\Rund-um-den-Untersberg_01.tif:Updt_SummaryInformation
@Alternate Data Stream - 304 bytes -> C:\Users\strama\Documents\Kuehrointhuette_01.tif:Updt_SummaryInformation

< End of report >
         

Code: Alles auswählenAufklappen

ATTFilter

OTL Extras logfile created on: 03.01.2013 16:17:54 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\strama\Downloads
 Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
 
3,25 Gb Total Physical Memory | 1,82 Gb Available Physical Memory | 56,10% Memory free
6,50 Gb Paging File | 4,91 Gb Available in Paging File | 75,65% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 1376,16 Gb Total Space | 1290,69 Gb Free Space | 93,79% Space Free | Partition Type: NTFS
Drive D: | 20,00 Gb Total Space | 11,67 Gb Free Space | 58,35% Space Free | Partition Type: NTFS
 
Computer Name: STRAMA-PC | User Name: strama | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Extra Registry (SafeList) ==========
 
 
========== File Associations ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
.html [@ = ChromeHTML] -- C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.)
 
[HKEY_USERS\S-1-5-21-3887269607-449999235-3499335998-1000\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
 
========== Shell Spawning ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
https [open] -- "C:\Program Files\Google\Chrome\Application\chrome.exe" -- "%1" (Google Inc.)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MIF5BA~1\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
 
========== Security Center Settings ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
 
========== Firewall Settings ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
"DisableUnicastResponsesToMulticastBroadcast" = 0
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1
 
========== Authorized Applications List ==========
 
 
========== Vista Active Open Ports Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05593F6D-C3C3-4873-B7D3-06E4B23C3F51}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{072D0789-5AD8-458F-BDBC-A6516BCF2500}" = lport=4482 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery | 
"{09547FD7-3172-4297-B765-39B61A917B6D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | 
"{0B065E13-01EC-4A1C-ADF9-94328E538356}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{0EA71A1C-840D-4D4F-BC42-E9FC2938D932}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{1184F647-DB7C-4C13-9566-8021337259FE}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{1A66C7E7-0611-4D57-9B68-08F94C009BE2}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{2D50275C-55FC-4E8D-AA40-CF7936BBE291}" = lport=4481 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer | 
"{388E7134-DFD1-40CC-A0C2-D89D271F5052}" = lport=4481 | protocol=17 | dir=in | name=blackberry desktop software wireless music sync discovery | 
"{41521D07-6F4E-45DA-93A0-FC810062BE13}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{4153E5E2-AA82-4DEB-9E00-04A4D5EEF5AE}" = rport=138 | protocol=17 | dir=out | app=system | 
"{42C9D1FA-616D-48C9-9047-9D455D79D6C9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | 
"{46A47706-E3DE-4E67-BAF2-8A3AE3AF933B}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{47309352-564A-4FD8-8AEB-773539E79935}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{4788A0D0-C664-416A-89AB-F986C1CB06C0}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{4D54AF83-3100-468B-B7AF-D254EB4B3FF4}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=svchost.exe | 
"{550ED9CB-C6B8-424A-8C15-E8F943F1FC60}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{58D5AA45-A3C8-4C3F-BBDB-5574AA60E68E}" = lport=10243 | protocol=6 | dir=in | app=system | 
"{66BC3837-AACA-4187-9A11-F075BAB115A7}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{6805B0D9-EC0B-435B-888C-C89FFC76E1E5}" = lport=138 | protocol=17 | dir=in | app=system | 
"{6B993CAF-98AC-418C-ABA2-5471FDD2E9A3}" = lport=139 | protocol=6 | dir=in | app=system | 
"{75414BB0-10EF-4F11-BBD6-CE9FF1B990B3}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{7FF80036-945E-46D9-B5ED-4E0588567936}" = lport=445 | protocol=6 | dir=in | app=system | 
"{8044DAD5-CAC5-4825-9D24-EAF289BF910C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{90410857-5600-42B1-B79A-C2707B7BBAC7}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{90C17AC3-3BA5-44DF-8BC1-73746301C9E4}" = rport=10243 | protocol=6 | dir=out | app=system | 
"{9A5CAAD0-07BA-4C16-BF15-FEE11BB50329}" = rport=2869 | protocol=6 | dir=out | app=system | 
"{AB17B1A9-440E-4023-A8C4-0D03DF2CC180}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | 
"{ACB1417B-4BF5-489D-AD59-B3BFC7B44102}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{B65F7285-FB11-41A4-95A1-ED7DBDC6685D}" = rport=137 | protocol=17 | dir=out | app=system | 
"{BA559204-A631-4976-A64E-F81D9BACF175}" = rport=3702 | protocol=17 | dir=out | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{BE2ABC08-3535-4767-8E06-EC8CCEB88F5D}" = rport=3702 | protocol=17 | dir=out | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{C3ECAF15-FF91-4E6B-8556-33873E8ACCFF}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{C553DB68-3856-41A9-ACE6-9F0CBDB92593}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe | 
"{C666848F-92EB-4063-87FD-FFAEBAD7B195}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{CBDD47FA-F214-46D4-91FF-F83977139C3A}" = lport=2869 | protocol=6 | dir=in | app=system | 
"{CFAA941A-D1A8-42A8-BCA0-C8656D55CA8B}" = lport=3702 | protocol=17 | dir=in | svc=fdphost | app=%systemroot%\system32\svchost.exe | 
"{D32E505A-EAC0-479B-85C6-B2139B851BC8}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | 
"{D55C6C20-B13F-4F46-8528-364EAF32D200}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{DD9D4827-27D8-4973-A480-737B315314E1}" = lport=3702 | protocol=17 | dir=in | svc=fdrespub | app=%systemroot%\system32\svchost.exe | 
"{DEAB8084-106D-4C30-904A-924F07BCF6EA}" = rport=445 | protocol=6 | dir=out | app=system | 
"{E5E92288-4AC7-4ED6-850E-103D86525820}" = rport=139 | protocol=6 | dir=out | app=system | 
"{E7A64571-86B6-407E-A2D6-5A31D7D87A95}" = lport=4482 | protocol=6 | dir=in | name=blackberry desktop software wireless music sync data transfer | 
"{EFB6F1F6-D1F7-487D-9210-2EE797BAA523}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | 
"{F9FCD141-48D9-44C5-8B6E-3E4D86722442}" = lport=137 | protocol=17 | dir=in | app=system | 
"{FDE8E699-0182-43E6-ADAF-6B7BD89127BE}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
 
