| |
| |||||||
Log-Analyse und Auswertung: Weißer Bildschirm nach Benutzeranmelding WIN7Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
01.07.2013, 17:40
| #16 |
 |  Weißer Bildschirm nach Benutzeranmelding WIN7 Hallo Leo, Unregelmäßigkeiten beim der Einstellung und beim TAB öffnen vom FireFox haben mich noch vor deiner Antwort veranlasst, den adwcleaner suchen zu lassen. Log im Anschluss. Aktuell sieht es so aus als hat sich otl beim Scann festgefahren bei "Scanning FireFox settings. Gruß Bernd Soeben meldet otl (keine Rückmeldung) AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v2.303 - Datei am 01/07/2013 um 18:06:57 erstellt
# Aktualisiert am 08/06/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzer : Nelvin70 - NELVIN70-PC
# Bootmodus : Normal
# Ausgeführt unter : C:\Users\Nelvin70\Desktop\adwcleaner2303.exe
# Option [Löschen]
**** [Dienste] ****
Gestoppt & Gelöscht : BrowserDefendert
Gestoppt & Gelöscht : WajamUpdater
***** [Dateien / Ordner] *****
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Nelvin70\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data
Datei Gelöscht : C:\Users\Nelvin70\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
Datei Gelöscht : C:\Users\Nelvin70\AppData\Roaming\Mozilla\Firefox\Profiles\3sr381ac.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Nelvin70\AppData\Roaming\Mozilla\Firefox\Profiles\3sr381ac.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\Nelvin70\AppData\Roaming\Mozilla\Firefox\Profiles\3sr381ac.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Nelvin70\AppData\Roaming\Mozilla\Firefox\Profiles\3sr381ac.default\searchplugins\delta.xml
Datei Gelöscht : C:\Windows\Tasks\DSite.job
Gelöscht mit Neustart : C:\ProgramData\BrowserDefender
Ordner Gelöscht : C:\Program Files (x86)\DealPly
Ordner Gelöscht : C:\Program Files (x86)\Delta
Ordner Gelöscht : C:\Program Files (x86)\Wajam
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\Users\Nelvin70\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfnfnpmhcllokmkepffndflpnadjmma
Ordner Gelöscht : C:\Users\Nelvin70\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
Ordner Gelöscht : C:\Users\Nelvin70\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\Nelvin70\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Nelvin70\AppData\Roaming\DealPly
Ordner Gelöscht : C:\Users\Nelvin70\AppData\Roaming\Delta
Ordner Gelöscht : C:\Users\Nelvin70\AppData\Roaming\DSite
Ordner Gelöscht : C:\Users\Nelvin70\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
Ordner Gelöscht : C:\Users\Nelvin70\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Ordner Gelöscht : C:\Users\Nelvin70\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
***** [Registrierungsdatenbank] *****
Daten Gelöscht : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\DataMngr
Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\DealPly
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311341126}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Schlüssel Gelöscht : HKCU\Software\Wajam
Schlüssel Gelöscht : HKCU\Software\853df8be76fb840
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0033426.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0033426.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0033426.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0033426.Sandbox.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344344426}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\DealPly
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311341126}
Schlüssel Gelöscht : HKLM\Software\Wajam
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\853df8be76fb840
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{11111111-1111-1111-1111-110311341126}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{22222222-2222-2222-2222-220322342226}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{55555555-5555-5555-5555-550355345526}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66666666-6666-6666-6666-660366346626}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341126}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355345526}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366346626}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKU\S-1-5-21-2973977536-698903144-1709705956-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
Wert Gelöscht : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
***** [Internet Browser] *****
-\\ Internet Explorer v10.0.9200.16611
[OK] Die Registrierungsdatenbank ist sauber.
-\\ Mozilla Firefox v22.0 (de)
Datei : C:\Users\Nelvin70\AppData\Roaming\Mozilla\Firefox\Profiles\3sr381ac.default\prefs.js
C:\Users\Nelvin70\AppData\Roaming\Mozilla\Firefox\Profiles\3sr381ac.default\user.js ... Gelöscht !
Gelöscht : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?babsrc=NT_ss&mntrId=CE1B00262D60B4C2&a[...]
Gelöscht : user_pref("browser.search.order.1", "Delta Search");
Gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.3342[...]
Gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.3342[...]
Gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.3342[...]
Gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.3342[...]
Gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.3342[...]
Gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.3342[...]
Gelöscht : user_pref("extensions.a7125a2857e6847aa9d72e81874f4d47ed3fcdb92135d4a8a8cf611e3b57c5fdacom33426.3342[...]
Gelöscht : user_pref("extensions.delta.admin", false);
Gelöscht : user_pref("extensions.delta.aflt", "babsst");
Gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Gelöscht : user_pref("extensions.delta.dfltLng", "de");
Gelöscht : user_pref("extensions.delta.excTlbr", false);
Gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Gelöscht : user_pref("extensions.delta.id", "ce1bccd100000000000000262d60b4c2");
Gelöscht : user_pref("extensions.delta.instlDay", "15887");
Gelöscht : user_pref("extensions.delta.instlRef", "sst");
Gelöscht : user_pref("extensions.delta.newTab", false);
Gelöscht : user_pref("extensions.delta.prdct", "delta");
Gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Gelöscht : user_pref("extensions.delta.rvrt", "false");
Gelöscht : user_pref("extensions.delta.smplGrp", "none");
Gelöscht : user_pref("extensions.delta.tlbrId", "base");
Gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Gelöscht : user_pref("extensions.delta.vrsn", "1.8.21.5");
Gelöscht : user_pref("extensions.delta.vrsni", "1.8.21.5");
Gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.21.514:33:23");
Gelöscht : user_pref("extensions.delta_i.babExt", "");
Gelöscht : user_pref("extensions.delta_i.babTrack", "affID=119357&tsp=4930");
Gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
-\\ Google Chrome v [Version kann nicht ermittelt werden]
Datei : C:\Users\Nelvin70\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] Die Datei ist sauber.
*************************
AdwCleaner[S1].txt - [16810 octets] - [01/07/2013 18:06:57]
########## EOF - C:\AdwCleaner[S1].txt - [16871 octets] ##########
OTL beim Versuch zu schließen ist scan weitergelaufenOTL Logfile: Code:
ATTFilter OTL logfile created on: 01.07.2013 18:29:08 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Nelvin70\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16614) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,89 Gb Available Physical Memory | 72,20% Memory free 8,00 Gb Paging File | 6,36 Gb Available in Paging File | 79,54% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 453,94 Gb Total Space | 384,53 Gb Free Space | 84,71% Space Free | Partition Type: NTFS Computer Name: NELVIN70-PC | User Name: Nelvin70 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.07.01 18:18:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Nelvin70\Desktop\OTL.exe PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013.03.22 11:13:36 | 001,957,840 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe PRC - [2013.03.22 05:04:17 | 001,444,304 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe PRC - [2013.03.22 04:55:34 | 001,854,928 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe PRC - [2013.03.22 04:36:57 | 001,944,016 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe PRC - [2013.02.25 15:00:02 | 000,257,512 | ---- | M] (G Data Software) -- C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe PRC - [2013.02.25 14:59:46 | 000,696,808 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe PRC - [2013.02.25 04:15:25 | 000,635,344 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe PRC - [2012.08.17 15:43:24 | 000,413,184 | ---- | M] () -- C:\Program Files (x86)\Polar\Daemon\polard.exe PRC - [2011.06.14 17:42:26 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe PRC - [2009.08.21 02:25:50 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe PRC - [2009.08.04 22:45:00 | 000,181,480 | ---- | M] (Acer Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe PRC - [2009.07.31 18:29:12 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe PRC - [2009.07.04 03:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe PRC - [2009.06.04 15:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe PRC - [2008.07.29 20:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe ========== Modules (No Company Name) ========== MOD - [2008.07.29 20:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe ========== Services (SafeList) ========== SRV:64bit: - [2009.07.02 20:16:06 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2013.07.01 12:09:58 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.06.21 13:37:27 | 002,555,360 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlX64.exe -- (AVKWCtl) SRV - [2013.06.12 19:08:54 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013.03.22 11:13:36 | 001,957,840 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy) SRV - [2013.03.22 04:51:02 | 002,926,672 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe -- (GDFwSvc) SRV - [2013.03.22 04:36:57 | 001,944,016 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe -- (GDBackupSvc) SRV - [2013.02.25 15:00:02 | 000,257,512 | ---- | M] (G Data Software) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe -- (TSNxGService) SRV - [2013.02.25 14:59:46 | 000,696,808 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe -- (GDScan) SRV - [2013.02.25 05:06:17 | 001,711,568 | ---- | M] (G Data Software AG) [On_Demand | Stopped] -- C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe -- (GDTunerSvc) SRV - [2013.02.25 04:15:25 | 000,635,344 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe -- (AVKService) SRV - [2012.08.17 15:43:24 | 000,413,184 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Polar\Daemon\polard.exe -- (Polar Daemon) SRV - [2012.04.22 13:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.08.21 02:25:50 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2009.08.07 11:18:54 | 000,311,592 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService) SRV - [2009.08.05 22:30:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc) SRV - [2009.07.04 03:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.06.04 15:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service) SRV - [2009.03.28 04:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Programme\LSI SoftModem\agr64svc.exe -- (AgereModemAudio) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.07.01 00:33:55 | 000,098,760 | ---- | M] (G Data Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TS4nt.sys -- (TS4NT) DRV:64bit: - [2013.07.01 00:33:54 | 000,077,656 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\gddcd64.sys -- (gddcd) DRV:64bit: - [2013.07.01 00:33:54 | 000,058,712 | ---- | M] (G Data Software AG) [File_System | System | Running] -- C:\Windows\SysNative\drivers\gddcv64.sys -- (gddcv) DRV:64bit: - [2013.07.01 00:33:53 | 000,064,856 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd) DRV:64bit: - [2013.07.01 00:33:51 | 000,065,368 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre) DRV:64bit: - [2013.07.01 00:33:40 | 000,130,392 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt) DRV:64bit: - [2013.07.01 00:33:40 | 000,060,248 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave) DRV:64bit: - [2013.05.11 06:47:14 | 000,107,128 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GRD.sys -- (GRD) DRV:64bit: - [2013.05.09 10:11:37 | 000,062,808 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt) DRV:64bit: - [2012.12.13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012.08.21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012.04.22 13:51:38 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.01.09 17:28:20 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64) DRV:64bit: - [2012.01.09 17:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd) DRV:64bit: - [2012.01.09 17:28:20 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64) DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt) DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:64bit: - [2012.01.09 17:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.09 03:49:16 | 001,484,800 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009.07.02 20:51:30 | 006,036,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2009.06.20 13:35:00 | 000,317,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) DRV:64bit: - [2009.06.20 04:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) DRV:64bit: - [2009.06.19 06:12:32 | 000,272,432 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009.06.11 23:34:38 | 001,208,320 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem) DRV:64bit: - [2009.06.10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:64bit: - [2009.06.10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:64bit: - [2009.06.10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:64bit: - [2009.06.10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009.06.10 22:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.06.05 12:20:26 | 000,114,192 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2009.06.05 02:46:50 | 000,216,064 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2009.06.03 05:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:64bit: - [2009.06.03 05:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:64bit: - [2009.06.03 05:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV:64bit: - [2009.05.06 02:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:64bit: - [2009.05.06 02:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV:64bit: - [2009.05.05 07:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) DRV:64bit: - [2009.04.28 16:03:42 | 000,067,128 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009.04.28 16:03:42 | 000,028,216 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009.04.03 07:39:58 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:64bit: - [2007.05.14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb) DRV - [2011.02.18 19:07:10 | 000,106,224 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\GRD.sys -- (GRD) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login. IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 11 07 0A 9C F1 09 CD 01 [binary data] IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - No CLSID value found IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No CLSID value found IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?} IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=CE1B00262D60B4C2&affID=119357&tsp=4930 IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE382 IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW_deDE382 IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Bing" FF - prefs.js..browser.search.defaulturl: "hxxp://www.bing.com/search?FORM=IEFM1&q=" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..extensions.enabledAddons: 7125a285-7e68-47aa-9d72-e81874f4d47e%40d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com:0.91.9 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.07.01 12:09:48 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.07.01 12:09:50 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.07.01 12:09:48 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.07.01 12:09:50 | 000,000,000 | ---D | M] [2010.06.05 18:35:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nelvin70\AppData\Roaming\mozilla\Extensions [2013.07.01 15:06:13 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nelvin70\AppData\Roaming\mozilla\Firefox\Profiles\3sr381ac.default\extensions [2013.07.01 14:32:31 | 000,000,000 | ---D | M] ("Plus-HD-2.3") -- C:\Users\Nelvin70\AppData\Roaming\mozilla\Firefox\Profiles\3sr381ac.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com [2013.07.01 14:32:34 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nelvin70\AppData\Roaming\mozilla\Firefox\Profiles\3sr381ac.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\extensionCode [2013.07.01 14:32:45 | 000,006,505 | ---- | M] () -- C:\Users\Nelvin70\AppData\Roaming\mozilla\firefox\profiles\3sr381ac.default\searchplugins\babylon.xml [2010.11.17 08:57:41 | 000,001,819 | ---- | M] () -- C:\Users\Nelvin70\AppData\Roaming\mozilla\firefox\profiles\3sr381ac.default\searchplugins\bing.xml [2013.07.01 14:34:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\Extensions [2013.07.01 12:09:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2013.07.01 12:09:59 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ========== Chrome ========== CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - Extension: No name found = C:\Users\Nelvin70\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\ CHR - Extension: No name found = C:\Users\Nelvin70\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\crossrider CHR - Extension: No name found = C:\Users\Nelvin70\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3:64bit: - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [G Data AntiVirus Tray] C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe (G Data Software AG) O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe (G Data Software AG) O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2973977536-698903144-1709705956-1000..\Run: [] File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1 O7 - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Nelvin70\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Nelvin70\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Free YouTube Download - C:\Users\Nelvin70\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Nelvin70\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BE12938E-FFDE-4E07-B808-C1EAC01CFA43}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F0F5E0F7-1D09-48F1-900F-F238498D5192}: DhcpNameServer = 192.168.1.1 192.168.1.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - AppInit_DLLs: (c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll () O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-2973977536-698903144-1709705956-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.07.01 18:18:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Nelvin70\Desktop\OTL.exe [2013.07.01 16:52:54 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.07.01 14:35:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX [2013.07.01 14:34:36 | 000,000,000 | ---D | C] -- C:\Users\Nelvin70\AppData\Roaming\Ultimate Codec Packages [2013.07.01 14:34:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow [2013.07.01 14:33:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter [2013.07.01 14:33:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DirectVobSub [2013.07.01 14:33:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ffdshow [2013.07.01 14:33:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DirectVobSub [2013.07.01 14:33:45 | 000,000,000 | ---D | C] -- C:\Users\Nelvin70\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter [2013.07.01 14:33:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lame For Audacity [2013.07.01 14:33:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DSP-worx [2013.07.01 14:33:43 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2013.07.01 14:33:42 | 000,000,000 | ---D | C] -- C:\Users\Nelvin70\AppData\Roaming\LavFilters [2013.07.01 14:33:42 | 000,000,000 | ---D | C] -- C:\Users\Nelvin70\AppData\Roaming\CDXReader [2013.07.01 14:33:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenSource Flash Video Splitter [2013.07.01 14:33:26 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserDefender [2013.07.01 14:32:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plus-HD-2.3 [2013.07.01 12:09:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.07.01 00:33:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data TotalProtection 2014 [2013.06.30 23:39:16 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2013.06.30 22:12:26 | 000,000,000 | ---D | C] -- C:\Users\Nelvin70\AppData\Roaming\Malwarebytes [2013.06.30 22:11:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.06.30 22:11:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.06.30 22:11:12 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013.06.30 22:11:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013.06.30 22:10:35 | 000,000,000 | ---D | C] -- C:\Users\Nelvin70\AppData\Local\Programs [2013.06.30 22:05:46 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Nelvin70\Desktop\mbam-setup-1.75.0.1300.exe [2013.06.15 19:44:45 | 000,526,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.06.15 19:44:45 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.06.14 19:24:17 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesysprep.dll [2013.06.14 19:24:17 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesysprep.dll [2013.06.14 19:24:17 | 000,089,600 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RegisterIEPKEYs.exe [2013.06.14 19:24:17 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RegisterIEPKEYs.exe [2013.06.14 19:24:17 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll [2013.06.14 19:24:17 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll [2013.06.14 19:24:17 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe [2013.06.14 19:24:17 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll [2013.06.14 19:24:17 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll [2013.06.14 19:24:15 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll [2013.06.14 19:24:14 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll [2013.06.14 19:24:14 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll [2013.06.14 19:24:13 | 003,958,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll [2013.06.14 18:47:41 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\win32spl.dll [2013.06.14 18:47:41 | 000,492,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\win32spl.dll [2013.06.14 18:47:29 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptdlg.dll [2013.06.14 18:47:29 | 000,024,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cryptdlg.dll [2013.06.14 18:47:14 | 001,424,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\WindowsCodecs.dll [2013.06.14 18:47:05 | 001,192,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certutil.exe [2013.06.14 18:47:05 | 000,903,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certutil.exe [2013.06.14 18:47:04 | 001,464,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\crypt32.dll [2013.06.14 18:47:04 | 000,139,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cryptnet.dll [2013.06.14 18:47:04 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\certenc.dll [2013.06.14 18:47:04 | 000,043,008 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\certenc.dll [2013.06.14 18:46:15 | 001,887,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d11.dll [2013.06.14 18:46:15 | 001,505,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\d3d11.dll [2013.06.11 19:48:33 | 000,000,000 | ---D | C] -- C:\ProgramData\CropBusters [2013.06.11 19:47:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Purplehills [2013.06.11 19:46:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Purplehills [2013.06.09 14:52:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2013.06.09 14:52:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2013.06.09 14:40:21 | 000,000,000 | ---D | C] -- C:\Users\Nelvin70\Desktop\arbeit [2013.06.09 14:32:22 | 000,000,000 | ---D | C] -- C:\Users\Nelvin70\Desktop\Filme [2013.06.07 09:36:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2009.08.22 11:01:18 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe ========== Files - Modified Within 30 Days ========== [2013.07.01 18:52:00 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.07.01 18:19:38 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.07.01 18:19:38 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.07.01 18:18:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Nelvin70\Desktop\OTL.exe [2013.07.01 18:11:39 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.07.01 18:11:25 | 000,001,200 | ---- | M] () -- C:\Windows\tasks\Plus-HD-2.3-updater.job [2013.07.01 18:11:19 | 000,001,836 | ---- | M] () -- C:\Windows\tasks\Plus-HD-2.3-firefoxinstaller.job [2013.07.01 18:11:18 | 000,001,910 | ---- | M] () -- C:\Windows\tasks\Plus-HD-2.3-chromeinstaller.job [2013.07.01 18:11:15 | 000,001,204 | ---- | M] () -- C:\Windows\tasks\Plus-HD-2.3-codedownloader.job [2013.07.01 18:11:15 | 000,001,104 | ---- | M] () -- C:\Windows\tasks\Plus-HD-2.3-enabler.job [2013.07.01 18:10:35 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.07.01 18:10:13 | 3219,935,232 | -HS- | M] () -- C:\hiberfil.sys [2013.07.01 18:08:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.07.01 18:05:02 | 000,648,201 | ---- | M] () -- C:\Users\Nelvin70\Desktop\adwcleaner2303.exe [2013.07.01 15:39:24 | 000,000,005 | ---- | M] () -- C:\Users\Nelvin70\AppData\Roaming\WBPU-TTL.DAT [2013.07.01 14:33:39 | 000,001,996 | ---- | M] () -- C:\Windows\unins000.dat [2013.07.01 14:33:36 | 000,715,038 | ---- | M] () -- C:\Windows\unins000.exe [2013.07.01 12:44:47 | 487,788,043 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.07.01 00:33:57 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\G Data TotalProtection 2014.lnk [2013.07.01 00:33:55 | 000,098,760 | ---- | M] (G Data Software) -- C:\Windows\SysNative\drivers\TS4nt.sys [2013.07.01 00:33:54 | 000,077,656 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\gddcd64.sys [2013.07.01 00:33:54 | 000,058,712 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\gddcv64.sys [2013.07.01 00:33:53 | 000,064,856 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys [2013.07.01 00:33:51 | 000,065,368 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\HookCentre.sys [2013.07.01 00:33:40 | 000,130,392 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys [2013.07.01 00:33:40 | 000,060,248 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys [2013.06.30 22:04:40 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Nelvin70\Desktop\mbam-setup-1.75.0.1300.exe [2013.06.30 19:37:59 | 001,536,468 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.06.30 19:37:59 | 000,667,564 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.06.30 19:37:59 | 000,628,710 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.06.30 19:37:59 | 000,136,166 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.06.30 19:37:59 | 000,111,956 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.06.12 19:13:45 | 000,097,034 | ---- | M] () -- C:\Users\Nelvin70\Desktop\Babyjacke.pdf [2013.06.12 19:08:49 | 000,692,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe [2013.06.12 19:08:49 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl [2013.06.09 14:52:55 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2013.06.08 16:06:58 | 000,526,336 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll [2013.06.08 13:40:02 | 000,391,168 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll [2013.06.07 09:36:56 | 000,002,023 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2013.06.04 19:53:14 | 000,007,597 | ---- | M] () -- C:\Users\Nelvin70\AppData\Local\Resmon.ResmonCfg ========== Files Created - No Company Name ========== [2013.07.01 18:04:54 | 000,648,201 | ---- | C] () -- C:\Users\Nelvin70\Desktop\adwcleaner2303.exe [2013.07.01 15:39:24 | 000,000,005 | ---- | C] () -- C:\Users\Nelvin70\AppData\Roaming\WBPU-TTL.DAT [2013.07.01 14:34:58 | 000,001,200 | ---- | C] () -- C:\Windows\tasks\Plus-HD-2.3-updater.job [2013.07.01 14:34:43 | 000,001,104 | ---- | C] () -- C:\Windows\tasks\Plus-HD-2.3-enabler.job [2013.07.01 14:33:52 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2013.07.01 14:33:48 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2013.07.01 14:33:38 | 000,715,038 | ---- | C] () -- C:\Windows\unins000.exe [2013.07.01 14:33:38 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll [2013.07.01 14:33:38 | 000,148,992 | ---- | C] ( ) -- C:\Windows\SysNative\lagarith.dll [2013.07.01 14:33:38 | 000,001,996 | ---- | C] () -- C:\Windows\unins000.dat [2013.07.01 14:33:27 | 000,001,204 | ---- | C] () -- C:\Windows\tasks\Plus-HD-2.3-codedownloader.job [2013.07.01 14:32:24 | 000,001,836 | ---- | C] () -- C:\Windows\tasks\Plus-HD-2.3-firefoxinstaller.job [2013.07.01 14:32:10 | 000,001,910 | ---- | C] () -- C:\Windows\tasks\Plus-HD-2.3-chromeinstaller.job [2013.07.01 12:44:47 | 487,788,043 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013.06.12 19:13:45 | 000,097,034 | ---- | C] () -- C:\Users\Nelvin70\Desktop\Babyjacke.pdf [2013.06.09 14:52:55 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2013.06.07 09:36:56 | 000,002,023 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2013.06.07 09:36:55 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2013.05.11 17:45:47 | 000,000,000 | ---- | C] () -- C:\Windows\topsecret.INI [2013.03.23 08:37:37 | 000,010,455 | ---- | C] () -- C:\Users\Nelvin70\Elster2_elster_2048.pfx [2013.02.13 19:40:35 | 000,000,000 | ---- | C] () -- C:\Windows\ViewNX2.INI [2013.02.13 19:29:16 | 000,000,268 | RH-- | C] () -- C:\Users\Nelvin70\AppData\Roaming\DirectoryService [2013.02.13 19:29:16 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT [2013.02.13 19:29:16 | 000,000,012 | RH-- | C] () -- C:\ProgramData\External Build System [2013.02.13 19:28:09 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Drum Kits [2013.02.13 19:28:09 | 000,000,268 | RH-- | C] () -- C:\Users\Nelvin70\AppData\Roaming\Displays [2013.02.13 19:28:09 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Filesystems [2013.02.13 19:28:08 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Documentation [2013.02.13 19:28:08 | 000,000,268 | RH-- | C] () -- C:\Users\Nelvin70\AppData\Roaming\Digital Mono [2013.02.13 19:28:08 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT [2013.02.13 19:28:08 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT [2013.02.13 19:23:32 | 000,000,268 | RH-- | C] () -- C:\Users\Nelvin70\AppData\Roaming\Enhance Timing [2013.02.13 19:23:32 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLeo.DAT [2013.02.13 19:23:32 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Guides [2013.02.13 19:23:32 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Examples [2011.12.16 23:28:35 | 000,000,000 | ---- | C] () -- C:\Users\Nelvin70\AppData\Roaming\wklnhst.dat [2011.11.28 18:30:05 | 001,066,766 | ---- | C] () -- C:\Windows\SysWow64\sig.bin [2011.11.15 18:24:04 | 000,000,001 | R--- | C] () -- C:\Users\Nelvin70\serverport [2010.12.20 22:27:21 | 000,000,680 | RHS- | C] () -- C:\Users\Nelvin70\ntuser.pol [2010.07.23 19:16:22 | 000,036,864 | ---- | C] () -- C:\Users\Nelvin70\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.07.22 22:05:56 | 000,007,597 | ---- | C] () -- C:\Users\Nelvin70\AppData\Local\Resmon.ResmonCfg ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] < End of report > OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 01.07.2013 18:29:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Nelvin70\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,89 Gb Available Physical Memory | 72,20% Memory free
