Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Ihr Internet Service Provider wird blockiert- bei Zahlung von 100 € wird dieser entsperrt

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML.

 
Alt 17.04.2013, 19:30   #1
gerrybee
 
Ihr Internet Service Provider wird blockiert- bei Zahlung von 100 € wird dieser entsperrt - Standard

Ihr Internet Service Provider wird blockiert- bei Zahlung von 100 € wird dieser entsperrt



Sehr geehrte Damen und Herren,

als ich heute meinen PC benutzte und über den Internet Explorer auf Youtube ging, um mir ein Lied von Tom Odell anzuhören, erschien auf einmal diese "offzielle" Seite

"Ihr Provider ist blockiert. Ihr PC kann nur entsperrt werden, wenn Sie 100 € zahlen." Man drohte mir mit hohen Geld- und Gefängnisstrafen. Und warf mir vor ich würde Kinderpornografie anschauen. (So etwas würde ich nie tun!) Daher wusste ich auch sofort, dass es sich um einen "Abzock"-Virus handeln musste.

Aus meinen Recherchen ist mir bekannt, dass Ihnen dieses Problem schon mal vorgetragen wurde.

Allerdings habe ich auch bei meinen Recherchen erfahren, dass ich die Anleitung zur "Heilung"des anderen PC nicht auf meinen PC anwenden kann.

So habe ich alle Schritte ausführt und werde nun die Text-Dateien kopieren und kann nur hoffen, dass ich alles richtig gemacht habe und Sie mir helfen können.

Meinen Namen habe ich wie gewünscht mit *** ersetzt.

Mit ganz herzlichem Dank im Voraus

OTL.TXT

OTL logfile created on: 17.04.2013 18:22:14 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,75 Gb Total Physical Memory | 2,17 Gb Available Physical Memory | 78,99% Memory free
5,50 Gb Paging File | 4,95 Gb Available in Paging File | 90,07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455,72 Gb Total Space | 357,11 Gb Free Space | 78,36% Space Free | Partition Type: NTFS
Drive D: | 9,94 Gb Total Space | 0,97 Gb Free Space | 9,79% Space Free | Partition Type: NTFS
Drive E: | 16,09 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 7,46 Gb Total Space | 3,13 Gb Free Space | 41,96% Space Free | Partition Type: FAT32

Computer Name: 260211-64BIT | User Name: *** | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2013.04.17 18:21:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe


========== Modules (No Company Name) ==========


========== Services (SafeList) ==========

SRV:64bit: - [2013.01.28 15:19:28 | 000,037,664 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2011.05.10 12:06:49 | 000,126,520 | ---- | M] (HP) [Auto | Stopped] -- C:\Windows\SysNative\HPSIsvc.exe -- (HPSIService)
SRV:64bit: - [2010.02.02 01:17:12 | 000,202,752 | ---- | M] (AMD) [Auto | Stopped] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility)
SRV - [2013.03.28 12:49:32 | 000,086,752 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2013.03.28 12:49:01 | 000,565,472 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2013.03.28 12:48:53 | 000,110,816 | ---- | M] (Avira Operations GmbH & Co. KG) [Auto | Stopped] -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2013.03.15 17:06:37 | 000,474,112 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Freetec\SystemStore\SystemStore.exe -- (SystemStoreService)
SRV - [2013.03.14 19:22:03 | 000,253,656 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2013.01.28 15:19:28 | 002,402,080 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUNEUPUTILITIESSERVICE64.EXE -- (TuneUp.UtilitiesSvc)
SRV - [2013.01.28 15:19:28 | 000,029,984 | ---- | M] (TuneUp Software) [Auto | Stopped] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2012.12.18 21:08:28 | 000,065,192 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2012.09.27 12:55:16 | 000,086,528 | ---- | M] (Hewlett-Packard Company) [Auto | Stopped] -- C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe -- (HP Support Assistant Service)
SRV - [2012.09.26 17:59:56 | 005,686,272 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Freetec\SystemStore\Freemium.SelfUpdate.exe -- (FreemiumSelfUpdateService)
SRV - [2012.06.22 00:09:56 | 001,148,664 | ---- | M] (Crawler.com) [Auto | Stopped] -- C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe -- (ST2012_Svc)
SRV - [2012.01.19 11:41:52 | 000,025,504 | ---- | M] (Samsung Electronics Co., Ltd.) [Auto | Stopped] -- C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe -- (SamsungAllShareV2.0)
SRV - [2012.01.19 11:41:48 | 000,027,584 | ---- | M] (Samsung Electronics Co., Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Samsung\AllShare\AllShareSlideShowService.exe -- (SimpleSlideShowServer)
SRV - [2011.06.27 09:02:00 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010.04.04 01:01:24 | 000,246,520 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe -- (GameConsoleService)
SRV - [2010.01.09 21:34:24 | 004,925,184 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE -- (osppsvc)
SRV - [2009.12.02 22:23:38 | 000,209,768 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe -- (sftvsa)
SRV - [2009.12.02 22:23:32 | 000,483,688 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe -- (sftlist)
SRV - [2009.10.15 00:53:20 | 000,635,416 | ---- | M] (PDF Complete Inc) [Disabled | Stopped] -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe -- (pdfcDispatcher)
SRV - [2009.08.18 21:48:02 | 002,291,568 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE -- (wlidsvc)
SRV - [2009.06.24 10:57:04 | 000,136,704 | ---- | M] (HP) [Auto | Stopped] -- C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe -- (HP LaserJet Service)
SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
SRV - [2006.12.19 10:30:26 | 000,081,920 | ---- | M] (Prolific Technology Inc.) [Disabled | Stopped] -- C:\Windows\SysWOW64\IoctlSvc.exe -- (PLFlash DeviceIoControl Service)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013.03.28 12:49:44 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avipbb.sys -- (avipbb)
DRV:64bit: - [2013.03.28 12:49:44 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\avgntflt.sys -- (avgntflt)
DRV:64bit: - [2013.03.28 12:49:44 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\avkmgr.sys -- (avkmgr)
DRV:64bit: - [2012.12.24 07:53:24 | 000,020,480 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mvusbews.sys -- (mvusbews)
DRV:64bit: - [2012.08.30 17:01:22 | 000,051,496 | ---- | M] (Windows (R) Win 7 DDK provider) [File_System | Auto | Stopped] -- C:\Windows\SysNative\drivers\stflt.sys -- (sp_rsdrv2)
DRV:64bit: - [2012.08.23 16:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012.08.23 16:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010.04.09 01:12:00 | 000,243,744 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR)
DRV:64bit: - [2010.03.10 02:33:52 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie64.sys -- (AtiPcie)
DRV:64bit: - [2010.03.04 15:43:00 | 000,346,144 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2010.02.02 01:55:20 | 006,366,720 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atipmdag.sys -- (amdkmdag)
DRV:64bit: - [2010.02.02 00:24:00 | 000,186,880 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\atikmpag.sys -- (amdkmdap)
DRV:64bit: - [2009.12.21 20:26:36 | 000,038,456 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter)
DRV:64bit: - [2009.12.02 22:23:38 | 000,022,376 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftvollh.sys -- (Sftvol)
DRV:64bit: - [2009.12.02 22:23:34 | 000,025,960 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftredirlh.sys -- (Sftredir)
DRV:64bit: - [2009.12.02 22:23:32 | 000,269,672 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftplaylh.sys -- (Sftplay)
DRV:64bit: - [2009.12.02 22:23:26 | 000,721,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Sftfslh.sys -- (Sftfs)
DRV:64bit: - [2009.10.23 10:26:14 | 000,046,592 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2009.10.08 02:13:34 | 000,070,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2009.10.08 02:13:34 | 000,028,728 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV - [2013.02.05 10:54:40 | 000,037,344 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\FsUsbExDisk.Sys -- (FsUsbExDisk)
DRV - [2012.11.16 17:38:44 | 000,011,880 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Stopped] -- C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {576DE627-EBFD-4409-81C2-9BD9207871DC}
IE:64bit: - HKLM\..\SearchScopes\{576DE627-EBFD-4409-81C2-9BD9207871DC}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox
IE:64bit: - HKLM\..\SearchScopes\{CE36F477-B616-4700-8B91-A9EE5DBB316D}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{D5DE04B2-D47E-4451-80BE-5686E8ADF8D5}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPDTDF
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {576DE627-EBFD-4409-81C2-9BD9207871DC}
IE - HKLM\..\SearchScopes\{576DE627-EBFD-4409-81C2-9BD9207871DC}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{CE36F477-B616-4700-8B91-A9EE5DBB316D}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms}
IE - HKLM\..\SearchScopes\{D5DE04B2-D47E-4451-80BE-5686E8ADF8D5}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=CPDTDF