========== Vista Active Application Exception List ==========
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{000159F5-3B1C-41BA-87D0-1946CF7BA207}" = protocol=17 | dir=in | app=c:\users\strama\appdata\local\microsoft\windows\temporary internet files\content.ie5\q9p9wyre\videotomp3setup[1].exe | 
"{060043A7-9BAC-44CC-8656-8E8F5AC5513A}" = protocol=6 | dir=out | app=system | 
"{0A997680-54E5-44AD-9488-77BB7F26ED85}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{0DC4C320-F0CD-4B9D-92F3-0E8B95D0B9F5}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe | 
"{133A1847-69CC-48B2-AC32-AED2571CE6DD}" = protocol=6 | dir=in | app=c:\users\strama\appdata\local\apps\2.0\5mr43n9r.h6l\t6oq6a4h.d9l\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe | 
"{185A106F-25F9-402A-B8BD-3D75318DC861}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{1F622B71-7F90-42C2-BA3F-DB33864F1A0B}" = protocol=17 | dir=in | app=c:\program files\brother\bradmin professional 3\auditorserver.exe | 
"{21C5ED80-8DD8-4F3D-BFAB-FC21FA43104D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{2CBE4A30-F56B-4A3A-9942-5F86358FF70D}" = protocol=17 | dir=in | app=c:\program files\1&1\igdctrl.exe | 
"{2E67118A-D3FE-4185-AE26-A60D67F5D7A8}" = protocol=17 | dir=in | app=c:\program files\brother\bradmin professional 3\bradminv3.exe | 
"{336D8CDD-3853-484E-97B8-7C9F3CAA6EF7}" = protocol=17 | dir=in | app=c:\program files\1&1\webwaigd.exe | 
"{344D08EA-6FB4-4A4F-86C1-D08D2FCC0903}" = dir=in | app=c:\program files\skype\phone\skype.exe | 
"{3536806D-2F2D-4FEE-BC97-C64317C9E3A7}" = protocol=6 | dir=in | app=c:\program files\brother\bradmin professional 3\discover.exe | 
"{43A2AF9A-84E2-41F2-9DB7-68C4EC1682A5}" = protocol=6 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe | 
"{456D0CCF-DFA8-449C-8A6B-6E27EA9C3BEA}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{5155D142-1DE7-4D9B-80AC-8EE1EA8C371F}" = protocol=17 | dir=in | app=c:\users\strama\appdata\local\apps\2.0\5mr43n9r.h6l\t6oq6a4h.d9l\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe | 
"{58C92595-2B66-4829-AA3B-638F7D3869D7}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | 
"{5D402F67-9691-4219-8D24-4AE069B212B5}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | 
"{65C5490E-8748-4943-BD49-9C1BF480448A}" = protocol=6 | dir=in | app=c:\program files\1&1\webwaigd.exe | 
"{6DE21592-E2CF-446B-B076-CBB0D858D3AA}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | 
"{6FA1E254-16AC-433A-BFF2-268C0E8882C2}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 | 
"{70810E85-5FE3-49B4-B463-649F14650C98}" = protocol=17 | dir=in | app=c:\program files\brother\bradmin professional 3\discover.exe | 
"{7649BB80-3B28-4E94-8A8A-82C920D0CA4E}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe | 
"{7BF99088-673B-4946-90EB-516761A638DA}" = protocol=6 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe | 
"{7F37C511-D42E-4432-B3E1-20D2420BE6AB}" = protocol=6 | dir=in | app=c:\users\strama\appdata\local\apps\2.0\5mr43n9r.h6l\t6oq6a4h.d9l\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe | 
"{88B88E2F-DB69-43FD-86D5-4CE1AF2BAE63}" = protocol=17 | dir=in | app=c:\users\strama\appdata\local\apps\2.0\5mr43n9r.h6l\t6oq6a4h.d9l\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe | 
"{898CED55-A8A9-43AB-9F0D-1CC763CB5BA4}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe | 
"{89BCC88D-E04E-46E4-8539-C5D35623D5C6}" = protocol=17 | dir=in | app=c:\program files\research in motion\blackberry desktop\rim.desktop.exe | 
"{8A516A9E-16B9-4BBF-B028-17163B2692DC}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe | 
"{92C0F0F0-FC41-4CE9-A442-9CD9C3776F25}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{93034AA9-3BBB-4CFE-A1DC-299501A49E24}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{94080D8A-652C-44E2-B71B-4E263052DA64}" = protocol=6 | dir=in | app=c:\program files\1&1\igdctrl.exe | 
"{97583628-0A6C-4368-B86D-143594D4DE37}" = protocol=6 | dir=in | app=c:\users\strama\appdata\local\microsoft\windows\temporary internet files\content.ie5\q9p9wyre\videotomp3setup[1].exe | 
