| |  CPU läuft immer auf 100% ohne Anwendungen!
 Hallo liebe Leute,
bei mir läuft der prozessor auf Hochtouren, weiss nicht warum ?
Vermute unsichtbare programme, die im Hintergrund ohne mein wissen laufen.
Ich dachte mir, ich suche im Netz und fand ich euch.
Ich hoffe ihr könnt mir ein Hinweis geben, wo das problem liegen könnte.
Herzlichen Dank.
Nun ich hoffe, ich habe richtig gelesen, ich soll die beiden tex-Dateien hier reinkopieren?! Zitat:
OTL Extras logfile created on: 12.12.2013 01:38:59 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\INTERNET\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,61 Gb Total Physical Memory | 2,43 Gb Available Physical Memory | 67,53% Memory free
7,21 Gb Paging File | 5,87 Gb Available in Paging File | 81,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 73,38 Gb Total Space | 39,61 Gb Free Space | 53,98% Space Free | Partition Type: NTFS
Drive E: | 224,61 Gb Total Space | 178,14 Gb Free Space | 79,31% Space Free | Partition Type: NTFS
Computer Name: SYSTEM | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- Reg Error: Key error. File not found
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- Reg Error: Key error. File not found
[HKEY_USERS\S-1-5-21-2415952919-342969038-3676353109-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
[HKEY_USERS\S-1-5-21-2415952919-342969038-3676353109-1002\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d j && icacls "%1" /grant administratoren:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- Reg Error: Key error.
htmlfile [opennew] -- Reg Error: Key error.
http [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
https [open] -- "C:\Program Files (x86)\Internet Explorer\iexplore.exe" -nohome
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [runas] -- cmd.exe /c takeown /f "%1" /r /d j && icacls "%1" /grant administratoren:F /t (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- Reg Error: Key error.
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Key error.
========== Security Center Settings ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0
"DoNotAllowExceptions" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03B049CC-76C1-4E20-8C4F-553E1E961500}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{08F43A2C-E73B-42A8-B0A8-4DB6C855C6A9}" = lport=68 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{0C16ECA7-9910-4ED1-B2E4-A5365D0A111E}" = rport=445 | protocol=6 | dir=out | app=system |
"{0CFBCC74-5DB0-405D-BDEE-356EB512B73A}" = lport=53 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{10A1C910-739F-4459-89A7-40BAADC5963F}" = lport=67 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{1A98A97B-2340-461A-BF1A-DD1F0F694025}" = rport=1900 | protocol=17 | dir=out | app=c:\windows\system32\svchost.exe |
"{1BAE239E-A50E-4C9D-9A44-B3BBAF63E16C}" = rport=139 | protocol=6 | dir=out | app=system |
"{2361AC26-83D3-4A05-A800-36B7C826EB6A}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{2C6C9029-73D6-44B0-AB93-DA0D95B6A04A}" = lport=53 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{3539C46A-E60C-4AE6-BA39-74C6DF9C893F}" = lport=68 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{47D0A2A7-DFF7-4CCD-AA69-8745B1B8AAF4}" = lport=139 | protocol=6 | dir=in | app=system |
"{4995E10C-1123-4CBC-80F1-57D2D6CE47BA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{64BB2E31-D82F-4134-9DC0-81C883778C21}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{6764BC05-10E2-44F3-87C9-91F511787085}" = rport=2869 | protocol=6 | dir=out | app=system |
"{7798F2E5-2EFF-464E-9278-13E78C321846}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{77CE5750-6E69-46C3-8A1F-C559E2A2A606}" = lport=445 | protocol=6 | dir=in | app=system |
"{7901DBDC-BFBC-4EDC-B05A-B515A5100B2A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7A872FFA-6179-40FA-A586-D756D868F5ED}" = lport=53 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{8F1CFDE3-744A-4D5A-8B8D-566356B51E1B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{9403C308-964F-4BC8-A428-0A7EA2934AC4}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{96C0DD2B-0C64-46BA-856E-B315B89D82EF}" = rport=138 | protocol=17 | dir=out | app=system |