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default Download Directory = C:\Downloads
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = https://www.facebook.com/ [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
IE - HKCU\..\URLSearchHook: {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
IE - HKCU\..\SearchScopes,DefaultScope = {C314746D-4ADB-45AA-AE41-F21100495B02}
IE - HKCU\..\SearchScopes\{C314746D-4ADB-45AA-AE41-F21100495B02}: "URL" = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_6_602_180.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.2: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.6.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.6.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=12.0.1.633: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=12.0.1.633: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=12.0.1.633: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=12.0.1.633: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\quickprint@hp.com: C:\Program Files (x86)\Hewlett-Packard\SmartPrint\QPExtension [2011.01.26 15:27:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\fmconverter@gmail.com: C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox\ [2013.03.22 12:03:33 | 000,000,000 | ---D | M]


O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (HP Network Check Helper) - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
O3 - HKLM\..\Toolbar: (Avira SearchFree Toolbar plus Web Protection) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask)
O4:64bit: - HKLM..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe (Hewlett-Packard)
O4:64bit: - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4:64bit: - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files (x86)\Ask.com\Updater\Updater.exe (Ask)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [HPUsageTrackingLEDM] C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc)
O4 - HKLM..\Run: [StartCCC] c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O4 - HKCU..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe (Nero AG)
O4 - HKCU..\Run: [Sysyem Cleaner] C:\Users\***\4905226.exe (PassMark Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8:64bit: - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8:64bit: - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Free YouTube Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000 File not found
O9:64bit: - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9:64bit: - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9 - Extra Button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : SmartPrint - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe (Hewlett-Packard)
O9 - Extra Button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe (Hewlett-Packard)
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - Reg Error: Key error. File not found
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Programme\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\PROGRAM FILES (X86)\AVIRA\ANTIVIR DESKTOP\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\PROGRAM FILES (X86)\AVIRA\ANTIVIR DESKTOP\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\PROGRAM FILES (X86)\AVIRA\ANTIVIR DESKTOP\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\PROGRAM FILES (X86)\AVIRA\ANTIVIR DESKTOP\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\PROGRAM FILES (X86)\AVIRA\ANTIVIR DESKTOP\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\PROGRAM FILES (X86)\AVIRA\ANTIVIR DESKTOP\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\PROGRAM FILES (X86)\AVIRA\ANTIVIR DESKTOP\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\PROGRAM FILES (X86)\AVIRA\ANTIVIR DESKTOP\avsda64.dll (Avira Operations GmbH & Co. KG)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000019 - C:\PROGRAM FILES (X86)\AVIRA\ANTIVIR DESKTOP\avsda64.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\PROGRAM FILES (X86)\AVIRA\ANTIVIR DESKTOP\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\PROGRAM FILES (X86)\AVIRA\ANTIVIR DESKTOP\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\PROGRAM FILES (X86)\AVIRA\ANTIVIR DESKTOP\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\PROGRAM FILES (X86)\AVIRA\ANTIVIR DESKTOP\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\PROGRAM FILES (X86)\AVIRA\ANTIVIR DESKTOP\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\PROGRAM FILES (X86)\AVIRA\ANTIVIR DESKTOP\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\PROGRAM FILES (X86)\AVIRA\ANTIVIR DESKTOP\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\PROGRAM FILES (X86)\AVIRA\ANTIVIR DESKTOP\avsda.dll (Avira Operations GmbH & Co. KG)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\PROGRAM FILES (X86)\AVIRA\ANTIVIR DESKTOP\avsda.dll (Avira Operations GmbH & Co. KG)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16:64bit: - DPF: {73ECB3AA-4717-450C-A2AB-D00DAD9EE203} hxxp://h20614.www2.hp.com/ediags/gmd/Install/Cab/hpdetect119b.cab (Reg Error: Key error.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_06-windows-i586.cab (Java Plug-in 10.6.2)
O16 - DPF: {CAFEEFAC-0016-0000-0030-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.6.0_30)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_30-windows-i586.cab (Java Plug-in 1.7.0_06)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{6F793E42-D1B7-4B85-BBF5-FFD850C61861}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GRA32A~1.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\backitup.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27:64bit: - HKLM IFEO\coverdes.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27:64bit: - HKLM IFEO\discspeed.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27:64bit: - HKLM IFEO\drivespeed.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27:64bit: - HKLM IFEO\infotool.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27:64bit: - HKLM IFEO\nero.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27:64bit: - HKLM IFEO\neroburnrights.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27:64bit: - HKLM IFEO\nerostartsmart.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27:64bit: - HKLM IFEO\neroupgrade.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27:64bit: - HKLM IFEO\nerovision.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27:64bit: - HKLM IFEO\pdfvista.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27:64bit: - HKLM IFEO\photosnap.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27:64bit: - HKLM IFEO\photosnapviewer.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27:64bit: - HKLM IFEO\recode.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27:64bit: - HKLM IFEO\setupx.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27:64bit: - HKLM IFEO\showtime.