| |
| |||||||
Log-Analyse und Auswertung: Windows 7: Firefox/Chrome starten nicht mehr nach Installation von ilivid (Prozess bricht ab)Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
05.11.2013, 10:08
| #16 |
| /// the machine /// TB-Ausbilder    |  Windows 7: Firefox/Chrome starten nicht mehr nach Installation von ilivid (Prozess bricht ab) Lösch bitte FRST und lad es neu, scanne nochmal. Wenn es immer noch falsch anzeigt, dann: Lade Dir bitte OTL von Oldtimer herunter und speichere es auf Deinem Desktop ( falls noch nicht vorhanden ).
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.11.2013, 10:20
| #17 |
| | Windows 7: Firefox/Chrome starten nicht mehr nach Installation von ilivid (Prozess bricht ab) Neuinstallation FRTS
__________________ PS: In Sachen offline-Viren kennst Du Dich nicht zufällig aus?  OTL.txt Code:
ATTFilter OTL logfile created on: 06.11.2013 09:47:46 - Run 1 OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\schubkraft-1\Desktop\trojaner-board Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation Internet Explorer (Version = 9.10.9200.16721) Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy 3,45 Gb Total Physical Memory | 1,69 Gb Available Physical Memory | 48,85% Memory free 6,90 Gb Paging File | 4,91 Gb Available in Paging File | 71,14% Paging File free Paging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 231,86 Gb Total Space | 25,07 Gb Free Space | 10,81% Space Free | Partition Type: NTFS Drive X: | 26,00 Gb Total Space | 2,01 Gb Free Space | 7,74% Space Free | Partition Type: FAT32 Computer Name: SCHUBKRAFT-NB | User Name: schubkraft-1 | Logged in as Administrator. Boot Mode: Normal | Scan Mode: Current user Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days ========== Processes (SafeList) ========== PRC - C:\Users\schubkraft-1\Desktop\trojaner-board\OTL.exe (OldTimer Tools) PRC - C:\Programme\Opera 10.50 Beta\opera.exe (Opera Software) PRC - C:\Programme\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender) PRC - C:\Programme\Bitdefender\Bitdefender 2013\vsserv.exe (Bitdefender) PRC - C:\Programme\Bitdefender\Bitdefender 2013\updatesrv.exe (Bitdefender) PRC - C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH) PRC - C:\Programme\TeamViewer\Version8\TeamViewer.exe (TeamViewer GmbH) PRC - C:\Programme\TeamViewer\Version8\tv_w32.exe (TeamViewer GmbH) PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation) PRC - C:\Programme\Microsoft Office\Office12\OUTLOOK.EXE (Microsoft Corporation) PRC - C:\Programme\Fieldston Software\gSyncit\gsyncit.updater.exe (Fieldston Software) PRC - C:\Programme\WebTemp\WebTemp.exe (hxxp://www.webtemp.org) PRC - C:\Windows\System32\FsUsbExService.Exe (Teruten) PRC - C:\Programme\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation) PRC - C:\Programme\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation) PRC - C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) PRC - C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) PRC - C:\Programme\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation) PRC - C:\Programme\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation) PRC - C:\Users\schubkraft-1\AppData\Roaming\Wuala\Wuala.exe (LaCie) PRC - C:\Programme\Dual Monitor\DualMonitor.exe (Cristi) PRC - C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe (TuneUp Software) PRC - C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software) PRC - C:\Programme\SpeedFan\speedfan.exe (Almico Software (www.almico.com)) PRC - C:\Programme\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) PRC - C:\Programme\Common Files\logishrd\KHAL3\KHALMNPR.exe (Logitech, Inc.) PRC - C:\Windows\explorer.exe (Microsoft Corporation) PRC - C:\Programme\Dell V310-V510 Series\ezprint.exe () PRC - C:\Programme\Dell V310-V510 Series\dleamon.exe () PRC - C:\Programme\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe (Microsoft Corporation) PRC - C:\Programme\Windows Home Server\WHSConnector.exe (Microsoft Corporation) PRC - C:\Programme\Windows Home Server\esClient.exe (Microsoft Corporation) PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Windows\System32\dleacoms.exe ( ) PRC - C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.) PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\stacsv.exe (IDT, Inc.) PRC - C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) PRC - C:\Programme\DellTPad\ApMsgFwd.exe (Alps Electric Co., Ltd.) PRC - C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) PRC - C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) PRC - C:\Programme\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe (Wave Systems Corp.) PRC - C:\Windows\System32\StikyNot.exe (Microsoft Corporation) PRC - C:\Programme\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe (Broadcom Corporation) PRC - C:\Programme\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe (Broadcom Corporation) PRC - C:\Programme\Wave Systems Corp\Trusted Drive Manager\TdmService.exe (Wave Systems Corp.) PRC - C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) PRC - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\AEstSrv.exe (Andrea Electronics Corporation) PRC - C:\Programme\DellTPad\ApntEx.exe (Alps Electric Co., Ltd.) PRC - C:\Programme\DellTPad\hidfind.exe (Alps Electric Co., Ltd.) PRC - C:\Programme\Spybot - Search & Destroy\SDWinSec.exe (Safer Networking Ltd.) ========== Modules (No Company Name) ========== MOD - C:\Users\SCHUBK~1\AppData\Local\Temp\sfamcc00001.dll () MOD - C:\Users\SCHUBK~1\AppData\Local\Temp\sfareca00001.dll () MOD - C:\Programme\Bitdefender\Bitdefender 2013\txmlutil.dll () MOD - C:\Programme\Bitdefender\Bitdefender 2013\bdmetrics.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\8f5b881951592b2fd05f710650bf7e04\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\ef0a534be135cd8f0d99d938d8b1814a\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\29f3ae8d313e62b4daed1107ccd29f9f\System.Configuration.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\c5db04fde4893300ff28045ce4f7567d\System.Windows.Forms.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\d913e7d0b1d32187e0c234f8a1a581fc\System.Core.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\edb27e2c25837f79902054965d6813cd\System.Configuration.ni.dll () MOD - C:\Windows\System32\Macromed\Flash\NPSWF32_11_9_900_117.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Design\4be0c2e47ac32081fe54f7c94150cbbc\System.Design.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\6ebbfafc5521934f7e1c154937a2788b\System.Web.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\5970036570c1e44e8ae0f6f94c1039aa\System.EnterpriseServices.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\4ada2213cefea889a5ed6e2fb6839b93\System.Transactions.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\764054efc88f51b54c8d7e44df26b671\System.Data.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5aa44bce7933e4de09d935848f868a4b\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\09db78d6068543df01862a023aca785a\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\5d22a30e587e2cac106b81fb351e7c08\System.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\82d58d49946f82eb56bae40f3b097784\System.Xml.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\cceaf9d7891fc325a90473aa9a661661\System.Drawing.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\System\ac79b74f022d9a096de2b884f4249543\System.ni.dll () MOD - C:\Users\schubkraft-1\AppData\Local\Wuala\Program0\lib.446\jnotify.dll () MOD - C:\Users\schubkraft-1\AppData\Local\Wuala\Program0\lib.446\jcbfs3.dll () MOD - C:\Users\schubkraft-1\AppData\Local\Wuala\Program0\lib.446\orangevolt-4n-1.1.2.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\stdole\071856a2fade2421a4b3440ce7e5810c\stdole.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\de6ee26de5e4f343509de7e92ab48ba6\CustomMarshalers.ni.dll () MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\9a6c1b7af18b4d5a91dc7f8d6617522f\mscorlib.ni.dll () MOD - C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\bf2ecabcd96ec8238dc385b0a3ffa084\mscorlib.ni.dll () MOD - C:\Programme\Common Files\microsoft shared\OFFICE12\MSPTLS.DLL () MOD - C:\Programme\Fieldston Software\gSyncit\gSyncit.core.dll () MOD - C:\Programme\Fieldston Software\gSyncit\gsyncit.addin.dll () MOD - C:\Programme\FileZilla FTP Client\fzshellext.dll () MOD - C:\Programme\Fieldston Software\gSyncit\System.Data.SQLite.dll () MOD - C:\Programme\Dual Monitor\ExplorerHook32.dll () MOD - C:\Programme\Logitech\SetPointP\Macros\MacroCore.dll () MOD - C:\Programme\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll () MOD - C:\Programme\Microsoft Office\Office12\OUTLCTL.DLL () MOD - C:\Programme\Dell V310-V510 Series\ezprint.exe () MOD - C:\Programme\Dell V310-V510 Series\dleamon.exe () MOD - C:\Windows\assembly\GAC_MSIL\System.Windows.Forms.resources\2.0.0.0_de_b77a5c561934e089\System.Windows.Forms.resources.dll () MOD - C:\Windows\assembly\GAC_MSIL\mscorlib.resources\2.0.0.0_de_b77a5c561934e089\mscorlib.resources.dll () MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll () MOD - C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll () MOD - C:\Programme\Dell V310-V510 Series\dleadrs.dll () MOD - C:\Programme\Dell V310-V510 Series\dleascw.dll () MOD - C:\Windows\assembly\GAC\office\12.0.0.0__71e9bce111e9429c\office.dll () MOD - C:\Windows\assembly\GAC\Extensibility\7.0.3300.0__b03f5f7f11d50a3a\Extensibility.dll () MOD - C:\Windows\assembly\GAC\Microsoft.Office.Interop.Outlook\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Outlook.dll () MOD - C:\Programme\Dell V310-V510 Series\DLEAcfg.dll () MOD - C:\Windows\System32\wxvault.dll () MOD - C:\Programme\Dell V310-V510 Series\epoemdll.dll () MOD - C:\Programme\Dell V310-V510 Series\epstring.dll () MOD - C:\Programme\Dell V310-V510 Series\epwizres.dll () MOD - C:\Programme\Dell V310-V510 Series\epwizard.dll () MOD - C:\Programme\Dell V310-V510 Series\customui.dll () MOD - C:\Programme\Dell V310-V510 Series\epfunct.dll () MOD - C:\Programme\Dell V310-V510 Series\eputil.dll () MOD - C:\Programme\Dell V310-V510 Series\imagutil.dll () MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll () MOD - C:\Windows\System32\spool\drivers\w32x86\3\dleadatr.dll () MOD - C:\Windows\System32\dleasmr.dll () MOD - C:\Programme\Dell V310-V510 Series\iptk.dll () MOD - C:\Programme\Dell V310-V510 Series\dleacaps.dll () MOD - C:\Programme\Dell V310-V510 Series\dleacnv4.dll () MOD - C:\Programme\Dell V310-V510 Series\dleaptp.dll () MOD - C:\Programme\Microsoft Office\Office12\ADDINS\ColleagueImport.dll () MOD - C:\Windows\System32\dleasm.dll () MOD - C:\Programme\Dell Printable Web\toolband.dll () MOD - C:\Programme\Dell Printable Web\resource.dll () ========== Services (SafeList) ========== SRV - (WMCoreService) -- C:\Program Files\Dell\Dell WWAN\WMCore\mini_WMCore.exe servicemode File not found SRV - (SMManager) -- C:\Program Files\Dell\Dell ControlPoint\Connection Manager\SMManager.exe File not found SRV - (ServiceLayer) -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe File not found SRV - (SBSDWSCService) -- C:\Program Files\Spybot File not found SRV - (dcpsysmgrsvc) -- c:\Program Files\Dell\Dell ControlPoint\System Manager\DCPSysMgrSvc.exe File not found SRV - (buttonsvc32) -- C:\Program Files\Dell\Dell ControlPoint\DCPButtonSvc.exe File not found SRV - (BdDesktopParental) -- C:\Programme\Bitdefender\Bitdefender 2013\bdparentalservice.exe (Bitdefender) SRV - (VSSERV) -- C:\Program Files\Bitdefender\Bitdefender 2013\vsserv.exe (Bitdefender) SRV - (UPDATESRV) -- C:\Program Files\Bitdefender\Bitdefender 2013\updatesrv.exe (Bitdefender) SRV - (StarMoney 9.0 OnlineUpdate) -- C:\Programme\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz-Software Entwicklung und Vertriebs GmbH) SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated) SRV - (TeamViewer8) -- C:\Programme\TeamViewer\Version8\TeamViewer_Service.exe (TeamViewer GmbH) SRV - (MozillaMaintenance) -- C:\Programme\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation) SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies) SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation) SRV - (FsUsbExService) -- C:\Windows\System32\FsUsbExService.Exe (Teruten) SRV - (Sony PC Companion) -- C:\Programme\Sony\Sony PC Companion\PCCService.exe (Avanquest Software) SRV - (StarMoney 8.0 OnlineUpdate) -- C:\Programme\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH) SRV - (AMPPALR3) -- C:\Programme\Intel\BluetoothHS\BTHSAmpPalService.exe (Intel Corporation) SRV - (ZeroConfigService) -- C:\Programme\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation) SRV - (EvtEng) -- C:\Programme\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation) SRV - (RegSrvc) -- C:\Programme\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation) SRV - (BTHSSecurityMgr) -- C:\Programme\Intel\BluetoothHS\BTHSSecurityMgr.exe (Intel(R) Corporation) SRV - (TuneUp.UtilitiesSvc) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe (TuneUp Software) SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software) SRV - (StarMoney 7.0 OnlineUpdate) -- C:\Programme\StarMoney 7.0\ouservice\StarMoneyOnlineUpdate.exe (Star Finanz - Software Entwicklung und Vertriebs GmbH) SRV - (LBTServ) -- C:\Programme\Common Files\logishrd\Bluetooth\LBTServ.exe (Logitech, Inc.) SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (arXfrSvc) -- C:\Programme\Windows Home Server\Microsoft.HomeServer.Archive.TransferService.exe (Microsoft Corporation) SRV - (WHSConnector) -- C:\Programme\Windows Home Server\WHSConnector.exe (Microsoft Corporation) SRV - (esClient) -- C:\Programme\Windows Home Server\esClient.exe (Microsoft Corporation) SRV - (SQLWriter) -- c:\Programme\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (dlea_device) -- C:\Windows\System32\dleacoms.exe ( ) SRV - (dleaCATSCustConnectService) -- C:\Windows\System32\spool\DRIVERS\W32X86\3\\dleaserv.exe () SRV - (STacSV) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\stacsv.exe (IDT, Inc.) SRV - (btwdins) -- C:\Programme\WIDCOMM\Bluetooth Software\btwdins.exe (Broadcom Corporation.) SRV - (IAANTMON) -- C:\Programme\Intel\Intel Matrix Storage Manager\IAANTmon.exe (Intel Corporation) SRV - (StorSvc) -- C:\Windows\System32\StorSvc.dll (Microsoft Corporation) SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation) SRV - (PeerDistSvc) -- C:\Windows\System32\PeerDistSvc.dll (Microsoft Corporation) SRV - (iprip) -- C:\Windows\System32\iprip.dll (Microsoft Corporation) SRV - (Credential Vault Host Storage) -- C:\Programme\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe (Broadcom Corporation) SRV - (Credential Vault Host Control Service) -- C:\Programme\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe (Broadcom Corporation) SRV - (TdmService) -- C:\Programme\Wave Systems Corp\Trusted Drive Manager\TdmService.exe (Wave Systems Corp.) SRV - (SecureStorageService) -- C:\Programme\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe (Wave Systems Corp.) SRV - (AESTFilters) -- C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_d511891fb5bff1e2\AEstSrv.exe (Andrea Electronics Corporation) SRV - (tcsd_win32.exe) -- C:\Programme\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe () SRV - (WcesComm) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (RapiMgr) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (pccsmcfd) -- system32\DRIVERS\pccsmcfd.sys File not found DRV - (NvtSp50) -- System32\Drivers\NvtSp50.sys File not found DRV - (dgderdrv) -- System32\drivers\dgderdrv.sys File not found DRV - (CtClsFlt) -- system32\DRIVERS\CtClsFlt.sys File not found DRV - (CtAudDrv) -- C:\Windows\system32\Drivers\CtAudDrv.sys File not found DRV - (catchme) -- C:\Users\SCHUBK~1\AppData\Local\Temp\catchme.sys File not found DRV - (bdselfpr) -- C:\Programme\Bitdefender\Bitdefender 2013\bdselfpr.sys (BitDefender LLC) DRV - (BDSandBox) -- C:\Windows\System32\drivers\bdsandbox.sys (BitDefender SRL) DRV - (trufos) -- C:\Windows\System32\drivers\trufos.sys (BitDefender S.R.L.) DRV - (avc3) -- C:\Windows\System32\drivers\avc3.sys (BitDefender) DRV - (avckf) -- C:\Windows\System32\drivers\avckf.sys (BitDefender) DRV - (gzflt) -- C:\Windows\System32\drivers\gzflt.sys (BitDefender LLC) DRV - (BdfNdisf) -- c:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfndisf6.sys (BitDefender LLC) DRV - (ssudmdm) -- C:\Windows\System32\drivers\ssudmdm.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV - (dg_ssudbus) -- C:\Windows\System32\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr)) DRV - (ssadbus) -- C:\Windows\System32\drivers\ssadbus.sys (MCCI Corporation) DRV - (FsUsbExDisk) -- C:\Windows\System32\FsUsbExDisk.Sys () DRV - (AMPPALP) -- C:\Windows\System32\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider) DRV - (AMPPAL) -- C:\Windows\System32\drivers\AmpPal.sys (Windows (R) Win 7 DDK provider) DRV - (avchv) -- C:\Windows\System32\drivers\avchv.sys (BitDefender) DRV - (RdpVideoMiniport) -- C:\Windows\System32\drivers\rdpvideominiport.sys (Microsoft Corporation) DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation) DRV - (cbfs3) -- C:\Windows\System32\drivers\cbfs3.sys (EldoS Corporation) DRV - (NETwNs32) -- C:\Windows\System32\drivers\NETwNs32.sys (Intel Corporation) DRV - (ggsemc) -- C:\Windows\System32\drivers\ggsemc.sys (Sony Ericsson Mobile Communications) DRV - (ggflt) -- C:\Windows\System32\drivers\ggflt.sys (Sony Ericsson Mobile Communications) DRV - (bdfwfpf) -- C:\Programme\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys (BitDefender LLC) DRV - (LMouFilt) -- C:\Windows\System32\drivers\LMouFilt.Sys (Logitech, Inc.) DRV - (LHidFilt) -- C:\Windows\System32\drivers\LHidFilt.Sys (Logitech, Inc.) DRV - (LEqdUsb) -- C:\Windows\System32\drivers\LEqdUsb.sys (Logitech, Inc.) DRV - (LHidEqd) -- C:\Windows\System32\drivers\LHidEqd.sys (Logitech, Inc.) DRV - (AnyDVD) -- C:\Windows\System32\drivers\AnyDVD.sys (SlySoft, Inc.) DRV - (TuneUpUtilitiesDrv) -- C:\Programme\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys (TuneUp Software) DRV - (speedfan) -- C:\Windows\System32\speedfan.sys (Almico Software) DRV - (vmbus) -- C:\Windows\System32\drivers\vmbus.sys (Microsoft Corporation) DRV - (storflt) -- C:\Windows\System32\drivers\vmstorfl.sys (Microsoft Corporation) DRV - (storvsc) -- C:\Windows\System32\drivers\storvsc.sys (Microsoft Corporation) DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation) DRV - (VMBusHID) -- C:\Windows\System32\drivers\VMBusHID.sys (Microsoft Corporation) DRV - (s3cap) -- C:\Windows\System32\drivers\vms3cap.sys (Microsoft Corporation) DRV - (epmntdrv) -- C:\Windows\System32\epmntdrv.sys () DRV - (EuGdiDrv) -- C:\Windows\System32\EuGdiDrv.sys () DRV - (NETw5s32) -- C:\Windows\System32\drivers\NETw5s32.sys (Intel Corporation) DRV - (ApfiltrService) -- C:\Windows\System32\drivers\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (STHDA) -- C:\Windows\System32\drivers\stwrt.sys (IDT, Inc.) DRV - (WwanUsbServ) -- C:\Windows\System32\drivers\WwanUsbMp.sys (Ericsson AB) DRV - (d554gps) -- C:\Windows\System32\drivers\d554gps.sys (Ericsson AB) DRV - (Mbm3Mdm) -- C:\Windows\System32\drivers\Mbm3Mdm.sys (MCCI Corporation) DRV - (Mbm3mdfl) -- C:\Windows\System32\drivers\Mbm3mdfl.sys (MCCI Corporation) DRV - (Mbm3DevMt) -- C:\Windows\System32\drivers\Mbm3DevMt.sys (MCCI Corporation) DRV - (Mbm3CBus) -- C:\Windows\System32\drivers\Mbm3CBus.sys (MCCI Corporation) DRV - (ecnssndisfltr) -- C:\Windows\System32\drivers\wwanussf.sys (Ericsson AB) DRV - (ecnssndis) -- C:\Windows\System32\drivers\wwanuss.sys (Ericsson AB) DRV - (cvusbdrv) -- C:\Windows\System32\drivers\cvusbdrv.sys (Broadcom Corporation) DRV - (HTCAND32) -- C:\Windows\System32\drivers\ANDROIDUSB.sys (HTC, Corporation) DRV - (d554scard) -- C:\Windows\System32\drivers\d554scard.sys (Ericsson AB) DRV - (LVUVC) -- C:\Windows\System32\drivers\lvuvc.sys (Logitech Inc.) DRV - (LVRS) -- C:\Windows\System32\drivers\lvrs.sys (Logitech Inc.) DRV - (lvpopflt) -- C:\Windows\System32\drivers\lvpopflt.sys (Logitech Inc.) DRV - (NAL) -- C:\Windows\System32\drivers\iqvw32.sys (Intel Corporation ) DRV - (WavxDMgr) -- C:\Windows\System32\drivers\WavxDMgr.sys (Wave Systems Corp.) DRV - (ivusb) -- C:\Windows\System32\drivers\ivusb.sys (Initio Corporation) DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation) DRV - (acpials) -- C:\Windows\System32\drivers\acpials.sys (Microsoft Corporation) DRV - (rixdpcie) -- C:\Windows\System32\drivers\rixdpe86.sys (REDC) DRV - (rimspci) -- C:\Windows\System32\drivers\rimspe86.sys (REDC) DRV - (risdpcie) -- C:\Windows\System32\drivers\risdpe86.sys (REDC) DRV - (d557mdm) -- C:\Windows\System32\drivers\d557mdm.sys (MCCI Corporation) DRV - (d557mgmt) -- C:\Windows\System32\drivers\d557mgmt.sys (MCCI Corporation) DRV - (d557bus) -- C:\Windows\System32\drivers\d557bus.sys (MCCI Corporation) DRV - (d557mdfl) -- C:\Windows\System32\drivers\d557mdfl.sys (MCCI Corporation) DRV - (rimmptsk) -- C:\Windows\System32\drivers\rimmptsk.sys (REDC) DRV - (rismxdp) -- C:\Windows\System32\drivers\rixdptsk.sys (REDC) DRV - (rimsptsk) -- C:\Windows\System32\drivers\rimsptsk.sys (REDC) DRV - (HECI) -- C:\Windows\System32\drivers\HECI.sys (Intel Corporation) DRV - (e1yexpress) -- C:\Windows\System32\drivers\e1y6232.sys (Intel Corporation) DRV - (IntcHdmiAddService) -- C:\Windows\System32\drivers\IntcHdmi.sys (Intel(R) Corporation) DRV - (WDC_SAM) -- C:\Windows\System32\drivers\wdcsam.sys (Western Digital Technologies) DRV - (OA001Vid) -- C:\Windows\System32\drivers\OA001Vid.sys (Creative Technology Ltd.) DRV - (PBADRV) -- C:\Windows\System32\drivers\PBADRV.sys (Dell Inc) DRV - (OA001Ufd) -- C:\Windows\System32\drivers\OA001Ufd.sys (Creative Technology Ltd.) DRV - (s0016unic) -- C:\Windows\System32\drivers\s0016unic.sys (MCCI Corporation) DRV - (s0016nd5) -- C:\Windows\System32\drivers\s0016nd5.sys (MCCI Corporation) DRV - (s0016mdfl) -- C:\Windows\System32\drivers\s0016mdfl.sys (MCCI Corporation) DRV - (s0016mdm) -- C:\Windows\System32\drivers\s0016mdm.sys (MCCI Corporation) DRV - (s0016mgmt) -- C:\Windows\System32\drivers\s0016mgmt.sys (MCCI Corporation) DRV - (s0016obex) -- C:\Windows\System32\drivers\s0016obex.sys (MCCI Corporation) DRV - (s0016bus) -- C:\Windows\System32\drivers\s0016bus.sys (MCCI Corporation) DRV - (SCM_DVB) -- C:\Windows\System32\drivers\alphac.sys (Windows (R) 2000 DDK provider) DRV - (giveio) -- C:\Windows\System32\giveio.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\..\SearchScopes,DefaultScope = IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC IE - HKLM\..\SearchScopes\{741FB273-AAA9-4301-8093-C68C29735A5A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&form=DLRDF8&pc=MDDR&src=IE-SearchBox IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ IE - HKCU\..\SearchScopes,DefaultScope = {741FB273-AAA9-4301-8093-C68C29735A5A} IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll () FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX,Inc.) FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google) FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.21.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8081.0709: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\schubkraft-1\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\schubkraft-1\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google) FF - HKCU\Software\MozillaPlugins\@talk.google.com/O3DPlugin: C:\Users\schubkraft-1\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll () FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\schubkraft-1\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\schubkraft-1\AppData\Local\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.) FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Users\schubkraft-1\Desktop\npAmazonMP3DownloaderPlugin101799.dll (Amazon.com, Inc.) FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.09.19 12:42:47 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.09.19 12:42:48 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\{857610fe-b36c-47f2-b4fa-6b7affe0cf5a}: C:\Program Files\Mobile Master\ext\1\ [2011.05.24 13:45:44 | 000,000,000 | ---D | M] FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\eplgTb@eset.com: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\bdThunderbird@bitdefender.com: C:\Program Files\Bitdefender\Bitdefender 2013\bdtbext [2013.04.05 13:38:35 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2013.09.19 12:42:47 | 000,000,000 | ---D | M] FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2013.09.19 12:42:48 | 000,000,000 | ---D | M] [2010.03.02 15:00:06 | 000,000,000 | ---D | M] (No name found) -- C:\Users\schubkraft-1\AppData\Roaming\mozilla\Extensions [2013.10.30 14:24:24 | 000,000,000 | ---D | M] (No name found) -- C:\Users\schubkraft-1\AppData\Roaming\mozilla\Firefox\Profiles\6qryne63.Standard-Benutzer\extensions [2013.10.29 14:27:46 | 000,000,000 | ---D | M] (Movies Toolbar (Dist. by Bandoo Media, Inc.)) -- C:\Users\schubkraft-1\AppData\Roaming\mozilla\Firefox\Profiles\6qryne63.Standard-Benutzer\extensions\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} [2013.09.19 13:27:20 | 000,377,153 | ---- | M] () (No name found) -- C:\Users\schubkraft-1\AppData\Roaming\mozilla\firefox\profiles\6qryne63.Standard-Benutzer\extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2013.10.28 09:52:53 | 000,634,504 | ---- | M] () (No name found) -- C:\Users\schubkraft-1\AppData\Roaming\mozilla\firefox\profiles\6qryne63.Standard-Benutzer\extensions\toolbar@web.de.xpi [2013.10.11 08:48:54 | 000,915,554 | ---- | M] () (No name found) -- C:\Users\schubkraft-1\AppData\Roaming\mozilla\firefox\profiles\6qryne63.Standard-Benutzer\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013.11.02 09:59:33 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\extensions [2013.09.19 12:42:47 | 000,000,000 | ---D | M] (No name found) -- C:\Programme\Mozilla Firefox\browser\extensions [2013.09.19 12:42:56 | 000,000,000 | ---D | M] (Default) -- C:\Programme\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [2012.06.28 16:42:00 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll ========== Chrome ========== CHR - default_search_provider: Google (Enabled) CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding} CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}, CHR - homepage: CHR - Extension: Bejeweled = C:\Users\schubkraft-1\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm\2_0\ CHR - Extension: Angry Birds = C:\Users\schubkraft-1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj\1.5.0.7_0\ CHR - Extension: Google Docs = C:\Users\schubkraft-1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\ CHR - Extension: Google Docs = C:\Users\schubkraft-1\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\ CHR - Extension: Google Drive = C:\Users\schubkraft-1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\ CHR - Extension: Google Drive = C:\Users\schubkraft-1\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\ CHR - Extension: YouTube = C:\Users\schubkraft-1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\ CHR - Extension: Auf den Amazon-Wunschzettel = C:\Users\schubkraft-1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced\1.0.0.10_0\ CHR - Extension: Google-Suche = C:\Users\schubkraft-1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\ CHR - Extension: Google-Suche = C:\Users\schubkraft-1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\ CHR - Extension: AdBlock = C:\Users\schubkraft-1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.11_0\ CHR - Extension: AdBlock = C:\Users\schubkraft-1\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.13_0\ CHR - Extension: bitly | \u2665 your bitmarks = C:\Users\schubkraft-1\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic\2.0.89_0\ CHR - Extension: Erweiterung \RSS-Abonnement\ (von Google) = C:\Users\schubkraft-1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlbjncdgjeocebhnmkbbbdekmmmcbfjd\2.2.2_0\ CHR - Extension: Google Mail = C:\Users\schubkraft-1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\ O1 HOSTS File: ([2013.10.31 13:46:20 | 000,000,027 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Dell Symbolleiste) - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Programme\Dell Printable Web\toolband.dll () O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre7\bin\ssv.dll (Oracle Corporation) O2 - BHO: (Windows Live Anmelde-Hilfsprogramm) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (BrowserHelper Class) - {9A065C65-4EE7-4DDD-9918-F129089A894A} - C:\Programme\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation) O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programme\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) O2 - BHO: ([verify-U]_Add-on) - {F4552A56-119C-478E-AB3F-2C850F78B72E} - C:\Programme\[verify-U]_AVS_IE_Add-on\[verify-U]_AVS.dll (Cybits AG) O3 - HKLM\..\Toolbar: (Dell Symbolleiste) - {09B71986-2AC5-482d-B6CB-42EA34F4F85B} - C:\Programme\Dell Printable Web\toolband.dll () O3 - HKLM\..\Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found. O3 - HKLM\..\Toolbar: (no name) - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - No CLSID value found. O3 - HKLM\..\Toolbar: (Home Server Banner) - {D73E76A3-F902-45BD-8FC8-95AE8E014671} - C:\Programme\Windows Home Server\WHSDeskBands.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\ShellBrowser: (Dell Symbolleiste) - {09B71986-2AC5-482D-B6CB-42EA34F4F85B} - C:\Programme\Dell Printable Web\toolband.dll () O4 - HKLM..\Run: [Apoint] C:\Programme\DellTPad\Apoint.exe (Alps Electric Co., Ltd.) O4 - HKLM..\Run: [Bdagent] C:\Programme\Bitdefender\Bitdefender 2013\bdagent.exe (Bitdefender) O4 - HKLM..\Run: [ChangeTPMAuth] C:\Program Files\Wave Systems Corp\Common\ChangeTPMAuth.exe (Wave Systems Corp.) O4 - HKLM..\Run: [dleamon.exe] C:\Program Files\Dell V310-V510 Series\dleamon.exe () O4 - HKLM..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe (Logitech, Inc.) O4 - HKLM..\Run: [EzPrint] C:\Program Files\Dell V310-V510 Series\ezprint.exe () O4 - HKLM..\Run: [IAAnotif] C:\Programme\Intel\Intel Matrix Storage Manager\IAAnotif.exe (Intel Corporation) O4 - HKLM..