"{A2B7DF3C-1449-4700-9776-77D6ACEA4892}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{AE531112-FE28-4B09-A3C3-15F6B5278F84}" = lport=67 | protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectifynetservices.exe |
"{AF07D7BF-5EE5-4F84-9AFF-CC401FC751BC}" = lport=1900 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{B5F414A1-77A7-4853-AB7A-060D6A3A328E}" = lport=547 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{B675C299-AF45-45A3-897C-9B18B1126735}" = rport=137 | protocol=17 | dir=out | app=system |
"{C5D495B9-7CB3-48E5-96E4-08DDE11F7CF0}" = rport=2869 | protocol=6 | dir=out | app=system |
"{CB17DF40-6D6D-4FC9-A178-AB44D4CABD53}" = lport=67 | protocol=17 | dir=in | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{D9A23022-E595-4AE2-B86F-B7CA1D928E8C}" = lport=138 | protocol=17 | dir=in | app=system |
"{E770DC9C-6A96-4747-AC75-03343BE56316}" = lport=137 | protocol=17 | dir=in | app=system |
"{E9651DFD-CC28-4818-9ADE-EFD4BBAB50DA}" = lport=547 | protocol=17 | dir=in | app=c:\windows\system32\svchost.exe |
"{EA6936AF-086A-41F3-9993-107257E1B514}" = lport=2987 | protocol=6 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
"{FC932F35-4430-486F-A7FD-EA4575629260}" = lport=2869 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0668B55E-CAF3-4045-A338-CD4C0FF04C3C}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710a-f\bin\devicesetup.exe |
"{142B2CA7-88EA-472B-83C3-EE5B54811E76}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
"{18305B92-A332-40CA-B280-69B45A8FBD0E}" = dir=out | svc=sharedaccess | app=%systemroot%\system32\svchost.exe |
"{2DF19D5B-EA1A-4B04-BA35-875F707F21E5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{37785594-FC31-4A69-A3B5-5E31ED8DCD97}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{4A8E09D5-DB04-498F-92CD-15E324F58D4D}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{5D74AC98-F374-4CFD-B71A-61B559155DD3}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{60A25A24-FDA8-4614-BD2C-7D276D8C54E6}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{63C32785-9445-46E9-A429-C25665148FD2}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{6D0A25AD-16A8-4656-BF2F-2926807E97A3}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{6FFFDD04-3338-4E2A-B3E7-93E3F5855B7F}" = protocol=6 | dir=in | app=c:\program files (x86)\virtual wifi router\virtualwifirouterlibrary.dll |
"{72649971-87CE-43FB-B913-47333FCD807F}" = protocol=58 | dir=in | name=internet connection sharing (router solicitation-in) |
"{929B3313-490F-4476-BC85-0DE89BCD6476}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{9F9301CF-EC46-46BE-ACDB-E5C0496C6147}" = dir=out | app=c:\windows\system32\svchost.exe |
"{B8FF1C57-AE39-499F-AFC1-36AB5D1E5632}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{C2586CB4-1B98-4722-A380-6201D529E633}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{C42CDD6F-D1E0-411E-87FA-55D056931A4E}" = protocol=17 | dir=in | app=c:\program files (x86)\virtual wifi router\virtualwifirouterlibrary.dll |
"{C7B25EFE-D031-4C0C-98DC-D484D1BEB61F}" = protocol=58 | dir=in | name=@hnetcfg.dll,-148 |
"{CFB30394-F953-4BDF-8EC8-A37C9F676DE1}" = protocol=17 | dir=in | app=c:\program files\hp\hp officejet 6500 e710a-f\bin\hpnetworkcommunicator.exe |
"{D2737008-962D-4F5D-9066-5D221E65A714}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710a-f\bin\devicesetup.exe |
"{DAAB6229-349B-4B03-BF2D-CDDA3566CA0A}" = protocol=6 | dir=in | app=c:\program files\hp\hp officejet 6500 e710a-f\bin\hpnetworkcommunicator.exe |
"{E91CCAFD-84D2-4B81-A3F7-B8B48EBD544C}" = protocol=6 | dir=out | app=c:\windows\system32\svchost.exe |
"{F1CF75A6-7379-4292-94D7-9461AFB351DC}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{F1D76F13-E6F4-4DA3-ACED-52AD125428E1}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"TCP Query User{23E58B76-BA9E-4B7A-ACCB-9E23815999A1}C:\users\internet\appdata\roaming\utorrent\utorrent.exe" = protocol=6 | dir=in | app=c:\users\internet\appdata\roaming\utorrent\utorrent.exe |
"TCP Query User{6DE4CFA4-3D4F-4BE1-8067-EA2AFE4BBDB7}C:\program files (x86)\connectify\connectify.exe" = protocol=6 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