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27 - HKLM IFEO\backitup.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27 - HKLM IFEO\coverdes.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27 - HKLM IFEO\discspeed.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27 - HKLM IFEO\drivespeed.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27 - HKLM IFEO\infotool.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27 - HKLM IFEO\nero.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27 - HKLM IFEO\neroburnrights.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27 - HKLM IFEO\nerostartsmart.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27 - HKLM IFEO\neroupgrade.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27 - HKLM IFEO\nerovision.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27 - HKLM IFEO\pdfvista.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27 - HKLM IFEO\photosnap.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27 - HKLM IFEO\photosnapviewer.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27 - HKLM IFEO\recode.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27 - HKLM IFEO\setupx.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O27 - HKLM IFEO\showtime.exe: Debugger - C:\PROGRAM FILES (X86)\TUNEUP UTILITIES 2013\TUAutoReactivator64.EXE (TuneUp Software)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll (EasyBits Software Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010.07.22 04:26:36 | 000,000,100 | R--- | M] () - E:\autorun.inf -- [ UDF ]
O33 - MountPoints2\{3408a3f9-f118-11e1-9cb3-2c27d722802f}\Shell - "" = AutoRun
O33 - MountPoints2\{3408a3f9-f118-11e1-9cb3-2c27d722802f}\Shell\AutoRun\command - "" = E:\SISetup.exe -- [2010.11.24 10:59:56 | 000,607,800 | R--- | M] (HP)
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013.04.17 18:21:23 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2013.04.17 17:28:29 | 000,054,784 | ---- | C] (PassMark Software) -- C:\Users\***\4905226.exe
[2013.04.12 20:00:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SoftwareUpdater
[2013.04.12 19:56:28 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\DownloadGuide
[2013.04.12 19:56:23 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\Software Updater
[2013.04.12 17:47:36 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Local\Smartbar
[2013.04.12 17:47:20 | 000,000,000 | ---D | C] -- C:\Program Files\WinPcap
[2013.04.06 13:05:35 | 000,000,000 | ---D | C] -- C:\Users\***\Documents\DVDFab9
[2013.04.06 13:05:35 | 000,000,000 | ---D | C] -- C:\Users\***\AppData\Roaming\DVDFab9
[2013.04.06 13:05:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDFab 9
[2013.04.06 13:05:10 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DVDFab 9
[2013.04.03 15:03:03 | 000,000,000 | ---D | C] -- C:\Sicherung
[2013.03.28 12:49:59 | 000,130,016 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.03.28 12:49:59 | 000,100,712 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.03.28 12:49:59 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys

========== Files - Modified Within 30 Days ==========

[2013.04.17 18:21:23 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\***\Desktop\OTL.exe
[2013.04.17 18:17:20 | 000,000,000 | ---- | M] () -- C:\Users\***\defogger_reenable
[2013.04.17 18:16:41 | 000,050,477 | ---- | M] () -- C:\Users\***\Desktop\Defogger.exe
[2013.04.17 17:59:54 | 001,613,996 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.04.17 17:59:54 | 000,697,064 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.04.17 17:59:54 | 000,652,382 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.04.17 17:59:54 | 000,148,102 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.04.17 17:59:54 | 000,121,056 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.04.17 17:55:43 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.04.17 17:40:35 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.04.17 17:40:35 | 000,009,696 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.04.17 17:28:31 | 000,054,784 | ---- | M] (PassMark Software) -- C:\Users\***\4905226.exe
[2013.04.17 17:21:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.04.14 14:49:28 | 000,416,480 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2013.04.06 15:57:05 | 000,008,192 | ---- | M] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013.04.03 13:18:04 | 000,000,621 | ---- | M] () -- C:\Windows\wiso.ini
[2013.03.28 12:49:44 | 000,130,016 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.03.28 12:49:44 | 000,100,712 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.03.28 12:49:44 | 000,028,600 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys

========== Files Created - No Company Name ==========

[2013.04.17 18:17:20 | 000,000,000 | ---- | C] () -- C:\Users\***\defogger_reenable
[2013.04.17 18:16:41 | 000,050,477 | ---- | C] () -- C:\Users\***\Desktop\Defogger.exe
[2013.03.07 20:24:21 | 000,110,592 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDevice.Dll
[2013.03.07 20:24:21 | 000,037,344 | ---- | C] () -- C:\Windows\SysWow64\FsUsbExDisk.Sys
[2013.02.05 14:20:49 | 000,000,621 | ---- | C] () -- C:\Windows\wiso.ini
[2012.12.24 17:26:14 | 000,156,251 | ---- | C] () -- C:\Users\***\.TransferManager.db
[2012.11.28 15:17:18 | 000,974,848 | ---- | C] () -- C:\Windows\SysWow64\cis-2.4.dll
[2012.11.28 15:17:18 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\issacapi_bs-2.3.dll
[2012.11.28 15:17:18 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\issacapi_pe-2.3.dll
[2012.11.28 15:17:18 | 000,057,344 | ---- | C] () -- C:\Windows\SysWow64\issacapi_se-2.3.dll
[2012.10.01 15:09:03 | 000,008,192 | ---- | C] () -- C:\Users\***\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012.09.08 15:08:15 | 000,000,026 | ---- | C] () -- C:\Windows\Irremote.ini
[2012.09.08 15:07:53 | 000,001,024 | ---- | C] () -- C:\Users\***\.rnd
[2012.08.25 17:21:31 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll
[2012.08.24 21:25:41 | 000,066,560 | ---- | C] () -- C:\Windows\SysWow64\zlib1.dll
[2012.08.24 21:25:38 | 000,162,304 | ---- | C] () -- C:\Windows\SysWow64\libpng13.dll
[2012.08.24 21:25:38 | 000,138,752 | ---- | C] () -- C:\Windows\SysWow64\libpng15.dll
[2012.08.24 21:25:35 | 001,187,609 | ---- | C] () -- C:\Windows\unins002.exe
[2012.08.24 21:25:35 | 000,010,944 | ---- | C] () -- C:\Windows\unins002.dat
[2012.08.24 21:21:50 | 000,709,719 | ---- | C] () -- C:\Windows\unins001.exe
[2012.08.24 21:21:50 | 000,007,969 | ---- | C] () -- C:\Windows\unins001.dat
[2012.08.24 21:21:08 | 001,199,175 | ---- | C] () -- C:\Windows\unins000.exe
[2012.08.24 21:21:08 | 000,021,553 | ---- | C] () -- C:\Windows\unins000.dat
[2012.08.24 19:54:27 | 001,590,954 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2012.08.23 21:53:59 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat

========== ZeroAccess Check ==========

[2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2012.06.09 07:43:10 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2012.06.09 06:41:00 | 012,873,728 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012.09.09 16:32:39 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Amazon
[2012.10.21 13:23:11 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Audacity
[2013.02.05 14:18:13 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Buhl Data Service
[2012.11.13 21:31:40 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\calibre
[2013.04.06 13:05:47 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDFab9
[2013.03.06 17:38:18 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoft
[2012.12.19 01:18:12 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\DVDVideoSoftIEHelpers
[2013.02.05 18:14:30 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\elsterformular
[2012.09.09 19:16:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Freemium
[2012.08.25 16:12:52 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\IrfanView
[2013.04.12 19:04:20 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\MediaMonkey
[2013.04.14 16:53:19 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Mp3tag
[2012.09.09 19:15:49 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\OpenCandy
[2012.09.07 18:43:53 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\pschmid.net
[2013.03.07 21:10:38 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Samsung
[2013.04.12 19:56:23 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Software Updater
[2012.08.30 17:01:21 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\Spyware Terminator
[2012.08.24 19:54:03 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TP
[2012.12.15 16:31:45 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\TuneUp Software
[2012.09.07 18:07:05 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\WinBatch
[2012.12.15 16:56:58 | 000,000,000 | ---D | M] -- C:\Users\***\AppData\Roaming\WinFF

========== Purity Check ==========



< End of report >

Extras.Txt

OTL Extras logfile created on: 17.04.2013 18:22:14 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\***\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16540)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy

2,75 Gb Total Physical Memory | 2,17 Gb Available Physical Memory | 78,99% Memory free
5,50 Gb Paging File | 4,95 Gb Available in Paging File | 90,07% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 455,72 Gb Total Space | 357,11 Gb Free Space | 78,36% Space Free | Partition Type: NTFS
Drive D: | 9,94 Gb Total Space | 0,97 Gb Free Space | 9,79% Space Free | Partition Type: NTFS
Drive E: | 16,09 Mb Total Space | 0,00 Mb Free Space | 0,00% Space Free | Partition Type: UDF
Drive F: | 7,46 Gb Total Space | 3,13 Gb Free Space | 41,96% Space Free | Partition Type: FAT32

Computer Name: 260211-64BIT | User Name: *** | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [Browse with &IrfanView] -- "C:\Program Files (x86)\IrfanView\i_view32.exe" "%1 /thumbs" (Irfan Skiljan)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [MediaMonkey.1Play] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" "%1" (Ventis Media Inc.)
Directory [MediaMonkey.2PlayNext] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /NEXT "%1" (Ventis Media Inc.)
Directory [MediaMonkey.3Enqueue] -- "C:\Program Files (x86)\MediaMonkey\MediaMonkey.exe" /ADD "%1" (Ventis Media Inc.)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~2\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 1