8,00 Gb Paging File | 6,36 Gb Available in Paging File | 79,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453,94 Gb Total Space | 384,53 Gb Free Space | 84,71% Space Free | Partition Type: NTFS
Computer Name: NELVIN70-PC | User Name: Nelvin70 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06C9BBA9-2633-40A8-B3C0-3E2573643E4E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{14B2102B-5D4E-42B9-AE67-71B079CF865F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1554BCBE-6905-4586-92E8-9A8E7D622BF2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{251E53F3-9D5E-4C12-8A34-022E060E2D69}" = rport=445 | protocol=6 | dir=out | app=system |
"{37C25EE6-DC7C-4EF7-8370-242074AD03FD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3D81A020-2F97-4A47-BD4B-BA94CEA4994C}" = lport=139 | protocol=6 | dir=in | app=system |
"{40D1617C-E37F-422F-907C-293E6F5921A5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{525007BE-4735-4198-BB4C-9E69FB6F5631}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5678FFC4-C2D9-47B5-865E-F3B6F1042040}" = rport=139 | protocol=6 | dir=out | app=system |
"{689CA53C-B105-4DB7-9CBC-87DA528E296A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6A1DF705-66B3-44A0-9766-B90ADCA3ACCC}" = lport=10243 | protocol=6 | dir=in | app=system |
"{75575EFD-631A-4ACC-9BED-DAD4C62DA528}" = rport=137 | protocol=17 | dir=out | app=system |
"{7B8C9829-1116-4526-9E5E-B1E44BF4E227}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9168A189-4988-46B8-A68D-64A934CBA57C}" = lport=138 | protocol=17 | dir=in | app=system |
"{9D61FD39-CB4B-491C-9501-E7C0169DB25A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{A261A7B1-B6C1-4A24-BB4F-96D3A5F14EC1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A8EF0BD9-E8FA-4873-82C5-3ADD422E89C9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A9DB28C2-E729-40D8-B53A-F5B9368BC14A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BCDBB76E-30F3-46E7-84A4-1E64993BCD12}" = lport=445 | protocol=6 | dir=in | app=system |
"{CA673EF9-427A-4926-96A8-A02322CA2CCA}" = rport=138 | protocol=17 | dir=out | app=system |
"{F23CDA08-CDC7-4671-BA03-E86FBC6DA2FF}" = lport=137 | protocol=17 | dir=in | app=system |
"{FFD6A7BF-DAD8-428E-B911-06C3027C22E3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04630EF7-9D10-4438-83AD-13E1EF30B275}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{084517CC-4569-45F5-8E15-F39470C0E4FB}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{08E6CA72-2EE7-4687-B25C-622C9022C666}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{09E7E8D7-5CC9-451B-BB42-109E2810B983}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{0C48D1FD-A479-4C00-8BE4-977910FFA0C0}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{0E062CF5-3832-45A9-9044-309B53D5BE85}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{18DFA0FD-279C-400E-A935-878FD62B5F1C}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{19BA8793-E4DE-4A14-8E17-6D8DAC0F3440}" = protocol=6 | dir=out | app=system |
"{21BB25BD-2272-41EE-B8C6-875CBAF434B9}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{29C6A2C8-BB77-4C95-9870-5D211702BAB0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2FF1C33F-13C1-429F-83A2-F6EAD7134CCE}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{32DCD457-911C-4CF4-8343-D31A04106A11}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{363D81C4-DEC6-497B-A154-0CA8A88CED99}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{37879F04-27F8-49BA-B61E-FFF839890549}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{41B736B4-F047-472B-ACEA-864292C12F5E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4710F7CE-BE95-4D90-BDD9-4D542F9AB8FE}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4AC2954A-B61F-4C20-A4F4-6D22E19948DA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{52EE3116-4ADA-4EDC-B681-EB209E2496D6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{552C2FB0-E1EB-4EBA-BB97-21F5FCB81E57}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5781AFBA-E34A-49F5-8D9C-367BDC519F93}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{5B3F53E9-4726-42C4-BE5C-2A562A3246D2}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\playmovie\playmovie.exe |
"{63D28315-FF30-4E89-81F1-1F698376FB0F}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{646E8CC4-A688-428A-A6E8-271F81A0BECF}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{69529A8C-F2D7-487A-994A-AC15F5A21895}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{69C5A4BD-45D3-4FA9-80AD-2846438D36C4}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{6F68EDB4-2B40-4213-80F4-D9859BC4178E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{728C632F-F80C-4B19-A4FD-91BE3FF7A641}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{88F0ED6A-6070-4CDA-902D-B2FB8EAC71FD}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{88F453AF-DC53-4B2E-A30A-D6802C355EF1}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8FFAA7EA-D9A4-42C5-B79A-6016AAFCE6A3}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{9AF8AD04-D1B1-4942-BFEA-C66CD5167866}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\playmovie\pmvservice.exe |
"{A32FE061-4DFB-45B5-A9C3-40D6EAB2AD04}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A86205C3-2FF9-4C83-9FF6-7C8AA58A5D01}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C0CC6F00-F1FD-4913-A0DD-51A7FF62297E}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\homemedia\homemedia.exe |
"{C1A25507-0B4E-4016-8326-D69E328AC467}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C6A97349-8F2C-48DC-9948-C4037A736D8A}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{C76EAF08-789C-42B7-A349-B5E89B314060}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CD475D03-2F0C-473F-B5CE-9A058E8B7E52}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{CE18EEDA-9978-47BE-B7FF-1E3B462D2A07}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CE368BCE-5563-496D-A2EC-BF6A97D8AC1E}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{E492FE42-B137-40B1-AB29-2E42CF775728}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EF1C3972-5D08-4377-98EA-ACE5549F45AC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{11953C65-BB4E-4CA4-B0F0-2600A4B20040}" = Picture Control Utility x64
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{635BE602-BB9C-4C59-8CC5-93F9366E8A21}" = ViewNX 2
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}" = Broadcom Gigabit NetLink Controller
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BADFD936-E907-C666-A6E1-3C04C06E4260}" = ATI Catalyst Install Manager
"{C3199A20-E216-102C-04B0-8F9FF608A8E1}" = ccc-utility64
"{EE5BE032-86BA-4A2B-4CB0-556156B45FEA}" = ATI AVIVO64 Codecs
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"LSI Soft Modem" = LSI HDA Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00303EC0-EE53-4934-A606-E9B98A96E026}" = CCC Help German
"{046BFB05-BC7F-01A4-C199-B49640D2AD0F}" = Catalyst Control Center Graphics Full New
"{064C45D3-880F-D130-554A-91043413BCEE}" = CCC Help Thai
"{08C12672-6B9B-F155-B060-D375A020B656}" = CCC Help Chinese Traditional
"{090EFBB9-1196-5391-3637-64CAAC5E982B}" = CCC Help Hungarian
"{1226B9A5-FBFD-4120-9AED-08CABCDAF3AB}" = Nokia Ovi Player
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{14272C6B-36D4-FB95-B95B-ADB1C2A7F029}" = CCC Help Italian
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1D535E4B-4D8D-FD55-AD08-125C8C4117D3}" = ccc-core-static
"{1DC4A8CA-F9B1-F762-2448-0A72B36E1E12}" = CCC Help Korean
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{2BA9320D-E061-4C71-ACCB-AC0E9D4FC82B}" = Polar Daemon
"{309BBBEE-F25E-0105-6DB1-B668958C9D37}" = CCC Help Polish
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3EDFC198-8ACC-A6C1-6991-35A80EC9A002}" = CCC Help English
"{41D4A454-9DF4-4299-8C30-1BBA753E83E1}" = Polar WebSync
"{42ED876C-C635-EF22-F4CD-620DC799CDDD}" = Catalyst Control Center Localization All
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{47826EF1-5634-D2E7-0C39-E356B8207676}" = CCC Help Turkish
"{59359B3D-ABE7-46BF-AB55-43B67A64DC68}" = Nokia MTP driver
"{5C93667C-8802-F818-DE66-5E16996D6074}" = CCC Help Japanese
"{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}" = Nikon Movie Editor
"{6140FD34-61AF-2EE7-3E9F-C0D26E532617}" = CCC Help Finnish
"{63DEADD1-C032-4F1F-AF76-26B166D6AC30}" = G Data TotalProtection 2014
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{73E30715-9EC4-4DAE-BE67-64500AEB8012}" = Nokia Nseries Skin for Microsoft Windows Media Player
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{77F5816C-64A6-4FBE-BBE5-52EFE5EB84E8}" = Nokia themes for your device
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7964AE02-9127-42C0-A917-2CE4CD4EFE3B}" = Nokia Suite
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82809116-D1EE-443C-AE31-F19E709DDF7A}" = AMD USB Filter Driver
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}" = Star Defender 4
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{8568FE6D-9769-A751-11D5-5AC7F6B698C2}" = CCC Help Russian
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{890E6592-0998-3C7A-2DB4-A29381485DA5}" = CCC Help Spanish
"{8B999A44-8314-493B-877E-A1DA5B54D9B8}" = Catalyst Control Center - Branding
"{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{2733AA87-26FC-41B0-9D2F-3092345BC370}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.de-de_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.de-de_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{96A39248-6496-075F-BD29-E99333354958}" = CCC Help French
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9978DB94-91EE-8D32-354E-F54A99051A37}" = Catalyst Control Center Core Implementation
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A14A9BB0-7284-D33A-C5D8-DFD773843484}" = Catalyst Control Center Graphics Full Existing
"{A391AF4E-D4D4-D295-19FC-FF6C2DB74169}" = CCC Help Portuguese
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAF89271-2594-468D-B578-96B2E30C41C4}" = eBay Worldwide
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{B02C36FE-3C50-CD6B-6469-4A2F8D90DB3B}" = CCC Help Dutch
"{B4E92469-CC2A-3AB0-E45A-F4C20F8C86C6}" = CCC Help Chinese Standard
"{B77CD8C3-7DB4-8339-0E2F-EEB8DFCABCBC}" = CCC Help Norwegian
"{BF2433BA-ACC4-6DA5-047E-B2D95FE8ECDA}" = CCC Help Greek
"{CD0F9E16-4E3F-2369-9D67-9A0B84362D0A}" = Catalyst Control Center InstallProxy
"{D332D9A9-C8C7-67C6-D5B5-6A0088AB4CF5}" = CCC Help Czech
"{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}" = PC Connectivity Solution
"{DABFD34E-BE68-4BC6-9254-5D7A7FF76B99}" = ArcSoft Panorama Maker 6
"{E0A6AD5F-CFAF-63ED-5C31-6E94B271A4C8}" = Catalyst Control Center Graphics Light
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E41CF65A-72A1-143E-1B4E-1E570C6AD4EC}" = CCC Help Danish
"{E4423F16-0E98-4855-BFF4-3EF016C55D67}" = Nokia_Multimedia_Common_Components_2_5
"{ED636101-1959-4360-8BF7-209436E7DEE4}" = Windows Live Sync
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F59AC46C-10C3-4023-882C-4212A92283B3}_is1" = Lagarith Lossless Codec (1.3.27)
"{FC1FFB3D-0FD9-0746-31EF-3AD987574BE8}" = CCC Help Swedish
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"DC-Bass Source" = DC-Bass Source 1.3.0
"ElsterFormular für Privatanwender 12.0.0.5880p" = ElsterFormular-Upgrade
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Erntezeit" = Erntezeit
"ffdshow_is1" = ffdshow v1.1.4399 [2012-03-22]
"FormatFactory" = FormatFactory 2.60
"Free YouTube Download_is1" = Free YouTube Download version 3.1.42.1212
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.37.1212
"GridVista" = Acer GridVista
"HaaliMkx" = Haali Media Splitter
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Identity Card" = Identity Card
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"LAME_is1" = LAME v3.99.3 (for Windows)
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 22.0 (x86 de)" = Mozilla Firefox 22.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia Suite" = Nokia Suite
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"OpenSource Flash Video Splitter" = OpenSource Flash Video Splitter 1.0.0.5
"Plus-HD-2.3" = Plus-HD-2.3
"VLC media player" = VLC media player 2.0.6
"vsfilter_is1" = DirectVobSub 2.40.4209
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2973977536-698903144-1709705956-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"DSite" = Update for Ultimate Codec
"Ultimate Codec Packages" = Ultimate Codec Packages
"Ultimate Codec Packages 58" = Ultimate Codec Packages 58
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 30.06.2013 16:34:02 | Computer Name = Nelvin70-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Nelvin70\Desktop\esetsmartinstaller_enu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 30.06.2013 18:19:27 | Computer Name = Nelvin70-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 01.07.2013 05:29:58 | Computer Name = Nelvin70-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 01.07.2013 05:29:58 | Computer Name = Nelvin70-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 01.07.2013 05:29:59 | Computer Name = Nelvin70-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 01.07.2013 05:29:59 | Computer Name = Nelvin70-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 01.07.2013 06:32:19 | Computer Name = Nelvin70-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 22.0.0.4917 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: b5c Startzeit:
01ce76432ba90df9 Endzeit: 31 Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID:
7a7db562-e239-11e2-bc74-00262d60b4c2
Error - 01.07.2013 06:34:57 | Computer Name = Nelvin70-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 22.0.0.4917 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1348 Startzeit:
01ce76464901d686 Endzeit: 15 Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID:
d425e5a3-e239-11e2-bc74-00262d60b4c2
Error - 01.07.2013 08:55:16 | Computer Name = Nelvin70-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 22.0.0.4917 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: a0c Startzeit:
01ce76591c27678b Endzeit: 34 Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID:
71832c21-e24d-11e2-83f3-00262d60b4c2
Error - 01.07.2013 12:28:07 | Computer Name = Nelvin70-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: d44 Startzeit:
01ce7676b5ba4331 Endzeit: 0 Anwendungspfad: C:\Users\Nelvin70\Desktop\OTL.exe Berichts-ID:
1477f3a2-e26b-11e2-bb0d-00262d60b4c2
[ System Events ]
Error - 01.07.2013 12:11:53 | Computer Name = Nelvin70-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "MyWinLocker Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 01.07.2013 12:12:13 | Computer Name = Nelvin70-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
GLogin
Error - 01.07.2013 12:12:58 | Computer Name = Nelvin70-PC | Source = DCOM | ID = 10010
Description =
Error - 01.07.2013 12:32:21 | Computer Name = Nelvin70-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst LanmanServer erreicht.