\Run: [IntelPROSet] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel(R) Corporation) O4 - HKLM..\Run: [Logitech Download Assistant] C:\Windows\System32\LogiLDA.dll (Logitech, Inc.) O4 - HKLM..\Run: [SysTrayApp] C:\Programme\IDT\WDM\sttray.exe (IDT, Inc.) O4 - HKLM..\Run: [WavXMgr] C:\Programme\Wave Systems Corp\Services Manager\DocMgr\bin\WavXDocMgr.exe (Wave Systems Corp.) O4 - HKCU..\Run: [dualmonitor] C:\Programme\Dual Monitor\DualMonitor.exe (Cristi) O4 - HKCU..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe (Microsoft Corporation) O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Programme\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - Startup: C:\Users\schubkraft-1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Wuala.lnk = C:\Users\schubkraft-1\AppData\Roaming\Wuala\Wuala.exe (LaCie) O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Bild an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm () O8 - Extra context menu item: Free YouTube Download - C:\Users\schubkraft-1\AppData\Roaming\DVDVideoSoftIEHelpers\youtubedownload.htm File not found O8 - Extra context menu item: Free YouTube to Mp3 Converter - C:\Users\schubkraft-1\AppData\Roaming\DVDVideoSoftIEHelpers\youtubetomp3.htm File not found O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation) O8 - Extra context menu item: Seite an &Bluetooth-Gerät senden... - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Sun Java-Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found O9 - Extra Button: In Blog veröffentlichen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : In Windows Live Writer in Blog veröffentliche&n - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programme\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra Button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programme\WIDCOMM\Bluetooth Software\btsendto_ie.htm () O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Programme\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O15 - HKCU\..Trusted Domains: dell.com ([]* in Trusted sites) O15 - HKCU\..Trusted Domains: ing-diba.de ([]https in Trusted sites) O16 - DPF: {49312E18-AA92-4CC2-BB97-55DEA7BCADD6} hxxp://support.euro.dell.com/systemprofiler/SysProExe.CAB (WMI Class) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.21.2) O16 - DPF: {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} hxxp://xserv.dell.com/DellDriverScanner/DellSystem.CAB (DellSystem.Scanner) O16 - DPF: {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} hxxp://support.dell.com/systemprofiler/DellSystemLite.CAB (DellSystemLite.Scanner) O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 10.21.2) O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab (SysInfo Class) O16 - DPF: {E865C40C-7EBF-408B-8FC5-05172921AA53} https://217.92.149.136/remote/Microsoft.HomeServer.RichUpload.cab (Microsoft.HomeServer.RichUpload.UploadControl Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{737F2BF8-F3C8-47B9-8678-8CEE162DC172}: DhcpNameServer = 192.168.178.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9B12EEE7-07A2-4D6E-A29B-F001440C17CA}: DhcpNameServer = 192.168.1.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B7BA47C7-E790-48A9-BE15-C5F0D2EECB5C}: NameServer = 10.74.210.210 10.74.210.211 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Programme\Common Files\microsoft shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Programme\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Programme\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation) O20 - Winlogon\Notify\LBTWlgn: DllName - (c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll) - c:\Programme\Common Files\logishrd\Bluetooth\LBTWLgn.dll (Logitech, Inc.) O21 - SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found. O22 - SharedTaskScheduler: {5FF49FE8-B332-4CB9-B102-FB6951629E55} - Virtual Storage Mount Notification - C:\Windows\System32\CbFsMntNtf3.dll (EldoS Corporation) O30 - LSA: Authentication Packages - (wvauth) - C:\Windows\System32\wvauth.dll (Wave Systems Corp.) O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* O37 - HKCU\...com [@ = ComFile] -- Reg Error: Key error. File not found O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3) O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2) O38 - SubSystems\\Windows: (ServerDll=sxssrv,4) ========== Files/Folders - Created Within 30 Days ========== [2013.11.05 13:06:20 | 006,623,232 | ---- | C] (© onlinetvrecorder.com) -- C:\Users\schubkraft-1\Desktop\2009Decoder.exe [2013.11.02 17:22:31 | 000,000,000 | ---D | C] -- C:\Users\schubkraft-1\AppData\Roaming\TeamViewer [2013.11.02 17:21:04 | 000,000,000 | ---D | C] -- C:\Program Files\TeamViewer [2013.11.02 10:06:28 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT [2013.11.02 09:57:59 | 000,000,000 | ---D | C] -- C:\AdwCleaner [2013.11.02 09:35:25 | 000,000,000 | ---D | C] -- C:\Users\schubkraft-1\AppData\Roaming\Malwarebytes [2013.11.02 09:34:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware [2013.11.02 09:34:54 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2013.11.02 09:34:53 | 000,022,856 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2013.11.02 09:34:53 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2013.11.02 09:34:25 | 000,000,000 | ---D | C] -- C:\Users\schubkraft-1\AppData\Local\Programs [2013.10.31 13:46:22 | 000,000,000 | ---D | C] -- C:\$RECYCLE.BIN [2013.10.31 13:11:27 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2013.10.31 13:11:27 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2013.10.31 13:11:27 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2013.10.31 13:01:29 | 000,000,000 | ---D | C] -- C:\Qoobox [2013.10.31 13:00:33 | 000,000,000 | ---D | C] -- C:\Windows\erdnt [2013.10.30 12:15:22 | 000,284,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbport.sys [2013.10.30 12:15:22 | 000,006,016 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\usbd.sys [2013.10.29 22:12:39 | 000,000,000 | ---D | C] -- C:\FRST [2013.10.29 22:03:48 | 000,000,000 | ---D | C] -- C:\Users\schubkraft-1\Desktop\trojaner-board [2013.10.29 18:14:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome [2013.10.29 15:44:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MozBackup [2013.10.21 15:33:23 | 000,000,000 | ---D | C] -- C:\ProgramData\Dell V310-V510 Series [2013.10.19 07:27:46 | 000,983,121 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lxk_gf.dll [2013.10.19 07:27:17 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ABBYY FineReader 6.0 Sprint [2013.10.19 07:26:58 | 000,000,000 | ---D | C] -- C:\Program Files\Abbyy FineReader 6.0 Sprint [2013.10.19 07:25:26 | 000,000,000 | ---D | C] -- C:\Program Files\Dell [2013.10.19 07:25:07 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Toolbar [2013.10.19 07:25:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell Drucker [2013.10.19 07:22:41 | 000,000,000 | ---D | C] -- C:\Program Files\Dell V310-V510 Series [2013.10.19 07:13:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Ezprint [2013.10.18 21:34:10 | 000,000,000 | ---D | C] -- C:\Program Files\Dell PC Fax [2013.10.18 21:34:08 | 000,000,000 | ---D | C] -- C:\Program Files\Dell Printable Web [2013.10.18 16:14:30 | 000,000,000 | ---D | C] -- C:\ProgramData\Dl_cats [2013.10.10 15:59:45 | 002,876,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jscript9.dll [2013.10.10 15:59:45 | 002,706,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2013.10.10 15:59:44 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll [2013.10.10 15:59:44 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesetup.dll [2013.10.10 15:59:44 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2013.10.10 15:59:43 | 000,493,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2013.10.10 15:59:43 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iesysprep.dll [2013.10.10 15:59:43 | 000,071,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\RegisterIEPKEYs.exe [2013.10.10 15:59:43 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ie4uinit.exe [2013.10.10 15:59:43 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iernonce.dll [2013.10.10 13:27:14 | 000,055,808 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidclass.sys [2013.10.10 13:27:14 | 000,025,728 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\hidparse.sys [2013.10.10 13:26:10 | 003,969,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2013.10.10 13:26:10 | 003,914,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2013.10.10 13:26:09 | 000,619,520 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\tdh.dll [2013.10.10 13:26:08 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll [2013.10.10 13:26:06 | 000,295,424 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\atmfd.dll [2013.10.10 13:26:06 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\dciman32.dll [2013.10.10 13:26:05 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\fontsub.dll [2013.10.10 13:26:05 | 000,034,304 | ---- | C] (Adobe Systems) -- C:\Windows\System32\atmlib.dll [2013.10.10 13:26:03 | 000,434,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\scavengeui.dll [2013.10.10 13:25:54 | 002,348,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys [2 C:\Users\schubkraft-1\Desktop\*.tmp files -> C:\Users\schubkraft-1\Desktop\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2013.11.06 09:50:22 | 000,001,110 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job [2013.11.06 09:44:45 | 000,001,148 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1589973014-1478036904-3792463161-1003UA.job [2013.11.06 09:33:18 | 000,000,000 | ---- | M] () -- C:\Users\schubkraft-1\AppData\Local\WavXMapDrive.bat [2013.11.06 09:33:14 | 000,001,106 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job [2013.11.06 09:30:13 | 000,014,032 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 [2013.11.06 09:30:13 | 000,014,032 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 [2013.11.06 09:27:16 | 000,703,192 | ---- | M] () -- C:\Windows\System32\perfh007.dat [2013.11.06 09:27:16 | 000,657,384 | ---- | M] () -- C:\Windows\System32\perfh009.dat [2013.11.06 09:27:16 | 000,150,800 | ---- | M] () -- C:\Windows\System32\perfc007.dat [2013.11.06 09:27:16 | 000,123,196 | ---- | M] () -- C:\Windows\System32\perfc009.dat [2013.11.06 09:22:30 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2013.11.06 09:22:27 | 000,000,000 | ---- | M] () -- C:\Windows\System32\drivers\lvuvc.hs [2013.11.05 17:14:00 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job [2013.11.05 11:44:01 | 000,001,096 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1589973014-1478036904-3792463161-1003Core.job [2013.11.05 10:18:50 | 000,010,910 | ---- | M] () -- C:\Users\schubkraft-1\.recently-used.xbel [2013.11.03 16:17:51 | 000,418,544 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2013.11.02 13:28:24 | 000,016,400 | ---- | M] (Logitech, Inc.) -- C:\Windows\System32\drivers\LNonPnP.sys [2013.10.31 13:46:20 | 000,000,027 | ---- | M] () -- C:\Windows\System32\drivers\etc\hosts [2013.10.29 22:09:28 | 000,000,000 | ---- | M] () -- C:\Users\schubkraft-1\defogger_reenable [2013.10.29 15:46:30 | 009,092,128 | ---- | M] () -- C:\Users\schubkraft-1\Documents\Firefox 24.0 (de) - 2013-10-29 default.pcv [2013.10.24 15:45:14 | 000,066,832 | ---- | M] (BitDefender SRL) -- C:\Windows\System32\drivers\bdsandbox.sys [2013.10.24 15:45:10 | 000,360,376 | ---- | M] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys [2013.10.24 15:45:09 | 000,640,560 | ---- | M] (BitDefender) -- C:\Windows\System32\drivers\avc3.sys [2013.10.24 15:44:56 | 000,490,144 | ---- | M] (BitDefender) -- C:\Windows\System32\drivers\avckf.sys [2013.10.24 15:44:49 | 000,165,744 | ---- | M] (BitDefender LLC) -- C:\Windows\System32\drivers\gzflt.sys [2013.10.19 07:29:28 | 000,186,414 | ---- | M] () -- C:\Windows\System32\LexFiles.ulf [2013.10.18 16:18:49 | 006,549,568 | ---- | M] () -- C:\Users\schubkraft-1\Documents\Dell_V310-V510_Series_H011712_00_FWUpdate.exe [2013.10.10 14:14:23 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe [2013.10.10 14:14:23 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl [2 C:\Users\schubkraft-1\Desktop\*.tmp files -> C:\Users\schubkraft-1\Desktop\*.tmp -> ] ========== Files Created - No Company Name ========== [2013.11.05 10:18:50 | 000,010,910 | ---- | C] () -- C:\Users\schubkraft-1\.recently-used.xbel [2013.11.02 17:21:07 | 000,001,138 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 8.lnk [2013.10.31 13:11:27 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe [2013.10.31 13:11:27 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe [2013.10.31 13:11:27 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe [2013.10.31 13:11:27 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe [2013.10.31 13:11:27 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe [2013.10.29 22:09:28 | 000,000,000 | ---- | C] () -- C:\Users\schubkraft-1\defogger_reenable [2013.10.29 15:46:06 | 009,092,128 | ---- | C] () -- C:\Users\schubkraft-1\Documents\Firefox 24.0 (de) - 2013-10-29 default.pcv [2013.10.19 07:27:59 | 000,040,960 | ---- | C] () -- C:\Windows\System32\dleavs.dll [2013.10.19 07:27:57 | 000,442,368 | ---- | C] ( ) -- C:\Windows\System32\dleacoin.dll [2013.10.19 07:27:46 | 000,069,152 | ---- | C] () -- C:\Windows\System32\dleaprpr.chm [2013.10.19 07:27:45 | 000,086,016 | ---- | C] () -- C:\Windows\System32\dleagcfg.dll [2013.10.19 07:27:43 | 000,294,912 | ---- | C] () -- C:\Windows\System32\dleacui.dll [2013.10.19 07:27:43 | 000,110,592 | ---- | C] () -- C:\Windows\System32\dleacuir.dll [2013.10.19 07:27:43 | 000,008,696 | ---- | C] () -- C:\Windows\System32\dleacommuilogo_rtl.bmp [2013.10.19 07:27:43 | 000,008,696 | ---- | C] () -- C:\Windows\System32\dleacommuilogo.bmp [2013.10.19 07:26:46 | 000,372,736 | ---- | C] () -- C:\Windows\System32\DLEAwupd.dll [2013.10.19 07:26:46 | 000,213,672 | ---- | C] () -- C:\Windows\System32\DLEAwupd.exe [2013.10.19 07:24:26 | 000,331,776 | ---- | C] () -- C:\Windows\System32\DLEAinst.dll [2013.10.19 07:24:26 | 000,186,414 | ---- | C] () -- C:\Windows\System32\LexFiles.ulf [2013.10.19 07:24:25 | 000,356,352 | ---- | C] ( ) -- C:\Windows\System32\DLEAhcp.dll [2013.10.19 07:24:24 | 000,364,544 | ---- | C] ( ) -- C:\Windows\System32\dleainpa.dll [2013.10.19 07:24:22 | 000,847,872 | ---- | C] ( ) -- C:\Windows\System32\dleausb1.dll [2013.10.19 07:24:22 | 000,344,064 | ---- | C] ( ) -- C:\Windows\System32\dleaiesc.dll [2013.10.19 07:24:20 | 001,048,576 | ---- | C] ( ) -- C:\Windows\System32\dleaserv.dll [2013.10.19 07:24:16 | 000,643,072 | ---- | C] ( ) -- C:\Windows\System32\dleapmui.dll [2013.10.19 07:24:05 | 000,577,536 | ---- | C] ( ) -- C:\Windows\System32\dlealmpm.dll [2013.10.19 07:24:04 | 000,323,584 | ---- | C] () -- C:\Windows\System32\dleains.dll [2013.10.19 07:24:04 | 000,262,144 | ---- | C] () -- C:\Windows\System32\dleainsb.dll [2013.10.19 07:24:04 | 000,114,688 | ---- | C] () -- C:\Windows\System32\dleainsr.dll [2013.10.19 07:24:04 | 000,057,344 | ---- | C] () -- C:\Windows\System32\dleajswr.dll [2013.10.19 07:24:03 | 000,688,128 | ---- | C] ( ) -- C:\Windows\System32\dleahbn3.dll [2013.10.19 07:24:03 | 000,324,264 | ---- | C] ( ) -- C:\Windows\System32\dleaih.exe [2013.10.19 07:24:03 | 000,208,896 | ---- | C] () -- C:\Windows\System32\dleagrd.dll [2013.10.19 07:24:02 | 000,090,112 | ---- | C] () -- C:\Windows\System32\dleacub.dll [2013.10.19 07:24:01 | 000,598,696 | ---- | C] ( ) -- C:\Windows\System32\dleacoms.exe [2013.10.19 07:24:01 | 000,372,736 | ---- | C] ( ) -- C:\Windows\System32\dleacomm.dll [2013.10.19 07:24:01 | 000,253,952 | ---- | C] () -- C:\Windows\System32\dleacu.dll [2013.10.19 07:24:01 | 000,036,864 | ---- | C] () -- C:\Windows\System32\dleacur.dll [2013.10.19 07:24:00 | 000,802,816 | ---- | C] ( ) -- C:\Windows\System32\dleacomc.dll [2013.10.19 07:24:00 | 000,373,416 | ---- | C] ( ) -- C:\Windows\System32\dleacfg.exe [2013.10.19 07:24:00 | 000,086,180 | ---- | C] () -- C:\Windows\System32\DLEAcfg.dll [2013.10.19 07:24:00 | 000,002,064 | ---- | C] () -- C:\Windows\System32\dlea.loc [2013.10.18 16:18:59 | 006,549,568 | ---- | C] () -- C:\Users\schubkraft-1\Documents\Dell_V310-V510_Series_H011712_00_FWUpdate.exe [2013.04.16 14:26:32 | 000,007,609 | ---- | C] () -- C:\Users\schubkraft-1\AppData\Local\Resmon.ResmonCfg [2013.04.05 13:41:39 | 000,445,782 | ---- | C] () -- C:\ProgramData\1365165243.bdinstall.bin [2012.05.27 09:31:05 | 000,000,600 | ---- | C] () -- C:\Users\schubkraft-1\AppData\Roaming\winscp.rnd [2011.12.16 22:56:08 | 000,000,127 | ---- | C] () -- C:\Windows\System32\MRT.INI [2011.11.18 18:11:28 | 000,110,592 | ---- | C] () -- C:\Windows\System32\FsUsbExDevice.Dll [2011.11.18 18:11:28 | 000,037,344 | ---- | C] () -- C:\Windows\System32\FsUsbExDisk.Sys [2011.11.09 11:00:30 | 000,001,541 | ---- | C] () -- C:\Windows\cdplayer.ini [2011.09.07 20:45:19 | 000,000,275 | ---- | C] () -- C:\Users\schubkraft-1\AppData\Local\HamsterVideoConverterSettings.cfg [2011.01.18 11:09:22 | 000,000,367 | ---- | C] () -- C:\Users\schubkraft-1\.gtk-bookmarks [2010.12.30 20:16:03 | 000,000,125 | -HS- | C] () -- C:\ProgramData\.zreglib [2010.07.01 09:47:29 | 000,088,064 | ---- | C] () -- C:\Users\schubkraft-1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.06.24 12:54:25 | 000,019,456 | ---- | C] () -- C:\Users\schubkraft-1\AppData\Local\WebpageIcons.db [2010.04.19 08:58:05 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat [2010.03.01 17:51:53 | 000,000,000 | ---- | C] () -- C:\Users\schubkraft-1\AppData\Local\WavXMapDrive.bat ========== ZeroAccess Check ========== [2009.07.14 05:42:31 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini [HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] [HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] "" = %SystemRoot%\system32\shell32.dll -- [2013.07.26 02:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Apartment [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] "" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.20 13:19:02 | 000,606,208 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Free [HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] "" = %systemroot%\system32\wbem\wbemess.dll -- [2009.07.14 02:16:17 | 000,342,528 | ---- | M] (Microsoft Corporation) "ThreadingModel" = Both < End of report > Code:
ATTFilter OTL Extras logfile created on: 06.11.2013 09:47:46 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\schubkraft-1\Desktop\trojaner-board
Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.16721)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,45 Gb Total Physical Memory | 1,69 Gb Available Physical Memory | 48,85% Memory free
6,90 Gb Paging File | 4,91 Gb Available in Paging File | 71,14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 231,86 Gb Total Space | 25,07 Gb Free Space | 10,81% Space Free | Partition Type: NTFS
Drive X: | 26,00 Gb Total Space | 2,01 Gb Free Space | 7,74% Space Free | Partition Type: FAT32
Computer Name: SCHUBKRAFT-NB | User Name: schubkraft-1 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.bat [@ = batfile] -- Reg Error: Key error. File not found
.cmd [@ = cmdfile] -- Reg Error: Key error. File not found
.com [@ = ComFile] -- Reg Error: Key error. File not found
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found
.ini [@ = UltraEdit.ini] -- C:\Program Files\IDM Computer Solutions\UltraEdit\Uedit32.exe (IDM Computer Solutions, Inc.)
.txt [@ = UltraEdit.txt] -- C:\Program Files\IDM Computer Solutions\UltraEdit\Uedit32.exe (IDM Computer Solutions, Inc.)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [AddToPlaylistVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" (VideoLAN)
Directory [CEWE FOTOSCHAU] -- "C:\Program Files\dm\dm-Fotowelt\CEWE FOTOSCHAU.exe" -d "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [dm-Fotowelt] -- "C:\Program Files\dm\dm-Fotowelt\dm-Fotowelt.exe" "%1" ()
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [PlayWithVLC] -- "C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file --no-playlist-enqueue "%1" (VideoLAN)
Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft, Inc.)
Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft, Inc.)
Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft, Inc.)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== System Restore Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{05D1396D-8877-464D-9082-D3CF3D066A4C}" = lport=138 | protocol=17 | dir=in | app=system |
"{0A8F5E00-F8C6-428A-AC2F-BD91133B4A0D}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{1C2F1A87-0863-4921-BF11-FB9691A14452}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{2187E36C-5DB8-4786-A4D1-244D72B5053A}" = lport=445 | protocol=6 | dir=in | app=system |
"{2C671753-4706-4D4F-823A-FBFBF545A3BB}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2CAE6A5B-3975-49A7-AB2D-177FD1604906}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{2DCD9492-4669-4B88-A74B-EC96C4454F5B}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{2F7F6DC4-6245-4109-8752-64DE01260F9F}" = lport=139 | protocol=6 | dir=in | app=system |
"{32CDDEEA-B5C9-4C78-8531-E35EF8425432}" = lport=137 | protocol=17 | dir=in | app=system |
"{449F7BE7-6D65-471D-A710-88A7B5B5B98E}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{70EAE19F-9932-4988-A813-177A311FB000}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8863E644-39A6-4DF4-A5BD-30E5781D3641}" = rport=445 | protocol=6 | dir=out | app=system |
"{8E89C81C-3066-4FE3-95DA-8D7CE4D29C82}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{92A9B5B0-6C6D-4F58-B55D-A6731D5F54BC}" = rport=138 | protocol=17 | dir=out | app=system |
"{93432081-84D6-477E-B9D2-483262EC1273}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{993EA14D-B3B2-47A0-9956-52B013EB53C4}" = lport=2869 | protocol=6 | dir=in | app=system |
"{A3236DE1-F264-4227-B22F-AF938C403A77}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{A745E71D-20AF-48E0-8708-58FE8BE9918A}" = rport=139 | protocol=6 | dir=out | app=system |
"{B252310E-198B-495D-A787-8814248049A9}" = rport=137 | protocol=17 | dir=out | app=system |
"{C4DA3896-79AE-4EC0-BA8D-CEFA7A97B304}" = lport=10243 | protocol=6 | dir=in | app=system |
"{CC8A2519-7B95-4B8E-8FD2-65D293215AC9}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{DBFF9A25-677E-40FC-A1EB-543DE96F2143}" = rport=10243 | protocol=6 | dir=out | app=system |
"{FBE572D8-941B-4ADC-83D7-C3FB23DDDAAF}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FDBE4320-996B-4665-BD27-AD6D0ED17E9A}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{00FE3961-7806-4CF2-A8A8-10C995FE7571}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{067AA5EE-4175-4F6B-ACDF-F66DC4453D07}" = protocol=6 | dir=in | app=c:\users\schubkraft-1\appdata\roaming\dropbox\bin\dropbox.exe |
"{09393E59-E638-4F6F-BC1E-3B4500D21F47}" = dir=in | app=c:\windows\system32\dleacoms.exe |
"{09E043B4-E1AD-4912-BE21-9AF0B5E8DDCE}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\pdvddxsrv.exe |
"{0E0597B0-E63B-43CC-9EAB-0086FA80A8BD}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{0EC4ADD9-B6B7-4135-A88D-F159CC40A71A}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{13B99052-0E6E-45DA-8E98-A455D50DC997}" = protocol=17 | dir=in | app=c:\program files\starmoney 8.0\app\starmoney.exe |
"{19913145-75C6-450F-9FF9-2743C1A7BC05}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{1C8C7827-72E1-4F27-8980-84C2800EDF43}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1DE6BD0B-13D0-44BA-A9B2-4803368659DA}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{1E5ACFE1-9ECB-4EF1-A42E-3E9DCCDB9412}" = protocol=6 | dir=in | app=c:\program files\starmoney 7.0\ouservice\starmoneyonlineupdate.exe |
"{1FB14E85-576B-4727-828D-88203F94F258}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{212CAC0C-D031-4CB8-8B55-50DE3EEE1D3B}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{21EBD33C-7C03-466F-A346-0AB13911DDAA}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{22B0F6CB-E5AA-48A5-8CEC-91D7EDF44FE3}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{23E7AC12-AC83-41E0-BC4E-A3DC6A53E2DB}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{2700B567-1BEA-4DDD-ACC8-F2328CA25F69}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{299ECAD9-2FBD-486E-83AF-46C3AEFEE503}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{2BA92E55-28F4-43CF-831C-DC81E19329E5}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{34DDF95F-2FF7-4594-A409-44B7B8343852}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{3585B132-F201-4FA8-A026-9EC4CFDF9229}" = protocol=17 | dir=in | app=c:\users\schubkraft-1\appdata\roaming\dropbox\bin\dropbox.exe |
"{38645FFB-F3D4-4D7D-AE88-F26429A6BF2B}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{40387099-583D-4639-9A52-EE6F6C051CE0}" = protocol=17 | dir=in | app=c:\program files\starmoney 9.0\ouservice\starmoneyonlineupdate.exe |
"{41A20A57-7667-4A1A-BDCA-012DF4629E16}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{41C23CDA-A0D0-4F74-8781-6824F56D7A89}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{472E6EAA-1453-4A82-93AD-228FF884B7A0}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{4A20C775-15F4-40F0-8737-A838275DC384}" = dir=in | app=c:\program files\windows live\sync\windowslivesync.exe |
"{4B67C2EA-AA29-4E5F-A202-F63CB19CA285}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5C1BC0AA-4256-45C8-B78A-1EF51659D7A1}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{5C2DB4E9-164D-40BA-861A-BE93C3F7C16A}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5C3F8D18-5837-4FA7-B1CC-8D09094A9EE3}" = protocol=6 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{5D094F6E-3880-4919-BCD4-9021038F5211}" = dir=in | app=c:\windows\system32\dleacoms.exe |
"{5DCDB6AB-2C02-49E8-85CD-1ECAF5BA43D4}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{5E23A406-82FC-4CF4-AC2F-2D69C16AFE93}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{601127AC-8DBA-4036-A019-9A5890A9D8AB}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{60EB3253-FCF3-4DF2-9ED3-8BCF135EAB81}" = protocol=6 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{6685A51D-22B6-479E-995F-4ED74270EC49}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{70D715CC-ABAB-4635-8CBF-52B3D6ED5AD0}" = dir=in | app=c:\program files\cyberlink\powerdvd dx\powerdvd.exe |
"{738D853A-8CF2-4ADF-BD99-7BA34359ED3C}" = protocol=6 | dir=in | app=c:\program files\starmoney 9.0\app\starmoney.exe |
"{7AAFF7EE-438F-45EA-8F52-DF06E32FA612}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{7DBA1D22-EE23-4676-B466-015537D98544}" = protocol=6 | dir=in | app=c:\program files\starmoney 9.0\ouservice\starmoneyonlineupdate.exe |
"{844242FB-2172-4632-B716-3DC901A8D3BF}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{87E1EBFC-81C4-4753-B3EA-6E86321D2AF7}" = protocol=17 | dir=in | app=c:\program files\starmoney 7.0\ouservice\starmoneyonlineupdate.exe |
"{910CF4C7-D7C6-4FD9-ADE4-8C17AE64F659}" = protocol=6 | dir=in | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{912FF144-6F9A-4A95-BFA4-74C8A0C3956F}" = protocol=6 | dir=in | app=c:\program files\starmoney 8.0\ouservice\starmoneyonlineupdate.exe |
"{9A31A5C6-F082-435C-95C6-CCB8EAD5F8D2}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{9C8CF92D-0CE9-4347-9AFA-2535ACE4BC1B}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{9DB3BBCE-582C-4E60-A038-85A25457E137}" = dir=in | app=c:\program files\windows live\messenger\wlcsdk.exe |
"{A12D49C1-7188-4E7B-9673-D23CD27A5143}" = protocol=17 | dir=in | app=c:\program files\starmoney 7.0\app\starmoney.exe |
"{A1A355C0-6FF6-4A6D-A110-F3A2BCEDF095}" = protocol=6 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{A43A4F75-C176-4A07-AAEE-00435415EC0F}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{A648241B-5B75-4904-AED6-FEF8BF36C2A8}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{A8ADEAE5-6844-4D97-AFB8-5E8EBB717E4E}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{AEA57807-2C55-449B-8290-2FB1B3E37A5C}" = protocol=17 | dir=in | app=c:\program files\starmoney 9.0\app\starmoney.exe |
"{B173D0AC-EDD7-4435-8EAF-E1DA93992352}" = protocol=17 | dir=in | app=c:\program files\abbyy finereader 6.0 sprint\scan\scanman6.exe |
"{B4BA4D39-5B7B-4943-8F94-615E6BF6C7B7}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{B5872B6E-C06F-44B8-9217-877AD9A58A9A}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B670F6C4-9FC8-461A-AB19-E55B3B688AA0}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{B689A5D0-334A-487A-AFB5-3A59284DF33F}" = protocol=17 | dir=in | app=c:\program files\starmoney 8.0\ouservice\starmoneyonlineupdate.exe |
"{B97000E5-918E-4FBB-8BE0-DFB3A4EBB35D}" = protocol=17 | dir=in | app=c:\program files\teamviewer\version8\teamviewer.exe |
"{BD1DADC3-25F8-4BC9-8521-E3B82EE9860B}" = protocol=17 | dir=in | app=c:\program files\sony ericsson\update engine\sony ericsson update engine.exe |
"{C1CD0894-8B73-45B9-A66B-9A602EAD625C}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{C71426CE-FAAB-4B52-8388-50A305CD3D6F}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{D3428A5C-FF4C-459A-92E1-8E84D8BF8ABE}" = protocol=17 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{D8FD86BE-2FEE-4A5E-A383-07FCA879D8B1}" = protocol=17 | dir=out | svc=rapimgr | app=%systemroot%\system32\svchost.exe |
"{DDB64708-BE06-434C-962E-45B4A8705F35}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{E08D6C56-9ECB-4C40-B3DA-30F0CA5F51B5}" = protocol=6 | dir=in | app=c:\program files\starmoney 8.0\app\starmoney.exe |
"{E25E27CB-B810-437D-89BC-2D4932F70D89}" = protocol=6 | dir=out | app=system |
"{E35A4525-9FB1-4E4A-A500-22D60D989A6B}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F065513F-8D91-4B7D-A10E-36087310A066}" = protocol=6 | dir=in | app=c:\program files\starmoney 7.0\app\starmoney.exe |
"{F8DB035D-BADB-4618-814A-B910861B7F49}" = protocol=6 | dir=in | app=c:\program files\teamviewer\version8\teamviewer_service.exe |
"{FC69F00C-2962-4C34-80F7-7A08C5770CF0}" = protocol=6 | dir=out | svc=wcescomm | app=%systemroot%\system32\svchost.exe |
"{FC9C2093-B12B-41E6-9FEB-F8EFC9D8D20C}" = dir=in | app=c:\windows\system32\dleacoms.exe |
"TCP Query User{099E4DF3-0CFB-4E91-A305-CAAE29DD015A}C:\users\schubkraft-1\appdata\roaming\wuala\wuala.exe" = protocol=6 | dir=in | app=c:\users\schubkraft-1\appdata\roaming\wuala\wuala.exe |
"TCP Query User{0C08732B-E16B-490B-A920-DBDC96D8C7AE}C:\program files\opera 10.50 beta\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera 10.50 beta\opera.exe |
"TCP Query User{0DE96647-2DCE-425C-84D5-A626F6414ADA}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=6 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
"TCP Query User{2A5135F5-45FC-4DC8-AD5B-78F0A382F9B7}C:\program files\winamp\winamp.exe" = protocol=6 | dir=in | app=c:\program files\winamp\winamp.exe |