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{061BFB88-9FA9-4E47-9248-C943F80646A9}" = rport=138 | protocol=17 | dir=out | app=system |
"{0C9A9AF4-02D6-49D5-A288-92254C728E8C}" = rport=139 | protocol=6 | dir=out | app=system |
"{0F11CD0D-B7ED-479A-9747-1A8CA2298960}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{113BA63C-C2F9-4F18-BAFF-D6C779E30355}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2091BB94-3C69-4DA9-BE9A-EDEF992C8AF8}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{21FCF1DA-9F00-4121-988B-2A00A4CA25FD}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{252A921F-E300-46AC-8712-FB3A532BD069}" = lport=139 | protocol=6 | dir=in | app=system |
"{39D167E8-ED27-40C3-984A-632BA4E85C9B}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3C5BF6BE-C771-4F65-BE94-F9A62684F51D}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{58BEF3C5-EBB2-415F-BBF7-3D8DE4BC146D}" = lport=137 | protocol=17 | dir=in | app=system |
"{61B4E751-E856-42CF-B4BE-0E3DF93666C1}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{63C448D4-C445-455F-9900-48EA47331597}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{65774D9B-21E5-40DE-BDD4-BDADC202F833}" = lport=138 | protocol=17 | dir=in | app=system |
"{6C97215F-7E67-49BF-8344-DB8FF949CD0A}" = rport=10243 | protocol=6 | dir=out | app=system |
"{7098B6AB-8CB3-44A3-9750-09B98C56AE91}" = lport=445 | protocol=6 | dir=in | app=system |
"{8A281CD4-7528-4E8E-B244-FBEC7CC6D92F}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{9D681DA1-8E72-48ED-8DF2-6F6483FC7429}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{AD9FCE8A-4C8B-474B-84AC-40A3247DAC60}" = lport=10243 | protocol=6 | dir=in | app=system |
"{C89B7AC2-D65C-409F-A703-2AC9AE9E7A5C}" = lport=2869 | protocol=6 | dir=in | app=system |
"{E2F45B35-B8E6-49E2-8E9A-841EBA3EF21B}" = rport=137 | protocol=17 | dir=out | app=system |
"{E6764278-229A-46B1-A6C6-B9E5260C0DF7}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E6F54906-1DA4-4F8C-8216-C153CDD38EC9}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EE2DB0A4-931A-4EC2-B918-BA87B3EB1634}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EF0145BC-A1B9-4821-B372-52068128EA95}" = rport=445 | protocol=6 | dir=out | app=system |
"{F0FA6641-8716-43FE-998D-C5C9331EA764}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{055B646E-0BD9-4907-82D7-1A6DDDC58754}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{07EFD653-CC96-4235-AB30-F9A59AB31C95}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{0D33F8B9-C57C-4E47-9159-90EE4CDE6512}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{1F007C6B-1FFE-4721-BDD3-EFADB1195454}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{212731E6-D436-40FF-88F6-04076CEF3B27}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{232D545A-ED32-4630-932E-F1DC4FB47F7A}" = dir=in | app=c:\program files (x86)\samsung\allshare\allsharedms\allsharedms.exe |
"{28B5B9F8-6F6A-4202-8909-8E493FECE173}" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"{362FF4DC-CF24-47AB-B2DA-3CC8355575B3}" = protocol=6 | dir=out | app=system |
"{43593B04-C72B-4183-A1EC-5D1D1019E892}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{43A850F7-1F38-4710-AD70-DA311BD81DEB}" = protocol=17 | dir=in | app=c:\program files (x86)\easybits for kids\programs\my first browser\myfirstbrowser.exe |
"{476485E7-09D9-474B-8FAD-F723E76F591A}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4DCA41BF-01F2-4E24-A185-DEE386475633}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{4FEAFA94-A2E7-462C-8A65-5736DBB8FF6E}" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"{59B1925A-AE15-41C1-A818-5A3553E69A9A}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{79A540B0-EDCD-4375-A148-E153FEFCA2DA}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{8352589A-DFAF-4A47-9ABA-42BFB64708C3}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshare.exe |
"{8A3B9658-AE9E-406D-A230-DD98D04BB365}" = protocol=17 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{8E862DAD-FE17-41C4-BC91-739640C0D8A0}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{92D1FBF2-4111-4177-A0A4-98A73268DFCC}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{9380F4B3-817D-495A-82BC-4E3BB19183BD}" = dir=in | app=c:\program files (x86)\windows live\messenger\wlcsdk.exe |
"{9A10C29D-6D63-4017-9EEC-D0692BDD5899}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{9A8583F8-020C-4307-B091-1C490E005969}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9E6B559A-077A-4565-BAF6-2EAC717ECD1B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{A9C5861A-B0B7-43EE-ADBC-DB7B58551E75}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{AB8050A0-0227-4271-BA2D-D6774B89729F}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{B1D0EE9C-104B-4A19-9BD5-A8EB1A634367}" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminator.exe |
"{C31CAF87-F55E-411B-9D62-4A62F91F028C}" = dir=in | app=c:\program files (x86)\samsung\allshare\allshareagent.exe |
"{CBD0B4BB-31F4-4072-92E2-38FE7D67C60B}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{CD31B62B-0F5A-4D31-B0EB-59D0EE2D9D95}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{D265D7F0-B130-46CA-BB30-D46C1C2A7B7D}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D444F40E-8F80-41EC-B946-B28B402FA094}" = protocol=6 | dir=in | app=c:\program files (x86)\easybits for kids\programs\my first browser\myfirstbrowser.exe |
"{D915A88C-5CA1-4682-8CD7-9A99A9806E92}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{DBB7E27C-49CA-47FE-A93B-A0A6EDBDEED4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E20F25D2-B64F-4D79-9F9B-D802E4A9421F}" = protocol=6 | dir=in | app=c:\windows\syswow64\muzapp.exe |
"{EA491C8D-D6A4-46E0-9974-CEFF445E549F}" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminator.exe |
"{EAFC795A-0A46-4D76-8558-A0DB4BBE5341}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{4B0C203D-101E-4E81-8BE2-0CDA74DB8602}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=6 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"TCP Query User{B204B752-0ED4-4514-8CD9-4FD71C238EBA}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |
"UDP Query User{6E29A3E9-8414-4D63-BF8D-64479061EEBC}C:\program files (x86)\spyware terminator\spywareterminatorupdate.exe" = protocol=17 | dir=in | app=c:\program files (x86)\spyware terminator\spywareterminatorupdate.exe |
"UDP Query User{E0AC3B14-10C2-4CF5-9BE6-46C6494E8C3B}C:\program files (x86)\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files (x86)\java\jre7\bin\javaw.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1" = Allgemeine Runtime Files (x86)
"{26A24AE4-039D-4CA4-87B4-2F86417006FF}" = Java 7 Update 6 (64-bit)
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1" = DirectX 9.0c Extra Files (x86, x64)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010
"{948B1FD6-9F98-47EE-AABF-8697F2FD44B0}" = ccc-utility64
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B48B0AC-C813-4174-9042-476A887592C7}" = Windows Live ID Sign-in Assistant
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics
"{E50A5077-1654-BEAE-986B-7B7133DA7C48}" = ATI Catalyst Install Manager
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FDF7187F-3960-4BEC-916D-98C9A83E3A68}_is1" = DirectX for Managed Code
"2C1C2F29FADF39F533CEEE67B90F07A5306A4BDB" = Windows-Treiberpaket - OLYMPUS IMAGING CORP. Camera Communication Driver Package (09/09/2009 1.0.0.0)
"CCleaner" = CCleaner
"HP LaserJet Professional P1100-P1560-P1600 Series" = HP LaserJet Professional P1100-P1560-P1600 Series