Error - 01.07.2013 12:32:37 | Computer Name = Nelvin70-PC | Source = DCOM | ID = 10010
Description =
Error - 01.07.2013 12:32:51 | Computer Name = Nelvin70-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst ShellHWDetection erreicht.
Error - 01.07.2013 12:32:53 | Computer Name = Nelvin70-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 01.07.2013 12:32:54 | Computer Name = Nelvin70-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 01.07.2013 12:32:55 | Computer Name = Nelvin70-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 01.07.2013 12:32:56 | Computer Name = Nelvin70-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Virtueller Datenträger" wurde unerwartet beendet. Dies
ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
durchgeführt: Neustart des Diensts.
< End of report >
|
|
01.07.2013, 20:30
| #17 | |
| /// TB-Ausbilder   | Weißer Bildschirm nach Benutzeranmelding WIN7 Hallo Bernd,
__________________Zitat:
 Sieh mal an, wieviel unnütze Adware da mit einem Klick sich wieder installiert hat... Sämtliche neu hinzugekommenen Programme in der Systemsteuerung, die du aufgelistet hast, kannst du deinstallieren. Ist nach diesem Fix wieder alles normal? Schritt 1 Fixen mit OTL
Code:
ATTFilter :OTL
[2013.07.01 14:33:27 | 000,001,204 | ---- | C] () -- C:\Windows\tasks\Plus-HD-2.3-codedownloader.job
[2013.07.01 14:32:24 | 000,001,836 | ---- | C] () -- C:\Windows\tasks\Plus-HD-2.3-firefoxinstaller.job
[2013.07.01 14:32:10 | 000,001,910 | ---- | C] () -- C:\Windows\tasks\Plus-HD-2.3-chromeinstaller.job
[2013.07.01 14:34:58 | 000,001,200 | ---- | C] () -- C:\Windows\tasks\Plus-HD-2.3-updater.job
[2013.07.01 14:34:43 | 000,001,104 | ---- | C] () -- C:\Windows\tasks\Plus-HD-2.3-enabler.job
[2013.07.01 14:33:26 | 000,000,000 | ---D | C] -- C:\ProgramData\BrowserDefender
[2013.07.01 14:32:08 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Plus-HD-2.3
O20 - AppInit_DLLs: (c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll) - c:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll ()
[2013.07.01 14:32:31 | 000,000,000 | ---D | M] ("Plus-HD-2.3") -- C:\Users\Nelvin70\AppData\Roaming\mozilla\Firefox\Profiles\3sr381ac.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com
[2013.07.01 14:32:45 | 000,006,505 | ---- | M] () -- C:\Users\Nelvin70\AppData\Roaming\mozilla\firefox\profiles\3sr381ac.default\searchplugins\babylon.xml
IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=CE1B00262D60B4C2&affID=119357&tsp=4930
IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
:commands
[emptytemp]
Schritt 2 Starte bitte die OTL.exe.
Bitte poste in deiner nächsten Antwort:
__________________ |
|
02.07.2013, 13:07
| #18 |
| | Weißer Bildschirm nach Benutzeranmelding WIN7 Hallo Leo,
__________________nach dem fixen wurde der Neustart gefordert => zugelassen. Beim Runterfahren kommt eine Fehlermeldung der winlogon.exe: "Die Anweisung in 0x76fe1cca verweist auf Specher 0x002bf6a0. Der Vorgang read konnte nicht im Speicher durchgeführt werden." Soll ich OK drücken? Gruß Bernd |
|
02.07.2013, 13:16
| #19 | |
| /// TB-Ausbilder | Weißer Bildschirm nach Benutzeranmelding WIN7Zitat:
__________________ cheers, Leo |
|
02.07.2013, 14:14
| #20 |
| | Weißer Bildschirm nach Benutzeranmelding WIN7 Hallo Leo, der OTL-QuickScan hat wieder ca.15 Minuten bei "Scanning FireFox settings..." pausiert (Erscheinungsbild wie aufgehangen) hat den Scan aber ohne mein Zutun weitergeführt. Gruß Bernd All processes killed ========== OTL ========== C:\Windows\Tasks\Plus-HD-2.3-codedownloader.job moved successfully. C:\Windows\Tasks\Plus-HD-2.3-firefoxinstaller.job moved successfully. C:\Windows\Tasks\Plus-HD-2.3-chromeinstaller.job moved successfully. C:\Windows\Tasks\Plus-HD-2.3-updater.job moved successfully. C:\Windows\Tasks\Plus-HD-2.3-enabler.job moved successfully. C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\traking_settings folder moved successfully. C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension folder moved successfully. C:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} folder moved successfully. C:\ProgramData\BrowserDefender\2.6.1339.144 folder moved successfully. C:\ProgramData\BrowserDefender folder moved successfully. C:\Program Files (x86)\Plus-HD-2.3 folder moved successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_Dlls:c:\progra~3\browse~1\261339~1.144\{c16c1~1\browse~1.dll deleted successfully. File c:\ProgramData\BrowserDefender\2.6.1339.144\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll not found. C:\Users\Nelvin70\AppData\Roaming\mozilla\Firefox\Profiles\3sr381ac.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\skin folder moved successfully. C:\Users\Nelvin70\AppData\Roaming\mozilla\Firefox\Profiles\3sr381ac.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\locale\en-US folder moved successfully. C:\Users\Nelvin70\AppData\Roaming\mozilla\Firefox\Profiles\3sr381ac.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\locale folder moved successfully. C:\Users\Nelvin70\AppData\Roaming\mozilla\Firefox\Profiles\3sr381ac.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\defaults\preferences folder moved successfully. C:\Users\Nelvin70\AppData\Roaming\mozilla\Firefox\Profiles\3sr381ac.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\defaults folder moved successfully. C:\Users\Nelvin70\AppData\Roaming\mozilla\Firefox\Profiles\3sr381ac.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\extensionCode folder moved successfully. C:\Users\Nelvin70\AppData\Roaming\mozilla\Firefox\Profiles\3sr381ac.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\core folder moved successfully. C:\Users\Nelvin70\AppData\Roaming\mozilla\Firefox\Profiles\3sr381ac.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content\api folder moved successfully. C:\Users\Nelvin70\AppData\Roaming\mozilla\Firefox\Profiles\3sr381ac.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome\content folder moved successfully. C:\Users\Nelvin70\AppData\Roaming\mozilla\Firefox\Profiles\3sr381ac.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com\chrome folder moved successfully. C:\Users\Nelvin70\AppData\Roaming\mozilla\Firefox\Profiles\3sr381ac.default\extensions\7125a285-7e68-47aa-9d72-e81874f4d47e@d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com folder moved successfully. C:\Users\Nelvin70\AppData\Roaming\mozilla\firefox\profiles\3sr381ac.default\searchplugins\babylon.xml moved successfully. Registry key HKEY_USERS\S-1-5-21-2973977536-698903144-1709705956-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ not found. HKEY_USERS\S-1-5-21-2973977536-698903144-1709705956-1000\Software\Microsoft\Internet Explorer\SearchScopes\\DefaultScope| /E : value set successfully! ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Nelvin70 ->Temp folder emptied: 111357496 bytes ->Temporary Internet Files folder emptied: 31355636 bytes ->Java cache emptied: 0 bytes ->FireFox cache emptied: 104967609 bytes ->Google Chrome cache emptied: 6791842 bytes ->Flash cache emptied: 7268 bytes User: Public %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32 (64bit) .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 1921315 bytes %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 36050606 bytes RecycleBin emptied: 289 bytes Total Files Cleaned = 279,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 07022013_140010 Files\Folders moved on Reboot... C:\Users\Nelvin70\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully. C:\Users\Nelvin70\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat moved successfully. File move failed. C:\Windows\temp\JETA84F.tmp scheduled to be moved on reboot. PendingFileRenameOperations files... Registry entries deleted on Reboot...OTL Logfile: Code:
ATTFilter OTL logfile created on: 02.07.2013 14:19:55 - Run 2 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Nelvin70\Desktop 64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16614) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 4,00 Gb Total Physical Memory | 2,85 Gb Available Physical Memory | 71,27% Memory free 8,00 Gb Paging File | 6,34 Gb Available in Paging File | 79,36% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86) Drive C: | 453,94 Gb Total Space | 384,64 Gb Free Space | 84,73% Space Free | Partition Type: NTFS Computer Name: NELVIN70-PC | User Name: Nelvin70 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - [2013.07.01 18:18:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Nelvin70\Desktop\OTL.exe PRC - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe PRC - [2013.03.22 11:13:36 | 001,957,840 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe PRC - [2013.03.22 05:04:17 | 001,444,304 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe PRC - [2013.03.22 04:55:34 | 001,854,928 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe PRC - [2013.03.22 04:36:57 | 001,944,016 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe PRC - [2013.02.25 15:00:02 | 000,257,512 | ---- | M] (G Data Software) -- C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe PRC - [2013.02.25 14:59:46 | 000,696,808 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe PRC - [2013.02.25 04:15:25 | 000,635,344 | ---- | M] (G Data Software AG) -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe PRC - [2012.08.17 15:43:24 | 000,413,184 | ---- | M] () -- C:\Program Files (x86)\Polar\Daemon\polard.exe PRC - [2011.06.14 17:42:26 | 001,540,096 | ---- | M] (Nokia) -- C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe PRC - [2009.08.21 02:25:50 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe PRC - [2009.08.04 22:45:00 | 000,181,480 | ---- | M] (Acer Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe PRC - [2009.07.31 18:29:12 | 000,128,296 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe PRC - [2009.07.04 03:47:12 | 000,240,160 | ---- | M] (Acer) -- C:\Programme\Acer\Acer Updater\UpdaterService.exe PRC - [2009.06.04 15:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe PRC - [2008.07.29 20:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe ========== Modules (No Company Name) ========== MOD - [2008.07.29 20:29:26 | 000,200,704 | ---- | M] () -- C:\Windows\PLFSetI.exe ========== Services (SafeList) ========== SRV:64bit: - [2009.07.02 20:16:06 | 000,203,264 | ---- | M] (AMD) [Auto | Running] -- C:\Windows\SysNative\atiesrxx.exe -- (AMD External Events Utility) SRV - [2013.07.01 12:09:58 | 000,117,144 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance) SRV - [2013.06.21 13:37:27 | 002,555,360 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKWCtlX64.exe -- (AVKWCtl) SRV - [2013.06.12 19:08:54 | 000,256,904 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc) SRV - [2013.05.11 12:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice) SRV - [2013.03.22 11:13:36 | 001,957,840 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe -- (AVKProxy) SRV - [2013.03.22 04:51:02 | 002,926,672 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFwSvcx64.exe -- (GDFwSvc) SRV - [2013.03.22 04:36:57 | 001,944,016 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVKBackup\AVKBackupService.exe -- (GDBackupSvc) SRV - [2013.02.25 15:00:02 | 000,257,512 | ---- | M] (G Data Software) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\TSNxG\TSNxGService.exe -- (TSNxGService) SRV - [2013.02.25 14:59:46 | 000,696,808 | ---- | M] (G Data Software AG) [On_Demand | Running] -- C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe -- (GDScan) SRV - [2013.02.25 05:06:17 | 001,711,568 | ---- | M] (G Data Software AG) [On_Demand | Stopped] -- C:\Program Files (x86)\G Data\TotalProtection\AVKTuner\AVKTunerService.exe -- (GDTunerSvc) SRV - [2013.02.25 04:15:25 | 000,635,344 | ---- | M] (G Data Software AG) [Auto | Running] -- C:\Program Files (x86)\G Data\TotalProtection\AVK\AVKService.exe -- (AVKService) SRV - [2012.08.17 15:43:24 | 000,413,184 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Polar\Daemon\polard.exe -- (Polar Daemon) SRV - [2012.04.22 13:51:04 | 000,720,936 | ---- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer) SRV - [2010.03.18 14:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32) SRV - [2009.08.21 02:25:50 | 000,062,720 | ---- | M] (NewTech Infosystems, Inc.) [Auto | Running] -- C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc) SRV - [2009.08.07 11:18:54 | 000,311,592 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe -- (MWLService) SRV - [2009.08.05 22:30:58 | 000,844,320 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Programme\Acer\Acer ePower Management\ePowerSvc.exe -- (ePowerSvc) SRV - [2009.07.04 03:47:12 | 000,240,160 | ---- | M] (Acer) [Auto | Running] -- C:\Programme\Acer\Acer Updater\UpdaterService.exe -- (Updater Service) SRV - [2009.06.10 23:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32) SRV - [2009.06.04 15:04:50 | 001,150,496 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Registration\GregHSRW.exe -- (Greg_Service) SRV - [2009.03.28 04:10:16 | 000,016,896 | ---- | M] (LSI Corporation) [Auto | Running] -- C:\Programme\LSI SoftModem\agr64svc.exe -- (AgereModemAudio) ========== Driver Services (SafeList) ========== DRV:64bit: - [2013.07.01 00:33:55 | 000,098,760 | ---- | M] (G Data Software) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\TS4nt.sys -- (TS4NT) DRV:64bit: - [2013.07.01 00:33:54 | 000,077,656 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\gddcd64.sys -- (gddcd) DRV:64bit: - [2013.07.01 00:33:54 | 000,058,712 | ---- | M] (G Data Software AG) [File_System | System | Running] -- C:\Windows\SysNative\drivers\gddcv64.sys -- (gddcv) DRV:64bit: - [2013.07.01 00:33:53 | 000,064,856 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\gdwfpcd64.sys -- (gdwfpcd) DRV:64bit: - [2013.07.01 00:33:51 | 000,065,368 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\HookCentre.sys -- (HookCentre) DRV:64bit: - [2013.07.01 00:33:40 | 000,130,392 | ---- | M] (G Data Software AG) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\MiniIcpt.sys -- (GDMnIcpt) DRV:64bit: - [2013.07.01 00:33:40 | 000,060,248 | ---- | M] (G Data Software AG) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\GDBehave.sys -- (GDBehave) DRV:64bit: - [2013.05.11 06:47:14 | 000,107,128 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\GRD.sys -- (GRD) DRV:64bit: - [2013.05.09 10:11:37 | 000,062,808 | ---- | M] (G Data Software AG) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\PktIcpt.sys -- (GDPkIcpt) DRV:64bit: - [2012.12.13 14:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64) DRV:64bit: - [2012.08.21 14:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM) DRV:64bit: - [2012.04.22 13:51:38 | 000,025,600 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\pccsmcfdx64.sys -- (pccsmcfd) DRV:64bit: - [2012.03.01 08:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec) DRV:64bit: - [2012.01.09 17:28:20 | 000,171,008 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsux64.sys -- (nmwcdnsux64) DRV:64bit: - [2012.01.09 17:28:20 | 000,019,968 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbx64.sys -- (nmwcd) DRV:64bit: - [2012.01.09 17:28:20 | 000,012,800 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nmwcdnsucx64.sys -- (nmwcdnsucx64) DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltjx64.sys -- (UsbserFilt) DRV:64bit: - [2012.01.09 17:28:20 | 000,009,216 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser_lowerfltx64.sys -- (upperdev) DRV:64bit: - [2012.01.09 17:28:18 | 000,027,136 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ccdcmbox64.sys -- (nmwcdc) DRV:64bit: - [2010.11.20 15:33:35 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD) DRV:64bit: - [2010.11.20 13:07:05 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt) DRV:64bit: - [2010.11.20 12:43:57 | 000,032,768 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbser.sys -- (usbser) DRV:64bit: - [2009.07.14 03:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs) DRV:64bit: - [2009.07.14 03:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2) DRV:64bit: - [2009.07.14 03:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor) DRV:64bit: - [2009.07.09 03:49:16 | 001,484,800 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr) DRV:64bit: - [2009.07.02 20:51:30 | 006,036,480 | ---- | M] (ATI Technologies Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\atikmdag.sys -- (atikmdag) DRV:64bit: - [2009.06.20 13:35:00 | 000,317,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a) DRV:64bit: - [2009.06.20 04:09:57 | 000,054,272 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\L1E62x64.sys -- (L1E) DRV:64bit: - [2009.06.19 06:12:32 | 000,272,432 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP) DRV:64bit: - [2009.06.11 23:34:38 | 001,208,320 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\agrsm64.sys -- (AgereSoftModem) DRV:64bit: - [2009.06.10 23:01:11 | 001,485,312 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTDPV6.SYS -- (SrvHsfV92) DRV:64bit: - [2009.06.10 23:01:11 | 000,740,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTCNXT6.SYS -- (SrvHsfWinac) DRV:64bit: - [2009.06.10 23:01:11 | 000,292,864 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VSTAZL6.SYS -- (SrvHsfHDA) DRV:64bit: - [2009.06.10 22:37:05 | 006,108,416 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx) DRV:64bit: - [2009.06.10 22:34:38 | 001,311,232 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BCMWL664.SYS -- (BCM43XX) DRV:64bit: - [2009.06.10 22:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv) DRV:64bit: - [2009.06.10 22:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv) DRV:64bit: - [2009.06.10 22:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a) DRV:64bit: - [2009.06.10 22:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir) DRV:64bit: - [2009.06.05 12:20:26 | 000,114,192 | ---- | M] (ATI Research Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\AtiHdmi.sys -- (AtiHdmiService) DRV:64bit: - [2009.06.05 02:46:50 | 000,216,064 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RtsUStor.sys -- (RSUSBSTOR) DRV:64bit: - [2009.06.03 05:15:30 | 000,060,464 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDVDisk.sys -- (mwlPSDVDisk) DRV:64bit: - [2009.06.03 05:15:30 | 000,022,576 | ---- | M] (Egis Technology Inc.) [File_System | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDFilter.sys -- (mwlPSDFilter) DRV:64bit: - [2009.06.03 05:15:30 | 000,020,016 | ---- | M] (Egis Technology Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\mwlPSDNserv.sys -- (mwlPSDNServ) DRV:64bit: - [2009.05.06 02:46:08 | 000,018,432 | ---- | M] (NewTech Infosystems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr) DRV:64bit: - [2009.05.06 02:46:08 | 000,016,896 | ---- | M] (NewTech Infosystems Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper) DRV:64bit: - [2009.05.05 07:30:28 | 000,016,440 | ---- | M] (Advanced Micro Devices Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\AtiPcie.sys -- (AtiPcie) DRV:64bit: - [2009.04.28 16:03:42 | 000,067,128 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata) DRV:64bit: - [2009.04.28 16:03:42 | 000,028,216 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata) DRV:64bit: - [2009.04.03 07:39:58 | 000,034,872 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\usbfilter.sys -- (usbfilter) DRV:64bit: - [2007.05.14 16:06:18 | 000,027,520 | ---- | M] (Research In Motion Limited) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\RimUsb_AMD64.sys -- (RimUsb) DRV - [2011.02.18 19:07:10 | 000,106,224 | ---- | M] (G Data Software) [Kernel | System | Running] -- C:\Windows\SysWOW64\drivers\GRD.sys -- (GRD) DRV - [2009.07.14 03:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE:64bit: - HKLM\..\SearchScopes,DefaultScope = IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE:64bit: - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = Google IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login. IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 11 07 0A 9C F1 09 CD 01 [binary data] IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\..\URLSearchHook: {9d81af43-de53-48d0-a199-42c2a226b24c} - No CLSID value found IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\..\URLSearchHook: {cc05a3e3-64c3-4af2-bfc1-af0d66b69065} - No CLSID value found IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\..\SearchScopes,bProtectorDefaultScope = {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\..\SearchScopes,DefaultScope = IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?} IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE382 IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW_deDE382 IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local ========== FireFox ========== FF - prefs.js..browser.search.defaultenginename: "Bing" FF - prefs.js..browser.search.defaulturl: "hxxp://www.bing.com/search?FORM=IEFM1&q=" FF - prefs.js..browser.search.selectedEngine: "Google" FF - prefs.js..browser.search.useDBForOrder: true FF - prefs.js..browser.startup.homepage: "about:home" FF - prefs.js..extensions.enabledAddons: 7125a285-7e68-47aa-9d72-e81874f4d47e%40d3fcdb92-135d-4a8a-8cf6-11e3b57c5fda.com:0.91.9 FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0 FF - user.js - File not found FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll File not found FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll () FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.17.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@nokia.com/EnablerPlugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( ) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.6: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.07.01 12:09:48 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.07.01 12:09:50 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013.07.01 12:09:48 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 22.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013.07.01 12:09:50 | 000,000,000 | ---D | M] [2010.06.05 18:35:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nelvin70\AppData\Roaming\mozilla\Extensions [2013.07.02 14:00:20 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Nelvin70\AppData\Roaming\mozilla\Firefox\Profiles\3sr381ac.default\extensions [2010.11.17 08:57:41 | 000,001,819 | ---- | M] () -- C:\Users\Nelvin70\AppData\Roaming\mozilla\firefox\profiles\3sr381ac.default\searchplugins\bing.xml [2013.07.01 14:34:29 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\Extensions [2013.07.01 12:09:47 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions [2013.07.01 12:09:59 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} File not found (No name found) -- C:\USERS\NELVIN70\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\3SR381AC.DEFAULT\EXTENSIONS\7125A285-7E68-47AA-9D72-E81874F4D47E@D3FCDB92-135D-4A8A-8CF6-11E3B57C5FDA.COM ========== Chrome ========== CHR - default_search_provider: () CHR - default_search_provider: search_url = CHR - default_search_provider: suggest_url = CHR - Extension: No name found = C:\Users\Nelvin70\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp\1.0.1.1_0\ CHR - Extension: No name found = C:\Users\Nelvin70\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\crossrider CHR - Extension: No name found = C:\Users\Nelvin70\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.9_0\ O1 HOSTS File: ([2009.06.10 23:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts O2:64bit: - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found. O3:64bit: - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.) O4:64bit: - HKLM..\Run: [Acer ePower Management] C:\Programme\Acer\Acer ePower Management\ePowerTray.exe (Acer Incorporated) O4:64bit: - HKLM..\Run: [PLFSetI] C:\Windows\PLFSetI.exe () O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) O4 - HKLM..\Run: [] File not found O4 - HKLM..\Run: [ArcadeDeluxeAgent] C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe (CyberLink Corp.) O4 - HKLM..\Run: [G Data AntiVirus Tray] C:\Program Files (x86)\G Data\TotalProtection\AVKTray\AVKTray.exe (G Data Software AG) O4 - HKLM..\Run: [GDFirewallTray] C:\Program Files (x86)\G Data\TotalProtection\Firewall\GDFirewallTray.exe (G Data Software AG) O4 - HKLM..\Run: [NokiaMServer] C:\Program Files (x86)\Common Files\Nokia\MPlatform\NokiaMServer.exe (Nokia) O4 - HKLM..\Run: [PlayMovie] C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe (Acer Corp.) O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation) O4 - HKU\S-1-5-21-2973977536-698903144-1709705956-1000..\Run: [] File not found O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1 O7 - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: LogonHoursAction = 2 O7 - HKU\S-1-5-21-2973977536-698903144-1709705956-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DontDisplayLogonHoursWarnings = 1 O8:64bit: - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found O8:64bit: - Extra context menu item: Free YouTube Download - C:\Users\Nelvin70\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found O8:64bit: - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Nelvin70\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 File not found O8 - Extra context menu item: Free YouTube Download - C:\Users\Nelvin70\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm File not found O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\Nelvin70\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm File not found O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL (Microsoft Corporation) O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Inc.) O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.) O1364bit: - gopher Prefix: missing O13 - gopher Prefix: missing O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0017-0000-0017-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_17-windows-i586.