"{99E64B18-C17D-41D6-905D-EA95D449445E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9AE62194-B004-4116-9672-8740634910F2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{9CE53C92-1F50-43E1-A5DB-3C3169AD1E48}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{A12080E3-356F-42D7-9E69-A4D9D540F553}" = protocol=17 | dir=in | app=c:\program files\1&1\fboxupd.exe | 
"{AE0ACC4A-5804-4B36-9857-EB29CA43F26F}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | 
"{AFE5136E-A1B7-47BB-94D9-F1189AC5C53A}" = protocol=17 | dir=in | app=c:\users\strama\appdata\local\apps\2.0\5mr43n9r.h6l\t6oq6a4h.d9l\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe | 
"{B5DC12BD-8E11-42A7-BB7D-6FD258D0E072}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"{C66B2A4B-33E9-479E-94B5-F840AD459EC4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{C8AE749E-07D1-4738-AFB5-9FFA97D35E1C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{C93BF3BA-2BA6-4281-A35F-4F0741F6ECB4}" = protocol=6 | dir=in | app=c:\program files\1&1\fboxupd.exe | 
"{C9FDFD59-4872-452F-A19A-24671EA09C44}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{CFBC3A5D-598F-4F41-A0AD-C2C809347BAC}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{D3C99221-09FE-4AF6-9117-1A3ADE64FC4F}" = dir=in | app=c:\program files\common files\apple\apple application support\webkit2webprocess.exe | 
"{D64BDD8C-502D-40DE-A941-23281202E657}" = protocol=6 | dir=in | app=c:\program files\brother\bradmin professional 3\auditorserver.exe | 
"{DB7201A5-1371-4A49-B018-57662E516EB0}" = protocol=6 | dir=in | app=c:\users\strama\appdata\local\apps\2.0\5mr43n9r.h6l\t6oq6a4h.d9l\frit..tion_8488884cfbcefd60_0002.0002_8541bf1f4a1c673d\fritzbox-usb-fernanschluss.exe | 
"{EBAB9B18-6FD4-4672-A402-FB0AEC0C4A0C}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe | 
"{EECCD701-EA4E-437D-B846-949F17D28008}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | 
"{F038F13A-59A6-4CB3-9F64-7DE841A2685E}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | 
"{F1725CF7-75D7-4E90-9A41-21ED12E97BF5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | 
"{F9E9505C-55AC-43B6-B978-7BB2180F90F3}" = protocol=6 | dir=in | app=c:\program files\brother\bradmin professional 3\bradminv3.exe | 
"{FC4EC447-7172-4B8E-B835-5AFAE46E538C}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | 
"{FD185865-53C1-4A27-9C30-CA4B24B89FAF}" = protocol=17 | dir=in | app=c:\program files\logitech\logitech vid\vid.exe | 
"TCP Query User{1BEE4C42-987A-4A8D-8B92-7EE3891E8C7E}C:\users\strama\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\strama\appdata\local\akamai\netsession_win.exe | 
"TCP Query User{22CF6700-8A5D-4FAD-B45C-3372966194B6}C:\windows\system32\wfs.exe" = protocol=6 | dir=in | app=c:\windows\system32\wfs.exe | 
"TCP Query User{26D96076-F123-44F0-A5D9-41611F732826}C:\program files\sopcast\adv\sopadver.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"TCP Query User{3FC8F9EE-6C2A-4209-85FF-A0F196E94853}C:\program files\real\realplayer\realplay.exe" = protocol=6 | dir=in | app=c:\program files\real\realplayer\realplay.exe | 
"TCP Query User{854C5CC8-B4A3-4DCB-A9AC-A10506917C61}C:\program files\fritz!box monitor\fritzboxmonitor.exe" = protocol=6 | dir=in | app=c:\program files\fritz!box monitor\fritzboxmonitor.exe | 
"TCP Query User{AD7D6266-AFF2-49CC-8A78-C90B7D7D6DFF}C:\program files\sopcast\sopcast.exe" = protocol=6 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"TCP Query User{B2D7FEC8-88B9-421B-925D-58C4890A5115}C:\program files\mozilla firefox\plugin-container.exe" = protocol=6 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | 
"TCP Query User{D483F6C2-35FF-4D07-9B2A-68F929DE73AC}C:\program files\google\google earth\client\googleearth.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"TCP Query User{D9FD96D1-613E-4E2E-968C-5D075E222579}C:\users\strama\appdata\local\apps\2.0\5mr43n9r.h6l\t6oq6a4h.d9l\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe" = protocol=6 | dir=in | app=c:\users\strama\appdata\local\apps\2.0\5mr43n9r.h6l\t6oq6a4h.d9l\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe | 