"TCP Query User{7C635D2A-65B3-4F7D-8B80-729EA29025C8}C:\program files\opera 10.50 beta\opera.exe" = protocol=6 | dir=in | app=c:\program files\opera 10.50 beta\opera.exe |
"TCP Query User{ADDB57AD-F5DB-4BFE-BF6F-3D6DFBA473AF}C:\users\schubkraft-1\appdata\roaming\wuala\wuala.exe" = protocol=6 | dir=in | app=c:\users\schubkraft-1\appdata\roaming\wuala\wuala.exe |
"UDP Query User{425AF9A0-8DBB-4772-8D9D-3E6C6FF1ED30}C:\users\schubkraft-1\appdata\roaming\wuala\wuala.exe" = protocol=17 | dir=in | app=c:\users\schubkraft-1\appdata\roaming\wuala\wuala.exe |
"UDP Query User{43ECAFFF-86DA-4E74-A954-1F1D408EE484}C:\program files\opera 10.50 beta\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera 10.50 beta\opera.exe |
"UDP Query User{5DD4B61C-48CB-4E7F-9DB7-FC725AA3A780}C:\users\schubkraft-1\appdata\roaming\wuala\wuala.exe" = protocol=17 | dir=in | app=c:\users\schubkraft-1\appdata\roaming\wuala\wuala.exe |
"UDP Query User{87D69233-5708-44B5-AC00-A8FEB4916BD0}C:\program files\opera 10.50 beta\opera.exe" = protocol=17 | dir=in | app=c:\program files\opera 10.50 beta\opera.exe |
"UDP Query User{E636F382-D164-4318-A123-FBB3DF4DD272}C:\program files\winamp\winamp.exe" = protocol=17 | dir=in | app=c:\program files\winamp\winamp.exe |
"UDP Query User{F264C07F-B6FD-47DB-8813-60B9C973A3F2}C:\program files\myphoneexplorer\myphoneexplorer.exe" = protocol=17 | dir=in | app=c:\program files\myphoneexplorer\myphoneexplorer.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"[verify-U]_AVS_IE_Add-on" = [verify-U]_AVS_IE_Add-on
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{07629207-FAA0-4F1A-8092-BF5085BE511F}" = Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch)
"{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"{08E81ABD-79F7-49C2-881F-FD6CB0975693}" = Roxio Creator Data
"{09760D42-E223-42AD-8C3E-55B47D0DDAC3}" = Roxio Creator DE 10.3
"{09B71986-2AC5-482d-B6CB-42EA34F4F85B}" = Dell Symbolleiste
"{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{11DB380B-48CF-46EA-8B03-51874E2733C9}" = Dell Control Point
"{19063059-6817-4B2D-BDF3-89C240573ACE}" = StarMoney 9.0
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1D044ADD-DEE2-4140-AF95-EBECCDB0B702}" = Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed
"{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}" = Live! Cam Avatar
"{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}" = Roxio Creator Tools
"{1FCBD504-AB7D-4757-9A14-850348384B08}" = StarMoney
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live-Uploadtool
"{20B1B020-DEAE-48D1-9960-D4C3185D758B}" = Phase 5 HTML-Editor
"{21E49794-7C13-4E84-8659-55BD378267D5}" = Windows Home Server-Connector
"{2220CF3A-EBD6-4070-94D0-0C7337B537A7}" = All Day Battery Life Configuration
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{23EEC842-57ED-4055-A056-9D4185DFB1AA}" = Dell Mobile Broadband Manager
"{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}" = TuneUp Utilities 2011
"{26A24AE4-039D-4CA4-87B4-2F83216017FF}" = Java(TM) 6 Update 26
"{26A24AE4-039D-4CA4-87B4-2F83217021FF}" = Java 7 Update 21
"{2BA722D1-48D1-406E-9123-8AE5431D63EF}" = Windows Live Fotogalerie
"{30465B6C-B53F-49A1-9EBA-A3F187AD502E}" = Roxio Update Manager
"{3138EAD3-700B-4A10-B617-B3F8096EE30D}" = Dell Edoc Viewer
"{3237887D-8AC4-4C27-BDF4-57D7CB0351D6}" = SO32MMWrapper
"{3A6BE9F4-5FC8-44BB-BE7B-32A29607FEF6}" = Preboot Manager
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}" = eReg
"{3EFEF049-23D4-4B46-8903-4592FEA51018}" = Windows Live Movie Maker
"{43AC7CBC-1D6A-3B5B-81B1-A0C166FE48F4}" = Google Talk Plugin
"{47811829-298F-4F1D-97BA-6983DCB134C8}" = StarMoney 8.0
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.6
"{50120000-1105-0000-0000-0000000FF1CE}" = Microsoft Office 2007 Primary Interop Assemblies
"{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"{52B97218-98CB-4B8B-9283-D213C85E1AA4}" = Windows Live Anmelde-Assistent
"{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"{5518D57D-5164-4e72-B501-45DCBD5CA953}" = Intel(R) PROSet/Wireless WiFi Software Driver
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{5A6DB7C1-E646-4842-A562-49C5EB8F2B47}" = StarMoney
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{5FC68772-6D56-41C6-9DF1-24E868198AE6}" = Windows Live Call
"{63c86b5a-0983-40eb-8f96-bec250bdf107}" = Intel® PROSet/Wireless Software
"{64AA3F94-ED4A-4A4B-B72C-B7A1481ED5D8}_is1" = Dual Monitor 1.19
"{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}" = Live! Cam Avatar Creator
"{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}" = Roxio Express Labeler 3
"{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD DX
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AFCA4E1-9B78-3640-8F72-A7BF33448200}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
"{6C772996-BFF3-3C8C-860B-B3D48FF05D65}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
"{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}" = MSVC80_x86_v2
"{71084075-ABA7-48BC-9733-F56A9ABD184D}" = DCP32MMWrapper
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}" = Roxio Creator Audio
"{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"{76618402-179D-4699-A66B-D351C59436BC}" = Windows Live Sync
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{79361740-EAE3-11E2-9911-B8AC6F98CCE3}" = Google Earth Plug-in
"{79B520D5-CE72-4661-A054-804BC3412516}" = Wave Infrastructure Installer
"{80E7CB77-E445-4BB4-A836-67A447ABEAE6}" = lexiCan 3
"{81860953-8A77-4ED5-B57C-F35D703D9489}" = Dell ControlVault Host Components Installer
"{837E620D-B93E-4D84-A753-BE1DBEB716B1}" = StarMoney
"{85A2C545-B193-4053-8F3E-BB1527A73676}" = Dell Wireless HSPA Mini-Card Drivers
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{86F4B795-EA3D-48BD-ADFA-DA44B39059F9}" = StarMoney
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8D273DE5-ABFA-4BD0-A9D7-EE9C971438C4}_is1" = PDF-Viewer
"{8e70e4e1-06d7-470b-9f74-a51bef21088e}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{DB2ACBD1-65B1-4FC5-881E-4E75C668E7E2}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{928D7B99-2BEA-49F9-83B8-20FA57860643}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_SMALLBUSINESSR_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_SMALLBUSINESSR_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_SMALLBUSINESSR_{A23BFC95-4A73-410F-9248-4C2B48E38C49}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_SMALLBUSINESSR_{A6353E8F-5B8D-47CC-8737-DFF032ED3973}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{904CCF62-818D-4675-BC76-D37EB399F917}" = Windows Mobile-Gerätecenter
"{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}" = Intel® Matrix Storage Manager
"{90A40407-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Web Components
"{91120000-00CA-0000-0000-0000000FF1CE}" = Microsoft Office Small Business 2007
"{91120000-00CA-0000-0000-0000000FF1CE}_SMALLBUSINESSR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9143F2FA-BF20-4311-8618-4CCF51B1B80C}" = Dell ControlPoint System Manager
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5 DEU Language Pack
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95A8F019-B75D-48B7-8170-87B4B11BAA9C}" = gSyncit
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D583F01-A973-4B04-90BD-FB7886779090}" = Dell Wireless HSPA Mini-Card Drivers
"{9D7EF9D6-212E-3C87-AB96-ED9F2A6C3218}" = Microsoft .NET Framework 4.5 DEU Language Pack
"{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}" = WIDCOMM Bluetooth Software
"{9F612429-4A00-3D44-88CF-146DA2EE1F92}" = Microsoft .NET Framework 4.5
"{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}" = Dell Touchpad
"{A093D83F-429A-4AB2-A0CD-1F7E9C7B764A}" = Trusted Drive Manager
"{A8606865-6D52-44C1-82BD-A3C9A80222D4}" = UltraEdit 15.20 SE
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A939D341-5A04-4E0A-BB55-3E65B386432D}" = Microsoft Office Small Business Connectivity Components
"{ABBA2EA4-740E-4052-902B-9CA70B081E3F}" = Dell Embassy Trust Suite by Wave Systems
"{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}" = ABBYY FineReader 6.0 Sprint
"{AF111648-99A1-453E-81DD-80DBBF6DAD0D}" = MSVC90_x86
"{AF7E4468-E364-4991-BC2A-6E8293E1055B}" = BioAPI Framework
"{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}" = Adobe AIR
"{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy
"{B54534EA-CC51-4481-B51B-891E20F34381}" = Mobile Master
"{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}" = Roxio Creator Copy
"{BB93D30B-B395-44BB-A9ED-A0E057F07E53}" = NTRU TCG Software Stack
"{BC52E419-B185-488F-9973-049A88E5DCBE}" = Gemalto
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C4D738F7-996A-4C81-B8FA-C4E26D767E41}" = Windows Live Mail
"{C63E7C60-25EB-11D3-8EDA-00A0C911E8E5}" = Microsoft Outlook-Sicherung für Persönliche Ordner
"{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}" = System Requirements Lab for Intel
"{CCC68887-6E07-4438-A035-7C22EFBDC15E}" = Intel(R) Network Connections 14.6.9.0
"{CD1ACF27-9AC7-406F-98F9-BE9A95E92A26}" = Intel® PROSet/Wireless WiFi Software
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{E0A4805D-280A-4DD7-9E74-3A5F85E302A1}" = Windows Live Writer
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E2F2B987-F2BC-4969-95F2-92099486B811}" = StarMoney
"{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}" = IDT Audio
"{E52B7EE9-BEE9-4942-BC50-05A873D7A05E}" = StarMoney 7.0
"{E63A7E64-AD93-47E7-AC5C-BA042AA740CA}" = Dell ControlPoint Connection Manager
"{E7044E25-3038-4A76-9064-344AC038043E}" = Windows Mobile-Gerätecenter: Treiberupdate
"{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"{E824E81C-80A4-3DFF-B5F9-4842A9FF5F7F}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
"{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"{ED439A64-F018-4DD4-8BA5-328D85AB09AB}" = Roxio Creator DE 10.3
"{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}" = Sony PC Companion 2.10.136
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F4487649-7368-4217-AEA3-1E04DB3E2C5C}" = Dell ControlPoint Security Manager
"{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}" = Microsoft SQL Server Native Client
"{F8FF18EE-264A-43FD-B2F6-5EAD40798C2F}" = Windows Live Essentials
"{F902AB2B-7816-4CBD-A385-F2549F62956B}" = StarMoney
"{FDE96E86-7780-431C-92F7-679C6A7CEC51}" = Microsoft SQL Server VSS Writer
"{FDEC0704-D15E-4DB8-A624-2256DD4C65D7}" = Dell MFP Laser 3115cn Scanner-Treiber
"{FF1DDCF4-3A28-4F7F-96D8-E3F4BD1C1702}" = Dell Security Device Driver Pack
"7-Zip" = 7-Zip 4.65
"9D57DE505B6D8C710EF3B74BE638DBB936EED8A3" = Windows-Treiberpaket - Dell Inc. PBADRV System (01/07/2008 1.0.1.5)
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Advanced Audio FX Engine" = Advanced Audio FX Engine
