| |
| |||||||
Log-Analyse und Auswertung: Spybots Fehlersuche vertrauen?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
11.04.2013, 13:27
| #1 |
| |  Spybots Fehlersuche vertrauen? Hallo ich habe mir einige unnütze Programme (yontoo, wajam, tarma Installer, adawaretb) eingefangen. Kann man nach euerer Erfahrung ohne weiteres bei spybot "Auserwähltes Beheben" aktivieren? Bei adwcleaner habe ich ähnliche Eibnträge im Logfile. Kann ich auch mit diesem Programm den Menupunkt "löschen" aktivieren, um die überflüssigen Einträge loszuwerden? Ein Rat von Euch würde mich freuen! Viele Grüße schlappi2 PS: ein Scan mit malewarebyte, Emsisoft Emergency Kit scanner ergab keine Beanstandungen. |
|
12.04.2013, 03:17
| #2 | |
| /// TB-Ausbilder   | Spybots Fehlersuche vertrauen? Hi,
__________________Zitat:
Falls ich mir den Rechner danach noch anschauen soll, dann mach bitte noch einen OTL-Scan: Lade dir bitte OTL (von Oldtimer) herunter und speichere es auf deinen Desktop.
__________________ |
|
12.04.2013, 08:51
| #3 |
| | Spybots Fehlersuche vertrauen? Hallo Leo,
__________________herzlichen Dank, dass Du Dich meines Problems annimmst. Wie Du mir angeboten hast poste ich die beiden Files. Mit dem adw Cleaner konnte ich viele Einträge erfolgreich beseitigen. Vielen Dank für die Unbedenklichkeitserklärung!!! Gilt das gleiche auch für spybot??? Hier die old.txt (ich hoffe wegen eder Größe keine Zumutung für Dich) Viele Grüße schlappi2 OLD.txtOTL Logfile: Code:
ATTFilter OTL logfile created on: 12.04.2013 09:45:00 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = D:\Benutzer\Hubertus\Downloads 64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16540) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7,88 Gb Total Physical Memory | 5,28 Gb Available Physical Memory | 67,04% Memory free 15,88 Gb Paging File | 12,73 Gb Available in Paging File | 80,19% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86) Drive C: | 160,60 Gb Total Space | 114,17 Gb Free Space | 71,09% Space Free | Partition Type: NTFS Drive D: | 292,97 Gb Total Space | 225,94 Gb Free Space | 77,12% Space Free | Partition Type: NTFS Computer Name: DELL-PC | User Name: Hubertus | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.04.12 09:20:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Benutzer\Hubertus\Downloads\OTL.exe PRC - [2013.04.10 08:56:41 | 000,920,472 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe PRC - [2013.04.07 11:55:50 | 000,068,608 | ---- | M] (IvoSoft) -- C:\Programme\Classic Shell\ClassicShellService.exe PRC - [2013.03.18 03:25:46 | 001,236,336 | ---- | M] (Lavasoft Limited) -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe PRC - [2013.03.18 03:25:44 | 018,828,128 | ---- | M] (Lavasoft Limited) -- C:\PROGRA~2\AD-AWA~1\AdAware.exe PRC - [2013.03.13 15:33:30 | 000,187,912 | ---- | M] (Dell Products, LP.) -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe PRC - [2013.03.12 09:05:50 | 029,106,336 | ---- | M] (Dropbox, Inc.) -- D:\Benutzer\Hubertus\AppData\Roaming\Dropbox\bin\Dropbox.exe PRC - [2013.03.06 17:30:43 | 010,220,896 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe PRC - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe PRC - [2013.03.06 17:22:26 | 000,185,696 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe PRC - [2013.02.21 17:58:16 | 000,322,032 | ---- | M] (AVM Berlin) -- D:\Benutzer\Hubertus\AppData\Local\Apps\2.0\DMC7CP1J.M8B\OC53C76K.YQ2\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe PRC - [2013.02.19 12:05:23 | 000,213,384 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe PRC - [2013.02.19 11:53:08 | 000,162,856 | ---- | M] (Geek Software GmbH) -- C:\Program Files (x86)\PDF24\pdf24.exe PRC - [2013.02.11 19:48:56 | 000,311,184 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe PRC - [2013.01.31 17:11:58 | 000,542,632 | ---- | M] (Lavasoft) -- C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe PRC - [2013.01.26 08:08:30 | 004,480,768 | ---- | M] (Akamai Technologies, Inc.) -- D:\Benutzer\Hubertus\AppData\Local\Akamai\netsession_win.exe PRC - [2013.01.23 23:22:28 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe PRC - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe PRC - [2012.12.14 16:49:28 | 000,512,360 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe PRC - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe PRC - [2012.11.13 14:08:12 | 003,487,240 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe PRC - [2012.11.13 14:08:08 | 003,825,176 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe PRC - [2012.11.13 14:07:24 | 000,168,384 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe PRC - [2012.11.13 14:07:20 | 001,369,624 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe PRC - [2012.11.13 14:07:16 | 001,103,392 | ---- | M] (Safer-Networking Ltd.) -- C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe PRC - [2012.09.20 05:39:12 | 003,677,000 | ---- | M] (GFI Software) -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe PRC - [2012.03.07 01:28:30 | 000,577,024 | ---- | M] (Creative Technology Ltd) -- C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe PRC - [2012.02.25 13:47:30 | 000,192,856 | ---- | M] (Intel Corporation) -- C:\Windows\SysWOW64\irstrtsv.exe PRC - [2012.02.16 19:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE PRC - [2012.02.15 21:11:58 | 000,459,832 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe PRC - [2012.02.15 21:10:56 | 000,688,184 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe PRC - [2012.02.02 00:29:58 | 000,013,592 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe PRC - [2012.02.02 00:29:56 | 000,284,440 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe PRC - [2012.01.27 05:49:34 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE PRC - [2012.01.27 05:47:36 | 004,293,952 | ---- | M] (SoftThinks - Dell) -- C:\Program Files (x86)\Dell DataSafe Local Backup\TOASTER.EXE PRC - [2012.01.21 18:35:24 | 000,363,800 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe PRC - [2012.01.21 18:35:22 | 000,277,784 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe PRC - [2011.10.13 00:11:34 | 002,068,856 | ---- | M] (Flexera Software LLC.) -- C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe PRC - [2011.10.13 00:11:32 | 001,446,264 | ---- | M] (Flexera Software LLC.) -- C:\ProgramData\FLEXnet\Connect\11\agent.exe PRC - [2011.10.12 01:43:16 | 000,109,184 | ---- | M] (Conexant Systems, Inc.) -- C:\Programme\CONEXANT\SA3\CxUtilSvc.exe PRC - [2010.10.02 00:55:28 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe PRC - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE PRC - [2010.04.02 10:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE ========== Modules (No Company Name) ========== MOD - [2013.04.10 08:56:55 | 003,133,336 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll MOD - [2013.02.18 20:07:59 | 011,843,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\514763136e7ea4730f5fb8120b6bbb30\System.Web.ni.dll MOD - [2013.02.18 20:07:53 | 012,436,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\65220f0f32ec84454f9a811fba883c2e\System.Windows.Forms.ni.dll MOD - [2013.02.15 21:22:46 | 012,700,160 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\9c95779cc3d65cda80695cabc367476b\System.Windows.Forms.ni.dll MOD - [2013.02.03 15:00:52 | 001,880,576 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xaml\f641b786d36d1cc5a5531a746c96ce1b\System.Xaml.ni.dll MOD - [2013.02.03 14:56:27 | 001,631,744 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\38638a559066bf7f2325a53ed53629bc\System.Drawing.ni.dll MOD - [2013.02.03 14:56:19 | 000,467,456 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatioaec034ca#\6824c9f11ea82b4148780cd92c9d6745\PresentationFramework.Aero2.ni.dll MOD - [2013.02.03 14:56:18 | 018,542,592 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\8347ac8367f91309fa888d79a54c7450\PresentationFramework.ni.dll MOD - [2013.02.03 14:56:08 | 010,926,592 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\1c7f4533b2b24c10a628793a8b93e1a7\PresentationCore.ni.dll MOD - [2013.02.03 14:56:03 | 003,910,144 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\15cc4fff434f274c1f6ab56a385dcb54\WindowsBase.ni.dll MOD - [2013.02.03 14:55:58 | 007,561,216 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\e1ec8b9a6d4f9af9d6065c4187fb1b5f\System.Xml.ni.dll MOD - [2013.02.03 14:55:54 | 000,958,464 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\05cc6faa6704d01e78700561b22937e3\System.Configuration.ni.dll MOD - [2013.02.03 14:55:49 | 009,937,408 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System\a7811936e59aaee26b1d9d467174d6d4\System.ni.dll MOD - [2013.02.03 14:55:44 | 016,544,768 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\mscorlib\374a0cc6603f58864831897ef723bd4a\mscorlib.ni.dll MOD - [2013.01.26 18:00:10 | 002,297,856 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Core\fb048f69c5b71baf063604bd1724b078\System.Core.ni.dll MOD - [2013.01.26 18:00:06 | 000,014,336 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\IAStorCommon\d3edce503ff7e862db8dfee91d4bfb79\IAStorCommon.ni.dll MOD - [2013.01.26 18:00:00 | 000,627,200 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\fe30f9017b763714b1372d77204cd3d0\System.Transactions.ni.dll MOD - [2013.01.26 17:59:55 | 000,771,584 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\e2f7dbe3bf08df200a4cdcf2e0eb82fa\System.Runtime.Remoting.ni.dll MOD - [2013.01.26 17:59:55 | 000,488,960 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\IAStorUtil\7bf30f7cd515481c33bdfbe81806a834\IAStorUtil.ni.dll MOD - [2013.01.26 17:59:52 | 000,971,264 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\cf561d65486360afb324d26c80b9aac2\System.Configuration.ni.dll MOD - [2013.01.26 17:52:46 | 005,453,312 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\ae31f7dc9817e359d05c9c8efdd5f359\System.Xml.ni.dll MOD - [2013.01.26 17:52:39 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\7e6b074d3f3e3cc8e0270a3552c47aaa\System.Drawing.ni.dll MOD - [2013.01.26 17:52:18 | 003,349,504 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\WindowsBase\24cc53e26c02f2d0dbb139045428ef76\WindowsBase.ni.dll MOD - [2013.01.26 17:52:16 | 007,988,736 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\28c2c6e7f48ff80c680a97b08df66a72\System.ni.dll MOD - [2013.01.26 17:52:13 | 011,494,912 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\8d2929ad589e1092eb62a43424361465\mscorlib.ni.dll MOD - [2012.11.13 14:06:32 | 000,158,624 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl MOD - [2012.11.13 14:06:30 | 000,108,960 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl MOD - [2012.11.13 14:06:28 | 000,554,400 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\VirtualTreesDXE150.bpl MOD - [2012.11.13 14:06:28 | 000,528,288 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\JSDialogPack150.bpl MOD - [2012.11.13 14:06:28 | 000,416,160 | ---- | M] () -- C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl MOD - [2012.10.10 03:35:25 | 005,992,448 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel\3.0.0.0__b77a5c561934e089\System.ServiceModel.dll MOD - [2012.10.10 03:35:25 | 000,970,752 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization\3.0.0.0__b77a5c561934e089\System.Runtime.Serialization.dll MOD - [2012.10.10 03:35:25 | 000,446,464 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.IdentityModel\3.0.0.0__b77a5c561934e089\System.IdentityModel.dll MOD - [2012.10.10 03:35:25 | 000,110,592 