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BE12938E-FFDE-4E07-B808-C1EAC01CFA43}: DhcpNameServer = 192.168.2.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{F0F5E0F7-1D09-48F1-900F-F238498D5192}: DhcpNameServer = 192.168.1.1 192.168.1.1 O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found O18:64bit: - Protocol\Handler\ms-help - No CLSID value found O18:64bit: - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation) O20 - HKU\S-1-5-21-2973977536-698903144-1709705956-1000 Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation) O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1" %* O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %* O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.07.02 14:00:10 | 000,000,000 | ---D | C] -- C:\_OTL [2013.07.01 18:18:01 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Nelvin70\Desktop\OTL.exe [2013.07.01 16:52:54 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.07.01 14:35:40 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DivX [2013.07.01 14:34:36 | 000,000,000 | ---D | C] -- C:\Users\Nelvin70\AppData\Roaming\Ultimate Codec Packages [2013.07.01 14:34:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow [2013.07.01 14:33:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter [2013.07.01 14:33:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DirectVobSub [2013.07.01 14:33:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ffdshow [2013.07.01 14:33:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DirectVobSub [2013.07.01 14:33:45 | 000,000,000 | ---D | C] -- C:\Users\Nelvin70\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter [2013.07.01 14:33:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Lame For Audacity [2013.07.01 14:33:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\DSP-worx [2013.07.01 14:33:43 | 000,000,000 | ---D | C] -- C:\ProgramData\DivX [2013.07.01 14:33:42 | 000,000,000 | ---D | C] -- C:\Users\Nelvin70\AppData\Roaming\LavFilters [2013.07.01 14:33:42 | 000,000,000 | ---D | C] -- C:\Users\Nelvin70\AppData\Roaming\CDXReader [2013.07.01 14:33:36 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\OpenSource Flash Video Splitter [2013.07.01 12:09:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox [2013.07.01 00:33:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G Data TotalProtection 2014 [2013.06.30 23:39:16 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2013.06.30 22:12:26 | 000,000,000 | ---D | C] -- C:\Users\Nelvin70\AppData\Roaming\Malwarebytes [2013.06.30 22:11:15 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.06.30 22:11:14 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.06.30 22:11:12 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys [2013.06.30 22:11:12 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware [2013.06.30 22:10:35 | 000,000,000 | ---D | C] -- C:\Users\Nelvin70\AppData\Local\Programs [2013.06.30 22:05:46 | 010,285,040 | ---- | C] (Malwarebytes Corporation ) -- C:\Users\Nelvin70\Desktop\mbam-setup-1.75.0.1300.exe [2013.06.11 19:48:33 | 000,000,000 | ---D | C] -- C:\ProgramData\CropBusters [2013.06.11 19:47:09 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Purplehills [2013.06.11 19:46:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Purplehills [2013.06.09 14:52:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN [2013.06.09 14:52:02 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\VideoLAN [2013.06.09 14:40:21 | 000,000,000 | ---D | C] -- C:\Users\Nelvin70\Desktop\arbeit [2013.06.09 14:32:22 | 000,000,000 | ---D | C] -- C:\Users\Nelvin70\Desktop\Filme [2013.06.07 09:36:27 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Adobe [2009.08.22 11:01:18 | 000,036,136 | ---- | C] (Oberon Media) -- C:\ProgramData\FullRemove.exe ========== Files - Modified Within 30 Days ========== [2013.07.02 14:52:01 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.07.02 14:17:27 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.07.02 14:08:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.07.02 13:58:00 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.07.02 13:58:00 | 000,017,376 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.07.02 13:48:55 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.07.02 13:48:33 | 3219,935,232 | -HS- | M] () -- C:\hiberfil.sys [2013.07.01 18:18:03 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Nelvin70\Desktop\OTL.exe [2013.07.01 18:05:02 | 000,648,201 | ---- | M] () -- C:\Users\Nelvin70\Desktop\adwcleaner2303.exe [2013.07.01 15:39:24 | 000,000,005 | ---- | M] () -- C:\Users\Nelvin70\AppData\Roaming\WBPU-TTL.DAT [2013.07.01 14:33:39 | 000,001,996 | ---- | M] () -- C:\Windows\unins000.dat [2013.07.01 14:33:36 | 000,715,038 | ---- | M] () -- C:\Windows\unins000.exe [2013.07.01 12:44:47 | 487,788,043 | ---- | M] () -- C:\Windows\MEMORY.DMP [2013.07.01 00:33:57 | 000,001,975 | ---- | M] () -- C:\Users\Public\Desktop\G Data TotalProtection 2014.lnk [2013.07.01 00:33:55 | 000,098,760 | ---- | M] (G Data Software) -- C:\Windows\SysNative\drivers\TS4nt.sys [2013.07.01 00:33:54 | 000,077,656 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\gddcd64.sys [2013.07.01 00:33:54 | 000,058,712 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\gddcv64.sys [2013.07.01 00:33:53 | 000,064,856 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\gdwfpcd64.sys [2013.07.01 00:33:51 | 000,065,368 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\HookCentre.sys [2013.07.01 00:33:40 | 000,130,392 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\MiniIcpt.sys [2013.07.01 00:33:40 | 000,060,248 | ---- | M] (G Data Software AG) -- C:\Windows\SysNative\drivers\GDBehave.sys [2013.06.30 22:04:40 | 010,285,040 | ---- | M] (Malwarebytes Corporation ) -- C:\Users\Nelvin70\Desktop\mbam-setup-1.75.0.1300.exe [2013.06.30 19:37:59 | 001,536,468 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI [2013.06.30 19:37:59 | 000,667,564 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat [2013.06.30 19:37:59 | 000,628,710 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat [2013.06.30 19:37:59 | 000,136,166 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat [2013.06.30 19:37:59 | 000,111,956 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat [2013.06.12 19:13:45 | 000,097,034 | ---- | M] () -- C:\Users\Nelvin70\Desktop\Babyjacke.pdf [2013.06.09 14:52:55 | 000,001,070 | ---- | M] () -- C:\Users\Public\Desktop\VLC media player.lnk [2013.06.07 09:36:56 | 000,002,023 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2013.06.04 19:53:14 | 000,007,597 | ---- | M] () -- C:\Users\Nelvin70\AppData\Local\Resmon.ResmonCfg ========== Files Created - No Company Name ========== [2013.07.01 18:04:54 | 000,648,201 | ---- | C] () -- C:\Users\Nelvin70\Desktop\adwcleaner2303.exe [2013.07.01 15:39:24 | 000,000,005 | ---- | C] () -- C:\Users\Nelvin70\AppData\Roaming\WBPU-TTL.DAT [2013.07.01 14:33:52 | 000,079,360 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll [2013.07.01 14:33:48 | 000,178,688 | ---- | C] () -- C:\Windows\SysWow64\unrar.dll [2013.07.01 14:33:38 | 000,715,038 | ---- | C] () -- C:\Windows\unins000.exe [2013.07.01 14:33:38 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll [2013.07.01 14:33:38 | 000,148,992 | ---- | C] ( ) -- C:\Windows\SysNative\lagarith.dll [2013.07.01 14:33:38 | 000,001,996 | ---- | C] () -- C:\Windows\unins000.dat [2013.07.01 12:44:47 | 487,788,043 | ---- | C] () -- C:\Windows\MEMORY.DMP [2013.06.12 19:13:45 | 000,097,034 | ---- | C] () -- C:\Users\Nelvin70\Desktop\Babyjacke.pdf [2013.06.09 14:52:55 | 000,001,070 | ---- | C] () -- C:\Users\Public\Desktop\VLC media player.lnk [2013.06.07 09:36:56 | 000,002,023 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader XI.lnk [2013.06.07 09:36:55 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk [2013.05.11 17:45:47 | 000,000,000 | ---- | C] () -- C:\Windows\topsecret.INI [2013.03.23 08:37:37 | 000,010,455 | ---- | C] () -- C:\Users\Nelvin70\Elster2_elster_2048.pfx [2013.02.13 19:40:35 | 000,000,000 | ---- | C] () -- C:\Windows\ViewNX2.INI [2013.02.13 19:29:16 | 000,000,268 | RH-- | C] () -- C:\Users\Nelvin70\AppData\Roaming\DirectoryService [2013.02.13 19:29:16 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLes.DAT [2013.02.13 19:29:16 | 000,000,012 | RH-- | C] () -- C:\ProgramData\External Build System [2013.02.13 19:28:09 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Drum Kits [2013.02.13 19:28:09 | 000,000,268 | RH-- | C] () -- C:\Users\Nelvin70\AppData\Roaming\Displays [2013.02.13 19:28:09 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Filesystems [2013.02.13 19:28:08 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Documentation [2013.02.13 19:28:08 | 000,000,268 | RH-- | C] () -- C:\Users\Nelvin70\AppData\Roaming\Digital Mono [2013.02.13 19:28:08 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLev.DAT [2013.02.13 19:28:08 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLet.DAT [2013.02.13 19:23:32 | 000,000,268 | RH-- | C] () -- C:\Users\Nelvin70\AppData\Roaming\Enhance Timing [2013.02.13 19:23:32 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLeo.DAT [2013.02.13 19:23:32 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Guides [2013.02.13 19:23:32 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Examples [2011.12.16 23:28:35 | 000,000,000 | ---- | C] () -- C:\Users\Nelvin70\AppData\Roaming\wklnhst.dat [2011.11.28 18:30:05 | 001,066,766 | ---- | C] () -- C:\Windows\SysWow64\sig.bin [2011.11.15 18:24:04 | 000,000,001 | R--- | C] () -- C:\Users\Nelvin70\serverport [2010.12.20 22:27:21 | 000,000,680 | RHS- | C] () -- C:\Users\Nelvin70\ntuser.pol [2010.07.23 19:16:22 | 000,036,864 | ---- | C] () -- C:\Users\Nelvin70\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.07.22 22:05:56 | 000,007,597 | ---- | C] () -- C:\Users\Nelvin70\AppData\Local\Resmon.ResmonCfg ========== ZeroAccess Check ========== [2009.07.14 06:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64 [HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64 "" = C:\Windows\SysNative\shell32.dll -- [2013.02.27 07:52:56 | 014,172,672 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.02.27 06:55:05 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 03:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 14:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64 "" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 03:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] ========== LOP Check ========== [2013.07.01 14:33:50 | 000,000,000 | ---D | M] -- C:\Users\Nelvin70\AppData\Roaming\CDXReader [2011.12.27 12:23:16 | 000,000,000 | ---D | M] -- C:\Users\Nelvin70\AppData\Roaming\Datalayer [2013.01.06 17:20:12 | 000,000,000 | ---D | M] -- C:\Users\Nelvin70\AppData\Roaming\DVDVideoSoft [2012.02.10 08:54:43 | 000,000,000 | ---D | M] -- C:\Users\Nelvin70\AppData\Roaming\elsterformular [2010.05.22 06:22:20 | 000,000,000 | ---D | M] -- C:\Users\Nelvin70\AppData\Roaming\GameConsole [2013.07.01 14:34:16 | 000,000,000 | ---D | M] -- C:\Users\Nelvin70\AppData\Roaming\LavFilters [2013.02.13 19:34:04 | 000,000,000 | ---D | M] -- C:\Users\Nelvin70\AppData\Roaming\Nikon [2012.06.28 18:50:15 | 000,000,000 | ---D | M] -- C:\Users\Nelvin70\AppData\Roaming\Nokia [2011.03.03 22:40:52 | 000,000,000 | ---D | M] -- C:\Users\Nelvin70\AppData\Roaming\Nokia Ovi Suite [2012.02.05 20:12:16 | 000,000,000 | ---D | M] -- C:\Users\Nelvin70\AppData\Roaming\Nokia Suite [2012.06.28 18:48:31 | 000,000,000 | ---D | M] -- C:\Users\Nelvin70\AppData\Roaming\PC Suite [2011.08.28 13:58:37 | 000,000,000 | ---D | M] -- C:\Users\Nelvin70\AppData\Roaming\PlayFirst [2010.06.20 17:45:21 | 000,000,000 | ---D | M] -- C:\Users\Nelvin70\AppData\Roaming\PowerCinema [2010.11.30 20:33:02 | 000,000,000 | ---D | M] -- C:\Users\Nelvin70\AppData\Roaming\SoftDMA [2011.12.16 23:29:14 | 000,000,000 | ---D | M] -- C:\Users\Nelvin70\AppData\Roaming\Template [2013.01.06 17:02:32 | 000,000,000 | ---D | M] -- C:\Users\Nelvin70\AppData\Roaming\TuneUp Software [2013.07.01 14:34:36 | 000,000,000 | ---D | M] -- C:\Users\Nelvin70\AppData\Roaming\Ultimate Codec Packages [2010.11.17 00:54:30 | 000,000,000 | ---D | M] -- C:\Users\Nelvin70\AppData\Roaming\Windows Live Writer ========== Purity Check ========== < End of report > OTL Logfile: Code:
ATTFilter OTL Extras logfile created on: 01.07.2013 18:29:08 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Nelvin70\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16614)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
4,00 Gb Total Physical Memory | 2,89 Gb Available Physical Memory | 72,20% Memory free
8,00 Gb Paging File | 6,36 Gb Available in Paging File | 79,54% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 453,94 Gb Total Space | 384,53 Gb Free Space | 84,71% Space Free | Partition Type: NTFS
Computer Name: NELVIN70-PC | User Name: Nelvin70 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- Reg Error: Key error.
https [open] -- Reg Error: Key error.