"Advanced Video FX Engine" = Advanced Video FX Engine
"AnyDVD" = AnyDVD
"Audiograbber" = Audiograbber 1.83 SE
"Audiograbber-Lame" = Audiograbber MP3-Plugin
"Avidemux 2.5" = Avidemux 2.5
"Bitdefender" = Bitdefender Internet Security 2013
"CloneDVD2" = CloneDVD2
"Creative OA001" = Integrated Webcam Driver (1.03.02.0919)
"Dell V310-V510 Series" = Dell V310-V510 Series
"Dell Webcam Center" = Dell Webcam Center
"Dell Webcam Manager" = Dell Webcam Manager
"DivX Setup.divx.com" = DivX-Setup
"dm-Fotowelt" = dm-Fotowelt
"EASEUS Partition Master Home Edition_is1" = EASEUS Partition Master 6.5.2 Home Edition
"Exifer_is1" = Exifer
"FormatFactory" = FormatFactory 2.70
"Foxit Reader" = Foxit Reader
"Free Audio CD Burner_is1" = Free Audio CD Burner version 1.4
"Free Audio CD to MP3 Converter_is1" = Free Audio CD to MP3 Converter version 1.3.12.908
"Free Video Flip and Rotate_is1" = Free Video Flip and Rotate version 2.0.0.1228
"Free YouTube Download_is1" = Free YouTube Download 2.6
"Free YouTube to MP3 Converter_is1" = Free YouTube to MP3 Converter version 3.8
"FreeCommander_is1" = FreeCommander 2009.02b
"FreePDF_XP" = FreePDF (Remove only)
"Google Chrome" = Google Chrome
"GPL Ghostscript 8.71" = GPL Ghostscript 8.71
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"InstallShield_{07D618CD-B016-438A-ADC9-A75BD23F85CE}" = Wave Support Software
"InstallShield_{0B0A2153-58A6-4244-B458-25EDF5FCD809}" = Private Information Manager
"InstallShield_{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}" = Document Manager Lite
"InstallShield_{53333479-6A52-4816-8497-5C52B67ED339}" = EMBASSY Security Setup
"InstallShield_{758C8301-2696-4855-AF45-534B1200980A}" = Samsung Kies
"InstallShield_{E738A392-F690-4A9D-808E-7BAF80E0B398}" = ESC Home Page Plugin
"InstallShield_{EC84E3E6-C2D6-4DFB-81E0-448324C8FDF4}" = Security Wizards
"InstallShield_{EEAFE1E5-076B-430A-96D9-B567792AFA88}" = EMBASSY Security Center
"IrfanView" = IrfanView (remove only)
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.75.0.1300
"MediaCoder" = MediaCoder 0.7.5.4742
"Mobile Master" = Mobile Master 7.9.0
"MozBackup" = MozBackup 1.5.1
"Mozilla Firefox 24.0 (x86 de)" = Mozilla Firefox 24.0 (x86 de)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MPE" = MyPhoneExplorer
"Opera 12.16.1860" = Opera 12.16
"PROSetDX" = Intel(R) Network Connections 14.6.9.0
"Q-Dir" = Q-Dir
"Redirection Port Monitor" = RedMon - Redirection Port Monitor
"SMALLBUSINESSR" = Microsoft Office Small Business 2007
"SP6" = Logitech SetPoint 6.32
"SpeedFan" = SpeedFan (remove only)
"TeamViewer 8" = TeamViewer 8
"TuneUp Utilities 2011" = TuneUp Utilities 2011
"TVWiz" = Intel(R) TV Wizard
"Uninstall_is1" = Uninstall 1.0.0.1
"Update Engine" = Sony Ericsson Update Engine
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"VLC media player" = VLC media player 2.0.8
"WebTemp_is1" = WebTemp 3.38 (kostenlose Version)
"Winamp" = Winamp
"WinGimp-2.0_is1" = GIMP 2.6.8
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR 4.00 (32-Bit)
"winscp3_is1" = WinSCP 4.3.7
"Wuala CBFS" = Wuala CBFS
"Wuala OverlayIcons" = Wuala OverlayIcons
"XMedia Recode" = XMedia Recode 3.0.4.9
"XnView_is1" = XnView 1.97.4
"Zattoo4" = Zattoo4 4.0.5
========== HKEY_CURRENT_USER Uninstall List ==========
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"9204f5692a8faf3b" = Dell System Detect
"Dropbox" = Dropbox
"f031ef6ac137efc5" = Dell Driver Download Manager
"FileZilla Client" = FileZilla Client 3.6.0.2
"Flash Video Downloader. Youtube Downlaoder" = Flash Video Downloader. Youtube Downlaoder
"Winamp Detect" = Winamp Erkennungs-Plug-in
"Wuala" = Wuala
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 02.11.2013 12:14:16 | Computer Name = schubkraft-NB | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 02.11.2013 12:40:52 | Computer Name = schubkraft-NB | Source = MsiInstaller | ID = 11925
Description =
Error - 03.11.2013 11:25:14 | Computer Name = schubkraft-NB | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 03.11.2013 17:44:24 | Computer Name = schubkraft-NB | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\EASEUS\easeus
partition master 6.5.2 home edition\bin\x64\WinChkdsk.exe". Die abhängige Assemblierung
"Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 03.11.2013 17:45:11 | Computer Name = schubkraft-NB | Source = SideBySide | ID = 16842815
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\mozbackup\dll\DelZip179.dll".
Fehler in Manifest- oder Richtliniendatei "c:\program files\mozbackup\dll\DelZip179.dll"
in Zeile 8. Der Wert "*" des "language"-Attributs im assemblyIdentity-Element ist
ungültig.
Error - 03.11.2013 17:46:44 | Computer Name = schubkraft-NB | Source = SideBySide | ID = 16842785
Description = Fehler beim Generieren des Aktivierungskontextes für "c:\program files\windows
live\messenger\wlcsdk.exe". Die abhängige Assemblierung "UCCAPI,processorArchitecture="x86",type="win32",version="2.0.0.0""
konnte nicht gefunden werden. Verwenden Sie für eine detaillierte Diagnose das Programm
"sxstrace.exe".
Error - 04.11.2013 12:35:57 | Computer Name = schubkraft-NB | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 04.11.2013 17:37:18 | Computer Name = schubkraft-NB | Source = MsiInstaller | ID = 11925
Description =
Error - 05.11.2013 04:25:49 | Computer Name = schubkraft-NB | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
Error - 06.11.2013 04:33:30 | Computer Name = schubkraft-NB | Source = Wave TCG Client Services | ID = 123
Description = The NTRU TSS is not running, Wave Software is unable to communicate
to TPM
[ ODiag Events ]
Error - 17.08.2012 06:27:31 | Computer Name = schubkraft-NB | Source = Microsoft Office 12 Diagnostics | ID = 320
Description = An unexpected error occurred. Tag: 2kgl. Error code: N/A
[ OSession Events ]
Error - 27.05.2012 07:46:10 | Computer Name = schubkraft-NB | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 52
seconds with 0 seconds of active time. This session ended with a crash.
Error - 23.07.2012 04:31:56 | Computer Name = schubkraft-NB | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 152
seconds with 0 seconds of active time. This session ended with a crash.
Error - 17.08.2012 06:27:29 | Computer Name = schubkraft-NB | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 6351
seconds with 2340 seconds of active time. This session ended with a crash.
Error - 16.09.2012 07:04:06 | Computer Name = schubkraft-NB | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 106
seconds with 60 seconds of active time. This session ended with a crash.
Error - 26.10.2012 04:10:22 | Computer Name = schubkraft-NB | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6661.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 49
seconds with 0 seconds of active time. This session ended with a crash.
Error - 06.12.2012 08:42:18 | Computer Name = schubkraft-NB | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 1, Application Name: Microsoft Office Excel, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1111
seconds with 0 seconds of active time. This session ended with a crash.
Error - 21.01.2013 06:54:15 | Computer Name = schubkraft-NB | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6665.5003, Microsoft Office Version: 12.0.6612.1000. This session lasted 1702
seconds with 480 seconds of active time. This session ended with a crash.
Error - 01.03.2013 11:34:29 | Computer Name = schubkraft-NB | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2919
seconds with 180 seconds of active time. This session ended with a crash.
Error - 01.03.2013 11:36:03 | Computer Name = schubkraft-NB | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 86
seconds with 0 seconds of active time. This session ended with a crash.
Error - 26.04.2013 07:05:31 | Computer Name = schubkraft-NB | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 12583
seconds with 1620 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 05.11.2013 04:25:18 | Computer Name = schubkraft-NB | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Mobile Broadband Core Service" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 05.11.2013 04:25:24 | Computer Name = schubkraft-NB | Source = Service Control Manager | ID = 7034
Description = Dienst "SQL Server VSS Writer" wurde unerwartet beendet. Dies ist
bereits 1 Mal passiert.
Error - 05.11.2013 12:29:57 | Computer Name = schubkraft-NB | Source = DCOM | ID = 10010
Description =
Error - 05.11.2013 12:32:31 | Computer Name = schubkraft-NB | Source = DCOM | ID = 10010
Description =
Error - 06.11.2013 04:22:53 | Computer Name = schubkraft-NB | Source = Service Control Manager | ID = 7001
Description = Der Dienst "NTRU TSS v1.2.1.29 TCS" ist vom Dienst "TPM-Basisdienste"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%0
Error - 06.11.2013 04:22:55 | Computer Name = schubkraft-NB | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
dleaCATSCustConnectService erreicht.
Error - 06.11.2013 04:22:55 | Computer Name = schubkraft-NB | Source = Service Control Manager | ID = 7000
Description = Der Dienst "dleaCATSCustConnectService" wurde aufgrund folgenden Fehlers
nicht gestartet: %%1053
Error - 06.11.2013 04:22:58 | Computer Name = schubkraft-NB | Source = Service Control Manager | ID = 7009
Description = Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst
StarMoney 9.0 OnlineUpdate erreicht.
Error - 06.11.2013 04:23:01 | Computer Name = schubkraft-NB | Source = Service Control Manager | ID = 7000
Description = Der Dienst "Mobile Broadband Core Service" wurde aufgrund folgenden
Fehlers nicht gestartet: %%2
Error - 06.11.2013 04:23:06 | Computer Name = schubkraft-NB | Source = Service Control Manager | ID = 7034
Description = Dienst "SQL Server VSS Writer" wurde unerwartet beendet. Dies ist
bereits 1 Mal passiert.
< End of report >
|
|
06.11.2013, 15:22
| #18 |
| /// the machine /// TB-Ausbilder | Windows 7: Firefox/Chrome starten nicht mehr nach Installation von ilivid (Prozess bricht ab) Noch Probleme mit dem Rechner?
__________________Was meinst Du mit Offline-Viren?
__________________ |
|
| Themen zu Windows 7: Firefox/Chrome starten nicht mehr nach Installation von ilivid (Prozess bricht ab) |
| adobe, association, bitdefender, browser, continue, defender, dell pc, desktop, explorer.exe, farbar, farbar recovery scan tool, fehlermeldung, firefox, firefox chrome ilivid startet nicht, google, icreinstall, installation, microsoft, programm, prozess, prozesse, registry, scan, services.exe, software, starmoney, starten, starten nicht, svchost.exe, system, taskmanager, temp, warum, windows, winlogon.exe, ändern |
Linear-Darstellung