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\SMDiagnostics\3.0.0.0__b77a5c561934e089\SMDiagnostics.dll MOD - [2012.09.28 23:41:48 | 000,491,520 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.resources\3.0.0.0_de_b77a5c561934e089\System.ServiceModel.resources.dll MOD - [2012.09.28 23:41:48 | 000,212,992 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.resources\2.0.0.0_de_b77a5c561934e089\System.resources.dll MOD - [2012.09.14 00:04:06 | 000,315,392 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll MOD - [2012.08.17 22:38:56 | 000,479,160 | ---- | M] () -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\dblite.dll MOD - [2012.07.06 04:02:32 | 005,283,840 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework\3.0.0.0__31bf3856ad364e35\PresentationFramework.dll MOD - [2012.07.06 04:02:32 | 004,218,880 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll MOD - [2012.07.06 04:02:32 | 000,196,608 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\PresentationFramework.Aero\3.0.0.0__31bf3856ad364e35\PresentationFramework.Aero.dll MOD - [2012.07.06 04:01:14 | 000,261,632 | ---- | M] () -- C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll MOD - [2012.07.06 04:01:07 | 000,110,592 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\PresentationCore.resources\3.0.0.0_de_31bf3856ad364e35\PresentationCore.resources.dll MOD - [2012.07.06 04:01:02 | 000,139,264 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.Xml.Linq\3.5.0.0__b77a5c561934e089\System.Xml.Linq.dll MOD - [2012.07.06 04:01:00 | 000,569,344 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.ServiceModel.Web\3.5.0.0__31bf3856ad364e35\System.ServiceModel.Web.dll MOD - [2012.07.06 04:01:00 | 000,507,904 | ---- | M] () -- C:\WINDOWS\assembly\GAC_MSIL\System.WorkflowServices\3.5.0.0__31bf3856ad364e35\System.WorkflowServices.dll MOD - [2012.01.27 05:49:34 | 002,751,808 | ---- | M] () -- C:\Program Files (x86)\Dell DataSafe Local Backup\COMPONENTS\SCHEDULER\STSERVICE.EXE ========== Services (SafeList) ========== SRV - [2013.04.10 08:56:49 | 000,115,608 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.04.07 11:55:50 | 000,068,608 | ---- | M] (IvoSoft) [Auto | Running] -- C:\Programme\Classic Shell\ClassicShellService.exe -- (ClassicShellService) SRV - [2013.03.18 03:25:46 | 001,236,336 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe -- (Ad-Aware Service) SRV - [2013.03.13 19:41:27 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.03.13 15:33:30 | 000,187,912 | ---- | M] (Dell Products, LP.) [Auto | Running] -- C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe -- (DellDigitalDelivery) SRV - [2013.03.06 17:30:43 | 003,560,288 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe -- (TeamViewer8) SRV - [2013.02.11 19:48:56 | 000,311,184 | ---- | M] (Nuance Communications, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe -- (DragonSvc) SRV - [2013.01.28 15:19:28 | 002,402,080 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc) SRV - [2013.01.28 15:19:28 | 000,029,984 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp) SRV - [2013.01.23 23:22:28 | 000,356,376 | ---- | M] (Kaspersky Lab ZAO) [Auto | Running] -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\avp.exe -- (AVP) SRV - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2012.12.14 16:49:28 | 000,682,344 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe -- (MBAMService) SRV - [2012.12.14 16:49:28 | 000,398,184 | ---- | M] (Malwarebytes Corporation) [Auto | Running] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe -- (MBAMScheduler) SRV - [2012.11.06 06:36:55 | 002,675,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll -- (PrintNotify) SRV - [2012.10.06 01:12:10 | 000,277,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs) SRV - [2012.09.20 05:39:12 | 003,677,000 | ---- | M] (GFI Software) [Auto | Running] -- C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe -- (SBAMSvc) SRV - [2012.07.26 05:20:04 | 000,018,432 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc) SRV - [2012.07.26 05:18:41 | 000,408,064 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (WAS) SRV - [2012.07.26 05:18:41 | 000,408,064 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll -- (W3SVC) SRV - [2012.07.26 05:17:52 | 000,060,416 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll -- (AppHostSvc) SRV - [2012.07.11 20:54:58 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- C:\Programme\SUPERAntiSpyware\SASCore64.exe -- (!SASCORE) SRV - [2012.03.29 15:57:36 | 002,669,840 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\ZeroConfigService.exe -- (ZeroConfigService) SRV - [2012.03.29 15:57:24 | 000,273,168 | ---- | M] () [On_Demand | Stopped] -- C:\Programme\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS) SRV - [2012.03.29 15:57:14 | 000,626,960 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\WiFi\bin\EvtEng.exe -- (EvtEng) SRV - [2012.03.29 15:57:10 | 000,148,752 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc) SRV - [2012.02.29 16:50:48 | 000,158,856 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate) SRV - [2012.02.25 13:47:30 | 000,192,856 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Windows\SysWOW64\irstrtsv.exe -- (irstrtsv) SRV - [2012.02.16 19:49:44 | 001,695,040 | ---- | M] (SoftThinks SAS) [Auto | Running] -- C:\Program Files (x86)\Dell DataSafe Local Backup\sftservice.EXE -- (SftService) SRV - [2012.02.15 21:11:58 | 000,459,832 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider) SRV - [2012.02.02 00:29:58 | 000,013,592 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc) SRV - [2012.01.21 18:35:24 | 000,363,800 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe -- (UNS) SRV - [2012.01.21 18:35:22 | 000,277,784 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe -- (LMS) SRV - [2012.01.18 00:12:28 | 000,135,952 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- C:\Programme\Intel\BluetoothHS\BTHSSecurityMgr.exe -- (BTHSSecurityMgr) SRV - [2012.01.11 05:01:52 | 000,627,936 | ---- | M] (Intel(R) Corporation) [Auto | Running] -- c:\Programme\Intel\iCLS Client\HeciServer.exe -- (Intel(R) SRV - [2012.01.09 20:39:44 | 000,659,968 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Programme\Intel\BluetoothHS\BTHSAmpPalService.exe -- (AMPPALR3) SRV - [2011.10.12 01:43:16 | 000,109,184 | ---- | M] (Conexant Systems, Inc.) [Auto | Running] -- C:\Programme\CONEXANT\SA3\CxUtilSvc.exe -- (CxUtilSvc) SRV - [2011.08.18 15:28:36 | 002,774,320 | ---- | M] (Validity Sensors, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vcsFPService.exe -- (vcsFPService) SRV - [2010.11.29 23:00:56 | 000,149,504 | ---- | M] (Intel(R) Corporation) [On_Demand | Stopped] -- C:\Programme\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost) SRV - [2010.08.26 04:28:54 | 002,823,000 | ---- | M] (Dell, Inc.) [Auto | Running] -- C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuAgent.exe -- (NOBU) SRV - [2010.04.05 21:55:01 | 000,116,104 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE -- (IJPLMSVC) ========== Driver Services (SafeList) ========== DRV - [2012.09.19 11:50:50 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv) DRV - [2011.07.22 18:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\sasdifsv64.sys -- (SASDIFSV) DRV - [2011.07.12 23:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- C:\Programme\SUPERAntiSpyware\saskutil64.sys -- (SASKUTIL) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{31D4E6F8-99DB-42B2-B667-C29152F39FF7}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MDDSJS IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1022856802-308261183-3669651496-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://dell13.msn.com IE - HKU\S-1-5-21-1022856802-308261183-3669651496-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.bing.com IE - HKU\S-1-5-21-1022856802-308261183-3669651496-1010\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com IE - HKU\S-1-5-21-1022856802-308261183-3669651496-1010\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-1022856802-308261183-3669651496-1010\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR IE - HKU\S-1-5-21-1022856802-308261183-3669651496-1010\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1022856802-308261183-3669651496-1010\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "www.google.de" FF - prefs.js..extensions.enabledAddons: foxmarks%40kei.com:4.1.3 FF - prefs.js..extensions.enabledAddons: %7B73a6fe31-595d-460b-a920-fcc0f8843232%7D:2.6.5.9 FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20130402 FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.14 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1 FF - user.js - File not found FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll () FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll File not found FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKLM\Software\MozillaPlugins\nuance.com/DragonRIAPlugin: C:\PROGRA~2\Nuance\NATURA~1\Program\npDgnRia.dll (Nuance Communications Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\url_advisor@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\url_advisor@kaspersky.com [2013.01.23 23:32:32 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\virtual_keyboard@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\virtual_keyboard@kaspersky.com [2013.01.23 23:32:32 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\content_blocker@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\content_blocker@kaspersky.com [2013.01.23 23:32:32 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\anti_banner@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\anti_banner@kaspersky.com [2013.01.23 23:32:32 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\online_banking@kaspersky.com: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\FFExt\online_banking@kaspersky.com [2013.01.23 23:32:32 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\jid0-lmZNVK7a82O8cufhdfB9dUDfA2w@jetpack: C:\Program Files (x86)\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2013.02.11 19:44:08 | 000,136,309 | ---- | M] () FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 20.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.04.11 15:37:11 | 000,000,000 | ---D | M] [2013.04.11 15:37:25 | 000,000,000 | ---D | M] (No name found) -- D:\Benutzer\Hubertus\AppData\Roaming\Mozilla\Extensions [2013.04.11 17:42:41 | 000,000,000 | ---D | M] (No name found) -- D:\Benutzer\Hubertus\AppData\Roaming\Mozilla\Firefox\Profiles\cvyfj6b7.default\extensions [2013.04.11 15:54:17 | 000,000,000 | ---D | M] (WOT) -- D:\Benutzer\Hubertus\AppData\Roaming\Mozilla\Firefox\Profiles\cvyfj6b7.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013.04.11 16:08:38 | 000,000,000 | ---D | M] (DownloadHelper) -- D:\Benutzer\Hubertus\AppData\Roaming\Mozilla\Firefox\Profiles\cvyfj6b7.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2013.04.11 15:42:25 | 000,000,000 | ---D | M] ("Xmarks") -- D:\Benutzer\Hubertus\AppData\Roaming\Mozilla\Firefox\Profiles\cvyfj6b7.default\extensions\foxmarks@kei.com [2013.04.11 15:56:45 | 000,260,296 | ---- | M] () (No name found) -- D:\Benutzer\Hubertus\AppData\Roaming\Mozilla\Firefox\Profiles\cvyfj6b7.default\extensions\jid0-9XfBwUWnvPx4wWsfBWMCm4Jj69E@jetpack.xpi [2013.04.11 17:42:41 | 000,157,756 | ---- | M] () (No name found) -- D:\Benutzer\Hubertus\AppData\Roaming\Mozilla\Firefox\Profiles\cvyfj6b7.default\extensions\{15fe27f3-e5ab-2d59-4c5c-dadc7945bdbd}.xpi [2013.04.11 15:49:23 | 000,531,916 | ---- | M] () (No name found) -- D:\Benutzer\Hubertus\AppData\Roaming\Mozilla\Firefox\Profiles\cvyfj6b7.