"TCP Query User{DBCAE6E3-8FCB-4979-8DC7-8DCB33951FE0}C:\users\strama\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=c:\users\strama\appdata\local\akamai\netsession_win.exe | 
"TCP Query User{DF8F56E1-71C5-4BA8-8B24-A43207EB0118}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=6 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"TCP Query User{E85204DC-4ABA-4CD7-8015-670B81E6ED86}C:\program files\fritz!box monitor\fritzboxmonitor.exe" = protocol=6 | dir=in | app=c:\program files\fritz!box monitor\fritzboxmonitor.exe | 
"TCP Query User{EB48B212-80F2-477F-8E6D-1BF9468962EA}C:\program files\microsoft office\office12\groove.exe" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"TCP Query User{ED7476C9-DB56-461F-ABE1-75C77BA7AC5B}C:\windows\system32\wfs.exe" = protocol=6 | dir=in | app=c:\windows\system32\wfs.exe | 
"TCP Query User{F1F7A3C5-F282-4B8B-B51D-66D4EBC8155D}C:\program files\1&1\1&1 multimessenger\messengr.exe" = protocol=6 | dir=in | app=c:\program files\1&1\1&1 multimessenger\messengr.exe | 
"UDP Query User{2F98C311-2AFB-4727-9C0A-6175E3B043F6}C:\program files\microsoft office\office12\groove.exe" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe | 
"UDP Query User{3B2E2E7F-4B08-4141-881C-5EBABA302664}C:\users\strama\appdata\local\apps\2.0\5mr43n9r.h6l\t6oq6a4h.d9l\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe" = protocol=17 | dir=in | app=c:\users\strama\appdata\local\apps\2.0\5mr43n9r.h6l\t6oq6a4h.d9l\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe | 
"UDP Query User{4D4B183A-1721-4535-B07C-EA890885DFAF}C:\program files\real\realplayer\realplay.exe" = protocol=17 | dir=in | app=c:\program files\real\realplayer\realplay.exe | 
"UDP Query User{51FBA5A7-6358-4A65-9027-5041C4B094B5}C:\users\strama\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\strama\appdata\local\akamai\netsession_win.exe | 
"UDP Query User{5896AA4B-0419-4C06-9061-F4B0A748C654}C:\program files\fritz!box monitor\fritzboxmonitor.exe" = protocol=17 | dir=in | app=c:\program files\fritz!box monitor\fritzboxmonitor.exe | 
"UDP Query User{651CC38D-6911-4283-A0E6-EAF04A3D2F4D}C:\program files\fritz!box monitor\fritzboxmonitor.exe" = protocol=17 | dir=in | app=c:\program files\fritz!box monitor\fritzboxmonitor.exe | 
"UDP Query User{7E6E38C5-D1FB-4D0B-8D70-A999E20289C4}C:\users\strama\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=c:\users\strama\appdata\local\akamai\netsession_win.exe | 
"UDP Query User{85311929-8513-4FEE-8A6A-7659E283BC6A}C:\program files\sopcast\sopcast.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\sopcast.exe | 
"UDP Query User{92F5841B-C246-4EF9-A226-DB58FB49E0BE}C:\program files\google\google earth\plugin\geplugin.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\plugin\geplugin.exe | 
"UDP Query User{9FDF8D0B-1DC3-4F03-89D8-5405F8EE0CB3}C:\program files\mozilla firefox\plugin-container.exe" = protocol=17 | dir=in | app=c:\program files\mozilla firefox\plugin-container.exe | 
"UDP Query User{A75151F1-EBF4-405F-8626-B5058F25AAA3}C:\program files\sopcast\adv\sopadver.exe" = protocol=17 | dir=in | app=c:\program files\sopcast\adv\sopadver.exe | 
"UDP Query User{AEF13514-51D7-4BC2-BC15-E95085CB9D35}C:\windows\system32\wfs.exe" = protocol=17 | dir=in | app=c:\windows\system32\wfs.exe | 
"UDP Query User{BCE67282-AD29-4A14-957E-2569875B14D0}C:\program files\google\google earth\client\googleearth.exe" = protocol=17 | dir=in | app=c:\program files\google\google earth\client\googleearth.exe | 
"UDP Query User{E7037B7B-FBCC-4B90-AA37-C7A17B55AB31}C:\program files\1&1\1&1 multimessenger\messengr.exe" = protocol=17 | dir=in | app=c:\program files\1&1\1&1 multimessenger\messengr.exe | 
"UDP Query User{F7A80FA3-107B-40BB-8594-F7102DCCD8BC}C:\windows\system32\wfs.exe" = protocol=17 | dir=in | app=c:\windows\system32\wfs.exe | 
 