"TCP Query User{98E08706-1121-4CBA-A758-7F5CD1216B67}C:\program files (x86)\connectify\connectify.exe" = protocol=6 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
"UDP Query User{320CBA2D-B041-4B35-84A6-4768BD25495B}C:\users\internet\appdata\roaming\utorrent\utorrent.exe" = protocol=17 | dir=in | app=c:\users\internet\appdata\roaming\utorrent\utorrent.exe |
"UDP Query User{C199BD60-D849-4173-9454-BCAA13197619}C:\program files (x86)\connectify\connectify.exe" = protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
"UDP Query User{DB4B7FEC-590E-42C9-8031-784CE16E0255}C:\program files (x86)\connectify\connectify.exe" = protocol=17 | dir=in | app=c:\program files (x86)\connectify\connectify.exe |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{4572399F-5B78-3C50-7281-4AB6248FC1F0}" = AMD Catalyst Install Manager
"{503F672D-6C84-448A-8F8F-4BC35AC83441}" = AMD APP SDK Runtime
"{5E015E15-F7AD-3379-523F-AD63C0CB9E71}" = AMD Steady Video Plug-In
"{6B724485-AC7C-856B-357E-DC7E4AEE6491}" = AMD Media Foundation Decoders
"{7DEBE4EB-6B40-3766-BB35-5CBBC385DA37}" = Microsoft .NET Framework 4.5.1
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8DB5B8FE-3F8A-4D9F-911C-F85473400859}" = Studie zur Verbesserung von HP Officejet 6500 E710a-f Produkten
"{8F4884F1-488D-4738-8F71-65A378BB484C}" = HP Officejet 6500 E710a-f - Grundlegende Software für das Gerät
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0407-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (German) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031" = Microsoft .NET Framework 4.5.1 (Deutsch)
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5.1
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{C513739C-5F16-37B5-9ACF-99925FF1C1F3}" = Microsoft .NET Framework 4.5.1 (DEU)
"{E9117178-6A0D-C220-E0B2-DC80168E6139}" = AMD Fuel
"{E9FF60F2-A2B0-0306-FAAE-770F01D2A719}" = ccc-utility64
"CCleaner" = CCleaner
"Connectify" = Connectify
"Elantech" = ETDWare PS/2-X64 8.0.5.1_WHQL
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{037CD593-D760-4A00-B030-7BBAFA1123FE}" = HP Officejet 6500 E710a-f Hilfe
"{04BC5330-A4F6-F3B5-A503-0D17FC4DEEC3}" = CCC Help Czech
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{0EDCD03D-BA65-7428-0C1C-8AFDEE962C10}" = CCC Help Finnish
"{12A0F057-9F6E-29F9-4F5D-FB6AC31E94D9}" = Catalyst Control Center Profiles Mobile
"{1795847E-83E1-E20B-35BF-248D50D94D22}" = Catalyst Control Center Graphics Previews Common
"{1ABEB415-7C33-2F4D-5BEA-2E1CBCFE6E51}" = CCC Help Korean
"{1ADB965A-F126-85EB-535B-AAC6E6616DE8}" = AMD VISION Engine Control Center
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 40
"{29F192A3-75A6-4733-DD08-BD0D71356B2D}" = CCC Help German
"{2A242806-A55C-C158-5350-7B843AA36383}" = Catalyst Control Center InstallProxy
"{2E61358C-8F7F-BDC7-1124-26DDFC2022F1}" = CCC Help Greek
"{32D39568-3B77-11E3-88CE-00163E98E7D0}" = Evernote v. 5.0.3
"{4662E3C5-356C-6C51-12A1-119964C3F19E}" = CCC Help Swedish
"{46F5A007-797E-456A-1C6D-2AC6851F9580}" = CCC Help French
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4E4497CF-8B9E-3769-8AD4-0E3565BBB93D}" = CCC Help Portuguese
"{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}" = Skype™ 6.11
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS FaceLogon
"{7132917B-2D16-7395-C4A1-1F08869BF533}" = CCC Help Italian
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7D916FA5-DAE9-4A25-B089-655C70EAF607}" = Qualcomm Atheros WiFi Driver Installation
"{842311BF-3041-43AE-9AE9-E4170471F313}_is1" = MO Virtual Router version 1.0
"{8833FFB6-5B0C-4764-81AA-06DFEED9A476}" = Realtek Ethernet Controller Driver
"{8DEE4371-EECC-8266-160B-881BCA18C242}" = CCC Help Polish
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2010
"{90140000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2010
"{90140000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2010
"{90140000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2010
"{90140000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2010
"{90140000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2010
"{90140000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2010