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2013.04.11 16:01:00 | 000,817,280 | ---- | M] () (No name found) -- D:\Benutzer\Hubertus\AppData\Roaming\Mozilla\Firefox\Profiles\cvyfj6b7.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.04.11 15:37:10 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013.04.10 08:57:39 | 000,263,064 | ---- | M] (Mozilla Foundation) -- C:\Program Files (x86)\mozilla firefox\components\browsercomps.dll [2013.04.10 10:18:46 | 000,001,392 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\amazondotcom-de.xml [2013.04.10 10:18:46 | 000,002,465 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\bing.xml [2013.04.10 10:18:46 | 000,001,153 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\eBay-de.xml [2013.04.10 10:18:46 | 000,006,805 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\leo_ende_de.xml [2013.04.10 10:18:46 | 000,001,178 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\wikipedia-de.xml [2013.04.10 10:18:46 | 000,001,105 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\yahoo-de.xml ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - homepage: hxxp://www.google.com CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\PepperFlash\pepflashplayer.dll CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\26.0.1410.64\pdf.dll CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll CHR - plugin: Dragon NaturallySpeaking Rich Internet Application Support (Enabled) = C:\PROGRA~2\Nuance\NATURA~1\Program\npDgnRia.dll CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.0.50401.0\npctrl.dll CHR - Extension: Xmarks Bookmark Sync = D:\Benutzer\Hubertus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.24_0\ CHR - Extension: Xmarks Bookmark Sync = D:\Benutzer\Hubertus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajpgkpeckebdhofmmjfgcjjiiejpodla\1.0.24_0\.bak CHR - Extension: Google Docs = D:\Benutzer\Hubertus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = D:\Benutzer\Hubertus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = D:\Benutzer\Hubertus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Google-Suche = D:\Benutzer\Hubertus\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: Modul zur Link-Untersuchung = D:\Benutzer\Hubertus\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.1.4190_0\ CHR - Extension: Sicherer Zahlungsverkehr = D:\Benutzer\Hubertus\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.1.4190_0\ CHR - Extension: Modul f\u00FCr das Blockieren gef\u00E4hrlicher Webseiten = D:\Benutzer\Hubertus\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail\13.0.1.4190_0\ CHR - Extension: Virtuelle Tastatur = D:\Benutzer\Hubertus\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.1.4190_0\ CHR - Extension: SecureSearch = D:\Benutzer\Hubertus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfffjahnfbocnaooecgijfnbpcfekoik\1.0.0.1_0\ CHR - Extension: Dragon NaturallySpeaking Rich Internet Application Support = D:\Benutzer\Hubertus\AppData\Local\Google\Chrome\User Data\Default\Extensions\mikhcaiakabeeokmenglcdebplfdjicn\1.0_0\ CHR - Extension: Google Mail = D:\Benutzer\Hubertus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ CHR - Extension: Anti-Banner = D:\Benutzer\Hubertus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.1.4190_0\ O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts O2 - BHO: (ExplorerBHO Class) - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Programme\Classic Shell\ClassicExplorer32.dll (IvoSoft) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.) O2 - BHO: (Content Blocker Plugin) - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Virtual Keyboard Plugin) - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O2 - BHO: (Dragon NaturallySpeaking Rich Internet Application Support - Extension) - {73A89C60-CF59-4EC7-9215-9B7EF05ECEA4} - C:\PROGRA~2\Nuance\NATURA~1\Program\ieShim.dll (Nuance Communications, Inc.) O2 - BHO: (Safe Money Plugin) - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) O2 - BHO: (URL Advisor Plugin) - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O2 - BHO: (ClassicIE9BHO Class) - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Programme\Classic Shell\ClassicIE9DLL_32.dll (IvoSoft) O2 - BHO: (DVDVideoSoft WebPageAdjuster Class) - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) O3 - HKLM\..\Toolbar: (Classic Explorer Bar) - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Programme\Classic Shell\ClassicExplorer32.dll (IvoSoft) O4 - HKLM..\Run: [Ad-Aware Antivirus] C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher.exe (Lavasoft Limited) O4 - HKLM..\Run: [Ad-Aware Browsing Protection] C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe (Lavasoft) O4 - HKLM..\Run: [AVP] C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\runner_avp.exe (Kaspersky Lab ZAO) O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.) O4 - HKLM..\Run: [Dell DataSafe Online] C:\Program Files (x86)\Dell\Dell Datasafe Online\NOBuClient.exe (Dell, Inc.) O4 - HKLM..\Run: [Dell Webcam Central] C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe (Creative Technology Ltd) O4 - HKLM..\Run: [DNS7reminder] C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe (Nuance Communications, Inc.) O4 - HKLM..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe (Intel Corporation) O4 - HKLM..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\isuspm.exe (Flexera Software LLC.) O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH) O4 - HKLM..\Run: [PDVD9LanguageShortcut] C:\Program Files (x86)\CyberLink\PowerDVD9\Language\Language.exe (CyberLink Corp.) O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe (Sony Corporation) O4 - HKLM..\Run: [RemoteControl9] C:\Program Files (x86)\CyberLink\PowerDVD9\PDVD9Serv.exe (CyberLink Corp.) O4 - HKLM..\Run: [SDTray] C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe (Safer-Networking Ltd.) O4 - HKLM..\Run: [SearchProtection] C:\ProgramData\Search Protection\_run.bat File not found O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-21-1022856802-308261183-3669651496-1010..\Run: [Akamai NetSession Interface] D:\Benutzer\Hubertus\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) O4 - HKU\S-1-5-21-1022856802-308261183-3669651496-1010..\Run: [AVMUSBFernanschluss] D:\Benutzer\Hubertus\AppData\Local\Apps\2.0\DMC7CP1J.M8B\OC53C76K.YQ2\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\AVMAutoStart.exe (AVM Berlin) O4 - HKU\S-1-5-21-1022856802-308261183-3669651496-1010..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe (Google) O4 - HKU\S-1-5-21-1022856802-308261183-3669651496-1010..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Flexera Software LLC.) O4 - HKU\S-1-5-21-1022856802-308261183-3669651496-1010..\Run: [SUPERAntiSpyware] C:\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe (SUPERAntiSpyware.com) O4 - Startup: D:\Benutzer\Hubertus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = D:\Benutzer\Hubertus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 28 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm () O8 - Extra context menu item: Free YouTube to DVD Converter - D:\Benutzer\Hubertus\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetodvdconverter.htm File not found O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm () O8 - Extra context menu item: Hinzufügen zu Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\ie_banner_deny.htm () O9 - Extra Button: Virtuelle Tastatur - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) O9 - Extra 'Tools' menuitem : Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Programme\Classic Shell\ClassicIE9_32.exe (IvoSoft) O9 - Extra Button: Links untersuchen - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHelper.dll (Safer-Networking Ltd.) O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.) O13 - gopher Prefix: missing O15 - HKU\S-1-5-21-1022856802-308261183-3669651496-1010\..Trusted Ranges: Range1 ([*] in Lokales Intranet) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A01DB9A7-46B7-4308-A5EC-7695207E1D24}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E27708EE-B814-4D21-80CB-597676A3EBBC}: DhcpNameServer = 192.168.178.1 O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\PROGRA~2\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation) O20 - Winlogon\Notify\SDWinLogon: DllName - (SDWinLogon.dll) - File not found O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O30 - LSA: Security Packages - (livessp) - File not found O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.04.11 18:23:39 | 000,000,000 | ---D | C] -- D:\Benutzer\Hubertus\Documents\ProcAlyzer Dumps [2013.04.11 16:41:07 | 000,000,000 | ---D | C] -- D:\Benutzer\Hubertus\AppData\Roaming\SUPERAntiSpyware.com [2013.04.11 16:41:04 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware [2013.04.11 16:41:00 | 000,000,000 | ---D | C] -- C:\ProgramData\SUPERAntiSpyware.com [2013.04.11 15:37:16 | 000,000,000 | ---D | C] -- D:\Benutzer\Hubertus\AppData\Roaming\Mozilla [2013.04.11 15:37:16 | 000,000,000 | ---D | C] -- D:\Benutzer\Hubertus\AppData\Local\Mozilla [2013.04.10 18:59:11 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll [2013.04.10 18:59:06 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesysprep.dll [2013.04.10 18:59:06 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll [2013.04.10 18:59:05 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll [2013.04.10 18:39:17 | 000,000,000 | ---D | C] -- D:\Benutzer\Hubertus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Utility [2013.04.10 18:39:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Eusing Free Registry Cleaner [2013.04.10 16:45:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner [2013.04.10 16:45:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013.04.10 15:28:52 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll [2013.04.10 13:43:49 | 000,000,000 | ---D | C] -- C:\ProgramData\SecTaskMan [2013.04.10 13:43:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager [2013.04.10 13:43:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Security Task Manager [2013.04.10 08:25:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Classic Shell [2013.04.09 17:15:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Antivirus [2013.04.09 17:15:07 | 000,000,000 | ---D | C] -- D:\Benutzer\Hubertus\AppData\Roaming\LavasoftStatistics [2013.04.09 17:07:15 | 000,000,000 | ---D | C] -- D:\Benutzer\Hubertus\AppData\Local\adawarebp [2013.04.09 17:05:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ad-Aware Antivirus [2013.04.09 17:05:31 | 000,000,000 | ---D | C] -- C:\ProgramData\Lavasoft [2013.04.09 17:05:30 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Ad-Aware Antivirus [2013.04.09 17:05:21 | 000,000,000 | ---D | C] -- C:\ProgramData\Downloaded Installations [2013.04.09 17:05:08 | 000,000,000 | ---D | C] -- C:\ProgramData\Ad-Aware Browsing Protection [2013.04.09 17:04:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Toolbar Cleaner [2013.04.09 17:03:49 | 000,000,000 | ---D | C] -- D:\Benutzer\Hubertus\AppData\Roaming\Ad-Aware Antivirus [2013.04.09 16:17:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Spybot - Search & Destroy [2013.04.09 16:17:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 [2013.04.09 16:17:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2 [2013.04.09 14:38:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PC Tools [2013.04.09 14:36:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\PC Tools [2013.04.09 14:35:35 | 000,000,000 | ---D | C] -- C:\ProgramData\PC Tools [2013.04.09 14:35:34 | 000,000,000 | ---D | C] -- D:\Benutzer\Hubertus\AppData\Roaming\TestApp [2013.04.09 13:15:22 | 000,000,000 | ---D | C] -- D:\Benutzer\Hubertus\AppData\Roaming\FreeFixer [2013.04.09 13:15:22 | 000,000,000 | ---D | C] -- D:\Benutzer\Hubertus\AppData\Local\FreeFixer [2013.04.09 13:14:01 | 000,493,056 | ---- | C] ( datenhaus GmbH) -- C:\WINDOWS\SysWow64\dhRichClient3.dll [2013.04.09 13:13:53 | 000,000,000 | ---D | C] -- D:\Benutzer\Hubertus\AppData\Roaming\Opera [2013.04.06 17:49:24 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJ [2013.04.06 17:45:58 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJScan [2013.04.06 17:42:24 | 000,000,000 | ---D | C] -- D:\Benutzer\Hubertus\AppData\Roaming\Canon [2013.04.06 17:41:56 | 000,000,000 | -H-D | C] -- C:\ProgramData\CanonIJSolutionMenuEX [2013.04.06 17:41:49 | 000,438,272 | ---- | C] (CANON INC.) -- C:\WINDOWS\SysWow64\CNQ4809L.dll [2013.04.06 17:41:49 | 000,106,496 | ---- | C] (CANON INC.) -- C:\WINDOWS\SysWow64\CNQ4809U.dll [2013.04.06 16:58:09 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJPLM [2013.04.06 16:57:06 | 000,000,000 | ---D | C] -- C:\ProgramData\CanonIJWSpt [2013.04.06 16:55:35 | 000,015,872 | ---- | C] (CANON INC.) -- C:\WINDOWS\SysWow64\CNHMCA.dll [2013.04.05 19:21:10 | 000,000,000 | ---D | C] -- D:\Benutzer\Hubertus\Documents\FixFoto [2013.04.05 19:14:08 | 000,000,000 | ---D | C] -- D:\Benutzer\Hubertus\AppData\Roaming\IrfanView [2013.04.05 19:14:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IrfanView [2013.04.04 16:37:19 | 000,000,000 | ---D | C] -- D:\Benutzer\Hubertus\AppData\Roaming\Malwarebytes [2013.04.04 16:37:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.04.04 16:37:07 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013.04.04 16:36:47 | 000,000,000 | ---D | C] -- D:\Benutzer\Hubertus\AppData\Local\Programs [2013.04.03 19:52:01 | 000,000,000 | R--D | C] -- D:\Benutzer\Hubertus\Desktop\Büro [2013.04.03 12:06:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.03.31 15:49:44 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive [2013.03.31 15:21:59 | 000,000,000 | R--D | C] -- D:\Benutzer\Hubertus\Desktop\Fotografie [2013.03.28 18:50:05 | 000,000,000 | ---D | C] -- D:\Benutzer\Hubertus\Documents\Sony PMB [2013.03.28 18:49:53 | 000,000,000 | ---D | C] -- D:\Benutzer\Hubertus\AppData\Roaming\Sony Corporation [2013.03.28 18:49:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Sony Corporation [2013.03.28 18:49:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony [2013.03.22 16:54:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AMD APP [2013.03.15 11:39:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell [2013.03.15 11:39:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Dell Digital Delivery [2013.03.15 11:37:54 | 000,692,576 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe [2013.03.15 11:37:54 | 000,078,176 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl [2013.03.14 20:33:11 | 000,061,440 | ---- | C] (Avision) -- C:\WINDOWS\AV_WTS.dll [2013.03.14 20:32:39 | 000,000,000 | ---D | C] -- D:\Benutzer\Hubertus\Documents\ArcSoft [2013.03.14 20:32:38 | 000,000,000 | ---D | C] -- D:\Benutzer\Hubertus\AppData\Local\ArcSoft [2013.03.14 20:32:14 | 000,000,000 | ---D | C] -- C:\ProgramData\ArcSoft [2013.03.14 20:31:33 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\ArcSoft [2013.03.14 20:30:48 | 000,000,000 | ---D | C] -- D:\Benutzer\Hubertus\AppData\Roaming\ArcSoft [2013.03.13 12:49:05 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UXInit.dll [2013.03.13 12:49:03 | 008,856,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll [2013.03.13 12:49:01 | 002,033,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll [2013.03.13 12:48:57 | 010,792,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll [2013.03.13 12:48:56 | 005,090,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll [2013.03.13 12:48:53 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlroamextension.dll [2013.03.13 12:48:53 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWanAPI.dll [2013.03.13 12:48:53 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll [2013.03.13 12:48:53 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.Connectivity.dll [2013.03.13 12:48:53 | 000,157,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mbsmsapi.dll [2013.03.13 12:48:53 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsRasterService.dll [2013.03.13 12:48:53 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\taskkill.exe [2013.03.13 12:48:52 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tasklist.exe [2013.03.13 12:48:52 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nlmproxy.dll [2013.03.13 12:48:52 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nlmsprep.dll [2013.03.13 12:48:51 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll [2013.03.13 12:48:50 | 001,437,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll ========== Files - Modified Within 30 Days ========== [2013.04.12 09:41:00 | 000,000,884 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job [2013.04.12 09:14:49 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2013.04.12 09:13:17 | 000,001,126 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2013.04.12 09:12:54 | 000,000,532 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task ba19a981-d06e-4a26-9542-6a1afa56f3b4.job [2013.04.12 09:12:41 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys [2013.04.12 09:12:38 | 2049,417,215 | -HS- | M] () -- C:\hiberfil.sys [2013.04.12 09:12:21 | 000,001,188 | ---- | M] () -- C:\WINDOWS\SysWow64\ServiceConfig.xml [2013.04.12 09:10:04 | 000,001,130 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2013.04.12 08:41:02 | 000,000,532 | ---- | M] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 1b4c41e6-5b24-4fca-b347-52a6409a7e2a.job [2013.04.11 08:31:39 | 000,001,515 | ---- | M] () -- D:\Benutzer\Hubertus\AppData\Roaming\SAS7_000.DAT [2013.04.10 18:39:17 | 000,000,909 | ---- | M] () -- D:\Benutzer\Hubertus\Desktop\Eusing Free Registry Cleaner.lnk [2013.04.09 15:31:49 | 000,000,898 | ---- | M] () -- C:\WINDOWS\SysWow64\InstallUtil.InstallLog [2013.04.09 13:13:57 | 000,001,478 | ---- | M] () -- D:\Benutzer\Hubertus\Desktop\Amazon.lnk [2013.04.09 11:49:36 | 000,000,000 | ---- | M] () -- C:\END [2013.04.03 00:08:01 | 000,692,576 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe [2013.04.03 00:08:01 | 000,078,176 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl [2013.03.29 16:34:23 | 000,000,101 | ---- | M] () -- D:\Benutzer\Hubertus\Documents\ScanToPC.info [2013.03.29 15:37:20 | 000,001,062 | ---- | M] () -- D:\Benutzer\Hubertus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2013.03.15 11:48:35 | 000,000,607 | ---- | M] () -- C:\WINDOWS\wiso.ini ========== Files Created - No Company Name ========== [2013.04.12 09:12:21 | 000,001,188 | ---- | C] () -- C:\WINDOWS\SysWow64\ServiceConfig.xml [2013.04.11 16:41:13 | 000,000,532 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task ba19a981-d06e-4a26-9542-6a1afa56f3b4.job [2013.04.11 16:41:13 | 000,000,532 | ---- | C] () -- C:\WINDOWS\tasks\SUPERAntiSpyware Scheduled Task 1b4c41e6-5b24-4fca-b347-52a6409a7e2a.job [2013.04.11 15:37:12 | 000,001,161 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk [2013.04.10 18:39:17 | 000,000,909 | ---- | C] () -- D:\Benutzer\Hubertus\Desktop\Eusing Free Registry Cleaner.lnk [2013.04.09 16:17:11 | 000,002,187 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk [2013.04.09 13:14:59 | 000,000,898 | ---- | C] () -- C:\WINDOWS\SysWow64\InstallUtil.InstallLog [2013.04.09 13:14:01 | 000,338,432 | ---- | C] () -- C:\WINDOWS\SysWow64\sqlite36_engine.dll [2013.04.09 13:13:57 | 000,001,478 | ---- | C] () -- D:\Benutzer\Hubertus\Desktop\Amazon.lnk [2013.04.06 16:55:35 | 000,393,256 | ---- | C] () -- C:\WINDOWS\SysWow64\CNQ4809N.DAT [2013.03.28 18:49:51 | 000,001,317 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home.lnk [2013.03.14 20:33:12 | 000,000,101 | ---- | C] () -- D:\Benutzer\Hubertus\Documents\ScanToPC.info [2013.03.11 17:48:03 | 000,212,992 | ---- | C] () -- C:\WINDOWS\SysWow64\Bot.dll [2013.02.25 20:16:41 | 000,001,515 | ---- | C] () -- D:\Benutzer\Hubertus\AppData\Roaming\SAS7_000.DAT [2013.02.25 17:07:21 | 000,000,060 | ---- | C] () -- C:\WINDOWS\wininit.ini [2013.02.23 20:38:40 | 000,210,552 | ---- | C] () -- C:\WINDOWS\SysWow64\DBCLIENT.DLL [2013.02.15 21:48:39 | 000,015,873 | ---- | C] () -- C:\WINDOWS\SysWow64\Inetde.dll [2013.02.11 10:16:05 | 000,000,607 | ---- | C] () -- C:\WINDOWS\wiso.ini [2013.01.25 18:26:38 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll [2013.01.23 15:32:19 | 001,968,878 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI [2012.11.16 03:22:41 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin [2012.11.16 03:21:50 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblup.dat [2012.10.06 01:12:28 | 000,598,780 | ---- | C] () -- C:\WINDOWS\SysWow64\igvpkrng700.bin [2012.10.06 01:12:22 | 000,755,048 | ---- | C] () -- C:\WINDOWS\SysWow64\igcodeckrng700.bin [2012.10.06 01:12:10 | 000,064,512 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll [2012.07.26 10:13:10 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat [2012.07.26 10:13:09 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT [2012.07.26 09:21:26 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat [2012.07.26 03:17:42 | 000,043,520 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll [2012.07.25 22:37:29 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin [2012.07.25 22:28:31 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll [2012.06.02 16:31:19 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat [2012.01.11 04:39:16 | 000,001,536 | ---- | C] () -- C:\WINDOWS\SysWow64\IusEventLog.dll ========== ZeroAccess Check ========== [2013.01.23 20:38:53 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.01.10 01:23:07 | 019,791,360 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.01.10 01:26:23 | 017,560,576 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== Alternate Data Streams ========== @Alternate Data Stream - 245 bytes -> C:\ProgramData\Temp:0FF263E8 @Alternate Data Stream - 204 bytes -> C:\ProgramData\Temp:A5B56640 @Alternate Data Stream - 156 bytes -> C:\ProgramData\Temp:A1DD48F2 @Alternate Data Stream - 127 bytes -> C:\ProgramData\Temp:430C6D84 @Alternate Data Stream - 105 bytes -> C:\ProgramData\Temp:DFC5A2B2 < End of report > Hallo Leo, hier ist das Extra File EXTRA.txtOTL EXTRAS Logfile: Code:
ATTFilter OTL Extras logfile created on: 12.04.2013 09:45:00 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = D:\Benutzer\Hubertus\Downloads
64bit- Professional (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
7,88 Gb Total Physical Memory | 5,28 Gb Available Physical Memory | 67,04% Memory free
15,88 Gb Paging File | 12,73 Gb Available in Paging File | 80,19% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 160,60 Gb Total Space | 114,17 Gb Free Space | 71,09% Space Free | Partition Type: NTFS
Drive D: | 292,97 Gb Total Space | 225,94 Gb Free Space | 77,12% Space Free | Partition Type: NTFS
Computer Name: DELL-PC | User Name: Hubertus | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe:*:Enabled:Spybot-S&D 2 Tray Icon -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe:*:Enabled:Spybot-S&D 2 Scanner Service -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe:*:Enabled:Spybot-S&D 2 Updater -- (Safer-Networking Ltd.)