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~2\MICROS~3\Office12\ONENOTE.EXE "%L"
Directory [PlayWithVLC] -- "C:\Program Files (x86)\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{06C9BBA9-2633-40A8-B3C0-3E2573643E4E}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{14B2102B-5D4E-42B9-AE67-71B079CF865F}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1554BCBE-6905-4586-92E8-9A8E7D622BF2}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{251E53F3-9D5E-4C12-8A34-022E060E2D69}" = rport=445 | protocol=6 | dir=out | app=system |
"{37C25EE6-DC7C-4EF7-8370-242074AD03FD}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3D81A020-2F97-4A47-BD4B-BA94CEA4994C}" = lport=139 | protocol=6 | dir=in | app=system |
"{40D1617C-E37F-422F-907C-293E6F5921A5}" = rport=10243 | protocol=6 | dir=out | app=system |
"{525007BE-4735-4198-BB4C-9E69FB6F5631}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5678FFC4-C2D9-47B5-865E-F3B6F1042040}" = rport=139 | protocol=6 | dir=out | app=system |
"{689CA53C-B105-4DB7-9CBC-87DA528E296A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{6A1DF705-66B3-44A0-9766-B90ADCA3ACCC}" = lport=10243 | protocol=6 | dir=in | app=system |
"{75575EFD-631A-4ACC-9BED-DAD4C62DA528}" = rport=137 | protocol=17 | dir=out | app=system |
"{7B8C9829-1116-4526-9E5E-B1E44BF4E227}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9168A189-4988-46B8-A68D-64A934CBA57C}" = lport=138 | protocol=17 | dir=in | app=system |
"{9D61FD39-CB4B-491C-9501-E7C0169DB25A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |
"{A261A7B1-B6C1-4A24-BB4F-96D3A5F14EC1}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A8EF0BD9-E8FA-4873-82C5-3ADD422E89C9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{A9DB28C2-E729-40D8-B53A-F5B9368BC14A}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{BCDBB76E-30F3-46E7-84A4-1E64993BCD12}" = lport=445 | protocol=6 | dir=in | app=system |
"{CA673EF9-427A-4926-96A8-A02322CA2CCA}" = rport=138 | protocol=17 | dir=out | app=system |
"{F23CDA08-CDC7-4671-BA03-E86FBC6DA2FF}" = lport=137 | protocol=17 | dir=in | app=system |
"{FFD6A7BF-DAD8-428E-B911-06C3027C22E3}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{04630EF7-9D10-4438-83AD-13E1EF30B275}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{084517CC-4569-45F5-8E15-F39470C0E4FB}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{08E6CA72-2EE7-4687-B25C-622C9022C666}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{09E7E8D7-5CC9-451B-BB42-109E2810B983}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{0C48D1FD-A479-4C00-8BE4-977910FFA0C0}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{0E062CF5-3832-45A9-9044-309B53D5BE85}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{18DFA0FD-279C-400E-A935-878FD62B5F1C}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{19BA8793-E4DE-4A14-8E17-6D8DAC0F3440}" = protocol=6 | dir=out | app=system |
"{21BB25BD-2272-41EE-B8C6-875CBAF434B9}" = protocol=6 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{29C6A2C8-BB77-4C95-9870-5D211702BAB0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2FF1C33F-13C1-429F-83A2-F6EAD7134CCE}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{32DCD457-911C-4CF4-8343-D31A04106A11}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{363D81C4-DEC6-497B-A154-0CA8A88CED99}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{37879F04-27F8-49BA-B61E-FFF839890549}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{41B736B4-F047-472B-ACEA-864292C12F5E}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{4710F7CE-BE95-4D90-BDD9-4D542F9AB8FE}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{4AC2954A-B61F-4C20-A4F4-6D22E19948DA}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{52EE3116-4ADA-4EDC-B681-EB209E2496D6}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{552C2FB0-E1EB-4EBA-BB97-21F5FCB81E57}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5781AFBA-E34A-49F5-8D9C-367BDC519F93}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\schedulersvc.exe |
"{5B3F53E9-4726-42C4-BE5C-2A562A3246D2}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\playmovie\playmovie.exe |
"{63D28315-FF30-4E89-81F1-1F698376FB0F}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{646E8CC4-A688-428A-A6E8-271F81A0BECF}" = dir=in | app=c:\program files (x86)\nokia\nokia suite\nokiasuite.exe |
"{69529A8C-F2D7-487A-994A-AC15F5A21895}" = protocol=17 | dir=in | app=c:\program files (x86)\newtech infosystems\nti backup now 5\backupsvc.exe |
"{69C5A4BD-45D3-4FA9-80AD-2846438D36C4}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |
"{6F68EDB4-2B40-4213-80F4-D9859BC4178E}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{728C632F-F80C-4B19-A4FD-91BE3FF7A641}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{88F0ED6A-6070-4CDA-902D-B2FB8EAC71FD}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{88F453AF-DC53-4B2E-A30A-D6802C355EF1}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8FFAA7EA-D9A4-42C5-B79A-6016AAFCE6A3}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |
"{9AF8AD04-D1B1-4942-BFEA-C66CD5167866}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\playmovie\pmvservice.exe |
"{A32FE061-4DFB-45B5-A9C3-40D6EAB2AD04}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{A86205C3-2FF9-4C83-9FF6-7C8AA58A5D01}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{C0CC6F00-F1FD-4913-A0DD-51A7FF62297E}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\homemedia\homemedia.exe |
"{C1A25507-0B4E-4016-8326-D69E328AC467}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C6A97349-8F2C-48DC-9948-C4037A736D8A}" = dir=in | app=c:\program files (x86)\acer arcade deluxe\acer arcade deluxe\acer arcade deluxe.exe |
"{C76EAF08-789C-42B7-A349-B5E89B314060}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{CD475D03-2F0C-473F-B5CE-9A058E8B7E52}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{CE18EEDA-9978-47BE-B7FF-1E3B462D2A07}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{CE368BCE-5563-496D-A2EC-BF6A97D8AC1E}" = dir=in | app=c:\program files (x86)\windows live\sync\windowslivesync.exe |
"{E492FE42-B137-40B1-AB29-2E42CF775728}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{EF1C3972-5D08-4377-98EA-ACE5549F45AC}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0225AD21-F3E2-4916-BFF3-65D3F9052582}" = iTunes
"{071c9b48-7c32-4621-a0ac-3f809523288f}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{0E3DAF3D-FF69-345A-A99E-1FED304CA083}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{11953C65-BB4E-4CA4-B0F0-2600A4B20040}" = Picture Control Utility x64
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{4D668D4F-FAA2-4726-834C-31F4614F312E}" = MSVC80_x64_v2
"{635BE602-BB9C-4C59-8CC5-93F9366E8A21}" = ViewNX 2
"{680EDA59-9266-44B4-949E-0C24F65DFF82}" = Microsoft_VC100_CRT_SP1_x64
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007
"{90120000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2007
"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007
"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}" = Broadcom Gigabit NetLink Controller
"{AB071C8B-873C-459F-ACA9-9EBE03C3E89B}" = MSVC90_x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B6E3757B-5E77-3915-866A-CCFC4B8D194C}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053
"{BADFD936-E907-C666-A6E1-3C04C06E4260}" = ATI Catalyst Install Manager
"{C3199A20-E216-102C-04B0-8F9FF608A8E1}" = ccc-utility64
"{EE5BE032-86BA-4A2B-4CB0-556156B45FEA}" = ATI AVIVO64 Codecs
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"CCleaner" = CCleaner
"FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D" = Windows-Treiberpaket - Nokia pccsmcfd (08/22/2008 7.0.0.0)
"LSI Soft Modem" = LSI HDA Modem
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"SynTPDeinstKey" = Synaptics Pointing Device Driver
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{00303EC0-EE53-4934-A606-E9B98A96E026}" = CCC Help German
"{046BFB05-BC7F-01A4-C199-B49640D2AD0F}" = Catalyst Control Center Graphics Full New
"{064C45D3-880F-D130-554A-91043413BCEE}" = CCC Help Thai
"{08C12672-6B9B-F155-B060-D375A020B656}" = CCC Help Chinese Traditional
"{090EFBB9-1196-5391-3637-64CAAC5E982B}" = CCC Help Hungarian
"{1226B9A5-FBFD-4120-9AED-08CABCDAF3AB}" = Nokia Ovi Player
"{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now Standard
"{14272C6B-36D4-FB95-B95B-ADB1C2A7F029}" = CCC Help Italian
"{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{1D535E4B-4D8D-FD55-AD08-125C8C4117D3}" = ccc-core-static
"{1DC4A8CA-F9B1-F762-2448-0A72B36E1E12}" = CCC Help Korean
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"{2BA9320D-E061-4C71-ACCB-AC0E9D4FC82B}" = Polar Daemon
"{309BBBEE-F25E-0105-6DB1-B668958C9D37}" = CCC Help Polish
"{3DB0448D-AD82-4923-B305-D001E521A964}" = Acer ePower Management
"{3EDFC198-8ACC-A6C1-6991-35A80EC9A002}" = CCC Help English
"{41D4A454-9DF4-4299-8C30-1BBA753E83E1}" = Polar WebSync
"{42ED876C-C635-EF22-F4CD-620DC799CDDD}" = Catalyst Control Center Localization All
"{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}" = Apple Application Support
"{47826EF1-5634-D2E7-0C39-E356B8207676}" = CCC Help Turkish
"{59359B3D-ABE7-46BF-AB55-43B67A64DC68}" = Nokia MTP driver
"{5C93667C-8802-F818-DE66-5E16996D6074}" = CCC Help Japanese
"{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}" = Nikon Movie Editor
"{6140FD34-61AF-2EE7-3E9F-C0D26E532617}" = CCC Help Finnish
"{63DEADD1-C032-4F1F-AF76-26B166D6AC30}" = G Data TotalProtection 2014
"{68301905-2DEA-41CE-A4D4-E8B443B099BA}" = MyWinLocker
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Backup Manager Basic
"{73E30715-9EC4-4DAE-BE67-64500AEB8012}" = Nokia Nseries Skin for Microsoft Windows Media Player
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7760D94E-B1B5-40A0-9AA0-ABF942108755}" = Acer Crystal Eye Webcam
"{77F5816C-64A6-4FBE-BBE5-52EFE5EB84E8}" = Nokia themes for your device
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7964AE02-9127-42C0-A917-2CE4CD4EFE3B}" = Nokia Suite
"{7F811A54-5A09-4579-90E1-C93498E230D9}" = Acer eRecovery Management
"{82809116-D1EE-443C-AE31-F19E709DDF7A}" = AMD USB Filter Driver
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}" = Chicken Invaders 2
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}" = Granny In Paradise
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112662477}" = Merriam Websters Spell Jam
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}" = Heroes of Hellas
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}" = Dream Day First Home
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114803710}" = Star Defender 4
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}" = Dairy Dash
"{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}" = Farm Frenzy 2
"{8568FE6D-9769-A751-11D5-5AC7F6B698C2}" = CCC Help Russian
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{890E6592-0998-3C7A-2DB4-A29381485DA5}" = CCC Help Spanish
"{8B999A44-8314-493B-877E-A1DA5B54D9B8}" = Catalyst Control Center - Branding
"{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1" = Acer GameZone Console
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0015-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0017-0407-0000-0000000FF1CE}" = Microsoft Office SharePoint Designer MUI (German) 2007
"{90120000-0017-0407-0000-0000000FF1CE}_OMUI.de-de_{2733AA87-26FC-41B0-9D2F-3092345BC370}" = Microsoft Office SharePoint Designer 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISE_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}_OMUI.de-de_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_HOMESTUDENTR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}_OMUI.de-de_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_HOMESTUDENTR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}_OMUI.de-de_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISE_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}_OMUI.de-de_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_HOMESTUDENTR_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0407-1000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002A-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0044-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISE_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}_OMUI.de-de_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISE_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0100-0407-0000-0000000FF1CE}" = Microsoft Office O MUI (German) 2007