"VLC media player" = VLC media player 2.0.2
"WinRAR archiver" = WinRAR 4.20 (64-Bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements
"{08235411-48C8-A293-8642-D9575891E7D9}" = Catalyst Control Center InstallProxy
"{08548558-3EC9-BD0B-3D09-632500268F59}" = CCC Help Portuguese
"{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}" = hppP1100P1560P1600SeriesLaserJetService
"{137B2CE7-30A2-4836-0830-707F1010F517}" = CCC Help English
"{175F0111-2968-4935-8F70-33108C6A4DE3}" = MarketResearch
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{22139F5D-9405-455A-BDEB-658B1A4E4861}" = Catalyst Control Center - Branding
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{25F2A86D-E2E2-C2AD-8173-86C18632F214}" = CCC Help Chinese Traditional
"{26A24AE4-039D-4CA4-87B4-2F83216030FF}" = Java(TM) 6 Update 30
"{26A24AE4-039D-4CA4-87B4-2F83217006FF}" = Java 7 Update 6
"{2842077A-7895-5310-4F0C-42C83501E770}" = CCC Help Thai
"{28C2DED6-325B-4CC7-983A-1777C8F7FBAB}" = RealUpgrade 1.1
"{2A9E8F56-C31B-4DBB-BFE2-0F4EC8192355}" = OLYMPUS Digital Camera Updater
"{2ACAB850-69A5-8090-08B7-D27CC6D8652C}" = CCC Help German
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{2BAD00A4-7FD1-61C5-10C3-8275723943AD}" = CCC Help Danish
"{2BE6CDFB-9037-4FE5-93D4-6CFB4BE84958}" = TubeBox
"{2BF943D5-1468-589A-50E3-DD0ED6596022}" = Catalyst Control Center Graphics Full New
"{34DB1D69-9FFC-7899-6F4D-22C4C15ADD54}" = CCC Help Polish
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3CC52794-9EFB-4E79-A9BC-2CFFAB13DB0A}" = calibre
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{3F310D8D-AC3B-5478-5AEA-D2EF5D7437E7}" = CCC Help Swedish
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager
"{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}" = LightScribe System Software
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4F38594F-2C4A-4C42-B2C4-505E225F6F80}" = HP Product Detection
"{56736259-613E-4A3B-B428-6235F2E76F44}_is1" = Spyware Terminator 2012
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{58a26b11-1507-4461-bb28-9c2be3a0dff1}" = TubeBox
"{595007B2-E139-535C-D723-4B0442FC40F5}" = CCC Help Italian
"{5A21C631-0494-7377-1E3B-99353E04F83B}" = CCC Help Japanese
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{6737F045-A91A-4177-9C8C-59460FC1C84D}" = t@x 2013
"{6883DDA6-867E-4F63-9D5E-8F53FD40CDF4}" = Adobe Shockwave Player 11.6
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{695C04CF-CF98-FAD6-9590-6C555B2E2E79}" = CCC Help Chinese Standard
"{6F277272-77D6-1E03-B8BB-B408B26C5140}" = CCC Help Czech
"{6F340107-F9AA-47C6-B54C-C3A19F11553F}" = Hewlett-Packard ACLM.NET v1.2.1.1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK
"{7177EE4E-3D1D-4F45-85B5-B93DC758BA0B}" = OLYMPUS Viewer 2
"{7240A994-0ED4-4841-AD3B-5E5F72850F67}" = Catalyst Control Center Graphics Previews Vista
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{7770E71B-2D43-4800-9CB3-5B6CAAEBEBEA}" = RealNetworks - Microsoft Visual C++ 2008 Runtime
"{7902E313-FF0F-4493-ACB1-A8147B78DCD0}" = HPSSupply
"{7C66E480-E42D-3664-B207-5CE9A706BC1F}" = Catalyst Control Center Graphics Light
"{7CAAA7B2-D9EA-2416-9D63-DDBC8E669059}" = CCC Help French
"{7EE873AF-46BB-4B5D-BA6F-CFE4B0566E22}" = TuneUp Utilities Language Pack (de-DE)
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84B4C4F4-F244-6A7E-EDC6-ECD46ACAAE59}" = CCC Help Greek
"{853F464A-B2B8-404E-BA3E-B98FF6862C41}" = hppusgP1100P1560P1600Series
"{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar
"{895294B6-0495-461D-B3A1-DA819C6E6A76}" = pschmid.net Ltd. - RibbonCustomizer Add-In
"{8EB84BE2-1F31-4950-83D8-C211A9A08739}" = AM Usb Card Reader Driver
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9A5B876D-A900-4AAB-B557-DE827BE46E6C}" = Nero 8 Essentials
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.02) - Deutsch
"{AF4A82A7-F453-CE12-A942-E55FAC234387}" = ccc-core-static
"{B5B7E8FF-62F6-FA85-4C4A-83AAF816CE6E}" = CCC Help Spanish
"{B8089767-9A45-0E84-FCDE-15698650FF17}" = CCC Help Hungarian
"{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer
"{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}" = HP Support Information
"{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F}" = TuneUp Utilities 2013
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"{C9496C0E-BE4C-7800-900B-5E66B958AEC1}" = CCC Help Russian
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{D24DB8B9-BB6C-4334-9619-BA1C650E13D3}" = Microsoft Primary Interoperability Assemblies 2005
"{D371F551-0DB9-4CEC-844B-4C90CE91EA0B}" = hppLaserJetService
"{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update
"{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{EB1A6595-613F-9654-E58E-0876F8B0E8F3}" = Catalyst Control Center Localization All
"{EDD1E22B-249A-5ED7-BA0A-C41BAA8256ED}" = CCC Help Korean
"{EE202411-2C26-49E8-9784-1BC1DBF7DE96}" = HP Support Assistant
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F252C428-A4AE-C73E-031A-C451FDD660A9}" = CCC Help Norwegian
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F67EA3C6-38B0-675A-E2F9-8C343DE1C826}" = Catalyst Control Center Graphics Full Existing
"{F686E613-03C4-085F-188A-9E5DC1455787}" = CCC Help Turkish
"{F7F7626C-4612-BF7B-38D5-07E247973A1A}" = Catalyst Control Center Core Implementation
"{F8CA8746-F561-61D7-A496-8D4C4E1F8A57}" = CCC Help Dutch
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{FCDDC9D3-5524-9AD1-651C-467910CC1903}" = CCC Help Finnish
"Adobe Digital Editions 2.0" = Adobe Digital Editions 2.0
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Amazon MP3-Downloader" = Amazon MP3-Downloader 1.0.17
"AmUStor" = AM Usb Card Reader Driver
"Audacity_is1" = Audacity 2.0.2
"Avira AntiVir Desktop" = Avira Free Antivirus
"DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch (DeCSS-frei)
"DVDFab 9_is1" = DVDFab 9.0.3.2 (01/04/2013) Beta
"EasyBits Magic Desktop" = Magic Desktop
"ElsterFormular" = ElsterFormular
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Free M4a to MP3 Converter_is1" = Free M4a to MP3 Converter 7.1
"Free WMA to MP3 Converter_is1" = Free WMA to MP3 Converter 1.16
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.12.0.128
"Freemake Video Converter_is1" = Freemake Video Converter Version 4.0.0
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint
"InstallShield_{DF47ACA3-7C78-4C08-8007-AC682563C9F1}" = Samsung AllShare
"IrfanView" = IrfanView (remove only)
"KLiteCodecPack_is1" = K-Lite Codec Pack 9.2.0 (Standard)
"LAME_is1" = LAME v3.99.3 (for Windows)
"MediaMonkey_is1" = MediaMonkey 4.0
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"MP3db" = MP3db 2008
"Mp3tag" = Mp3tag v2.52
"MusicStationNetstaller" = MusicStation
"My HP Game Console" = HP Game Console
"Office14.Click2Run" = Microsoft Office Klick-und-Los 2010
"PDF Complete" = PDF Complete Special Edition
"RealPlayer 12.0" = RealPlayer
"TuneUp Utilities 2013" = TuneUp Utilities 2013
"VLC media player" = VLC media player 2.0.5
"WildTangent hp Master Uninstall" = HP Games
"WinLiveSuite_Wave3" = Windows Live Essentials
"WT087361" = FATE
"WT087380" = John Deere Drive Green
"WT087394" = Penguins!
"WT087396" = Polar Bowler
"WT087420" = Agatha Christie - Death on the Nile
"WT087428" = Bejeweled 2 Deluxe
"WT087453" = Chuzzle Deluxe
"WT087480" = Insaniquarium Deluxe
"WT087485" = Jewel Quest II
"WT087490" = Jewel Quest Solitaire
"WT087501" = Plants vs. Zombies
"WT087510" = Slingo Deluxe
"WT087513" = Virtual Villagers - The Secret City
"WT087519" = Wedding Dash
"WT087533" = Zuma Deluxe
"WT087536" = Diner Dash 2 Restaurant Rescue

