|
Plagegeister aller Art und deren Bekämpfung: "Ihr Browser ist nicht vor unberechtigten Zugriffsversuchen geschützt"Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
03.06.2013, 15:54 | #1 |
| "Ihr Browser ist nicht vor unberechtigten Zugriffsversuchen geschützt" Guten Tag. Heute habe ich mir (tatsächlich aus Versehen) den VIO Player 2 auf einer nicht vertrauenswürdigen Webseite heruntergeladen. Der Download war schnell vorbei und ich habe die Datei ohne sie zu installieren sofort gelöscht. Anschließend habe ich mit ESET meinen PC gescannt, es gab aber kein Ergebnis. Als ich meinen regulären Virenscanner Norton daraufhin wieder aktivieren wollte, zeigte er mir folgende Meldung an: "Ihr Browser ist nicht vor unberechtigten Zugriffsversuchen geschützt" Klicke ich auf "Jetzt beheben", will das auch nicht wirklich etwas helfen. Bin gerade ziemlich ratlos. Vielen Dank im Voraus! step4en |
03.06.2013, 16:44 | #2 |
/// the machine /// TB-Ausbilder | "Ihr Browser ist nicht vor unberechtigten Zugriffsversuchen geschützt" hi,
__________________Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden ).
__________________ |
03.06.2013, 17:10 | #3 |
| "Ihr Browser ist nicht vor unberechtigten Zugriffsversuchen geschützt" Danke für die Antwort.
__________________Hier die beiden Logfiles: Code:
ATTFilter OTL Extras logfile created on: 6/3/2013 6:00:08 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Thomas\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16576) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7.98 Gb Total Physical Memory | 5.77 Gb Available Physical Memory | 72.35% Memory free 15.96 Gb Paging File | 13.46 Gb Available in Paging File | 84.35% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 919.19 Gb Total Space | 586.93 Gb Free Space | 63.85% Space Free | Partition Type: NTFS Drive D: | 12.23 Gb Total Space | 1.50 Gb Free Space | 12.25% Space Free | Partition Type: NTFS Computer Name: THOMAS-WINDOWS7 | User Name: Thomas | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Extra Registry (SafeList) ========== ========== File Associations ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html[@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software) .url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation) .html [@ = Opera.HTML] -- C:\Program Files (x86)\Opera\Opera.exe (Opera Software) ========== Shell Spawning ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation) InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation) exefile [open] -- "%1" %* helpfile [open] -- Reg Error: Key error. htmlfile [edit] -- Reg Error: Key error. htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1" http [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) https [open] -- "C:\Program Files (x86)\Opera\Opera.exe" "%1" (Opera Software) inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation) Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [explore] -- Reg Error: Value error. Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error. ========== Security Center Settings ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "cval" = 1 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] "VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data] "AntiVirusOverride" = 0 "AntiSpywareOverride" = 0 "FirewallOverride" = 0 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc] ========== Firewall Settings ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile] "EnableFirewall" = 1 "DisableNotifications" = 0 ========== Authorized Applications List ========== ========== Vista Active Open Ports Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{07E8D1DC-940B-46DA-BCF4-A5B6F4A08B2C}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{26444A72-7A51-41F0-B62E-9FA6F917F06A}" = rport=139 | protocol=6 | dir=out | app=system | "{30EF9B3F-1598-4583-8A28-7FC208B9497F}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 | "{3A51B132-A16F-4437-BAB5-9FFC930084FA}" = lport=445 | protocol=6 | dir=in | app=system | "{44012425-0F70-4CDC-A4FE-B0E74D6ED4CA}" = rport=137 | protocol=17 | dir=out | app=system | "{56AD8547-4B12-4458-828D-1414A35F2FAF}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{62E54222-A629-4D81-BCCD-2C9176720CEB}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe | "{69F24313-EF36-4BC5-A230-30E173882619}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{6BAC75C0-04F7-4273-B2E7-386EE561C06C}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{7128B336-705B-4AB6-80B7-F1DDA860A5F5}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) | "{7A99405A-39E7-4CE5-BFEB-DD2C018E4588}" = lport=10243 | protocol=6 | dir=in | app=system | "{7B9E6D5C-02F7-4533-8D9E-78D8A694ED12}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) | "{9A2EC4DC-03AC-471F-B2FA-4B6442A1FC26}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe | "{B0A0A0E0-2FB4-4427-ACE2-7AF7DB64D377}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe | "{B3285455-7F0F-4710-89A2-0485D7C14B80}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe | "{BB401490-6F80-4FD5-977D-F5F0F30C3F31}" = lport=138 | protocol=17 | dir=in | app=system | "{C9685B62-0DA9-49FA-BED3-D6817C014C71}" = lport=139 | protocol=6 | dir=in | app=system | "{D8CA3B35-D1DB-4A4E-B783-C51CDB1510BA}" = rport=138 | protocol=17 | dir=out | app=system | "{D939E903-0DC7-4C3B-96D0-C7BBB16A89C9}" = rport=445 | protocol=6 | dir=out | app=system | "{DD828CE4-9C73-414A-AE25-0EACCC32E602}" = lport=137 | protocol=17 | dir=in | app=system | "{EF58EC84-8535-47DD-B4F3-DB00104A6C70}" = lport=2869 | protocol=6 | dir=in | app=system | "{F40B3682-CA48-4AFF-9E26-777C45ABAF89}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe | "{F9DC4D65-2501-4B44-B65A-FCD85F477461}" = rport=10243 | protocol=6 | dir=out | app=system | "{FF4DCDE9-1345-46C5-96F3-6D7B911843A5}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe | ========== Vista Active Application Exception List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules] "{01CF0B35-463C-4A20-9D2E-1CC68DC44D10}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe | "{03561FD4-7508-4E00-8BAC-70C607978B02}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{0517831C-1B7E-4CBE-B333-A1342300C7FE}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warincbattlezone\rsupdate.exe | "{053490A2-51E8-46CA-AE34-DEE204D9B6AE}" = protocol=6 | dir=in | app=c:\program files (x86)\maxthon\bin\mxup.exe | "{05F38761-C8E1-4CA9-B5F9-3C48C5F52D03}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{0A8C7BDF-40CC-4434-B8C8-59FCD183D291}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\global agenda live\binaries\launcherbin\hirezlauncherui.exe | "{171AC15E-8740-4560-810E-A918BF8AF272}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gotham city impostors f2p\engine.exe | "{1BF8EB14-ED03-4F7F-A763-3AD72B6970CB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\global agenda live\binaries\launcherbin\hirezlauncherui.exe | "{225A4DC6-01E9-4818-9501-0A2352E13C28}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe | "{25F04CF5-E715-4956-BE07-A42DF7656504}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe | "{2FCC3D2D-837D-41DE-A264-9ED287C9490F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\global agenda live\binaries\launcherbin\hirezlauncherui.exe | "{30EEA54E-7BA5-4CB2-B477-2699FADD0DCD}" = protocol=17 | dir=in | app=c:\program files (x86)\maxthon\bin\maxthon.exe | "{311DEC4E-28B1-4AEA-B037-21C13823048B}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{35D834E5-1C56-4C5C-84AF-EA86FBDECEED}" = protocol=17 | dir=in | app=c:\program files (x86)\maxthon\bin\mxup.exe | "{37D32B79-24A7-49F7-8AA9-19FB8760CB6C}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx10.exe | "{39C3597E-E46F-4009-B26C-0BD5FFE959B9}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sleepingdogsdemo\hkship.exe | "{3A298BF1-703F-439C-A3C7-F3EFBFBD8A3C}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{3A314E7E-29B4-4445-8B63-0D486000B42E}" = dir=in | app=c:\program files (x86)\easybits for kids\ezdesktop.exe | "{3A3C8530-686C-4A57-BE72-5642BD56F8F3}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx9.exe | "{3A901697-A664-457B-8DE8-CFBC6AF75D91}" = protocol=17 | dir=in | app=c:\program files (x86)\hewlett-packard\hp linkup\hp linkup viewer.exe | "{3B0255A6-EA38-49EA-8C12-F020592213A4}" = protocol=17 | dir=in | app=c:\users\thomas\appdata\roaming\dropbox\bin\dropbox.exe | "{3DBE08A0-A631-4ACE-9A6D-9F98727108BC}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{4059F0E8-F198-412E-BBAE-CB08ABB2E397}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{42B4992D-7884-4DEC-A3BD-7D5743B5B9FF}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{42B5D45F-870E-4C6D-B43C-3092847BD2A6}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_launcher.exe | "{462D218C-B04D-4640-9B67-04C35F0C3FAD}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 | "{4804E6A8-C89D-4241-B3EF-880E87389590}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 | "{49B687FA-A2D4-4244-841C-FDD946046A30}" = protocol=6 | dir=out | app=system | "{4B512DDA-EAFD-4BCB-9364-D6231BE80B12}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{4B8707DB-667E-464F-AA40-8CB725391A99}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe | "{4D26A72D-FC71-4CF6-80AA-09FA5A5F3F7E}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{4E5E9353-89AB-4497-A767-B5517E3F70DC}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\supermnc\binaries\win32\supermncgameclient.exe | "{5194436A-D8F8-4164-9F33-DB2F880A050B}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{580474B9-1543-4983-8132-AE43AE808C69}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\microsoft flight\flight.exe | "{5824537B-552B-4605-82A7-4E7495809D20}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{587911B4-DF93-4CB1-95CF-310E1CEF9002}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blacklightretribution\blacklight retribution.exe | "{5C1461DD-4EC1-49CA-B417-938A8775FBB6}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead demo\arma2oa_demo.exe | "{5D9876CC-08C6-4056-91E0-B48867E01453}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 | "{5E0F961A-1826-4E49-ABE4-0D8E0925B3AF}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe | "{62E1AE36-AA14-4CCF-895E-196604EEBBCD}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.patch.exe | "{66699798-E469-46AC-8A8B-8CD0ABAAEE94}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_launcher.exe | "{69520426-C2AB-4525-A512-0EA9873A56D2}" = protocol=6 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe | "{6C8A8FA5-C5AE-42A7-9AE8-DCB16DBCE39D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\realm of the mad god\realm of the mad god.exe | "{6D3FE935-43B5-4F63-91E7-AAAE04B74DFC}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\sfm.exe | "{71352DAD-D7A9-46FA-939A-53C2C817A7D0}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{7305AC8C-02F9-4496-9CE1-8D98459BC5B6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe | "{74578300-D924-497F-876A-6694B281ADDF}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{7A2068AB-FF76-4C70-AF36-5867F725DDF7}" = protocol=6 | dir=in | app=c:\program files (x86)\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe | "{7A960E0F-9BC6-4857-992C-91FAC1E14DD6}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{7CD1225E-ECD2-4CA9-9B51-F5D9B95DEB87}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe | "{7CD6E1D8-26E0-457F-875F-6E2BDCE5878D}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{8168794E-912A-4DAE-9B44-19C3135A5A15}" = protocol=17 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx9.exe | "{83BE31FF-E612-4AC5-A745-A32473506BA6}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{84DC1A99-85F5-4256-B9B7-6D81DBC051EE}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe | "{85BC5BED-DDB2-4BAD-B8A4-3A9C9E8036BD}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallen earth f2p\feupdater.exe | "{88878531-25BC-4EB8-81F6-104DB7441607}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | "{88F580E6-1F38-4EE3-8089-D91C339A17AB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gotham city impostors f2p\impostors.exe | "{8B4E7AF2-B060-4DB6-9BDC-1181B50F635A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\warincbattlezone\rsupdate.exe | "{90A4029A-8026-48EF-B23F-90E761254810}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe | "{91E7E978-5136-4C5F-808C-6E18ED2F9EAC}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{96C43228-7D92-4B7A-A077-E5153780B802}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\blacklightretribution\blacklight retribution.exe | "{99F0DF44-164B-45C1-9C36-3BCD818C7588}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\bin\qsdklauncher.exe | "{9B2F45D7-C79B-44B2-A7D1-963B0F9989BF}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\arma 2 operation arrowhead demo\arma2oa_demo.exe | "{9C387A2E-2099-44C3-8ADA-19FEAE5334FD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe | "{9ED8427F-25E2-4E16-ADC8-F1959B120D33}" = protocol=17 | dir=in | app=c:\program files (x86)\world of warcraft\launcher.exe | "{9F582BBD-A41E-48D6-AC07-BA60F161D436}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{9FA73187-1E42-49C1-80BC-6526742C8504}" = protocol=17 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{A2020F3F-BD14-4817-9A2A-19D1F6E97579}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{A521BE82-F2C8-45DC-A568-5AF7A3B4F52F}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe | "{A63CB860-B092-4E49-9423-A5014049A659}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\sfm.exe | "{AD418D69-6A57-480A-9715-3C55183FF79F}" = dir=in | app=c:\windows\system32\ezsharedsvchost.exe | "{ADDCDD0A-C4E0-491A-B8AB-E33F3A43FEB9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown-demo\binaries\win32\xcomgame.exe | "{AE5ED790-9916-4611-8D74-CE74E10B1EF1}" = protocol=17 | dir=out | app=c:\program files (x86)\hewlett-packard\hp linkup\hp linkup viewer.exe | "{AE7E47F4-7018-4C3A-A56E-8536A3DDD824}" = dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{B0DFE834-46D8-46E2-83F4-1D655E54684B}" = protocol=6 | dir=in | app=c:\program files (x86)\ubisoft\assassin's creed\assassinscreed_dx10.exe | "{B24D9883-C76E-45A9-B6F5-3CDA5B8C52ED}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{B278B0B1-D51A-4318-ADE7-AC5A5EDC5394}" = protocol=6 | dir=in | app=c:\users\thomas\appdata\roaming\dropbox\bin\dropbox.exe | "{B476996D-6905-4A46-9F7A-A3DCE128A1E8}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{BB59F774-ADD8-47F7-A09A-09201BA94DA9}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe | "{BDD0D6D1-7A66-4525-A40E-62CB73BEA5D9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sourcefilmmaker\game\bin\qsdklauncher.exe | "{BDD62362-3058-40AB-BD2F-822AD49A518F}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\fallen earth f2p\feupdater.exe | "{C05B6980-8880-4F0F-A65D-B5CE9FA533B7}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gotham city impostors f2p\engine.exe | "{C17D20A1-CF4D-4578-AE20-26E997006BB2}" = protocol=6 | dir=in | app=c:\windows\syswow64\pnkbstra.exe | "{C6A885D7-0532-4CEE-A4BA-7D0C92E3A1A4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\microsoft flight\flight.exe | "{C8384420-327C-45F4-811B-61BB9000537A}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 | "{C8523333-1D7B-45EA-B6F8-87B4D6C3F832}" = protocol=17 | dir=in | app=c:\program files (x86)\eidos\batman arkham asylum\binaries\shippingpc-bmgame.exe | "{CACC1166-F720-4915-937D-64F8EE311E85}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dota 2 beta\dota.exe | "{CEF7B17F-2F5A-47F8-962F-45025582F81A}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the amazing spider-man\asmlauncher.exe | "{D0871ABD-2883-44EA-9666-2C9876602A7D}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\media booster\pmb.exe | "{D174A0E5-1900-4E57-874E-EC53655CE8E5}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe | "{D1C4E155-4352-429F-8118-5AB6E525DE83}" = protocol=6 | dir=in | app=c:\program files (x86)\maxthon\bin\maxthon.exe | "{D6257D3A-B4F9-47FE-B130-90CB0B6030B4}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe | "{DA289C65-0064-40F4-B95C-BD13F69BD597}" = protocol=17 | dir=in | app=c:\program files (x86)\participatory culture foundation\miro\miro_downloader.exe | "{DF9D4254-8D5E-4554-B1A4-F1DC171418F4}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\sleepingdogsdemo\hkship.exe | "{E0558D6E-7AF4-4D61-A024-473D917B5A34}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe | "{E34D8F0C-2CD3-4C12-8B62-AC684BB8628D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\the amazing spider-man\asmlauncher.exe | "{E3C75E1A-AE97-4644-BC27-D38079FDCCFB}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\global agenda live\binaries\launcherbin\hirezlauncherui.exe | "{E3DD2944-6DBD-4E47-9A09-BE525B4A21CF}" = protocol=17 | dir=in | app=c:\windows\syswow64\pnkbstrb.exe | "{E4317B88-C755-46EF-BFF2-E68DC8A6343D}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\gotham city impostors f2p\impostors.exe | "{E77DF0EC-1A46-4D5B-9F17-A44B9257AA61}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe | "{E9A8E212-62C1-45D7-AB28-C0596EF79B63}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\realm of the mad god\realm of the mad god.exe | "{EACB6A95-02CE-4973-A03C-BBCD6777AFB5}" = protocol=6 | dir=in | app=c:\program files (x86)\hewlett-packard\remote graphics receiver\rgreceiver.exe | "{EB0AFF21-BD95-4AE2-B886-1483EEDE1B98}" = protocol=6 | dir=in | app=c:\program files (x86)\participatory culture foundation\miro\miro_downloader.exe | "{EBB48DEE-4D29-4A53-8D6B-EF4033361557}" = protocol=6 | dir=in | app=c:\program files (x86)\opera\opera.exe | "{F672DB63-0305-43C3-88EA-F1E56E9AF7B8}" = protocol=6 | dir=out | app=c:\program files (x86)\hewlett-packard\remote graphics receiver\rgreceiver.exe | "{FF3A7A28-D9AD-4BDD-A4BB-76D9818774D3}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\xcom-enemy-unknown-demo\binaries\win32\xcomgame.exe | "TCP Query User{36AEEBB2-A4EB-4C69-8A03-46516265DA02}C:\program files (x86)\participatory culture foundation\miro\miro_downloader.exe" = protocol=6 | dir=in | app=c:\program files (x86)\participatory culture foundation\miro\miro_downloader.exe | "UDP Query User{7FEC4F44-2B5C-4C22-9180-5B238FB227C5}C:\program files (x86)\participatory culture foundation\miro\miro_downloader.exe" = protocol=17 | dir=in | app=c:\program files (x86)\participatory culture foundation\miro\miro_downloader.exe | ========== HKEY_LOCAL_MACHINE Uninstall List ========== 64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64) "{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector "{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant "{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5 "{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition) "{2856A1C2-70C5-4EC3-AFF7-E5B51E5530A2}" = HP