"{90120000-0100-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0101-0407-0000-0000000FF1CE}" = Microsoft Office X MUI (German) 2007
"{90120000-0101-0407-0000-0000000FF1CE}_OMUI.de-de_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0116-0409-1000-0000000FF1CE}_HOMESTUDENTR_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{91120000-002F-0000-0000-0000000FF1CE}" = Microsoft Office Home and Student 2007
"{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{95120000-00AF-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint Viewer 2007 (German)
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{96A39248-6496-075F-BD29-E99333354958}" = CCC Help French
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9978DB94-91EE-8D32-354E-F54A99051A37}" = Catalyst Control Center Core Implementation
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{A14A9BB0-7284-D33A-C5D8-DFD773843484}" = Catalyst Control Center Graphics Full Existing
"{A391AF4E-D4D4-D295-19FC-FF6C2DB74169}" = CCC Help Portuguese
"{A57025CC-5F2E-4D01-B387-06DB10500D43}" = Nokia Connectivity Cable Driver
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AAF89271-2594-468D-B578-96B2E30C41C4}" = eBay Worldwide
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.03) - Deutsch
"{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}" = QuickTime
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{B014EE44-9197-4513-9613-71E6EB1B514E}" = Nikon Message Center 2
"{B02C36FE-3C50-CD6B-6469-4A2F8D90DB3B}" = CCC Help Dutch
"{B4E92469-CC2A-3AB0-E45A-F4C20F8C86C6}" = CCC Help Chinese Standard
"{B77CD8C3-7DB4-8339-0E2F-EEB8DFCABCBC}" = CCC Help Norwegian
"{BF2433BA-ACC4-6DA5-047E-B2D95FE8ECDA}" = CCC Help Greek
"{CD0F9E16-4E3F-2369-9D67-9A0B84362D0A}" = Catalyst Control Center InstallProxy
"{D332D9A9-C8C7-67C6-D5B5-6A0088AB4CF5}" = CCC Help Czech
"{DA5B2BDC-F654-4A88-A669-4D34BC7846A1}" = PC Connectivity Solution
"{DABFD34E-BE68-4BC6-9254-5D7A7FF76B99}" = ArcSoft Panorama Maker 6
"{E0A6AD5F-CFAF-63ED-5C31-6E94B271A4C8}" = Catalyst Control Center Graphics Light
"{E3B64CC5-C011-40C0-92BC-7316CD5E5688}" = Microsoft_VC100_CRT_SP1_x86
"{E41CF65A-72A1-143E-1B4E-1E570C6AD4EC}" = CCC Help Danish
"{E4423F16-0E98-4855-BFF4-3EF016C55D67}" = Nokia_Multimedia_Common_Components_2_5
"{ED636101-1959-4360-8BF7-209436E7DEE4}" = Windows Live Sync
"{EE171732-BEB4-4576-887D-CB62727F01CA}" = Acer Updater
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F4811919-F252-4B25-9AB2-8859A85810B5}" = TuneUp Utilities Language Pack (de-DE)
"{F59AC46C-10C3-4023-882C-4212A92283B3}_is1" = Lagarith Lossless Codec (1.3.27)
"{FC1FFB3D-0FD9-0746-31EF-3AD987574BE8}" = CCC Help Swedish
"Acer Registration" = Acer Registration
"Acer Screensaver" = Acer ScreenSaver
"Acer Welcome Center" = Welcome Center
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"DC-Bass Source" = DC-Bass Source 1.3.0
"ElsterFormular für Privatanwender 12.0.0.5880p" = ElsterFormular-Upgrade
"ENTERPRISE" = Microsoft Office Enterprise 2007
"Erntezeit" = Erntezeit
"ffdshow_is1" = ffdshow v1.1.4399 [2012-03-22]
"FormatFactory" = FormatFactory 2.60
"Free YouTube Download_is1" = Free YouTube Download version 3.1.42.1212
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.11.37.1212
"GridVista" = Acer GridVista
"HaaliMkx" = Haali Media Splitter
"HOMESTUDENTR" = Microsoft Office Home and Student 2007
"Identity Card" = Identity Card
"InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}" = NTI Backup Now 5
"InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}" = eSobi v2
"InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}" = NTI Media Maker 8
"InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}" = Acer Arcade Deluxe
"InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}" = Acer Backup Manager
"LAME_is1" = LAME v3.99.3 (for Windows)
"LManager" = Launch Manager
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"Mozilla Firefox 22.0 (x86 de)" = Mozilla Firefox 22.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"Nokia Suite" = Nokia Suite
"OMUI.de-de" = Microsoft Office Language Pack 2007 - German/Deutsch
"OpenSource Flash Video Splitter" = OpenSource Flash Video Splitter 1.0.0.5
"Plus-HD-2.3" = Plus-HD-2.3
"VLC media player" = VLC media player 2.0.6
"vsfilter_is1" = DirectVobSub 2.40.4209
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2973977536-698903144-1709705956-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"DSite" = Update for Ultimate Codec
"Ultimate Codec Packages" = Ultimate Codec Packages
"Ultimate Codec Packages 58" = Ultimate Codec Packages 58
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 30.06.2013 16:34:02 | Computer Name = Nelvin70-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Nelvin70\Desktop\esetsmartinstaller_enu.exe".
Fehler in Manifest- oder Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche
Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In
Konflikt stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 30.06.2013 18:19:27 | Computer Name = Nelvin70-PC | Source = SideBySide | ID = 16842832
Description = Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files
(x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder
Richtliniendatei "" in Zeile . Eine für die Anwendung erforderliche Komponentenversion
steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt
stehende Komponenten:. Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente
2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error - 01.07.2013 05:29:58 | Computer Name = Nelvin70-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksdb.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 01.07.2013 05:29:58 | Computer Name = Nelvin70-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksCal.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 01.07.2013 05:29:59 | Computer Name = Nelvin70-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "C:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\wksss.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 01.07.2013 05:29:59 | Computer Name = Nelvin70-PC | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\Windows\Installer\{62F7DA7E-CCCB-439C-A760-00C3926E761F}\WksWP.exe".
Die
abhängige Assemblierung "msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 01.07.2013 06:32:19 | Computer Name = Nelvin70-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 22.0.0.4917 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: b5c Startzeit:
01ce76432ba90df9 Endzeit: 31 Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID:
7a7db562-e239-11e2-bc74-00262d60b4c2
Error - 01.07.2013 06:34:57 | Computer Name = Nelvin70-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 22.0.0.4917 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 1348 Startzeit:
01ce76464901d686 Endzeit: 15 Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID:
d425e5a3-e239-11e2-bc74-00262d60b4c2
Error - 01.07.2013 08:55:16 | Computer Name = Nelvin70-PC | Source = Application Hang | ID = 1002
Description = Programm firefox.exe, Version 22.0.0.4917 kann nicht mehr unter Windows
ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: a0c Startzeit:
01ce76591c27678b Endzeit: 34 Anwendungspfad: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Berichts-ID:
71832c21-e24d-11e2-83f3-00262d60b4c2
Error - 01.07.2013 12:28:07 | Computer Name = Nelvin70-PC | Source = Application Hang | ID = 1002
Description = Programm OTL.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: d44 Startzeit:
01ce7676b5ba4331 Endzeit: 0 Anwendungspfad: C:\Users\Nelvin70\Desktop\OTL.exe Berichts-ID:
1477f3a2-e26b-11e2-bb0d-00262d60b4c2
[ System Events ]
Error - 01.07.2013 12:11:53 | Computer Name = Nelvin70-PC | Source = Service Control Manager | ID = 7000
Description = Der Dienst "MyWinLocker Service" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 01.07.2013 12:12:13 | Computer Name = Nelvin70-PC | Source = Service Control Manager | ID = 7026
Description = Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
GLogin
Error - 01.07.2013 12:12:58 | Computer Name = Nelvin70-PC | Source = DCOM | ID = 10010
Description =
Error - 01.07.2013 12:32:21 | Computer Name = Nelvin70-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst LanmanServer erreicht.
Error - 01.07.2013 12:32:37 | Computer Name = Nelvin70-PC | Source = DCOM | ID = 10010
Description =
Error - 01.07.2013 12:32:51 | Computer Name = Nelvin70-PC | Source = Service Control Manager | ID = 7011
Description = Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung
von Dienst ShellHWDetection erreicht.
Error - 01.07.2013 12:32:53 | Computer Name = Nelvin70-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 01.07.2013 12:32:54 | Computer Name = Nelvin70-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 01.07.2013 12:32:55 | Computer Name = Nelvin70-PC | Source = Disk | ID = 262155
Description = Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.
Error - 01.07.2013 12:32:56 | Computer Name = Nelvin70-PC | Source = Service Control Manager | ID = 7031
Description = Der Dienst "Virtueller Datenträger" wurde unerwartet beendet. Dies
ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden
durchgeführt: Neustart des Diensts.
< End of report >
|
|
02.07.2013, 14:17
| #21 |
| /// TB-Ausbilder | Weißer Bildschirm nach Benutzeranmelding WIN7 Hallo Bernd, ja OTL hängt gerne mal bei den Firefox-Settings, das ist nicht aussergewöhnlich. Ist jetzt wieder alles in Ordnung auf dem Rechner?
__________________ --> Weißer Bildschirm nach Benutzeranmelding WIN7 |
|
02.07.2013, 14:26
| #22 |
| | Weißer Bildschirm nach Benutzeranmelding WIN7 Hallo Leo, kann erstal keine "Macken" feststellen. Würde jetzt die oben genammten Programme vom 01.07. deinstallieren und von einer Aktualisierung der PugIns (auf Teufek komm raus) absehen. Gruß Bernd |
|
02.07.2013, 14:44
| #23 | ||
| /// TB-Ausbilder | Weißer Bildschirm nach Benutzeranmelding WIN7 Hallo Bernd, Zitat:
Zitat:
Danach kannst du noch einmal delfix durchlaufen lassen und wir sind fertig: Downloade dir bitte delfix auf deinen Desktop.
__________________ cheers, Leo |
|
02.07.2013, 15:15
| #24 |
| | Weißer Bildschirm nach Benutzeranmelding WIN7 Hallo Leo, Delfix ist durch, Rechner läuft wieder und ist sauber. Ist ein schönes Gefühl! Vielen Dank, dass du das möglich gemacht hast. Darüberhinaus habe ich einiges dazugelernt und deine Hinweise/Tips förmlich aufgesogen. Ich wünsche dir eine erfolgreiche Weiterführung deiner hochkarätigen Bord-Tätigkeit. Viele Grüße Bernd |
|
02.07.2013, 15:17
| #25 |
| /// TB-Ausbilder | Weißer Bildschirm nach Benutzeranmelding WIN7 Danke für die Rückmeldung, Bernd. Freut mich, dass wir helfen konnten.  Falls du dem Forum noch Verbesserungsvorschläge, Kritik oder ein Lob mitgeben möchtest, kannst du das hier tun. Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Ich bekomme somit keine Benachrichtigung mehr über neue Antworten. Solltest du das Thema erneut brauchen, schicke mir bitte eine PM und wir machen hier weiter. Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.
__________________ cheers, Leo |
|
| Themen zu Weißer Bildschirm nach Benutzeranmelding WIN7 |
| adobe, adobe flash player, antivirus, bho, bildschirm, bonjour, browser, defender, error, explorer, explorer.exe, firefox, firewall, flash player, format, helper, home, logfile, microsoft, mozilla, plug-in, realtek, registry, scan, software, tarma, totalprotection, winlogon |
Textbox. 
Linear-Darstellung