"{90140000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2010
"{90140000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2010
"{90140000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2010
"{90140000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2010
"{90140000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2010
"{91B33C97-0FBA-74AE-E802-D782F5C8AA89}_is1" = Ashampoo Burning Studio 2013 v.11.0.6
"{96AE7E41-E34E-47D0-AC07-1091A8127911}" = Realtek USB 2.0 Card Reader
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9DFD3FE7-7378-5405-4EBA-762DF95D19EC}" = CCC Help Turkish
"{A09F1378-BD95-F125-18C7-1DF13B970C6D}" = Catalyst Control Center Localization All
"{A0C690DD-FAD2-7234-45B8-4DF7466FE93C}" = CCC Help Thai
"{A6CD541A-2A16-026B-BD94-199288B4251C}" = CCC Help Hungarian
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AC76BA86-7AD7-1031-7B44-AB0000000001}" = Adobe Reader XI (11.0.05) - Deutsch
"{AE6443AB-38CA-EEB5-8168-5D3871C2D5BE}" = CCC Help Dutch
"{B0002707-4F7E-4745-88A7-852DA8A88635}" = ASUS Sonic Focus
"{B0A6D594-DAA5-87D6-2C37-2804B3A0C198}" = CCC Help Japanese
"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime
"{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}" = ASUS FancyStart
"{CA6BCA2F-EDEB-408F-850B-31404BE16A61}" = I.R.I.S. OCR
"{CD5B7679-12CF-DD7A-9A55-7D803C90D03E}" = CCC Help Danish
"{CD70FB8F-A63C-DD46-49B8-D769754E191B}" = CCC Help Russian
"{D92302B0-F400-DCD1-B2CC-3434CD49BFE1}" = CCC Help Spanish
"{DF9ABEE2-E295-0C3F-52E7-ACDD161D4D90}" = CCC Help Norwegian
"{E7667BC5-E028-5946-2D9F-F96ED37A8EFE}" = CCC Help English
"{E91E8912-769D-42F0-8408-0E329443BABC}" = Hama Wireless LAN Adapter
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F1132A32-7F8C-C85B-4811-9D3B879468E4}" = CCC Help Chinese Traditional
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{FC5C4105-7B1A-3210-C11A-F522F25FDCFA}" = CCC Help Chinese Standard
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 12.0
"ASUS_Screensaver" = ASUS_Screensaver
"Avira AntiVir Desktop" = Avira Free Antivirus
"Mozilla Firefox 25.0.1 (x86 de)" = Mozilla Firefox 25.0.1 (x86 de)
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"tulox Freeware-Wörterbuch (Französisch)" = tulox Freeware-Wörterbuch (Französisch)
"WinRAR archiver" = WinRAR Archivierer
"WS_FTP Pro" = Ipswitch WS_FTP Pro
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-2415952919-342969038-3676353109-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 10.12.2013 14:29:06 | Computer Name = system | Source = WinMgmt | ID = 10
Description =
Error - 10.12.2013 14:47:38 | Computer Name = system | Source = Application Hang | ID = 1002
Description = Programm SkypeSetup.exe, Version 6.11.0.102 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in
der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: ddc Startzeit: 01cef5d60a226316 Endzeit: 20 Anwendungspfad: C:\Users\INTERNET\Downloads\SkypeSetup.exe
Berichts-ID:
Error - 10.12.2013 15:00:54 | Computer Name = system | Source = Application Hang | ID = 1002
Description = Programm SkypeSetup.exe, Version 6.11.0.102 kann nicht mehr unter
Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in
der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem
zu suchen. Prozess-ID: fd4 Startzeit: 01cef5d9b7434619 Endzeit: 16 Anwendungspfad: C:\Users\INTERNET\Downloads\SkypeSetup.exe
Berichts-ID:
Error - 11.12.2013 03:33:02 | Computer Name = system | Source = WinMgmt | ID = 10
Description =
Error - 11.12.2013 06:14:05 | Computer Name = system | Source = WinMgmt | ID = 10
Description =
Error - 11.12.2013 12:34:49 | Computer Name = system | Source = WinMgmt | ID = 10
Description =
Error - 11.12.2013 19:00:13 | Computer Name = system | Source = WinMgmt | ID = 10
Description =
Error - 11.12.2013 19:10:57 | Computer Name = system | Source = WinMgmt | ID = 10
Description =
Error - 11.12.2013 19:48:22 | Computer Name = system | Source = Application Hang | ID = 1002
Description = Programm otl.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 12c4 Startzeit:
01cef6ca728130d8 Endzeit: 31 Anwendungspfad: C:\Users\INTERNET\Downloads\otl.exe Berichts-ID:
Error - 11.12.2013 20:33:22 | Computer Name = system | Source = Application Hang | ID = 1002
Description = Programm otl.exe, Version 3.2.69.0 kann nicht mehr unter Windows ausgeführt
werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung,
um nach weiteren Informationen zum Problem zu suchen. Prozess-ID: 106c Startzeit:
01cef6cbfdeea187 Endzeit: 0 Anwendungspfad: C:\Users\INTERNET\Downloads\otl.exe Berichts-ID:
[ System Events ]
Error - 11.12.2013 18:16:41 | Computer Name = system | Source = ipnathlp | ID = 34001
Description =
Error - 11.12.2013 18:17:12 | Computer Name = system | Source = ipnathlp | ID = 30013
Description =
Error - 11.12.2013 18:18:48 | Computer Name = system | Source = ipnathlp | ID = 30009
Description =
Error - 11.12.2013 18:20:56 | Computer Name = system | Source = ipnathlp | ID = 34001
Description =
Error - 11.12.2013 18:40:03 | Computer Name = system | Source = ipnathlp | ID = 30013
Description =
Error - 11.12.2013 19:08:51 | Computer Name = system | Source = ipnathlp | ID = 31004
Description =
Error - 11.12.2013 19:13:06 | Computer Name = system | Source = ipnathlp | ID = 31004
Description =
Error - 11.12.2013 19:13:22 | Computer Name = system | Source = Service Control Manager | ID = 7023
Description = Der Dienst "Funktionssuche-Ressourcenveröffentlichung" wurde mit folgendem
Fehler beendet: %%-2147014847
Error - 11.12.2013 19:13:22 | Computer Name = system | Source = Service Control Manager | ID = 7001
Description = Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuche-Ressourcenveröffentlichung"
abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: %%-2147014847
Error - 11.12.2013 19:18:32 | Computer Name = system | Source = ipnathlp | ID = 31004
Description =
< End of report >
| Zitat:
OTL logfile created on: 12.12.2013 01:38:59 - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\INTERNET\Downloads
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7601.17514)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,61 Gb Total Physical Memory | 2,43 Gb Available Physical Memory | 67,53% Memory free
7,21 Gb Paging File | 5,87 Gb Available in Paging File | 81,37% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 73,38 Gb Total Space | 39,61 Gb Free Space | 53,98% Space Free | Partition Type: NTFS
Drive E: | 224,61 Gb Total Space | 178,14 Gb Free Space | 79,31% Space Free | Partition Type: NTFS
Computer Name: SYSTEM | User Name: admin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Users\INTERNET\Downloads\otl.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\Connectify\ConnectifyD.exe (Connectify)
PRC - C:\Program Files (x86)\Connectify\ConnectifyService.exe (Connectify)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS)
========== Modules (No Company Name) ==========
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (AMD FUEL Service) -- C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Advanced Micro Devices, Inc.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (Connectify) -- C:\Program Files (x86)\Connectify\ConnectifyService.exe (Connectify)
SRV - (AntiVirSchedulerService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirWebService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe (ASUS)
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (osppsvc) -- C:\Programme\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE (Microsoft Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
========== Driver Services (SafeList) ==========
DRV:64bit: - (cnnctfy3) -- C:\Windows\SysNative\drivers\cnnctfy3.sys (Connectify)
DRV:64bit: - (avgntflt) -- C:\Windows\SysNative\drivers\avgntflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avipbb) -- C:\Windows\SysNative\drivers\avipbb.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avnetflt) -- C:\Windows\SysNative\drivers\avnetflt.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (avkmgr) -- C:\Windows\SysNative\drivers\avkmgr.sys (Avira Operations GmbH & Co. KG)
DRV:64bit: - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:64bit: - (RTL8167) -- C:\Windows\SysNative\drivers\Rt64win7.sys (Realtek )
DRV:64bit: - (RSUSBSTOR) -- C:\Windows\SysNative\drivers\RtsUStor.sys (Realtek Semiconductor Corp.)