Client Services "{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 "{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}" = Paint.NET v3.5.10 "{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 "{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources "{75104836-CAC7-444E-A39E-3F54151942F5}" = Apple Mobile Device Support "{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 "{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources "{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight "{90140000-006D-0407-1000-0000000FF1CE}" = Microsoft Office Klick-und-Los 2010 "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5 DEU Language Pack "{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5 "{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting "{A2585A63-ADD2-3F54-9819-125E680CC7E1}" = Microsoft .NET Framework 4.5 DEU Language Pack "{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64) "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 267.95 "{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 267.95 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 267.95 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.10.0514 "{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application "{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 "{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}" = Bonjour "{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}" = PlayReady PC Runtime amd64 "{CC4D56B7-6F18-470B-8734-ABCD75BCF4F1}" = HP Auto "{D5876F0A-B2E9-4376-B9F5-CD47B7B8D820}" = Windows Live Remote Client Resources "{D79A02E9-6713-4335-9668-AAC7474C0C0E}" = HP Vision Hardware Diagnostics "{D930AF5C-5193-4616-887D-B974CEFC4970}" = Windows Live Remote Service Resources "{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter "{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 "{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client "{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service "Blender" = Blender "CCleaner" = CCleaner "GIMP-2_is1" = GIMP 2.8.0 "UDK-47af5578-4140-41eb-93f3-38cc918a493c" = Hazard - Journey Of Life Demo [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{07FA4960-B038-49EB-891B-9F95930AA544}" = HP Customer Experience Enhancements "{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer "{0B9F8BEE-59F2-43D5-A890-65F649D887A2}" = LEGO® Batman™ DEMO "{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}" = Windows Media Center Add-in for Silverlight "{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1 "{151FFC5F-ADE2-4CC3-AB0B-D9F8EB3FBF7A}" = Wildlife Park 2 "{16FC3056-90C0-4757-8A68-64D8DA846ADA}" = Remote Graphics Receiver "{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker "{1A4E47DC-6701-4A85-AA16-C1F99A44598C}" = Spellforce 2 - Shadow Wars "{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger "{1DDB95A4-FD7B-4517-B3F1-2BCAA96879E6}" = Windows Live Writer Resources "{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 "{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update "{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions "{210A03F5-B2ED-4947-B27E-516F50CBB292}" = HP Setup "{22B0E143-2B0B-435B-9F56-136A3D16065F}" = No23 Recorder "{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}" = OpenOffice.org 3.4.1 "{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 21 "{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections "{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger "{2B0C9858-8D78-48B2-BC37-4CAEBB2CA510}" = SpellForce 2 Shadow Wars "{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}" = Six Updater "{2F5B0382-8269-4A86-9568-05542CA0CC39}_is1" = Edna bricht aus Demo "{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App "{3031A053-DC97-4D03-9179-BF6F98F63FA2}" = Wunderlist "{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery "{343666E2-A059-48AC-AD67-230BF74E2DB2}" = Apple Application Support "{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery "{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack "{398AB469-77FC-4935-820B-D419388C0A6A}" = LEGO® Batman™ "{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}" = Norton Online Backup "{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}" = Recovery Manager "{465210C4-595A-BD80-44E8-E0457D9D8432}" = Zinio Reader 4 "{468D22C0-8080-11E2-B86E-B8AC6F98CCE3}" = Google Earth "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace "{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.3 "{4E79A60F-15D2-4BEC-91AD-E41EC42E61B0}" = Batman: Arkham Asylum "{576CA494-F771-4B10-9AF0-8ED4A7AFB0CC}_is1" = Amnesia - The Dark Descent Demo "{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack "{5982f969-a067-4808-b164-2c50690d1b37}" = Wunderlist "{5D87C09F-512F-474A-A306-0FE3B89C396F}" = RuneScape Launcher 1.2 "{5E0D2061-86AB-4B83-A671-A0BF3FF1537B}_is1" = Vokabel Trainer 5 "{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM "{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel(R) Management Engine Components "{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE "{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin "{6F33360D-E0FA-4691-8D67-76CD5061D621}_is1" = Mercedes CLC Dream Test Drive "{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-hp" = WildTangent Games App (HP Games) "{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable "{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 "{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update "{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}" = HP Support Information "{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1" = PDF24 Creator 5.4.0 "{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}" = Microsoft Games for Windows - LIVE Redistributable "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform "{859D4022-B76D-40DE-96EF-C90CDA263F44}" = Windows Live Writer "{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime "{8CFA9151-6404-409A-AF22-4632D04582FD}" = Assassin's Creed "{8DC197D6-F4AB-44E0-ACF7-210355E6F389}" = Windows Speech Recognition Macros "{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT "{90140011-0066-0407-0000-0000000FF1CE}" = Microsoft Office Starter 2010 - Deutsch "{918A9082-6287-4D25-9002-5E5D5E4971CB}" = League of Legends "{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker "{95140000-0070-0000-0000-0000000FF1CE}" = Microsoft Office 2010 "{980A182F-E0A2-4A40-94C1-AE0C1235902E}" = Pando Media Booster "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 "{9D318C86-AF4C-409F-A6AC-7183FF4CF424}" = Internet-TV für Windows Media Center "{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail "{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh "{A49F249F-0C91-497F-86DF-B2585E8E76B7}" = Microsoft Visual C++ 2005 Redistributable "{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common "{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer "{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer "{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch "{ACFBE99B-6981-4513-B17E-A2683CEB9EE5}" = Windows Live Mesh "{AE856388-AFAD-4753-81DF-D96B19D0A17C}" = HP Setup Manager "{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie "{B1239994-A850-44E2-BED8-E70A21124E16}" = Windows Live Mail "{B6CF2967-C81E-40C0-9815-C05774FEF120}" = Skype Click to Call "{B8AC1A89-FFD1-4F97-8051-E505A160F562}" = HP Odometer "{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}" = NVIDIA PhysX "{BAFEB165-648B-42E9-AC3C-B6D2A535FC7C}" = Wunderlist "{C1AD9241-3ADD-483F-914D-071F3E50855A}" = HP LinkUp "{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common "{C5398A89-516C-4DAF-BA07-EE7949090E56}" = Windows Live Mesh ActiveX control for remote connections "{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "{C5AC39F1-001D-4338-84C6-35109525588A}" = TweetDeck "{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail "{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform "{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64 "{D14AAC37-38FC-4454-9CEC-B3CD081632C4}" = calibre "{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common "{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform "{D62576C2-C084-4698-974A-5BE77714FDDD}" = System Requirements Lab Test "{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources "{DE77FE3F-A33D-499A-87AD-5FC406617B40}" = HP Update "{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh "{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10 "{E3723A04-A894-4036-A78E-282E18F43C0A}_is1" = Tinypic 3.18 "{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker "{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger "{E5F05232-96B6-4552-A480-785A60A94B21}" = System Requirements Lab CYRI "{E914A24F-2412-4374-B420-86D21D6D444A}" = LEGO Star Wars "{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU] "{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials "{FD9C31B6-F572-414D-81E3-89368C97A125}_is1" = CamStudio OSS Desktop Recorder "{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials "{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 "Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin "ASIO4ALL" = ASIO4ALL "Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.14 (Unicode) "Audacity_is1" = Audacity 2.0.3 "Celtx (2.9)" = Celtx (2.9) "Crossfire Europe" = Crossfire Europe "Desura" = Desura "EasyBits Magic Desktop" = Magic Desktop "eSpeak_is1" = eSpeak version 1.46.02 "FL Studio 10" = FL Studio 10 "Foxit Reader_is1" = Foxit Reader "Fraps" = Fraps (remove only) "Glest_is1" = Glest 3.2.2 "Groovedown" = Groovedown "HandBrake" = HandBrake 0.9.5 "Inkscape" = Inkscape 0.48.2 "InstallShield_{0B9F8BEE-59F2-43D5-A890-65F649D887A2}" = LEGO® Batman™ DEMO "InstallShield_{398AB469-77FC-4935-820B-D419388C0A6A}" = LEGO® Batman™ "InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = LabelPrint "InstallShield_{E914A24F-2412-4374-B420-86D21D6D444A}" = LEGO Star Wars "jose-chess" = jose "kikin Plugin (NO23 Edition)" = kikin Plugin (NO23 Edition) 1.11 "Maxthon3" = Maxthon Cloud Browser "Metin2_is1" = Metin2 "Miro" = Miro "Mozilla Firefox 21.0 (x86 de)" = Mozilla Firefox 21.0 (x86 de) "MozillaMaintenanceService" = Mozilla Maintenance Service "MusicStationNetstaller" = MusicStation "Nettalk_is1" = Nettalk 6.7 "Neverwinter" = Neverwinter "NIS" = Norton Internet Security "NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver "Octodad" = Octodad "Office14.Click2Run" = Microsoft Office Klick-und-Los 2010 "OpenAL" = OpenAL "Opera 12.10.1652" = Opera 12.10 "Paranormal" = Paranormal BETA_5 "PDF Complete" = PDF Complete Special Edition "PunkBusterSvc" = PunkBuster Services "RPGVXAce_E_is1" = RPG MAKER VX Ace "RPGVXAce_RTP_is1" = RPG MAKER VX Ace RTP "RSS Newsfeed Reader & Producer_is1" = RSS Newsfeed Reader & Producer 1.0 "Star Trek Online" = Star Trek Online "Steam App 104700" = Super Monday Night Combat "Steam App 107900" = War Inc. Battlezone "Steam App 113420" = Fallen Earth "Steam App 17020" = Global Agenda "Steam App 1840" = Source Filmmaker "Steam App 200210" = Realm of the Mad God "Steam App 203850" = Microsoft Flight "Steam App 206210" = Gotham City Impostors: Free To Play "Steam App 209870" = Blacklight: Retribution "Steam App 212580" = The Amazing Spider-Man "Steam App 215220" = Sleeping Dogs™ Demo "Steam App 216690" = XCOM: Enemy Unknown Demo "Steam App 33970" = ARMA 2: Operation Arrowhead Demo "Steam App 440" = Team Fortress 2 "Steam App 570" = Dota 2 "To the Moon" = To the Moon "TripleAVersion1_3_2_2" = TripleA Version 1_3_2_2 "TVUPlayer" = TVUPlayer 2.5.3.1 "Unknown Horizons" = Unknown Horizons "WildTangent hp Master Uninstall" = HP Games "WinLiveSuite" = Windows Live Essentials "World of Warcraft" = World of Warcraft "WT087330" = Bounce Symphony "WT087361" = FATE "WT087393" = Mah Jong Medley "WT087394" = Penguins! "WT087396" = Polar Bowler "WT087490" = Jewel Quest Solitaire "WT087510" = Slingo Deluxe "WT087513" = Virtual Villagers - The Secret City "WT087519" = Wedding Dash "WT087536" = Diner Dash 2 Restaurant Rescue "WT089308" = Blasterball 3 "WT089328" = Farm Frenzy "WT089359" = Cake Mania "WT089362" = Agatha Christie - Peril at End House "WT089453" = Bejeweled 2 Deluxe "WT089454" = Chuzzle Deluxe "WT089455" = Zuma Deluxe "WT089458" = Plants vs. Zombies - Game of the Year "WT089460" = Mystery P.I. - The London Caper "WT089484" = Namco All-Stars PAC-MAN "WT089492" = Crazy Chicken Kart 2 "WT089493" = Fishdom "WT089497" = Big Rig Europe "Zattoo4" = Zattoo4 4.0.5 "ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1" = Zinio Reader 4 ========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "0 A.D." = 0 A.D. "1&1 Mail & Media WEB.DE MailCheck GC" = WEB.DE MailCheck für Google Chrome "Dropbox" = Dropbox "f4d33ae8dc11fa61" = Wunderlist "Google Chrome" = Google Chrome "Haunt 1.0 32bit" = Haunt 1.0 32bit "SOE-DC Universe Online Live" = DC Universe Online Live "SOE-DC Universe Online Live PSG" = DC Universe Online Live "Spotify" = Spotify "UnityWebPlayer" = Unity Web Player ========== Last 20 Event Log Errors ========== [ Application Events ] Error - 5/4/2013 5:08:19 PM | Computer Name = Thomas-Windows7 | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 6006 Error - 5/4/2013 5:08:19 PM | Computer Name = Thomas-Windows7 | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 6006 Error - 5/4/2013 5:08:20 PM | Computer Name = Thomas-Windows7 | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 5/4/2013 5:08:20 PM | Computer Name = Thomas-Windows7 | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 7004 Error - 5/4/2013 5:08:20 PM | Computer Name = Thomas-Windows7 | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 7004 Error - 5/4/2013 5:08:21 PM | Computer Name = Thomas-Windows7 | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 5/4/2013 5:08:21 PM | Computer Name = Thomas-Windows7 | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 8003 Error - 5/4/2013 5:08:21 PM | Computer Name = Thomas-Windows7 | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledSPRetry 8003 Error - 5/4/2013 5:08:22 PM | Computer Name = Thomas-Windows7 | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: Continuously busy for more than a second Error - 5/4/2013 5:08:22 PM | Computer Name = Thomas-Windows7 | Source = Bonjour Service | ID = 100 Description = Task Scheduling Error: m->NextScheduledEvent 9017 [ Media Center Events ] Error - 11/30/2012 8:29:00 AM | Computer Name = Thomas-Windows7 | Source = MCUpdate | ID = 0 Description = 13:29:00 - Directory konnte nicht abgerufen werden (Fehler: Die zugrunde liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal konnte keine Vertrauensstellung hergestellt werden..) Error - 11/30/2012 8:29:03 AM | Computer Name = Thomas-Windows7 | Source = MCUpdate | ID = 0 Description = 13:29:02 - MCEClientUX konnte nicht abgerufen werden (Fehler: Die zugrunde liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal konnte keine Vertrauensstellung hergestellt werden..) Error - 11/30/2012 8:29:04 AM | Computer Name = Thomas-Windows7 | Source = MCUpdate | ID = 0 Description = 13:29:04 - Broadband konnte nicht abgerufen werden (Fehler: Die zugrunde liegende Verbindung wurde geschlossen: Für den geschützten SSL/TLS-Kanal konnte keine Vertrauensstellung hergestellt werden..) [ System Events ] Error - 5/6/2012 7:58:12 AM | Computer Name = Thomas-Windows7 | Source = Service Control Manager | ID = 7001 Description = Der Dienst "Anwendungsinformationen" ist vom Dienst "Benutzerprofildienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%1115 Error - 5/6/2012 7:58:12 AM | Computer Name = Thomas-Windows7 | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Intelligenter Hintergrundübertragungsdienst" wurde aufgrund folgenden Fehlers nicht gestartet: %%1115 Error - 5/6/2012 7:58:12 AM | Computer Name = Thomas-Windows7 | Source = Service Control Manager | ID = 7038 Description = Der Dienst "netprofm" konnte sich nicht als "NT AUTHORITY\LocalService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%50 Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC). Error - 5/6/2012 7:58:12 AM | Computer Name = Thomas-Windows7 | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Netzwerklistendienst" wurde aufgrund folgenden Fehlers nicht gestartet: %%1069 Error - 5/6/2012 7:58:12 AM | Computer Name = Thomas-Windows7 | Source = Service Control Manager | ID = 7038 Description = Der Dienst "WdiServiceHost" konnte sich nicht als "NT AUTHORITY\LocalService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: %%50 Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC). Error - 5/6/2012 7:58:12 AM | Computer Name = Thomas-Windows7 | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Diagnosediensthost" wurde aufgrund folgenden Fehlers nicht gestartet: %%1069 Error - 5/6/2012 7:58:16 AM | Computer Name = Thomas-Windows7 | Source = Service Control Manager | ID = 7023 Description = Der Dienst "Server" wurde mit folgendem Fehler beendet: %%1062 Error - 5/19/2012 2:24:24 PM | Computer Name = Thomas-Windows7 | Source = Service Control Manager | ID = 7009 Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht. Error - 5/19/2012 2:24:24 PM | Computer Name = Thomas-Windows7 | Source = Service Control Manager | ID = 7000 Description = Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: %%1053 Error - 6/5/2012 6:43:25 AM | Computer Name = Thomas-Windows7 | Source = Service Control Manager | ID = 7011 Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst lmhosts erreicht. < End of report > Code:
ATTFilter OTL logfile created on: 6/3/2013 6:00:08 PM - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Thomas\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16576) Locale: 00000409 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 7.98 Gb Total Physical Memory | 5.77 Gb Available Physical Memory | 72.35% Memory free 15.96 Gb Paging File | 13.46 Gb Available in Paging File | 84.35% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 919.19 Gb Total Space | 586.93 Gb Free Space | 63.85% Space Free | Partition Type: NTFS Drive D: | 12.23 Gb Total Space | 1.50 Gb Free Space | 12.25% Space Free | Partition Type: NTFS Computer Name: THOMAS-WINDOWS7 | User Name: Thomas | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\Thomas\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Users\Thomas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) PRC - C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) PRC - C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) PRC - C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH) PRC - C:\Users\Thomas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) PRC - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe (Symantec Corporation) PRC - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () PRC - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) PRC - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin (OpenOffice.org) PRC - C:\Windows\SysWOW64\PnkBstrA.exe () PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) PRC - C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) PRC - C:\Windows\SysWOW64\ezSharedSvcHost.exe (EasyBits Software AS) PRC - C:\Windows\SysWOW64\ezSharedSvcHost.exe (EasyBits Software AS) PRC - C:\Windows\SysWOW64\ezSharedSvcHost.exe (EasyBits Software AS) PRC - C:\Windows\SysWOW64\ezSharedSvcHost.exe (EasyBits Software AS) PRC - C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe (Hewlett-Packard) ========== Modules (No Company Name) ========== MOD - C:\Users\Thomas\AppData\Local\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll () MOD - C:\Users\Thomas\AppData\Local\Google\Chrome\Application\27.0.1453.94\pdf.dll () MOD - C:\Users\Thomas\AppData\Local\Google\Chrome\Application\27.0.1453.94\libglesv2.dll () MOD - C:\Users\Thomas\AppData\Local\Google\Chrome\Application\27.0.1453.94\libegl.dll () MOD - C:\Users\Thomas\AppData\Local\Google\Chrome\Application\27.0.1453.94\ffmpegsumo.dll () MOD - C:\Program Files (x86)\Steam\bin\chromehtml.DLL () MOD - C:\Program Files (x86)\Steam\SDL2.dll () MOD - C:\Program Files (x86)\Steam\bin\libcef.dll () MOD - C:\Program Files (x86)\Steam\bin\avcodec-53.dll () MOD - C:\Program Files (x86)\Steam\bin\avformat-53.dll () MOD - C:\Program Files (x86)\Steam\bin\avutil-51.dll () MOD - C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () MOD - C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll () MOD - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\wincfi39.dll () ========== Services (SafeList) ========== SRV:64bit: - (HPClientSvc) -- C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe (Hewlett-Packard Company) SRV:64bit: - (wlcrasvc) -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe (Microsoft Corporation) SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated) SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation) SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies) SRV - (NIS) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\ccSvcHst.exe (Symantec Corporation) SRV - (Skype C2C Service) -- C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Skype Technologies S.A.) SRV - (Desura Install Service) -- C:\Program Files (x86)\Common Files\Desura\desura_service.exe (Desura Pty Ltd) SRV - (PnkBstrA) -- C:\Windows\SysWOW64\PnkBstrA.exe () SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation) SRV - (sftvsa) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe (Microsoft Corporation) SRV - (sftlist) -- C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe (Microsoft Corporation) SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation) SRV - (pdfcDispatcher) -- C:\Program Files (x86)\PDF Complete\pdfsvc.exe (PDF Complete Inc) SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation) SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) SRV - (GamesAppService) -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe (WildTangent, Inc.) SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation) SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS (Symantec Corporation) DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\symnets.sys (Symantec Corporation) DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\SymEFA64.sys (Symantec Corporation) DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtsp64.sys (Symantec Corporation) DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\srtspx64.sys (Symantec Corporation) DRV:64bit: - (SymDS) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\SymDS64.sys (Symantec Corporation) DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\Ironx64.sys (Symantec Corporation) DRV:64bit: - (ccSet_NIS) -- C:\Windows\SysNative\drivers\NISx64\1403010.016\ccSetx64.sys (Symantec Corporation) DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation) DRV:64bit: - (Sftvol) -- C:\Windows\SysNative\drivers\Sftvollh.sys (Microsoft Corporation) DRV:64bit: - (Sftplay) -- C:\Windows\SysNative\drivers\Sftplaylh.sys (Microsoft Corporation) DRV:64bit: - (Sftredir) -- C:\Windows\SysNative\drivers\Sftredirlh.sys (Microsoft Corporation) DRV:64bit: - (Sftfs) -- C:\Windows\SysNative\drivers\Sftfslh.sys (Microsoft Corporation) DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices) DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices) DRV:64bit: - (NVHDA) -- C:\Windows\SysNative\drivers\nvhda64v.sys (NVIDIA Corporation) DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek ) DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company) DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation) DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation) DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation) DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.) DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation) DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology) DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation) DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation) DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation) DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation) DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.) DRV:64bit: - (hamachi) -- C:\Windows\SysNative\drivers\hamachi.sys (LogMeIn, Inc.) DRV - (NAVEX15) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\VirusDefs\20130602.006\ex64.sys (Symantec Corporation) DRV - (NAVENG) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\VirusDefs\20130602.006\eng64.sys (Symantec Corporation) DRV - (IDSVia64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\IPSDefs\20130531.001\IDSviA64.sys (Symantec Corporation) DRV - (BHDrvx64) -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\Definitions\BASHDefs\20130515.001\BHDrvx64.sys (Symantec Corporation) DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation) DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation) DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox IE:64bit: - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF IE:64bit: - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms} IE:64bit: - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox IE - HKLM\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF IE - HKLM\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms} IE - HKLM\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPDSK/4 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com IE - HKCU\..\SearchScopes,DefaultScope = {6A1806CD-94D4-4689-BA73-E35EA1EA9990} IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox IE - HKCU\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage} IE - HKCU\..\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}: "URL" = hxxp://de.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF IE - HKCU\..\SearchScopes\{d43b3890-80c7-4010-a95d-1e77b5924dc3}: "URL" = hxxp://de.wikipedia.org/wiki/Special:Search?search={searchTerms} IE - HKCU\..\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}: "URL" = hxxp://rover.ebay.com/rover/1/707-111076-19270-2/4?mpre=hxxp://shop.ebay.com/?_nkw={searchTerms} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.suggest.enabled: false FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..extensions.enabledAddons: %7Bb9db16a4-6edc-47ec-a1f4-b86292ed211d%7D:4.9.15 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:21.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_202.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll () FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf: C:\PROGRAM FILES (X86)\FOXIT SOFTWARE\FOXIT READER\plugins\npFoxitReaderPlugin.dll (Foxit Corporation) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF - HKLM\Software\MozillaPlugins\@pages.tvunetworks.com/WebPlayer: C:\Program Files (x86)\TVUPlayer\npTVUAx.dll (TVU networks) FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll () FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Thomas\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Thomas\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Thomas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\coFFPlgn\ [2013/06/03 16:40:53 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.3.1.22\IPSFFPlgn\ [2013/06/01 18:18:08 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/23 20:48:43 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 21.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/05/23 20:48:43 | 000,000,000 | ---D | M] [2012/12/29 15:38:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomas\AppData\Roaming\mozilla\Extensions [2012/12/29 15:38:35 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomas\AppData\Roaming\mozilla\Extensions\celtx@celtx.com [2013/05/29 10:35:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Thomas\AppData\Roaming\mozilla\Firefox\Profiles\cv9tw4lc.default\extensions [2013/05/29 10:35:20 | 000,000,000 | ---D | M] (DownloadHelper) -- C:\Users\Thomas\AppData\Roaming\mozilla\Firefox\Profiles\cv9tw4lc.