========== HKEY_LOCAL_MACHINE Uninstall List ==========
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"_{806422F8-8E0A-494A-A369-0F34F1B89160}" = CorelDRAW Essentials 4 - Extra Content
"_{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4
"{07B62101-7EBD-434A-94B1-B38063BE5516}" = CorelDRAW Essentials 4 - PHOTO-PAINT
"{0ED4216F-3540-4D6B-8199-1C8DDEA3924B}" = CorelDRAW Essentials 4 - Lang DE
"{1280E900-35DA-4E08-A700-B79A5B2B8532}" = Microsoft Antimalware Service DE-DE Language Pack
"{1433046A-BAE7-EBC6-4CAE-9A7BD0C3A35D}" = CCC Help Finnish
"{14ECAABB-C8B9-4A09-92F7-CDF1A45B6DDE}" = Google Drive
"{19AC095C-3520-4999-AA15-93B6D0248A50}" = CorelDRAW Essentials 4 - Content
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{2185FA57-3EF4-434A-8D59-7063B11FA3C7}" = BlackBerry App World Browser Plugin
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{235211CA-D0E3-4EC8-95D4-C024CE37537C}" = WISO Mein Geld 2012 Professional
"{26A24AE4-039D-4CA4-87B4-2F83216033FF}" = Java(TM) 6 Update 35
"{26A24AE4-039D-4CA4-87B4-2F83217007FF}" = Java 7 Update 9
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2c2f4c57-83a8-4790-a281-e83d306a9199}" = Gigaset QuickSync
"{2D87E961-577B-492B-AD54-1368680FB9A7}" = Bing Maps 3D
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{2EF095CE-24AF-4AAA-BB82-85F988EC51C0}" = 1und1 Internet Explorer Add-On
"{32E00E5E-22B1-4D5A-9DC2-CD75E087A5E6}" = Steuer-Spar-Erklärung 2009
"{34A9406E-1994-4C20-AC72-04CFA2B24545}" = CorelDRAW Essentials 4 - Lang EN
"{3576C335-958D-4D60-A812-F68F9A2796AF}" = CorelDRAW Essentials 4 - Lang IT
"{39D0E034-1042-4905-BECB-5502909FCB7C}" = Microsoft Works
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{3E6F0CAD-EE38-42A5-9EEA-AE17A55BF2D4}" = Firebird SQL Server - MAGIX Edition
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{41E654A9-26D0-4EAC-854B-0FA824FFFABB}" = Windows Live Messenger
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4D66F66A-D5FA-15A2-F6E5-5589BD7E29AA}" = Catalyst Control Center InstallProxy
"{4E9F7AD8-E3EC-4636-BD25-A5AD97E73C64}" = FRITZ!Box starter
"{4F5B18A3-E921-4FFE-BEF4-ACBB98964FC2}" = AMD USB Filter Driver
"{50779A29-834E-4E36-BBEB-B7CABC67A825}" = Microsoft Security Client DE-DE Language Pack
"{54873998-9F2C-4D2F-2CC1-BEE8D9D9FC73}" = ccc-utility
"{5500BB35-1C21-4328-9F16-F894B860FADE}" = CorelDRAW Essentials 4 - Lang NL
"{5B680750-760B-49E4-81E7-21B2B337F9F7}" = Microsoft Works
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6F545E5E-4595-11E2-93B6-B8AC6F97B88E}" = Google Earth
"{75C885D4-C758-4896-A3B4-90DA34B44C31}" = BRAdmin Professional 3
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{76E852ED-1B06-4BC8-9D6A-625DB95FB7E5}" = CorelDRAW Essentials 4 - IPM - No VBA
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{77A2EA4C-F1DD-BBA7-F816-BD76EA3C08DF}" = CCC Help French
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7A3E6E1C-CF5A-4CE9-B8D6-A2F9B7BA18FC}" = BlackBerry Desktop Software 7.1
"{806422F8-8E0A-494A-A369-0F34F1B89160}" = CorelDRAW Essentials 4 - Extra Content
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{88A34D88-1A75-8C9D-A26E-F283436AC0A6}" = ATI Catalyst Install Manager
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8C1969E4-3533-3735-B5DF-82F24164203C}" = CCC Help Japanese
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-0020-0407-0000-0000000FF1CE}" = Compatibility Pack für 2007 Office System
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{9043B9A0-9505-405B-8202-E7167A38A89C}" = CorelDRAW Essentials 4
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{98EABC7F-B1A1-43A5-B505-5B4EC3908DCD}" = Microsoft Security Client
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C516706-B1CC-EBFC-A0CB-02E1FF5FC0FC}" = CCC Help Danish
"{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center
"{9D8004FF-B214-18C6-4473-4993230B11D5}" = CCC Help Norwegian
"{9E3C6E9F-26C9-F771-36B5-2065515AA7C2}" = CCC Help Dutch
"{9F5FD796-86F0-4360-85F8-D54C0F5411EB}" = Steuer-Spar-Erklärung 2011
"{A17EABB6-D0C6-44E5-820C-72DC7F495064}" = PaperPort
"{A81FC45F-6431-CFD2-2FEF-B259C3B8DEB4}" = Catalyst Control Center Graphics Light
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{ABD8B955-1C69-4AF3-949B-13CD587C175F}" = CorelDRAW Essentials 4 - Lang BR
"{AC76BA86-7AD7-1031-7B44-AA1000000001}" = Adobe Reader X (10.1.4) - Deutsch
"{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9