DRV:64bit: - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronics Corp.)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (RMCAST) -- C:\Windows\SysNative\drivers\rmcast.sys (Microsoft Corporation)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\drivers\amd_xata.sys (Advanced Micro Devices)
DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\drivers\amd_sata.sys (Advanced Micro Devices)
DRV:64bit: - (amdiox64) -- C:\Windows\SysNative\drivers\amdiox64.sys (Advanced Micro Devices)
DRV:64bit: - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (netr28ux) -- C:\Windows\SysNative\drivers\netr28ux.sys (Ralink Technology Corp.)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV - (ATKWMIACPIIO) -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys (ASUS)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2415952919-342969038-3676353109-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.giga.de/androidnews/ [binary data]
IE - HKU\S-1-5-21-2415952919-342969038-3676353109-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2415952919-342969038-3676353109-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-2415952919-342969038-3676353109-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 4E 67 EE 5B 2B 96 CE 01 [binary data]
IE - HKU\S-1-5-21-2415952919-342969038-3676353109-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2415952919-342969038-3676353109-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2415952919-342969038-3676353109-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2415952919-342969038-3676353109-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-2415952919-342969038-3676353109-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
IE - HKU\S-1-5-21-2415952919-342969038-3676353109-1002\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = B8 E2 2E 4C D4 C5 CE 01 [binary data]
IE - HKU\S-1-5-21-2415952919-342969038-3676353109-1002\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-2415952919-342969038-3676353109-1002\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-2415952919-342969038-3676353109-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-2415952919-342969038-3676353109-1002\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
========== FireFox ==========
FF - prefs.js..browser.startup.homepage: "google.de|hxxp://www.giga.de/androidnews/"
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:25.0.1
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1205146.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.40.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 25.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2013.08.08 22:06:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\admin\AppData\Roaming\mozilla\Extensions
[2013.10.06 22:52:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\extensions
[2013.10.06 22:52:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\mozilla firefox\browser\extensions
[2013.11.17 09:11:41 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\mozilla firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
O1 HOSTS File: ([2009.06.10 22:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Programme\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Programme\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (WsftpBrowserHelper Class) - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files (x86)\WS_FTP Pro\wsbho2k0.dll (Ipswitch, Inc. 81 Hartwell Ave. Lexington, MA)
O2 - BHO: (SteadyVideoBHO Class) - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O4:64bit: - HKLM..\Run: [Connectify Dispatch] C:\Program Files (x86)\Connectify\DispatchUI.exe (Connectify)
O4:64bit: - HKLM..\Run: [Connectify Hotspot] C:\Program Files (x86)\Connectify\Connectify.exe (Connectify)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [ACMON] C:\Program Files (x86)\ASUS\Splendid\ACMON.exe (ASUS)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe (ASUS)
O4 - HKLM..\Run: [avgnt] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-2415952919-342969038-3676353109-1000..\Run: [Virtual WiFi Router] "C:\Program Files (x86)\Virtual WiFi Router\Virtual WiFi Router.exe" File not found
O4 - HKU\S-1-5-21-2415952919-342969038-3676353109-1000..\Run: [winhotspot] C:\Program Files (x86)\winhotspot\winhotspot_version_1.2.42_dot_net_3.5.exe ()
O4:64bit: - HKLM..\RunOnce: [ConnecitfyTemp 5] cmd /Q /C "rmdir /S /Q C:\Users\admin\AppData\Local\Temp\Connectify\5" File not found
O4:64bit: - HKLM..\RunOnce: [ConnecitfyTemp 6] cmd /Q /C "rmdir /S /Q C:\Users\admin\AppData\Local\Temp\Connectify\6" File not found
O4:64bit: - HKLM..\RunOnce: [ConnecitfyTemp d] cmd /Q /C "rmdir /S /Q C:\Users\admin\AppData\Local\Temp\Connectify\d" File not found