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{79A765E1-C399-405B-85AF-466F52E918B0}" = Avira SearchFree Toolbar plus Web Protection Updater
"MyFreeCodec" = MyFreeCodec

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 28.03.2013 09:20:33 | Computer Name = 260211-64bit | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnap.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 28.03.2013 09:20:33 | Computer Name = 260211-64bit | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 28.03.2013 09:24:16 | Computer Name = 260211-64bit | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\messenger\wlcsdk.exe". Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".

Error - 28.03.2013 09:24:16 | Computer Name = 260211-64bit | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.

Error - 01.04.2013 05:07:20 | Computer Name = 260211-64bit | Source = Windows Backup | ID = 4103
Description =

Error - 02.04.2013 14:36:32 | Computer Name = 260211-64bit | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\Nero\Nero8\Nero Toolkit\DiscSpeed.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error - 02.04.2013 14:36:33 | Computer Name = 260211-64bit | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnap.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 02.04.2013 14:36:34 | Computer Name = 260211-64bit | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\Nero\Nero8\Nero PhotoSnap\PhotoSnapViewer.exe". Fehler in Manifest- oder Richtliniendatei
"" in Zeile . Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt
mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:.
Komponente
1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Error - 02.04.2013 14:40:19 | Computer Name = 260211-64bit | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\messenger\wlcsdk.exe". Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".

Error - 02.04.2013 14:40:21 | Computer Name = 260211-64bit | Source = SideBySide | ID = 16842787
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files
(x86)\windows live\photo gallery\MovieMaker.Exe". Fehler in Manifest- oder Richtliniendatei
"c:\program files (x86)\windows live\photo gallery\WLMFDS.DLL" in Zeile 8. Die
im Manifest gefundene Komponenten-ID stimmt nicht mit der ID der angeforderten Komponente
überein. Verweis: WLMFDS,processorArchitecture="AMD64",type="win32",version="1.0.0.1".
Definition:
WLMFDS,processorArchitecture="x86",type="win32",version="1.0.0.1". Verwenden Sie
das Programm "sxstrace.exe" für eine detaillierte Diagnose.

[ Hewlett-Packard Events ]
Error - 31.08.2012 07:59:20 | Computer Name = 260211-64bit | Source = Hewlett-Packard | ID = 0
Description = de-DE Ein Teil des Pfades "C:\ProgramData\Hewlett-Packard\HP Support
Framework\Logs\Temp\HPSA\HPSASession_201208311359.xml" konnte nicht gefunden werden.
mscorlib

bei System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath) bei
System.IO.FileStream.Init(String path, FileMode mode, FileAccess access, Int32
rights, Boolean useRights, FileShare share, Int32 bufferSize, FileOptions options,
SECURITY_ATTRIBUTES secAttrs, String msgPath, Boolean bFromProxy) bei System.IO.FileStream..ctor(String
path, FileMode mode, FileAccess access, FileShare share, Int32 bufferSize, FileOptions
options) bei System.IO.StreamWriter.CreateFile(String path, Boolean append)
bei System.IO.StreamWriter..ctor(String path, Boolean append, Encoding encoding,
Int32 bufferSize) bei System.IO.StreamWriter..ctor(String path, Boolean append,
Encoding encoding) bei System.IO.File.WriteAllText(String path, String contents,
Encoding encoding) bei HP.ActiveSupportLibrary.Issues.HPSFSession.closeSaveSession()


Error - 04.10.2012 11:27:20 | Computer Name = 260211-64bit | Source = HPSF.exe | ID = 2000
Description = HP Error ID: -2146233088 bei HPSFConfigReader.ConfigHelper.loadXML()

bei HPSFConfigReader.ConfigHelper..ctor() bei HP.SupportAssistant.Engine.Resources.ResourceTasks.LoadApplicationResources(Boolean
isOnAppLoad) Message: Eine Ausnahme vom Typ "System.Exception" wurde ausgelöst. StackTrace:
bei HPSFConfigReader.ConfigHelper.loadXML() bei HPSFConfigReader.ConfigHelper..ctor()

bei HP.SupportAssistant.Engine.Resources.ResourceTasks.LoadApplicationResources(Boolean
isOnAppLoad) Source: HPSFConfigReader Name: HPSF.exe Version: 06.00.01.01 Path: C:\Program
Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe Format: de-DE RAM: 2815
Ram
Utilization: 50 TargetSite: Void loadXML()

Error - 18.10.2012 14:30:30 | Computer Name = 260211-64bit | Source = HPSF.exe | ID = 4000
Description =

Error - 25.10.2012 11:50:20 | Computer Name = 260211-64bit | Source = HPSF.exe | ID = 4000
Description =

Error - 25.10.2012 11:50:40 | Computer Name = 260211-64bit | Source = HPSF.exe | ID = 4000
Description =

Error - 29.10.2012 11:59:09 | Computer Name = 260211-64bit | Source = HPSF.exe | ID = 4000
Description =

Error - 29.10.2012 11:59:09 | Computer Name = 260211-64bit | Source = HPSF.exe | ID = 4000
Description =

Error - 04.11.2012 08:41:59 | Computer Name = 260211-64bit | Source = HPSF.exe | ID = 4000
Description =

Error - 04.11.2012 08:42:17 | Computer Name = 260211-64bit | Source = HPSF.exe | ID = 4000
Description =

[ System Events ]
Error - 12.04.2013 13:54:26 | Computer Name = 260211-64bit | Source = Service Control Manager | ID = 7024
Description = Der Dienst "Avira Echtzeit-Scanner" wurde mit folgendem dienstspezifischem
Fehler beendet: %%306.