"{ACCC042D-A515-F15A-44DC-B8916D269A53}" = Catalyst Control Center Localization All
"{AEB61F7A-4BBA-4292-A096-7893E09034A4}" = Steuer-Spar-Erklärung 2013
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}" = AAVUpdateManager
"{B2544A03-10D0-4E5E-BA69-0362FFC20D18}" = OGA Notifier 2.0.0048.0
"{B9FA9F15-A1F3-4DB1-AD49-0B9351843FAA}" = CorelDRAW Essentials 4 - Draw
"{BA67EF42-DC5C-18EE-5DB4-7EB3987589BC}" = Catalyst Control Center Core Implementation
"{BA9319FE-BCEF-4C99-8039-F464648D046E}" = CorelDRAW Essentials 4 - Lang FR
"{BAC80EF3-E106-4AEA-8C57-F217F9BC7358}" = Microsoft SQL Server 2005 Compact Edition [DEU]
"{BC37B94A-1C40-D769-0E53-157C3FF481C6}" = CCC Help German
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C0237AA4-1BFB-46EA-860D-7B0EB365CA13}" = CorelDRAW Essentials 4 - ICA
"{C170B7B5-9720-C191-F5FA-981C3FACAED6}" = CCC Help English
"{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}" = Logitech Webcam Software
"{C49067A8-8212-4A82-A4D9-1519701644F0}" = Citrix Presentation Server Client - Nur Web
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C5346D3C-C9FF-A4FD-FDDB-A36DE137A513}" = CCC Help Italian
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C682F3F0-00A6-4379-B083-4F3273624D7B}" = CorelDRAW Essentials 4 - Lang ES
"{C779648B-410E-4BBA-B75B-5815BCEFE71D}" = Safari
"{CB5167B0-61DF-D5EA-E1C4-438D869D0B4A}" = ccc-core-static
"{CCD2BAD2-0919-40CB-80CC-E9538B0E4C2E}" = Steuer-Spar-Erklärung 2012
"{D443CF18-21ED-8648-CB98-B338EF0D8A51}" = CCC Help Swedish
"{D8104EB7-EA8D-08D1-9A69-717E2F2E86F9}" = Catalyst Control Center Graphics Full New
"{D8D76911-AA3A-62C8-8E1B-F94A518BD27D}" = Catalyst Control Center Graphics Previews Vista
"{D8E1DFEE-622B-46BA-AEFF-AB7E541C0B21}" = Steuer-Spar-Erklärung 2010
"{D94A8E22-DF2B-4107-9E51-608A60A7671D}" = Personal Ancestral File 5
"{DBA8B9E1-C6FF-4624-9598-73D3B41A0903}" = Microsoft Picture It! Foto Premium 9
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E3D04529-6EDB-11D8-A372-0050BAE317E1}" = CyberLink PowerDVD Copy
"{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}" = Microsoft Office Suite Activation Assistant
"{EA17F4FC-FDBF-4CF8-A529-2D983132D053}" = Skype™ 6.0
"{EC27B0C8-F3B7-95BD-96B8-A8D8C78A94B8}" = Catalyst Control Center Graphics Full Existing
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F16841F6-5F0F-4DBE-B318-63CEB916F21D}" = CorelDRAW Essentials 4 - Filters
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F5266D28-E0B2-4130-BFC5-EE155AD514DC}" = Apple Application Support
"{F6A6DFF9-F71C-4BA6-B437-F18872866D3D}" = Bing Bar
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F92DBD0E-7769-3E62-3526-45ED37E0A921}" = CCC Help Spanish
"{FD207C2C-A7FF-332A-AC85-5A5ACED6F31B}" = Google Talk Plugin
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"0591-8077-9297-0833" = FamilySearch Indexing 3.15.1
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.5
"AVMFBoxMonitor" = AVM FRITZ!Box Monitor
"BlackBerry_Desktop" = BlackBerry Desktop Software 7.1
"Do Not Track Plus Add-on_is1" = Do Not Track Plus Add-on 1.0.5570.0305
"DragonUnPACKer5_is1" = Dragon UnPACKer 5
"ENTERPRISE" = Microsoft Office Enterprise 2007
"FileZilla Client" = FileZilla Client 3.5.3
"FX - Video To Mp3" = FoxTab Video To MP3 Converter (remove only)
"GIMP-2_is1" = GIMP 2.8.0
"Google Chrome" = Google Chrome
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"Juniper Network Connect 6.5.0" = Juniper Networks Network Connect 6.5.0
"Juniper_Setup_Client Activex Control" = Juniper Networks Setup Client Activex Control
"McAfee Security Scan" = McAfee Security Scan Plus
"MEDION Fotos auf CD & DVD SE Nord D" = MEDION Fotos auf CD & DVD SE Nord
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Security Client" = Microsoft Security Essentials
"Mozilla Firefox 17.0.1 (x86 de)" = Mozilla Firefox 17.0.1 (x86 de)
"Mozilla Thunderbird 17.0 (x86 de)" = Mozilla Thunderbird 17.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"PhotoScape" = PhotoScape
"Picasa 3" = Picasa 3
"PictureIt_v9" = Microsoft Picture It! Foto Premium 9
"PlayerPlus" = PlayerPlus
"RealPlayer 15.0" = RealPlayer
"Revo Uninstaller" = Revo Uninstaller 1.94
"ST6UNST #1" = Urlaubsplaner
"SysadmV10" = Sysadm
"WinLiveSuite_Wave3" = Windows Live Essentials
"WISO Mein Geld 2012 Professional" = WISO Mein Geld 2012 Professional
"Works2004Setup" = Setup-Start von Microsoft Works 2004
"xca" = XCA (remove only)
 