O4:64bit: - HKLM..\RunOnce: [ConnecitfyTemp e] cmd /Q /C "rmdir /S /Q C:\Users\admin\AppData\Local\Temp\Connectify\e" File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A0A4026B-6CA5-4E86-A1BF-7F35E33F9200}: DhcpNameServer = 192.168.2.1 192.168.2.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{E11E18F6-FA54-4C14-BCAC-7C73107031C3}: DhcpNameServer = 192.168.2.1
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18:64bit: - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18:64bit: - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Programme\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/mp4 {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O18 - Protocol\Filter\video/x-flv {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{b41d684f-021d-11e3-8007-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{b41d684f-021d-11e3-8007-806e6f6e6963}\Shell\AutoRun\command - "" = F:\GSLoader.exe
O33 - MountPoints2\{bb50d35a-0087-11e3-a5db-bcf271c359f8}\Shell - "" = AutoRun
O33 - MountPoints2\{bb50d35a-0087-11e3-a5db-bcf271c359f8}\Shell\AutoRun\command - "" = F:\GSLoader.exe
O33 - MountPoints2\{f4663852-0086-11e3-946d-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{f4663852-0086-11e3-946d-806e6f6e6963}\Shell\AutoRun\command - "" = D:\InstAll.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2013.12.12 00:08:56 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Connectify
[2013.12.12 00:07:30 | 000,035,352 | ---- | C] (Connectify) -- C:\Windows\SysNative\drivers\cnnctfy3.sys
[2013.12.11 23:56:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Connectify
[2013.12.11 23:56:18 | 000,000,000 | ---D | C] -- C:\ProgramData\Connectify
[2013.12.11 23:34:53 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MO Virtual Router
[2013.12.11 23:34:53 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MO Virtual Router
[2013.12.10 20:01:34 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[2013.12.10 20:01:34 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Skype
[2013.12.10 20:01:33 | 000,000,000 | R--D | C] -- C:\Program Files (x86)\Skype
[2013.12.09 11:23:39 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Virtual Router
[2013.12.08 18:31:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Virtual Router0
[2013.12.08 12:55:06 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2013.12.07 13:00:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\winhotspot
[2013.12.07 12:40:37 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Apple Computer
[2013.11.26 18:12:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
[2013.11.26 18:12:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\QuickTime
[2013.11.26 18:12:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple Computer
[2013.11.26 18:11:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Apple
[2013.11.26 18:10:58 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Apple
[2013.11.26 18:10:56 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Apple Software Update
[2013.11.26 18:10:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Apple
[2013.11.23 08:37:02 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Avira
[2013.11.23 01:16:17 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\uTorrent
[2013.11.21 23:14:54 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Adobe
[2013.11.21 22:59:38 | 000,692,616 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.11.21 22:59:38 | 000,071,048 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.11.21 17:17:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
[2013.11.21 17:17:16 | 000,132,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avipbb.sys
[2013.11.21 17:17:16 | 000,083,160 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avnetflt.sys
[2013.11.21 17:17:16 | 000,028,600 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avkmgr.sys
[2013.11.21 17:17:15 | 000,107,416 | ---- | C] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.11.21 17:17:13 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Avira
[2013.11.17 22:13:24 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2013.11.15 23:20:27 | 000,000,000 | ---D | C] -- C:\Windows\Migration
[2013.11.14 09:22:13 | 000,294,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\browserchoice.exe
[2013.11.14 00:36:20 | 000,220,672 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\wintrust.dll
[2013.11.14 00:36:20 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\imagehlp.dll
[2013.11.14 00:36:20 | 000,023,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\fs_rec.sys
[2013.11.13 17:46:14 | 001,031,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\rdpcore.dll
[2013.11.13 17:46:14 | 000,826,880 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\rdpcore.dll
[2013.11.12 16:27:18 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Macromedia
[2013.11.12 16:27:18 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Local\Macromedia
[2013.11.12 16:27:18 | 000,000,000 | ---D | C] -- C:\Users\admin\AppData\Roaming\Adobe