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe" = C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe:*:Enabled:Spybot-S&D 2 Background update service -- (Safer-Networking Ltd.)
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{09AB220F-244C-4667-AC88-9109E0A50E73}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{177585F6-4355-4285-8487-53B92E1D9340}" = lport=10243 | protocol=6 | dir=in | app=system |
"{318EC714-74C8-488E-B42C-838BE54EA568}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{5CFCC9C5-7152-47F4-95C5-467FB5D389A7}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{615B03BC-523F-4A9F-945B-5654A8878F89}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6302813A-AFBC-4CBC-8C9C-53E11B815300}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{66C98825-4FDD-4FA8-A372-ECAEDBA48EBD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{7010EA39-A246-4A00-908B-80313E76167E}" = lport=51001 | protocol=6 | dir=in | name=dragon smart phone server |
"{89770F36-E8F8-43E0-8887-051112299F31}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{9F7B77C3-1D4A-4A42-9E52-AA0C2B177077}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{BE27AF61-88AA-4D4D-9185-6343E44D6766}" = rport=10243 | protocol=6 | dir=out | app=system |
"{CC222AEA-2D16-4F71-822B-330064E10B07}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{001A29B6-1D4E-49F6-B166-DF7C47B27199}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{045F386A-AD8A-46CE-A09C-447AB9A1E933}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{0598BA7D-D4E6-4594-808D-F87D14519404}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{05B2D43E-1B64-4EF1-811C-7F138FA4ADED}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{06326275-0DF8-445C-AA3E-A47DF153C7A9}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{063F8DFA-E84D-4A84-A7EE-891F055D4C13}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{0AA5B0E5-780B-40E3-B43C-55A43DED2359}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{0AB4749B-3DC1-4344-A903-C8AF6FB576B7}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{0B04AD70-A418-4E50-AE5C-603028AA0680}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{0C481B18-8383-4DDB-B5AC-8FA069036540}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{124B6729-F9EF-4A0A-A72C-79BC3E686963}" = dir=out | name=@{microsoft.bingnews_1.7.0.31_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{13DC8A73-882D-4F4F-BF2A-4CB28ED55C37}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{17CD140D-4B3C-4E6D-8D27-A1A643762C5E}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{1D5C3C94-9C97-4E8F-BA0F-F4FA6D4405F9}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{1DA7D82C-F3B9-421C-BCB6-08D4BAE414AB}" = dir=out | name=@{microsoft.zunemusic_1.1.144.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{1F506694-0396-4744-BBC4-1BFCE93E8DD0}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{2000F873-9951-472E-AA46-0EFC5FEF0EE6}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{2047BE48-815A-4F68-A487-68E1581B9F83}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{20832607-D154-4D4E-BA37-70C0BA079891}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{20B97B6A-3C34-4904-9653-BDFFCED893ED}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{24AED070-70B2-4FFB-BBFE-74930FC58E72}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{2509BFFC-5004-46AD-A881-8F13842BDE1A}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd9.exe |
"{27E607A4-AE19-4D26-9CD9-FF47F3398446}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{290FAA11-FF7F-4462-8F6C-8B47979A9395}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{2910A7CE-B75E-478B-BF58-F01F4CDAD6E3}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{2A545705-AD5A-4C4B-8414-19FF6278C204}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{2F623208-98FF-4E16-A6BF-C2075020CA92}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{2F95219A-D7C7-41C8-8167-E4F22FB57995}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{3043B5FE-5F91-4C7F-921C-00B87BE9E9AD}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{3084C90B-DE2E-4249-A885-7C97A34F2E86}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{318F3A0D-55F8-404A-A85F-74FFCF99BBA0}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{33B74D12-967A-42E7-B889-BB3B36902AE5}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{34F5AD2D-3013-4A3E-98A9-7E5F8A047443}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{3681D26C-0705-4998-8330-C6DC07A6A712}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{37ED1FF4-8BF5-4C8B-9646-58F3D343A709}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{38B4A727-44A4-436D-B62C-0F27A480B441}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{39EC4F3E-07CC-4E89-8C97-F9FD32B5F652}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{3B79ECC8-2A99-42D9-BC0B-9F2F0775BDCD}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{3BAAB92C-74AA-4F82-9E37-04F39EDC00C6}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{3BCDF702-7B1E-43CE-8A61-8694E5F97C79}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{3FCF81A4-5C29-47CE-9196-5D4E9C97C319}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{3FE5B45B-66D7-4371-8EFE-88EB753F1E82}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{41975436-5210-4F5A-BD9F-CF76B563252C}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{41FB6791-B8B2-40B3-A28B-03220A0CCD69}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{43532D9C-6CDD-4D68-831E-06FEE25B60CC}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{43745E01-7977-4E0C-BF36-03CA58418C75}" = protocol=6 | dir=in | app=d:\benutzer\hubertus\appdata\local\apps\2.0\dmc7cp1j.m8b\oc53c76k.yq2\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe |
"{43D6944F-0FCA-45CE-A9E0-FD494503D628}" = dir=in | app=c:\program files\intel\wifi\bin\pandhcpdns.exe |
"{4673A869-CE53-427A-A9AA-B535E8EDAA59}" = dir=out | name=@{microsoft.bingtravel_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{47825E79-B9D1-45FF-B2FC-2FF3D212FC87}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{49D33A02-EBE8-4821-B091-97A409230920}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{4BE4E3B2-E22F-489A-ADA8-E32EC7C0D4E6}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{4D99DD23-7B96-4DDF-9F3F-76E0B351A347}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{4DD356DA-5423-4921-8D57-40D157B72D63}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{4E60A0B9-7DC8-4577-9C7F-2E343AE40996}" = protocol=17 | dir=in | app=d:\benutzer\hubertus\appdata\roaming\dropbox\bin\dropbox.exe |
"{4EE7DA8B-C09E-4893-A97A-CF8E02B7E72F}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{50FB62B1-7681-4387-97DE-0C4E22E50A28}" = dir=in | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{51B54A1B-987B-4541-8063-D0C09D9EBA4D}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{51E1D300-72F8-4909-A967-1F9E31A06AD9}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{54229586-46DF-4A11-9F58-ED74EE689727}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{54312248-15F6-4916-A586-8F80A3FBC695}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{5502A4E4-57E9-42F4-9DAC-9BB172C78A39}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{579DF61A-A249-4C89-A63E-4B8661E94046}" = dir=out | name=@{microsoft.bingfinance_1.7.0.29_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{591DD378-A6DD-4B87-B060-F32DE253536A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{595A5797-4BA5-4628-B675-A34A4C4F64C5}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{596AF6BE-3CAB-4282-A4CA-7486C8856CEA}" = dir=out | name=@{microsoft.bingweather_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{5975C836-817C-476D-9109-87065E68B297}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{5B5246CB-7512-4E3E-99E0-DAD3F507AF51}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{5C473D0A-5980-4B23-A302-66E8F5525217}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{5C8A534C-F1C4-4B70-B918-5590F7794CA0}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{5E430C84-F854-41F4-B9A6-8FF8139169EF}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{5EAAA4C0-3A5E-4FB5-B5C7-1DF638D22219}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{5F17405C-E817-4B54-A3A8-442AFE26A69F}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{5F6D1217-72C3-4719-B9C3-0FB47E4D90F7}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{620BD7CD-B2EF-4A26-AF7C-5019F7BB0F06}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{6240C8C7-4E6F-44AD-8030-89FC7F8B4AE0}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer.exe |
"{62DC5329-6A39-405C-BFC0-61EA57DC1575}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{6387AB85-BC1C-4BC7-91C3-24E020129E5E}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{6391762D-B3C9-44A2-A318-F8FCB7282EC7}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{641FE5DE-2E52-45DC-A432-FAEFFBE49135}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{648BCEB3-5C33-4445-8CAA-22C4669A6DFD}" = protocol=17 | dir=in | app=c:\program files (x86)\adawaretb\dtuser.exe |
"{6892442E-1853-41FA-BBA4-6C39DEC7AAAE}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{69B8C68E-954A-4F63-9D42-0890144E29F6}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{6D3EABC2-A70E-4229-968E-B892FECDCBD9}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{6D74B729-CDA1-4875-86F6-198AA1442362}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{6D74ECAE-744C-4E62-956D-5DEBCAC14D44}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{6F2F4B2C-3587-45F6-8E81-EB03194CFE03}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{73B6ECAC-2668-4D67-A925-794FF131F1FA}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{7432C551-2CA7-499D-9F32-1EA26F7B2910}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{7474F106-F2CA-4792-A9B4-E8A92ACF1AC6}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{749368B5-2B2A-485D-A4BE-82137E94439C}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{782B2AAA-BE95-4288-AC8E-EB26BD9A11BA}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{7CB69D32-F5DD-45F7-B8A6-72437CF7A1C0}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{80231A86-78CB-4FFA-AFA9-1C35F495C0EE}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{80A39F4B-A383-4F52-838F-CFCA79F8B5D0}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{81D6D218-A797-4B32-A7BE-BE5D8750F47B}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{83226C93-6995-4763-A3B8-81365292D8D4}" = dir=out | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{83C2ED82-80C5-41B0-9DD7-70C8E66E7928}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{87D3E13C-6E19-49DC-B607-5DD71159CEDE}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{8A1E08AC-15A7-49A5-8BA4-DCF2BEC9FB5F}" = dir=out | name=@{microsoft.bing_1.5.1.259_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{8A98DA6D-50DA-4484-928F-879CE3D777FA}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{8BF94DD8-021C-4269-96E0-D2FB48733E17}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{8C01C7D4-9DA1-4E29-B60B-E9ABDA2F9827}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{8C68F959-0F01-4734-AAE0-3F59582622FA}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{8F66794A-4BA3-4679-930A-30C1F8C1FC71}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{91326A7F-14ED-49FE-BD71-F58C22843191}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{9195A0CF-C358-40DB-A5A8-88431DC8F778}" = dir=out | name=windows_ie_ac_001 |