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2012/07/07 18:10:42 | 000,000,000 | ---D | M] (TVU Web Player) -- C:\Users\Thomas\AppData\Roaming\mozilla\Firefox\Profiles\cv9tw4lc.default\extensions\firefox@tvunetworks.com [2013/05/24 13:44:40 | 000,620,338 | ---- | M] () (No name found) -- C:\Users\Thomas\AppData\Roaming\mozilla\firefox\profiles\cv9tw4lc.default\extensions\toolbar@web.de.xpi [2011/11/12 16:23:45 | 000,014,949 | ---- | M] () (No name found) -- C:\Users\Thomas\AppData\Roaming\mozilla\firefox\profiles\cv9tw4lc.default\extensions\twitter.address.bar.search@firefox.twitter.xpi [2013/05/10 00:43:11 | 000,870,680 | ---- | M] () (No name found) -- C:\Users\Thomas\AppData\Roaming\mozilla\firefox\profiles\cv9tw4lc.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011/12/20 19:03:21 | 000,002,419 | ---- | M] () -- C:\Users\Thomas\AppData\Roaming\mozilla\firefox\profiles\cv9tw4lc.default\searchplugins\englische-ergebnisse.xml [2011/12/20 19:03:21 | 000,010,525 | ---- | M] () -- C:\Users\Thomas\AppData\Roaming\mozilla\firefox\profiles\cv9tw4lc.default\searchplugins\gmx-suche.xml [2011/12/20 19:03:21 | 000,002,457 | ---- | M] () -- C:\Users\Thomas\AppData\Roaming\mozilla\firefox\profiles\cv9tw4lc.default\searchplugins\lastminute.xml [2011/11/24 13:32:00 | 000,002,271 | ---- | M] () -- C:\Users\Thomas\AppData\Roaming\mozilla\firefox\profiles\cv9tw4lc.default\searchplugins\minecraft-wiki-de.xml [2011/12/20 19:03:20 | 000,005,508 | ---- | M] () -- C:\Users\Thomas\AppData\Roaming\mozilla\firefox\profiles\cv9tw4lc.default\searchplugins\webde-suche.xml [2011/12/12 09:13:24 | 000,001,330 | ---- | M] () -- C:\Users\Thomas\AppData\Roaming\mozilla\firefox\profiles\cv9tw4lc.default\searchplugins\wikipedia-en.xml [2011/11/10 20:04:39 | 000,002,057 | ---- | M] () -- C:\Users\Thomas\AppData\Roaming\mozilla\firefox\profiles\cv9tw4lc.default\searchplugins\youtube-videosuche.xml [2013/05/23 20:48:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions [2013/05/23 20:48:43 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\mozilla firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013/05/23 20:48:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2013/05/23 20:48:46 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&q={searchTerms}&{google:cursorPosition}sugkey={google:suggestAPIKeyParameter} CHR - homepage: hxxp://www.google.com/ CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer CHR - plugin: Native Client (Enabled) = C:\Users\Thomas\AppData\Local\Google\Chrome\Application\27.0.1453.94\ppGoogleNaClPluginChrome.dll CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Thomas\AppData\Local\Google\Chrome\Application\27.0.1453.94\pdf.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Thomas\AppData\Local\Google\Chrome\Application\27.0.1453.94\gcswf32.dll CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll CHR - plugin: Skype Toolbars (Enabled) = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0\npSkypeChromePlugin.dll CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files (x86)\Mozilla Firefox\plugins\np-mswmp.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll CHR - plugin: Bing Bar (Enabled) = C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll CHR - plugin: WildTangent Games App Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll CHR - plugin: Google Update (Enabled) = C:\Users\Thomas\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll CHR - Extension: WOT = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp\1.4.12_2\ CHR - Extension: YouTube = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Adblock Plus = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.4.1_0\ CHR - Extension: Google-Suche = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: WEB.DE MailCheck = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\jaogepninmlbinccpbiakcgiolijlllo\1.1_0\ CHR - Extension: Norton Identity Protection = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2013.3.3.19_0\ CHR - Extension: feedly = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndhinffkekpekljifjkkkkkhopnjodja\14.0.495_0\ CHR - Extension: NotScripts = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\odjhifogjcknibkahlpidmdajjpkkcfn\0.9.6_0\ CHR - Extension: Google Reader = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjjhlfkghdhmijklfnahfkpgmhcmfgcm\4.4_0\ CHR - Extension: RSS Feed Reader = C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp\5.0.12_0\ O1 HOSTS File: ([2009/06/10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Skype add-on for Internet Explorer) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\coIEPlg.dll (Symantec Corporation) O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\IPS\IPSBHO.DLL (Symantec Corporation) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Skype Browser Helper) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.3.1.22\coIEPlg.dll (Symantec Corporation) O4:64bit: - HKLM..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe (Hewlett-Packard) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.) O4 - HKLM..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe (EasyBits Software AS) O4 - HKLM..\Run: [HF_G_Jul] "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe" /DoAction File not found O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation) O4 - HKLM..\Run: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe (PDF Complete Inc) O4 - HKLM..\Run: [PDFPrint] C:\Program Files (x86)\PDF24\pdf24.exe (Geek Software GmbH) O4 - HKLM..\Run: [ROC_ROC_JULY_P1] "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1 File not found O4 - HKCU..\Run: [Miro] C:\Program Files (x86)\Participatory Culture Foundation\Miro\Miro.exe () O4 - HKCU..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe () O4 - HKCU..\Run: [Spotify] C:\Users\Thomas\AppData\Roaming\Spotify\spotify.exe (Spotify Ltd) O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Thomas\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd) O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation) O4 - Startup: C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Thomas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.) O4 - Startup: C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () O4 - Startup: C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TweetDeck.lnk = C:\Users\Thomas\AppData\Roaming\Microsoft\Installer\{C5AC39F1-001D-4338-84C6-35109525588A}\TweetDeck.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: EnableShellExecuteHooks = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: HideFastUserSwitching = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableLockWorkstation = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableChangePassword = 0 O9:64bit: - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - Reg Error: Key error. File not found O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9FE1CFE1-D398-4DBE-A7E5-F7E9338EBA7A}: DhcpNameServer = 192.168.2.1 O18:64bit: - Protocol\Handler\livecall - No CLSID value found O18:64bit: - Protocol\Handler\msnim - No CLSID value found O18:64bit: - Protocol\Handler\skype4com - No CLSID value found O18:64bit: - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.) O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found O18:64bit: - Protocol\Handler\wlpg - No CLSID value found O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies) O18 - Protocol\Handler\skype-ie-addon-data {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013/06/03 17:58:38 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Thomas\Desktop\OTL.exe [2013/06/03 13:19:41 | 000,000,000 | ---D | C] -- C:\ProgramData\APN [2013/06/01 18:17:18 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security [2013/05/29 21:08:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eidos [2013/05/29 20:21:35 | 000,000,000 | ---D | C] -- C:\Program Files\CCleaner [2013/05/25 20:06:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Wunderlist2 [2013/05/25 19:58:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache [2013/05/24 19:44:53 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser [2013/05/24 19:44:51 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Roaming\Maxthon3 [2013/05/24 19:44:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Maxthon [2013/05/23 20:48:42 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013/05/23 20:07:22 | 000,000,000 | ---D | C] -- C:\Users\Thomas\Documents\Speech Macros [2013/05/23 20:06:29 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\WSRMacros [2013/05/23 13:10:38 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour [2013/05/23 13:10:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bonjour [2013/05/22 20:08:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2013/05/22 20:08:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Adobe [2013/05/22 20:01:25 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013/05/22 14:54:37 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2013/05/22 14:49:11 | 000,000,000 | ---D | C] -- C:\Windows\Temp [2013/05/22 14:49:11 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Local\Temp [2013/05/15 22:24:03 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013/05/15 22:24:02 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013/05/15 22:24:02 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013/05/15 22:24:02 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013/05/15 22:24:02 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013/05/15 22:24:02 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013/05/15 22:24:02 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013/05/15 22:24:02 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013/05/15 22:24:02 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013/05/15 