Error - 14.04.2013 08:50:26 | Computer Name = 260211-64bit | Source = bowser | ID = 8003
Description =

Error - 14.04.2013 08:52:11 | Computer Name = 260211-64bit | Source = Service Control Manager | ID = 7023
Description = Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler
beendet: %%126

Error - 14.04.2013 08:53:17 | Computer Name = 260211-64bit | Source = bowser | ID = 8003
Description =

Error - 16.04.2013 10:46:26 | Computer Name = 260211-64bit | Source = bowser | ID = 8003
Description =

Error - 16.04.2013 10:47:32 | Computer Name = 260211-64bit | Source = Service Control Manager | ID = 7023
Description = Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler
beendet: %%126

Error - 16.04.2013 10:52:24 | Computer Name = 260211-64bit | Source = bowser | ID = 8003
Description =

Error - 16.04.2013 12:15:49 | Computer Name = 260211-64bit | Source = Service Control Manager | ID = 7023
Description = Der Dienst "HP Network Devices Support" wurde mit folgendem Fehler
beendet: %%126

Error - 16.04.2013 12:16:33 | Computer Name = 260211-64bit | Source = bowser | ID = 8003
Description =

Error - 16.04.2013 12:23:23 | Computer Name = 260211-64bit | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst LanmanServer erreicht.


< End of report >

Gmer.txt

.19163 - hxxp://www.gmer.net
Rootkit scan 2013-04-17 19:20:46
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\00000050 Hitachi_ rev.JP2O 465,76GB
Running: gmer_2.1.19163.exe; Driver: C:\Users\***~1\AppData\Local\Temp\pfdoypoc.sys


---- Disk sectors - GMER 2.1 ----

Disk \Device\Harddisk0\DR0 unknown MBR code

---- EOF - GMER 2.1 ----

 

Themen zu Ihr Internet Service Provider wird blockiert- bei Zahlung von 100 € wird dieser entsperrt
adobe reader xi, antivir, avira, avira searchfree toolbar, bho, browser.exe, diner dash, error, fehler, firefox, flash player, helper, home, homepage, iexplore.exe, install.exe, internet, internet explorer, logfile, olympus, plug-in, problem, realtek, registry, richtlinie, scan, security, senden, software, spyware, svchost.exe, version., windows, wma, zahlung




Ähnliche Themen: Ihr Internet Service Provider wird blockiert- bei Zahlung von 100 € wird dieser entsperrt


  1. Internet Provider blockiert - Spyware?
    Log-Analyse und Auswertung - 28.06.2013 (14)
  2. GVU: Ihr Internet Service Provider blockiert
    Log-Analyse und Auswertung - 25.04.2013 (12)
  3. GVU: Ihr Internet Service Provider blockiert
    Log-Analyse und Auswertung - 14.04.2013 (11)
  4. GVU: Ihr Internet Service Provider blockiert
    Plagegeister aller Art und deren Bekämpfung - 24.03.2013 (9)
  5. Ihr Internet Service Provider blockiert Virus Windows XP entfernen
    Log-Analyse und Auswertung - 20.03.2013 (14)
  6. GVU: Ihr Internet Service Provider blockiert
    Plagegeister aller Art und deren Bekämpfung - 12.02.2013 (17)
  7. GVU: Ihr Internet Service Provider blockiert
    Plagegeister aller Art und deren Bekämpfung - 31.01.2013 (13)
  8. Ich Internet Server Provider Blockiert
    Log-Analyse und Auswertung - 25.01.2013 (3)
  9. Computer ist angeblich gesperrt und wird erst wieder entsperrt, wenn man Geld bezahlt.
    Plagegeister aller Art und deren Bekämpfung - 25.11.2012 (6)
  10. PC wird gesperrt wegen Verstoß - gegen Zahlung von 100 € wird die Sperrung aufgehoben
    Log-Analyse und Auswertung - 06.09.2012 (11)
  11. Trojaner Bundespolizei: Zahlung von 100€ über UCash wird verlangt
    Plagegeister aller Art und deren Bekämpfung - 19.07.2012 (15)
  12. warnung! ihr system wird gesperrt zwingt mich zur Zahlung!
    Log-Analyse und Auswertung - 14.02.2012 (1)
  13. Windows 7 gesperrt, Zahlung von €50 wird angezeigt!Hilfe bitte!!!
    Log-Analyse und Auswertung - 16.01.2012 (5)
  14. Aus "Sicherheitsgründen" wird Windows blockiert -zahlung von 50 EUR
    Log-Analyse und Auswertung - 16.12.2011 (9)
  15. US-Gericht nimmt Internet Service Provider endgültig vom Netz
    Nachrichten - 21.05.2010 (0)
  16. Nachricht vpm Provider, Spammail wird verschickt
    Plagegeister aller Art und deren Bekämpfung - 04.03.2009 (3)
  17. rechner wird langsamer wen verbindung mit dem internet hergestellt wird
    Log-Analyse und Auswertung - 24.08.2008 (9)

Zum Thema Ihr Internet Service Provider wird blockiert- bei Zahlung von 100 € wird dieser entsperrt - Sehr geehrte Damen und Herren, als ich heute meinen PC benutzte und über den Internet Explorer auf Youtube ging, um mir ein Lied von Tom Odell anzuhören, erschien auf einmal - Ihr Internet Service Provider wird blockiert- bei Zahlung von 100 € wird dieser entsperrt...
Archiv
Du betrachtest: Ihr Internet Service Provider wird blockiert- bei Zahlung von 100 € wird dieser entsperrt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.