"{92273D04-392D-465A-A4F5-B035A2C40CA9}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{92F501A6-F162-4EF3-B34A-420F3825BBF7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{95427975-8479-4F10-A462-CC1B352F3908}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{95DE9ADD-D7BB-4AD0-88E6-EFC9673B6621}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{96CF1BDD-5F1D-4C3D-8D14-75F72DD6BE0A}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{A1581C8E-3728-45E4-95DA-7AC2B0C5549E}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{A1E09B09-688A-4816-AA65-FB056DB0DAE5}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{A4CC8F98-F2B2-4B34-95EA-97FE95EE1B40}" = protocol=17 | dir=in | app=d:\benutzer\hubertus\appdata\local\apps\2.0\dmc7cp1j.m8b\oc53c76k.yq2\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe |
"{A72C7A1F-F251-4C0B-B091-4DEE284E3116}" = dir=out | name=@{microsoft.xboxlivegames_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{AEDC613B-5719-42F4-870F-B07F707649C2}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{AF2EF061-4A73-4EAB-8DBD-3160520FE4D2}" = dir=out | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{AFAB3CB4-9366-4F8E-8E75-78571EC30349}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{AFD0804F-270F-46D4-840D-583CF75B76E2}" = dir=out | name=@{microsoft.zunevideo_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{B1DDFC7F-2FF6-4ACA-A9AC-CEB8846B7073}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{B33782EE-F0D0-4658-8AD5-1A70D2319FC7}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{B585B97D-AD0D-4F20-92F0-C69CADC68760}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{B9D2D63F-FA3A-41BB-A0F0-B7085D2D168A}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{BA2C5FB6-F45C-4C6D-874B-40E02A4AD0B2}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{BBB623F9-C87F-46CA-A5EA-6BBB5AB3ABC5}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{BEA53290-6395-450A-9A7C-30591EB09D15}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{BF0D4628-80F2-45BC-9C97-B1696A609449}" = dir=in | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{BF975BCF-363C-4F48-8BB0-A1E04C99E28D}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{C0A6E1D9-3A14-4A37-9FAC-FC449B9DE079}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{C237244E-7B1B-4987-937F-DD87C668183A}" = protocol=17 | dir=in | app=d:\benutzer\schlappi\appdata\local\apps\2.0\6hr8zya8.e5g\9gjcjwwr.coz\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe |
"{C2A23E62-7241-4D8F-BFDD-4E137B1A0595}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{C4389348-D8CF-4737-86D9-8ECED7557A42}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{C468968A-DBB5-4659-B91D-AA5A1C26C65D}" = protocol=6 | dir=in | app=d:\benutzer\hubertus\appdata\roaming\dropbox\bin\dropbox.exe |
"{C493F52C-35C1-463E-8FB9-1FC0ACAE8CB4}" = dir=out | name=@{microsoft.windowsphotos_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{C5029F34-AF8E-4E69-A273-1897DB55314B}" = protocol=6 | dir=out | app=system |
"{CC3CE9B6-C962-404B-89CF-D11A2D17E24A}" = dir=out | name=@{microsoft.bingtravel_1.2.0.145_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{CC3F34BF-AF4C-4D1E-AF86-21F74EEB0BAC}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{D1509780-BE30-4B74-BC22-6C5A239DCA20}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{D15D3FCD-16A1-4425-96A5-5BF3F69F2329}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4388.928_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{D435C68C-846C-4B90-81AA-DD76C5401D15}" = dir=out | name=@{microsoft.bingfinance_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{D87CDC5C-341F-4F81-83DC-B1D3B3869389}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{D982D5BC-88E2-478F-B050-08C8A256E32D}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{DA8CEA9A-E646-4529-88BD-6E53A2C75D2A}" = dir=out | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{DA98C50A-059E-4B93-BBB6-9980D729D6FB}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{DC60522C-18B7-4995-BA73-AC2CDDD6916E}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{DD012BD0-1793-45D8-A933-9E3E6C327D02}" = dir=in | app=c:\program files (x86)\intel corporation\intel widi\widiapp.exe |
"{DD7F2723-79E7-4BE1-8C17-248196A4235D}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd9\powerdvd cinema\powerdvdcinema.exe |
"{DEE1576D-0A6E-4CE4-B86E-0555BD33FFCD}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{DFC72D76-818C-4A4D-8058-CD0199D43C0A}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{E004B555-A7F6-4011-A6E9-0C59114B2656}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{E038E2B0-AB7E-49C5-A448-D25ECC5A691D}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{E186A373-283F-4BAA-9E5F-C3A31AFDA18A}" = dir=out | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{E262EAE0-8ED5-4776-95E9-12A1D022B264}" = protocol=6 | dir=in | app=d:\benutzer\schlappi\appdata\local\apps\2.0\6hr8zya8.e5g\9gjcjwwr.coz\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe |
"{E274B029-B70A-4027-AAE3-58D08BB41057}" = dir=out | name=google search |
"{E3A67469-C90F-4492-A0B2-B17311E3793E}" = dir=out | name=@{microsoft.bingweather_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{E3B8F27C-616C-40A7-9AC1-93168227979B}" = dir=out | name=@{microsoft.zunemusic_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{E6AD09B1-5418-4277-A79A-BE75C9191237}" = dir=out | name=@{microsoft.bingmaps_1.2.0.136_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{E7D3D5F3-C365-4090-9531-572AAD1FC4E8}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{E94472A9-D3D4-45B8-88F4-61E2AEB899C6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E9B68878-C81E-43BE-8238-9CEF691BACF0}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{E9E9EEBC-5C3B-4CBF-99C8-9916565B38A2}" = dir=out | name=@{microsoft.bingsports_1.8.0.51_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{EA30236C-AE6B-4421-B2A2-D772FFF6270A}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{EA6E3439-F4B7-4CDD-854F-3A703158A096}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EAFBA3A5-667C-4103-AB59-3235EBE7B7B8}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{EB365D48-6A91-4F08-8F79-FE436DEC3B63}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{ED400F14-2DCC-4644-99C1-DAB77BBBBD14}" = protocol=6 | dir=in | app=d:\benutzer\hubertus\appdata\local\apps\2.0\dmc7cp1j.m8b\oc53c76k.yq2\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe |
"{EEF6CE1C-8F1A-4176-9ECB-9F7EE8B61DCF}" = protocol=17 | dir=in | app=d:\benutzer\hubertus\appdata\local\apps\2.0\dmc7cp1j.m8b\oc53c76k.yq2\frit..tion_8488884cfbcefd60_0002.0003_f406d43803d5433d\fritzbox-usb-fernanschluss.exe |
"{EF46832A-1119-4D63-9206-C01C736185FD}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version8\teamviewer_service.exe |
"{EF95E2F4-46B2-4220-B08B-DD7E9BC548A2}" = dir=out | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{F0088A05-8AF3-4232-A3B4-60FFE7004FE1}" = dir=out | name=@{microsoft.xboxlivegames_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{F06040DE-08D2-4480-B8BF-EF16B766C4C3}" = dir=out | name=@{microsoft.microsoftskydrive_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.microsoftskydrive/resources/shortproductname} |
"{F147B527-7959-4C7F-B1A4-58B9C7B312AE}" = dir=out | name=@{microsoft.bingsports_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{F1D31953-7534-4471-80A2-DA8A48A3F868}" = protocol=6 | dir=in | app=c:\program files (x86)\adawaretb\dtuser.exe |
"{F2DFD04E-618D-40DC-941D-4A7E8E94F8DA}" = dir=in | name=@{microsoft.windowsphotos_16.4.4204.712_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsphotos/photo/residappname} |
"{F38AE1F8-C267-4C82-8535-2BAE192CE782}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{F3A6FA10-E0D7-48DC-99DB-9CDF81B640F2}" = dir=in | name=@{microsoft.bing_1.2.0.137_x64__8wekyb3d8bbwe?ms-resource://microsoft.bing/resources/app_name} |
"{F3CA3A95-C1A3-4FDB-9580-BE96A7090A84}" = dir=in | name=@{microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{F56C6CCD-194C-49E4-92E9-8D20B032A3A4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F909A805-B41D-4ECF-9729-2AB77338D6D9}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{F95007A7-5082-4E17-817B-FF9FAB5001D7}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{FA26E351-91BC-4251-9712-758C51CF1415}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{FAFAF4F8-4B1D-4506-9B0D-EFD74397657D}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{FB0F1A6D-7079-458B-AE26-FCFF505A86F8}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{FC71DF9F-880C-4E16-8AE1-ECABA4E6B1CC}" = dir=out | name=@{microsoft.bingnews_1.2.0.135_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{FE7AF821-09BB-4242-9DD6-37ADFA3B5783}" = dir=in | name=@{microsoft.reader_6.2.8516.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{FF1A42AB-2830-4E77-B178-A64524D99FC5}" = dir=out | name=@{microsoft.zunevideo_1.0.927.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{FF9A95CA-D9FF-4CA0-A1F8-7C1AEDC481E5}" = dir=out | name=windows_ie_ac_001 |
"TCP Query User{09829F69-706C-438F-B91D-A01338162214}D:\benutzer\hubertus\appdata\local\akamai\netsession_win.exe" = protocol=6 | dir=in | app=d:\benutzer\hubertus\appdata\local\akamai\netsession_win.exe |