========== HKEY_USERS Uninstall List ==========
 
[HKEY_USERS\S-1-5-21-3887269607-449999235-3499335998-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Akamai" = Akamai NetSession Interface
"f018cf21c0452c64" = FRITZ!Box USB-Fernanschluss
"Juniper_Setup_Client" = Juniper Networks, Inc. Setup Client
"Neoteris_Host_Checker" = Juniper Networks Host Checker
 
========== Last 20 Event Log Errors ==========
 
[ Application Events ]
Error - 31.03.2012 04:39:47 | Computer Name = strama-PC | Source = Application Error | ID = 1000
Error - 01.04.2012 01:53:02 | Computer Name = strama-PC | Source = Application Error
 | ID = 1000
 
Description = Name der fehlerhaften Anwendung: pplinks.exe, Version: 9.2.0.814, Zeitstempel: 0x404e4b51
Name des fehlerhaften Moduls: EZFax.g32_unloaded, Version: 0.0.0.0, Zeitstempel: 0x404e4a27
Ausnahmecode: 0xc0000005
Fehleroffset: 0x2006e930
ID des fehlerhaften Prozesses: 0x280
Startzeit der fehlerhaften Anwendung: 0x01cd0fcba4782cc8
Pfad der fehlerhaften Anwendung: C:\Program Files\ScanSoft\PaperPort\pplinks.exe
Pfad des fehlerhaften Moduls: EZFax.g32
Berichtskennung: f12feba2-7bbe-11e1-9f14-40618699f1e3
Error - 01.04.2012 06:09:52 | Computer Name = strama-PC | Source = Application Error
 | ID = 1000
 
Error - 04.04.2012 14:07:53 | Computer Name = strama-PC | Source = Application Error | ID = 1000
Error - 05.04.2012 12:45:01 | Computer Name = strama-PC | Source = Application Hang
 | ID = 1002
 
Description = Programm WINWORD.EXE, Version 12.0.6612.1000 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 25f8

Startzeit: 01cd1315f7fbcd9a

Endzeit: 0

Anwendungspfad: C:\PROGRA~1\MIF5BA~1\Office12\WINWORD.EXE

Berichts-ID: a378e6b1-7f3e-11e1-81ac-ccdd92d065ec

Error - 06.04.2012 03:42:50 | Computer Name = strama-PC | Source = Application Error
 | ID = 1000
 
Error - 06.04.2012 10:10:11 | Computer Name = strama-PC | Source = Application Error | ID = 1000
Description = Name der fehlerhaften Anwendung: CLVIEW.EXE, Version: 12.0.6606.1000,
 Zeitstempel: 0x4e266677  Name des fehlerhaften Moduls: mswsock.dll, Version: 6.1.7601.17514,
 Zeitstempel: 0x4ce7b8e8  Ausnahmecode: 0xc0000005  Fehleroffset: 0x00002ec3  ID des fehlerhaften
 Prozesses: 0x19ec  Startzeit der fehlerhaften Anwendung: 0x01cd13fef9aa3c3f  Pfad der
 fehlerhaften Anwendung: C:\Program Files\Microsoft Office\Office12\CLVIEW.EXE  Pfad
 des fehlerhaften Moduls: C:\Windows\system32\mswsock.dll  Berichtskennung: 38c09848-7ff2-11e1-827a-40618699f1e3
 
Error - 07.04.2012 08:13:24 | Computer Name = strama-PC | Source = Application Error | ID = 1000
Error - 08.04.2012 03:56:12 | Computer Name = strama-PC | Source = Application Hang
 | ID = 1002
 
Description = Programm Fresh.exe, Version 3.4.1.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 14b0

Startzeit: 01cd155c9cdd1879

Endzeit: 0

Anwendungspfad: C:\Program Files\NAVIGON\NAVIGON Fresh\bin\Fresh.exe

Berichts-ID: 

Error - 08.04.2012 04:18:18 | Computer Name = strama-PC | Source = Microsoft-Windows-LoadPerf
 | ID = 3001
 
Description = Die Namenszeichenfolgenwert für den Leistungsindikator in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "8470". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.
Error - 08.04.2012 04:18:18 | Computer Name = strama-PC | Source = Microsoft-Windows-LoadPerf
 | ID = 3001
 
Description = Die Namenszeichenfolgenwert für den Leistungsindikator in der Registrierung ist falsch formatiert. Die falsch formatierte Zeichenfolge ist "8470". Das erste DWORD im Datenbereich enthält den Indexwert für die falsch formatierte Zeichenfolge, während das zweite und dritte DWORD im Datenbereich die letzten gültigen Indexwerte enthalten.
Error - 08.04.2012 04:24:29 | Computer Name = strama-PC | Source = Application Hang
 | ID = 1002
 
Description = Programm werfault.exe, Version 6.1.7600.16385 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1444

Startzeit: 01cd15609cc4bf9d

Endzeit: 0

Anwendungspfad: C:\Windows\system32\werfault.exe

Berichts-ID: f6c8acbb-8153-11e1-96e5-40618699f1e3

Error - 08.04.2012 04:24:29 | Computer Name = strama-PC | Source = Application Hang
 | ID = 1002
 
Description = Programm Fresh.exe, Version 3.4.1.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 170c

Startzeit: 01cd155f685fff19

Endzeit: 0

Anwendungspfad: C:\Program Files\NAVIGON\NAVIGON Fresh\bin\Fresh.exe

Berichts-ID: 

Error - 08.04.2012 04:52:28 | Computer Name = strama-PC | Source = Application Hang
 | ID = 1002
 