========== Files - Modified Within 30 Days ==========
[2013.12.12 01:04:03 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.12.12 00:19:16 | 000,021,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2013.12.12 00:19:16 | 000,021,856 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2013.12.12 00:10:23 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2013.12.12 00:10:16 | 2903,269,376 | -HS- | M] () -- C:\hiberfil.sys
[2013.12.12 00:08:56 | 000,000,374 | ---- | M] () -- C:\Users\Public\Desktop\Connectify Dispatch.lnk
[2013.12.12 00:08:56 | 000,000,358 | ---- | M] () -- C:\Users\Public\Desktop\Connectify Hotspot.lnk
[2013.12.12 00:07:30 | 000,035,352 | ---- | M] (Connectify) -- C:\Windows\SysNative\drivers\cnnctfy3.sys
[2013.12.11 22:12:38 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2013.12.11 22:12:38 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2013.12.11 11:17:17 | 000,698,926 | ---- | M] () -- C:\Windows\SysNative\perfh007.dat
[2013.12.11 11:17:17 | 000,653,724 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2013.12.11 11:17:17 | 000,149,034 | ---- | M] () -- C:\Windows\SysNative\perfc007.dat
[2013.12.11 11:17:17 | 000,121,596 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2013.12.11 11:17:16 | 001,618,320 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2013.12.10 20:01:34 | 000,002,517 | ---- | M] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.12.08 23:11:00 | 000,000,380 | ---- | M] () -- C:\Users\admin\AppData\Roaming\sp_data.sys
[2013.12.03 14:07:13 | 000,107,416 | ---- | M] (Avira Operations GmbH & Co. KG) -- C:\Windows\SysNative\drivers\avgntflt.sys
[2013.11.21 17:17:37 | 000,002,066 | ---- | M] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.11.15 23:36:26 | 001,592,784 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
========== Files Created - No Company Name ==========
[2013.12.12 00:08:56 | 000,000,374 | ---- | C] () -- C:\Users\Public\Desktop\Connectify Dispatch.lnk
[2013.12.12 00:08:56 | 000,000,358 | ---- | C] () -- C:\Users\Public\Desktop\Connectify Hotspot.lnk
[2013.12.10 20:01:34 | 000,002,517 | ---- | C] () -- C:\Users\Public\Desktop\Skype.lnk
[2013.11.26 18:10:56 | 000,002,519 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
[2013.11.21 22:59:39 | 000,000,884 | ---- | C] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2013.11.21 17:17:37 | 000,002,066 | ---- | C] () -- C:\Users\Public\Desktop\Avira Control Center.lnk
[2013.11.15 23:23:35 | 001,592,784 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013.10.08 18:38:13 | 000,007,599 | ---- | C] () -- C:\Users\admin\AppData\Local\Resmon.ResmonCfg
[2013.08.11 01:46:15 | 000,000,380 | ---- | C] () -- C:\Users\admin\AppData\Roaming\sp_data.sys
[2013.08.11 01:34:08 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013.08.11 01:31:14 | 000,204,960 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013.08.11 01:31:14 | 000,157,152 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013.08.11 01:31:13 | 000,003,917 | ---- | C] () -- C:\Windows\SysWow64\atipblag.dat
[2012.03.21 21:54:32 | 000,059,904 | ---- | C] () -- C:\Windows\SysWow64\OpenVideo.dll
[2012.03.21 21:54:22 | 000,054,784 | ---- | C] () -- C:\Windows\SysWow64\OVDecode.dll
========== ZeroAccess Check ==========
[2009.07.14 05:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010.11.21 04:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010.11.21 04:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009.07.14 02:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010.11.21 04:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009.07.14 02:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2013.08.08 21:31:54 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\Ashampoo
[2013.10.17 21:44:59 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\MP3SkypeRecorder
[2013.08.11 01:18:04 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\OTi
[2013.11.23 01:16:19 | 000,000,000 | ---D | M] -- C:\Users\admin\AppData\Roaming\uTorrent
[2013.11.23 08:42:58 | 000,000,000 | ---D | M] -- C:\Users\INTERNET\AppData\Roaming\uTorrent
========== Purity Check ==========
========== Files - Unicode (All) ==========
[2013.11.17 19:13:06 | 104,695,876 | ---- | M] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\䴇춧ᵌ
[2013.11.17 19:13:06 | 104,695,876 | ---- | C] ()(C:\Windows\SysWow64\???) -- C:\Windows\SysWow64\䴇춧ᵌ
[2013.10.09 14:01:52 | 100,146,679 | ---- | M] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\�⓿ᵌ”
[2013.10.09 14:01:52 | 100,146,679 | ---- | C] ()(C:\Windows\SysWow64\????) -- C:\Windows\SysWow64\�⓿ᵌ”
[2013.10.08 16:43:41 | 099,859,239 | ---- | M] ()(C:\Windows\SysWow64\???ª) -- C:\Windows\SysWow64\莙ᵌª
[2013.10.08 16:43:41 | 099,859,239 | ---- | C] ()(C:\Windows\SysWow64\???ª) -- C:\Windows\SysWow64\莙ᵌª
< End of report >
|
|
12.12.2013, 02:13
Baum-Darstellung