"UDP Query User{A9B8ACE0-2CAE-4764-8F8A-473111AA771F}D:\benutzer\hubertus\appdata\local\akamai\netsession_win.exe" = protocol=17 | dir=in | app=d:\benutzer\hubertus\appdata\local\akamai\netsession_win.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{00C2381E-E648-6E04-47AD-7CD36E1F148D}" = CCC Help Japanese
"{05660232-BD64-EA97-791B-4220E0FC753C}" = CCC Help English
"{0ABBF310-94E4-4AE8-A6BD-10345A3F6439}" = Google Drive
"{0ED7EE95-6A97-47AA-AD73-152C08A15B04}" = Dell DataSafe Local Backup
"{15B52B00-5330-CEF8-0C74-0E0890EB22BA}" = CCC Help Dutch
"{1770B512-D768-92E1-53AA-E6491401F98A}" = CCC Help Russian
"{260D380B-BA85-F4E0-5B3C-99195B7B3EB5}" = CCC Help German
"{2EA870FA-585F-4187-903D-CB9FFD21E2E0}" = DHTML Editing Component
"{32BB5E7C-204A-5E24-0250-851BE3D4E294}" = CCC Help Finnish
"{38697498-F4AA-4A8A-81F6-C09446AD020D}" = Print Server Utilities
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel(R) Rapid Storage Technology
"{4B3230C5-F069-416B-9169-1B84A216ED6A}" = Dell Digital Delivery
"{4F33252D-CB08-8AB5-A488-82C1D0B54622}" = CCC Help Korean
"{51FDC2DE-0917-46B7-EAEC-5377504701DE}" = PowerXpressHybrid
"{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"{5FE0441B-A340-E612-A9F8-44EFB53ED191}" = CCC Help Chinese Standard
"{60B2F25C-22CB-4CD9-9168-8C63708DC1A1}" = LibreOffice 3.6
"{61C559D2-5039-4970-A42C-EDD50E23943C}" = Catalyst Control Center - Branding
"{63A9253B-9FFE-F430-DDF4-C414B58D8B1D}" = CCC Help Spanish
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7E265513-8CDA-4631-B696-F40D983F3B07}_is1" = CDBurnerXP
"{7EC66A95-AC2D-4127-940B-0445A526AB2F}" = Dell DataSafe Online
"{7FCB8D5D-9396-4D17-8CFA-349D6D49CD32}" = Intel(R) WiDi
"{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 5.3.0
"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{838A9A22-30DE-D6E2-86E9-5923114D5FFA}" = Catalyst Control Center Profiles Mobile
"{87998E4E-6D9C-411B-AAE9-B8523FFE357D}" = Image Data Converter
"{8927E07C-97F7-4A54-88FB-D976F50DD46E}" = Turbo Lister 2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E1E9A0F-83C6-4F26-9DA7-7AAFB7F76909}" = Imkereiverwaltung 3.0
"{90120000-001C-0407-0000-0000000FF1CE}" = Microsoft Office Access Runtime (German) 2007
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BBFB282-2871-B5E6-1FDE-55309355AD39}" = CCC Help Swedish
"{9C24F411-9CA7-4A8A-91F3-F08A4A38EB31}" = ST Microelectronics 3 Axis Digital Accelerometer Solution
"{9FCCAFDC-4678-B87E-371E-EBCB1BB41F5B}" = CCC Help Danish
"{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9668246-FB70-4103-A1E3-66C9BC2EFB49}" = Dell DataSafe Local Backup - Support Software
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{B0B398F4-FF47-7F9D-0C9E-5C762DEC6D25}" = CCC Help French
"{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1" = Spybot - Search & Destroy
"{B59DC648-301A-49B8-8937-2BB7C2AA90A7}" = MeineBeihilfe2013
"{C3E7D4E3-6551-C8A4-7D68-6D5E298D55C3}" = CCC Help Portuguese
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections
"{C9B43FEB-41D1-980E-4DAD-303EAA42915B}" = Catalyst Control Center
"{CBAC9563-31EC-EBAF-245A-BD5D6980A289}" = CCC Help Norwegian
"{D3BC949B-4CA0-64B3-B88C-E13F45E07DCD}" = CCC Help Italian
"{D5D422B9-6976-4E98-8DDF-9632CB515D7E}" = Dragon NaturallySpeaking 12
"{D6CC2FAF-F827-4091-96A1-D32CC9B69C79}" = WISO Steuer-Sparbuch 2013
"{DAE6ACFB-04E0-5960-4EC9-635E4572F66A}" = PX Profile Update
"{DED623A4-B8BB-5A9C-5178-4E89A66D6AC8}" = CCC Help Chinese Traditional
"{E03CD71A-F595-49DF-9ADC-0CFC93B1B211}" = PlayMemories Home
"{EAE153AD-5864-A890-B5C9-1114E17E13CC}" = Catalyst Control Center Localization All
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F075020E-43B2-4F2C-9723-C81CE162E7B6}" = Ad-Aware Antivirus
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel(R) Processor Graphics
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F7E1CA14-B39D-452A-960B-39423DDDD933}" = DriveImage XML (Private Edition)
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel(R) Control Center
"3D073343-CEEB-4ce7-85AC-A69A7631B5D6" = Intel(R) Rapid Start Technology
"adawaretb" = Ad-Aware Security Add-on
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Biet-O-Matic v2.14.12" = Biet-O-Matic v2.14.12
"CANONIJPLM100" = Canon Inkjet Printer/Scanner/Fax Extended Survey Program
"CanonMyPrinter" = Canon My Printer
"CanonSolutionMenuEX" = Canon Solution Menu EX
"Dell Webcam Central" = Dell Webcam Central
"Eusing Free Registry Cleaner" = Eusing Free Registry Cleaner
"Free YouTube Download_is1" = Free YouTube Download version 3.2.0.128
"Free YouTube to DVD Converter_is1" = Free YouTube to DVD Converter version 3.1.0.128
"Google Chrome" = Google Chrome
"gszedo" = Ghostscript
"ImgBurn" = ImgBurn
"InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}" = CyberLink PowerDVD 9.5
"InstallWIX_{560985FB-4B76-4121-9189-7A2CDC7886D6}" = Kaspersky Internet Security 2013
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.70.0.1100
"Mozilla Firefox 20.0.1 (x86 de)" = Mozilla Firefox 20.0.1 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MP Navigator EX 4.0" = Canon MP Navigator EX 4.0
"Passbild-Generator_is1" = Bewerbungsfoto-/Passbild-Generator v3.5b
"PrintFab 1.x" = PrintFab
"Security Task Manager" = Security Task Manager 1.8d
"TeamViewer 8" = TeamViewer 8
"TuneUp Utilities 2013" = TuneUp Utilities 2013
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-1022856802-308261183-3669651496-1010\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"9204f5692a8faf3b" = Dell System Detect
"Akamai" = Akamai NetSession Interface
"Dropbox" = Dropbox
"f018cf21c0452c64" = FRITZ!Box USB-Fernanschluss
"PassportPhoto" = PassportPhoto (remove)
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 06.04.2013 15:34:44 | Computer Name = Dell-PC | Source = .NET Runtime | ID = 1023
Description =
Error - 06.04.2013 15:34:44 | Computer Name = Dell-PC | Source = .NET Runtime | ID = 1023
Description =
Error - 06.04.2013 15:34:44 | Computer Name = Dell-PC | Source = .NET Runtime | ID = 1023
Description =
Error - 06.04.2013 15:34:44 | Computer Name = Dell-PC | Source = .NET Runtime | ID = 1023
Description =
Error - 06.04.2013 15:34:44 | Computer Name = Dell-PC | Source = .NET Runtime | ID = 1023
Description =
Error - 06.04.2013 15:34:44 | Computer Name = Dell-PC | Source = .NET Runtime | ID = 1023
Description =
Error - 06.04.2013 15:34:44 | Computer Name = Dell-PC | Source = .NET Runtime | ID = 1023
Description =
Error - 06.04.2013 15:34:44 | Computer Name = Dell-PC | Source = .NET Runtime | ID = 1023
Description =
Error - 06.04.2013 15:34:44 | Computer Name = Dell-PC | Source = .NET Runtime | ID = 1023
Description =
Error - 06.04.2013 15:34:44 | Computer Name = Dell-PC | Source = .NET Runtime | ID = 1023
Description =
Error - 06.04.2013 15:34:44 | Computer Name = Dell-PC | Source = .NET Runtime | ID = 1023
Description =
[ System Events ]
Error - 24.03.2013 15:56:44 | Computer Name = Dell-PC | Source = BugCheck | ID = 1001
Description =
Error - 24.03.2013 15:57:51 | Computer Name = Dell-PC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde nicht
richtig gestartet.
Error - 24.03.2013 16:00:09 | Computer Name = Dell-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Dell Digital Delivery Service erreicht.
Error - 24.03.2013 16:00:09 | Computer Name = Dell-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Dell Digital Delivery Service" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
Error - 24.03.2013 16:00:13 | Computer Name = Dell-PC | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
Intel(R) Rapid Storage Technology erreicht.
Error - 24.03.2013 16:00:13 | Computer Name = Dell-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Intel(R) Rapid Storage Technology" wurde aufgrund folgenden
Fehlers nicht gestartet: %%1053
Error - 24.03.2013 17:23:47 | Computer Name = Dell-PC | Source = EventLog | ID = 6008
Description = Das System wurde zuvor am ?24.?03.?2013 um 20:56:40 unerwartet heruntergefahren.
Error - 24.03.2013 17:23:47 | Computer Name = Dell-PC | Source = BTHUSB | ID = 327710
Description = Der lokale Adapter bietet keine Unterstützung für einen wichtigen
Controllerstatus für energiearme Geräte. Die mindestens erforderliche unterstützte
Statusmaske ist "0x1f7fffff", vorhanden ist jedoch "0x1f3fffff". Die Funktionalität
für energiearme Geräte wird deaktiviert.
Error - 24.03.2013 17:23:54 | Computer Name = Dell-PC | Source = BugCheck | ID = 1001
Description =
Error - 24.03.2013 17:24:56 | Computer Name = Dell-PC | Source = Service Control Manager | ID = 7022
Description = Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde nicht
richtig gestartet.
< End of report >
|
|
12.04.2013, 13:11
| #4 |
| /// TB-Ausbilder | Spybots Fehlersuche vertrauen? Hallo, Spybot ist auch ok. Aber so viele Sicherheitsprogamme, wie du derzeit nutzt, braucht man nicht. Mehr Programme bedeuten nicht mehr Sicherheit. Mit einem Antivirenprogramm, einem Malwarescanner und selber etwas Mitdenken fährst du gut. Bestehen denn aktuell noch Probleme bei dir?  Hinweis: Mehrere AV-HintergrundwächterMir ist aufgefallen, dass du mehr als ein Antivirus-Programm mit Hintergrundwächter laufen hast:
Entscheide dich für eines dieser Programme und deinstalliere die anderen über Start -> Systemsteuerung -> Programme und Funktionen (Vista & Win 7) bzw. Start -> Systemsteuerung -> Software (Win XP). Hinweis: Registry CleanerIch sehe, dass du sogenannte Registry Cleaner installiert hast. In deinem Fall Eusing Free Registry Cleaner und TuneUp Utilities 2013. Wir raten von der Verwendung jeglicher Art von Registry Cleaner ab. Der Grund ist ganz einfach: Die Registry ist das Hirn des Systems. Funktioniert das Hirn nicht, funktioniert der Rest nicht mehr wirklich. Man sollte nicht unnötigerweise an der Registry rumbasteln. Schon ein kleiner Fehler kann gravierende Folgen haben und auch Programme machen manchmal Fehler. Zerstörst du die Registry, zerstörst du Windows. Zudem ist der Nutzen zur Performancesteigerung umstritten und meist kaum im wahrnehmbaren Bereich. Ich würde dir empfehlen, Registry Cleaner nicht weiterhin zu verwenden und über Start --> Systemsteuerung --> Software (bei Windows XP)zu deinstallieren. Schritt 1
Code:
ATTFilter :OTL
O4 - HKLM..\Run: [SearchProtection] C:\ProgramData\Search Protection\_run.bat File not found
:commands
[emptytemp]
Schritt 2 Lade das Setup des ESET Online Scanners herunter und speichere es auf den Desktop.