Description = Programm Fresh.exe, Version 3.4.1.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: e70

Startzeit: 01cd15645d0caa20

Endzeit: 0

Anwendungspfad: C:\Program Files\NAVIGON\NAVIGON Fresh\bin\Fresh.exe

Berichts-ID: d668200e-8157-11e1-8967-40618699f1e3

Error - 08.04.2012 10:05:58 | Computer Name = strama-PC | Source = Application Error
 | ID = 1000
 
[ Media Center Events ]
Error - 20.10.2010 01:01:05 | Computer Name = strama-PC | Source = MCUpdate | ID = 0
Description = 07:01:05 - Fehler beim Herstellen der Internetverbindung.  07:01:05 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 20.10.2010 01:01:12 | Computer Name = strama-PC | Source = MCUpdate | ID = 0
Description = 07:01:10 - Fehler beim Herstellen der Internetverbindung.  07:01:10 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 20.10.2010 02:04:15 | Computer Name = strama-PC | Source = MCUpdate | ID = 0
Description = 08:04:15 - Fehler beim Herstellen der Internetverbindung.  08:04:15 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 20.10.2010 02:04:22 | Computer Name = strama-PC | Source = MCUpdate | ID = 0
Description = 08:04:20 - Fehler beim Herstellen der Internetverbindung.  08:04:20 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 20.10.2010 03:07:25 | Computer Name = strama-PC | Source = MCUpdate | ID = 0
Description = 09:07:25 - Fehler beim Herstellen der Internetverbindung.  09:07:25 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 20.10.2010 03:07:32 | Computer Name = strama-PC | Source = MCUpdate | ID = 0
Description = 09:07:30 - Fehler beim Herstellen der Internetverbindung.  09:07:30 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 18.01.2011 10:51:44 | Computer Name = strama-PC | Source = MCUpdate | ID = 0
Description = 15:51:44 - Fehler beim Herstellen der Internetverbindung.  15:51:44 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 18.01.2011 10:51:56 | Computer Name = strama-PC | Source = MCUpdate | ID = 0
Description = 15:51:49 - Fehler beim Herstellen der Internetverbindung.  15:51:49 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 18.01.2011 11:55:00 | Computer Name = strama-PC | Source = MCUpdate | ID = 0
Description = 16:55:00 - Fehler beim Herstellen der Internetverbindung.  16:55:00 
-     Serververbindung konnte nicht hergestellt werden..  
 
Error - 18.01.2011 11:55:07 | Computer Name = strama-PC | Source = MCUpdate | ID = 0
Description = 16:55:05 - Fehler beim Herstellen der Internetverbindung.  16:55:05 
-     Serververbindung konnte nicht hergestellt werden..  
 
[ OSession Events ]
Error - 17.07.2010 09:45:41 | Computer Name = strama-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6535.5005, Microsoft Office Version: 12.0.6425.1000. This session lasted 234
 seconds with 180 seconds of active time.  This session ended with a crash.
 
Error - 21.03.2011 05:37:03 | Computer Name = strama-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6550.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 62
 seconds with 60 seconds of active time.  This session ended with a crash.
 
Error - 04.01.2012 18:25:13 | Computer Name = strama-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6545.5000, Microsoft Office Version: 12.0.6425.1000. This session lasted 21858
 seconds with 120 seconds of active time.  This session ended with a crash.
 
Error - 15.04.2012 06:37:20 | Computer Name = strama-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
 12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 13
 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error - 15.07.2012 14:58:05 | Computer Name = strama-PC | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
 12.0.6661.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 817
 seconds with 720 seconds of active time.  This session ended with a crash.
 
[ System Events ]
Error - 30.12.2012 04:31:45 | Computer Name = strama-PC | Source = Service Control Manager | ID = 7043
Description = Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements
 nicht richtig heruntergefahren werden.
 
Error - 30.12.2012 12:06:20 | Computer Name = strama-PC | Source = ipnathlp | ID = 31004
Description = 
 
Error - 30.12.2012 12:06:20 | Computer Name = strama-PC | Source = ipnathlp | ID = 31004
Description = 
 
Error - 31.12.2012 04:52:00 | Computer Name = strama-PC | Source = Service Control Manager | ID = 7043
Description = Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements
 nicht richtig heruntergefahren werden.
 
Error - 31.12.2012 04:58:45 | Computer Name = strama-PC | Source = Service Control Manager | ID = 7043
Description = Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements
 nicht richtig heruntergefahren werden.
 
Error - 31.12.2012 05:06:47 | Computer Name = strama-PC | Source = Service Control Manager | ID = 7043
Description = Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements
 nicht richtig heruntergefahren werden.
 
Error - 31.12.2012 11:51:58 | Computer Name = strama-PC | Source = ipnathlp | ID = 31004
Description = 
 
Error - 01.01.2013 05:07:58 | Computer Name = strama-PC | Source = Service Control Manager | ID = 7043
Description = Der Dienst Windows Update konnte nach dem Empfang eines Preshutdown-Steuerelements
 nicht richtig heruntergefahren werden.
 
Error - 01.01.2013 10:55:09 | Computer Name = strama-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?01.?01.?2013 um 15:48:22 unerwartet heruntergefahren.
 
Error - 02.01.2013 13:13:36 | Computer Name = strama-PC | Source = ipnathlp | ID = 31004
Description = 
 
 
< End of report >