22:24:02 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013/05/15 22:24:02 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013/05/15 22:24:01 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013/05/15 22:24:00 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013/05/15 22:24:00 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013/05/15 22:24:00 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013/05/15 13:36:26 | 000,265,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\dxgmms1.sys [2013/05/15 13:36:26 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdd.dll [2013/05/15 13:36:18 | 001,930,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\authui.dll [2013/05/15 13:36:18 | 001,796,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\authui.dll [2013/05/15 13:36:18 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\shdocvw.dll [2013/05/15 13:36:18 | 000,111,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\consent.exe [2013/05/15 13:36:10 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wwanprotdim.dll [2013/05/14 16:28:55 | 000,000,000 | ---D | C] -- C:\UDK [2013/05/14 16:28:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Microsoft Chart Controls [2013/05/12 13:41:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader [2013/05/10 21:04:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Vokabel Trainer [2013/05/10 21:04:06 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vokabel Trainer [2013/05/10 21:04:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Vokabel Trainer [2013/05/08 03:14:23 | 001,441,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013/05/08 03:14:23 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013/05/08 03:14:23 | 001,054,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013/05/08 03:14:23 | 000,719,360 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013/05/08 03:14:23 | 000,629,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013/05/08 03:14:23 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013/05/08 03:14:23 | 000,232,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013/05/08 03:14:23 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013/05/08 03:14:23 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013/05/08 03:14:23 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013/05/08 03:14:23 | 000,150,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013/05/08 03:14:23 | 000,138,752 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013/05/08 03:14:23 | 000,137,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013/05/08 03:14:23 | 000,125,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013/05/08 03:14:23 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013/05/08 03:14:23 | 000,110,592 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013/05/08 03:14:23 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013/05/08 03:14:23 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013/05/08 03:14:23 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013/05/08 03:14:23 | 000,069,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013/05/08 03:14:23 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013/05/08 03:14:23 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013/05/08 03:14:23 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013/05/08 03:14:23 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013/05/08 03:14:23 | 000,011,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013/05/08 03:14:22 | 001,509,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013/05/08 03:14:22 | 001,400,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013/05/08 03:14:22 | 000,905,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013/05/08 03:14:22 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013/05/08 03:14:22 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013/05/08 03:14:22 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013/05/08 03:14:22 | 000,441,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013/05/08 03:14:22 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013/05/08 03:14:22 | 000,235,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013/05/08 03:14:22 | 000,216,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013/05/08 03:14:22 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013/05/08 03:14:22 | 000,173,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013/05/08 03:14:22 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013/05/08 03:14:22 | 000,149,504 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013/05/08 03:14:22 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013/05/08 03:14:22 | 000,136,192 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013/05/08 03:14:22 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013/05/08 03:14:22 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013/05/08 03:14:22 | 000,097,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013/05/08 03:14:22 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013/05/08 03:14:22 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013/05/08 03:14:22 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013/05/08 03:14:22 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013/05/08 03:14:22 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013/05/08 03:14:22 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013/05/08 03:14:22 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013/05/08 03:14:22 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013/05/08 03:14:22 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013/05/05 20:19:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24 [2013/05/05 16:58:49 | 000,000,000 | ---D | C] -- C:\Users\Thomas\AppData\Local\PDF24 [2013/05/05 16:58:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PDF24 [6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013/06/03 17:58:39 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Thomas\Desktop\OTL.exe [2013/06/03 17:28:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013/06/03 17:26:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013/06/03 17:07:00 | 000,001,124 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2016465000-965126481-3645123389-1000UA.job [2013/06/03 16:48:25 | 000,024,400 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013/06/03 16:48:25 | 000,024,400 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013/06/03 16:46:38 | 003,275,966 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013/06/03 16:46:38 | 001,417,108 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013/06/03 16:46:38 | 000,951,242 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013/06/03 16:46:38 | 000,842,000 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013/06/03 16:46:38 | 000,006,468 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013/06/03 16:40:43 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013/06/03 16:40:28 | 000,000,354 | ---- | M] () -- C:\Windows\tasks\ROC_JAN2013_TB_rmv.job [2013/06/03 16:40:15 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013/06/03 16:40:09 | 2132,406,271 | -HS- | M] () -- C:\hiberfil.sys [2013/06/03 12:51:55 | 000,001,072 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2016465000-965126481-3645123389-1000Core.job [2013/06/02 22:05:14 | 000,019,479 | ---- | M] () -- C:\Users\Thomas\Desktop\Wunschliste.sxw [2013/06/02 18:59:10 | 3195,473,839 | ---- | M] () -- C:\Users\Thomas\Desktop\TPB AFK_ The Pirate Bay Away From Keyboard.mp4 [2013/06/01 18:17:19 | 000,002,503 | ---- | M] () -- C:\Users\Public\Desktop\Norton Internet Security.lnk [2013/06/01 18:16:59 | 001,889,096 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\Cat.DB [2013/06/01 18:16:43 | 000,014,818 | ---- | M] () -- C:\Windows\SysNative\drivers\NISx64\1403010.016\VT20130115.021 [2013/06/01 18:13:54 | 000,177,312 | ---- | M] (Symantec Corporation) -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS [2013/06/01 18:13:54 | 000,007,466 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.CAT [2013/06/01 18:13:54 | 000,000,855 | ---- | M] () -- C:\Windows\SysNative\drivers\SYMEVENT64x86.INF [2013/05/25 16:38:06 | 000,000,336 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForThomas.job [2013/05/22 14:44:50 | 000,024,064 | ---- | M] () -- C:\Windows\zoek-delete.exe [2013/05/16 15:34:36 | 000,295,968 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT [2013/05/15 16:34:45 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013/05/15 16:34:45 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013/05/08 03:14:23 | 001,441,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl [2013/05/08 03:14:23 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dat [2013/05/08 03:14:23 | 001,054,720 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\MsSpellCheckingFacility.exe [2013/05/08 03:14:23 | 000,719,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmlmedia.dll [2013/05/08 03:14:23 | 000,629,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll [2013/05/08 03:14:23 | 000,361,984 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\html.iec [2013/05/08 03:14:23 | 000,232,960 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll [2013/05/08 03:14:23 | 000,226,304 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\elshyph.dll [2013/05/08 03:14:23 | 000,185,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\elshyph.dll [2013/05/08 03:14:23 | 000,163,840 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll [2013/05/08 03:14:23 | 000,150,528 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iexpress.exe [2013/05/08 03:14:23 | 000,138,752 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\wextract.exe [2013/05/08 03:14:23 | 000,137,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe [2013/05/08 03:14:23 | 000,125,440 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\occache.dll [2013/05/08 03:14:23 | 000,117,248 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iepeers.dll [2013/05/08 03:14:23 | 000,110,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\IEAdvpack.dll [2013/05/08 03:14:23 | 000,082,432 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inseng.dll [2013/05/08 03:14:23 | 000,079,872 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll [2013/05/08 03:14:23 | 000,073,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\SetIEInstalledDate.exe [2013/05/08 03:14:23 | 000,069,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\icardie.dll [2013/05/08 03:14:23 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\tdc.ocx [2013/05/08 03:14:23 | 000,057,344 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\pngfilt.dll [2013/05/08 03:14:23 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmler.dll [2013/05/08 03:14:23 | 000,025,185 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf [2013/05/08 03:14:23 | 000,023,040 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\licmgr10.dll [2013/05/08 03:14:23 | 000,011,776 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msfeedssync.exe [2013/05/08 03:14:22 | 001,509,376 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl [2013/05/08 03:14:22 | 001,400,416 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dat [2013/05/08 03:14:22 | 000,905,728 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmlmedia.dll [2013/05/08 03:14:22 | 000,762,368 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll [2013/05/08 03:14:22 | 000,599,552 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll [2013/05/08 03:14:22 | 000,452,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtmsft.dll [2013/05/08 03:14:22 | 000,441,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\html.iec [2013/05/08 03:14:22 | 000,281,600 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\dxtrans.dll [2013/05/08 03:14:22 | 000,235,008 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll [2013/05/08 03:14:22 | 000,216,064 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msls31.dll [2013/05/08 03:14:22 | 000,197,120 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll [2013/05/08 03:14:22 | 000,173,568 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe [2013/05/08 03:14:22 | 000,167,424 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iexpress.exe [2013/05/08 03:14:22 | 000,149,504 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\occache.dll [2013/05/08 03:14:22 | 000,144,896 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\wextract.exe [2013/05/08 03:14:22 | 000,136,192 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iepeers.dll [2013/05/08 03:14:22 | 000,135,680 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\IEAdvpack.dll [2013/05/08 03:14:22 | 000,102,912 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inseng.dll [2013/05/08 03:14:22 | 000,097,280 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll [2013/05/08 03:14:22 | 000,092,160 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\SetIEInstalledDate.exe [2013/05/08 03:14:22 | 000,081,408 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\icardie.dll [2013/05/08 03:14:22 | 000,077,312 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\tdc.ocx [2013/05/08 03:14:22 | 000,062,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\pngfilt.dll [2013/05/08 03:14:22 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\imgutil.dll [2013/05/08 03:14:22 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmler.dll [2013/05/08 03:14:22 | 000,027,648 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\licmgr10.dll [2013/05/08 03:14:22 | 000,025,185 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf [2013/05/08 03:14:22 | 000,013,824 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\mshta.exe [2013/05/08 03:14:22 | 000,012,800 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeedssync.exe [2013/05/05 13:25:15 | 000,000,356 | ---- | M] () -- C:\Windows\tasks\HPCeeScheduleForTHOMAS-WINDOWS7$.job [6 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ] ========== Files Created - No Company Name ========== [2013/06/02 16:52:55 | 3195,473,839 | ---- | C] () -- C:\Users\Thomas\Desktop\TPB AFK_ The Pirate Bay Away From Keyboard.mp4 [2013/05/25 20:06:31 | 000,002,507 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wunderlist.lnk [2013/05/23 20:06:29 | 000,000,963 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Speech Recognition Macros.lnk [2013/05/22 20:08:58 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2013/05/22 14:49:11 | 000,024,064 | ---- | C] () -- C:\Windows\zoek-delete.exe [2013/05/08 03:14:23 | 000,025,185 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf [2013/05/08 03:14:22 | 000,025,185 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf [2013/03/15 20:44:26 | 000,043,614 | ---- | C] () -- C:\Users\Thomas\.jose.user.preferences [2013/02/14 00:01:00 | 000,000,218 | ---- | C] () -- C:\Users\Thomas\AppData\Local\recently-used.xbel [2012/12/02 20:38:08 | 000,005,120 | ---- | C] () -- C:\Users\Thomas\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2012/09/10 14:41:30 | 000,000,008 | ---- | C] () -- C:\Users\Thomas\AppData\Roaming\DofusAppId0_1 [2012/09/09 22:05:55 | 000,000,173 | ---- | C] () -- C:\Users\Thomas\AppData\Roaming\D2Info0 [2012/09/09 22:05:55 | 000,000,008 | ---- | C] () -- C:\Users\Thomas\AppData\Roaming\DofusAppId0_2 [2012/09/08 20:25:24 | 000,828,671 | ---- | C] () -- C:\Users\Thomas\AppData\Local\Tempmusic.ogg [2012/08/04 20:30:47 | 000,298,016 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrB.exe [2012/08/04 20:30:42 | 000,076,888 | ---- | C] () -- C:\Windows\SysWow64\PnkBstrA.exe [2012/08/04 20:30:41 | 003,130,440 | ---- | C] () -- C:\Windows\SysWow64\pbsvc_blr.exe [2012/07/07 18:06:56 | 000,017,408 | ---- | C] () -- C:\Users\Thomas\AppData\Local\WebpageIcons.db [2012/06/12 23:04:52 | 000,000,000 | ---- | C] () -- C:\Windows\RSSNewsWriter.INI [2012/03/28 17:58:12 | 000,000,023 | ---- | C] () -- C:\Users\Thomas\jagexappletviewer.preferences [2012/03/28 17:55:02 | 000,000,045 | ---- | C] () -- C:\Users\Thomas\jagex_cl_runescape_LIVE.dat [2012/03/28 17:55:02 | 000,000,024 | ---- | C] () -- C:\Users\Thomas\random.dat [2012/03/09 18:33:44 | 000,299,845 | ---- | C] () -- C:\Users\Thomas\2012-03-09_16.07.30.png [2012/03/09 18:33:44 | 000,265,764 | ---- | C] () -- C:\Users\Thomas\2012-03-09_16.42.26.png [2012/02/11 19:28:04 | 000,291,827 | ---- | C] () -- C:\Windows\To the Moon Uninstaller.exe [2011/11/08 03:31:02 | 000,000,056 | -H-- | C] () -- C:\Windows\SysWow64\ezsidmv.dat [2011/10/05 02:59:09 | 000,000,196 | ---- | C] () -- C:\Windows\SysWow64\ezdigsgn.dat [2011/09/28 17:44:14 | 000,179,271 | ---- | C] () -- C:\Windows\SysWow64\xlive.dll.cat ========== ZeroAccess Check ========== [2009/07/14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013/02/27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013/02/27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/21 05:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > |
03.06.2013, 17:23 | #4 |
/// the machine /// TB-Ausbilder | "Ihr Browser ist nicht vor unberechtigten Zugriffsversuchen geschützt" Hm, reboote mal und versuch Norton nochmal.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
03.06.2013, 17:29 | #5 |
| "Ihr Browser ist nicht vor unberechtigten Zugriffsversuchen geschützt" Habe ich gemacht. Norton meldete daraufhin irgendwas mit "Ihr Browser ist nicht so konfiguriert, dass er Sie vor Problemen schützen kann", woraufhin ich auf "Jetzt beheben" geklickt habe. Norton sagt jetzt, ich sei sicher. Stimmt das? |
03.06.2013, 19:40 | #6 |
/// the machine /// TB-Ausbilder | "Ihr Browser ist nicht vor unberechtigten Zugriffsversuchen geschützt" Wir können gern noch dutzend Scans machen. Aber ESET sagt sauber, Norton sagt sauber und ich seh auch nix in den Logs
__________________ --> "Ihr Browser ist nicht vor unberechtigten Zugriffsversuchen geschützt" |
03.06.2013, 20:10 | #7 |
| "Ihr Browser ist nicht vor unberechtigten Zugriffsversuchen geschützt" Da fällt mir ein, ich hatte die Datei zwar nicht installiert, geöffnet jedoch schon (und dann gecancelt). Aber gut, wenn ESET und Norton in der Hinsicht zuversichtlich sind, bin ich erst mal beruhigt. Danke für die Hilfe! |
03.06.2013, 20:37 | #8 |
/// the machine /// TB-Ausbilder | "Ihr Browser ist nicht vor unberechtigten Zugriffsversuchen geschützt" Alles klar. Einmal OTL öffnen und Button Bereinigung drücken, das wird OTL entfernen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu "Ihr Browser ist nicht vor unberechtigten Zugriffsversuchen geschützt" |
aktiviere, aktivieren, beheben, browser, datei, download, eset, folge, folgende, gescannt, geschützt, guten, installieren, meldung, norton, player, scanner, schließe, schnell, sofort, trojaner, vertrauenswürdige, vio player, virenscan, virenscanner, virus, webseite, wirklich |