Schritt 3 Downloade dir bitte SecurityCheck (Link 2).
Bitte poste in deiner nächsten Antwort:
__________________ cheers, Leo |
|
12.04.2013, 13:48
| #5 |
| | Spybots Fehlersuche vertrauen? Hallo Leo, der erste Schritt ist gelungen: Das Fixfile von otl lautet: All processes killed ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtection not found. ========== COMMANDS ========== [EMPTYTEMP] User: Default User: DefaultAppPool ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Elisabeth ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Hubertus ->Temp folder emptied: 812464 bytes ->Temporary Internet Files folder emptied: 3499 bytes ->FireFox cache emptied: 49969577 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 622 bytes User: Public User: schlappi ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Flash cache emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes RecycleBin emptied: 335819419 bytes Total Files Cleaned = 369,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 04122013_143843 Files\Folders moved on Reboot... D:\Benutzer\Hubertus\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot... Das nächste kommt gleich! |
|
12.04.2013, 14:42
| #6 | |
| /// TB-Ausbilder | Spybots Fehlersuche vertrauen?Zitat:
__________________ --> Spybots Fehlersuche vertrauen? |
|
12.04.2013, 14:56
| #7 |
| | Spybots Fehlersuche vertrauen? Hallo Leo, tatsächlich hat es lange gedauert. Aber nun ist es da: Schritt 3 erledige ich danach! Viele Grüße schlappi2 All processes killed ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtection not found. ========== COMMANDS ========== [EMPTYTEMP] User: Default User: DefaultAppPool ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Elisabeth ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Hubertus ->Temp folder emptied: 812464 bytes ->Temporary Internet Files folder emptied: 3499 bytes ->FireFox cache emptied: 49969577 bytes ->Google Chrome cache emptied: 0 bytes ->Flash cache emptied: 622 bytes User: Public User: schlappi ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->FireFox cache emptied: 0 bytes ->Flash cache emptied: 0 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 0 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 128 bytes RecycleBin emptied: 335819419 bytes Total Files Cleaned = 369,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 04122013_143843 Files\Folders moved on Reboot... D:\Benutzer\Hubertus\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot... Hallo Leo, der letzte Schritt ist gelungen: Ich folge deinem rat und will ad aware löschen. Das geht nicht. Es wird nur ändern und reparieren angeboten ???? Hier das File: Results of screen317's Security Check version 0.99.62 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Kaspersky Internet Security Lavasoft Ad-Aware Windows Defender Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Ad-Aware Spybot - Search & Destroy Malwarebytes Anti-Malware Version 1.70.0.1100 TuneUp Utilities 2013 TuneUp Utilities Language Pack (de-DE) Eusing Free Registry Cleaner Adobe Flash Player 11.6.602.180 Adobe Reader XI Mozilla Firefox (20.0.1) Google Chrome 26.0.1410.64 ````````Process Check: objlist.exe by Laurent```````` Ad-Aware AAWService.exe is disabled! Ad-Aware AAWTray.exe is disabled! Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Spybot Teatimer.exe is disabled! Ad-Aware Antivirus AdAwareService.exe ESET ESET Online Scanner OnlineScannerApp.exe Malwarebytes' Anti-Malware mbamscheduler.exe Kaspersky Lab Kaspersky Internet Security 2013 avp.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` |
|
12.04.2013, 15:08
| #8 | |
| /// TB-Ausbilder | Spybots Fehlersuche vertrauen? Hallo, ich seh keine Angabe zu ESET. Heisst das, es wurde nichts gefunden? Zitat:
__________________ cheers, Leo |
|
12.04.2013, 15:15
| #9 |
| | Spybots Fehlersuche vertrauen? Hallo Leo, es wurde nichts gefunden. Inzwischen konnte ich auch Ad-aware deinstallieren. Ich hoffe, mein system ist jetzt korrekt. Wenigstens läuft es störungsfrei Viele Grüße schlappi2 Hallo Leo, ich glaube den 3. Schritt hatte ich nicht gepostet: Hier ist der checkup-Editor Results of screen317's Security Check version 0.99.62 x64 (UAC is enabled) Internet Explorer 9 ``````````````Antivirus/Firewall Check:`````````````` Kaspersky Internet Security Windows Defender Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Spybot - Search & Destroy Malwarebytes Anti-Malware Version 1.70.0.1100 TuneUp Utilities 2013 TuneUp Utilities Language Pack (de-DE) Eusing Free Registry Cleaner Adobe Flash Player 11.6.602.180 Adobe Reader XI Mozilla Firefox (20.0.1) Google Chrome 26.0.1410.64 ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamgui.exe Spybot Teatimer.exe is disabled! Malwarebytes' Anti-Malware mbamscheduler.exe Kaspersky Lab Kaspersky Internet Security 2013 avp.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` |
|
12.04.2013, 15:28
| #10 |
| /// TB-Ausbilder | Spybots Fehlersuche vertrauen? Hallo, ja, das sieht gut aus. Wir räumen noch auf. Cleanup Zum Schluss werden wir jetzt noch unsere Tools (inklusive der Quarantäne-Ordner) wegräumen, die verseuchten Systemwiederherstellungspunkte löschen und alle Einstellungen wieder herrichten. Auch diese Schritte sind noch wichtig und sollten in der angegebenen Reihenfolge ausgeführt werden.
>> OK << Wir sind durch, deine Logs sehen für mich im Moment sauber aus.  Ich habe dir nachfolgend ein paar Hinweise und Tipps zusammengestellt, die dazu beitragen sollen, dass du in Zukunft unsere Hilfe nicht mehr brauchen wirst. Bitte gib mir danach noch eine kurze Rückmeldung, wenn auch von deiner Seite keine Probleme oder Fragen mehr offen sind, damit ich dieses Thema als erledigt betrachten kann. Epilog: Tipps, Dos & Don'ts Aktualität von System und SoftwareDas Betriebsystem Windows muss zwingend immer auf dem neusten Stand sein. Stelle sicher, dass die automatischen Updates aktiviert sind:
Auch die installierte Software sollte immer in der aktuellsten Version vorliegen. Speziell gilt das für den Browser, Java, Flash-Player und PDF-Reader, denn bekannte Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim blossen Besuch einer präparierten Website per Drive-by Download Malware zu installieren. Das kann sogar auf normalerweise legitimen Websites geschehen, wenn es einem Angreifer gelungen ist, seinen Code in die Seite einzuschleusen, und ist deshalb relativ unberechenbar.
Sicherheits-SoftwareEine Bemerkung vorneweg: Jede Softwarelösung hat ihre Schwächen. Die gesamte Verantwortung für die Sicherheit auf Software zu übertragen und einen Rundum-Schutz zu erwarten, wäre eine gefährliche Illusion. Bei unbedachtem oder bewusst risikoreichem Verhalten wird auch das beste Programm früher oder später seinen Dienst versagen (z.B. ein Virenscanner, der eine verseuchte Datei nicht erkennt). Trotzdem ist entsprechende Software natürlich wichtig und hilft dir in Kombination mit einem gut gewarteten (up-to-date) System und durchdachtem Verhalten, deinen Rechner sauber zu halten.
Es liegt in der Natur der Sache, dass die am weitesten verbreitete Anwendungs-Software auch am häufigsten von Malware-Autoren attackiert wird. Es kann daher bereits einen kleinen Sicherheitsgewinn darstellen, wenn man alternative Software (z.B. einen alternativen PDF Reader) benutzt. Anstelle des Internet Explorers kann man beispielsweise den Mozilla Firefox einsetzen, für welchen es zwei nützliche Addons zur Empfehlung gibt:
(Un-)Sicheres Verhalten im InternetNebst unbemerkten Drive-by Installationen wird Malware aber auch oft mehr oder weniger aktiv vom Benutzer selbst installiert. Der Besuch zwielichtiger Websites kann bereits Risiken bergen. Und Downloads aus dubiosen Quellen sind immer russisches Roulette. Auch wenn der Virenscanner im Moment darin keine Bedrohung erkennt, muss das nichts bedeuten.
Oft wird auch versucht, den Benutzer mit mehr oder weniger trickreichen Methoden dazu zu bringen, eine für ihn verhängnisvolle Handlung selbst auszuführen (Überbegriff Social Engineering).
Nervige Adware (Werbung) und unnötige Toolbars werden auch meist durch den Benutzer selbst mitinstalliert.
Allgemeine HinweiseAbschliessend noch ein paar grundsätzliche Bemerkungen:
Wenn du möchtest, kannst du das Forum mit einer kleinen Spende unterstützen. Es bleibt mir nur noch, dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen. 
__________________ cheers, Leo |
|
12.04.2013, 17:01
| #11 |
| | Spybots Fehlersuche vertrauen? Hallo Leo, es läuft alles ausgezeichnet. Meinen ganz herzlichen Dank!!! Viele Grüße schlappi2 |
|
12.04.2013, 17:10
| #12 |
| /// TB-Ausbilder | Spybots Fehlersuche vertrauen? Danke für die Rückmeldung. Freut mich, dass wir helfen konnten.  Falls du dem Forum noch Verbesserungsvorschläge, Kritik oder ein Lob mitgeben möchtest, kannst du das hier tun. Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Ich bekomme somit keine Benachrichtigung mehr über neue Antworten. Solltest du das Thema erneut brauchen, schicke mir bitte eine PM und wir machen hier weiter. Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.
__________________ cheers, Leo |
|
| Themen zu Spybots Fehlersuche vertrauen? |
| adaware, adwcleaner, aktiviere, aktivieren, beheben, einträge, emerge, emsisoft, emsisoft emergency kit, erfahrung, freue, installer, loszuwerden, löschen, programme, scan, scanner, spybot, tarma, träge, wajam, weiteres, würde, yontoo |
Textbox.
Linear-Darstellung
