Okay, das hab ich nun leider auch erfahren müssen :wtf: HTML-Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=xxx
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-09-21 09:51:18
# local_time=2012-09-21 11:51:18 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1792 16777215 100 0 29581552 29581552 0 0
# compatibility_mode=3073 16777213 80 75 5371 38361570 0 0
# compatibility_mode=5893 16776573 100 94 7316 99881699 0 0
# compatibility_mode=8192 67108863 100 0 254 254 0 0
# scanned=220718
# found=2
# cleaned=0
# scan_time=13770
C:\Windows\Installer\c1e7ad.msi a variant of Win32/Toolbar.Widgi application (unable to clean) 00000000000000000000000000000000 I
D:\Downloads\SoftonicDownloader_fuer_sprache-ubersetzer-gadget.exe Win32/SoftonicDownloader.C application (unable to clean) 00000000000000000000000000000000 I OTL Logfile: Code:
OTL logfile created on: 22.09.2012 15:07:50 - Run 4
OTL by OldTimer - Version 3.2.59.1 Folder = D:\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,94 Gb Available Physical Memory | 64,81% Memory free
6,00 Gb Paging File | 4,68 Gb Available in Paging File | 78,11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 56,56 Gb Total Space | 15,01 Gb Free Space | 26,54% Space Free | Partition Type: NTFS
Drive D: | 151,19 Gb Total Space | 89,26 Gb Free Space | 59,04% Space Free | Partition Type: NTFS
Drive E: | 80,57 Gb Total Space | 24,47 Gb Free Space | 30,37% Space Free | Partition Type: NTFS
Computer Name: xxx | User Name: xxx | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - C:\Programme\Emsisoft Anti-Malware\a2service.exe (Emsisoft GmbH)
PRC - D:\Downloads\OTL.exe (OldTimer Tools)
PRC - D:\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
PRC - D:\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
PRC - D:\TuneUp Utilities 2012\TuneUpUtilitiesApp32.exe (TuneUp Software)
PRC - D:\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
PRC - D:\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG)
PRC - D:\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
PRC - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (Freemake)
PRC - C:\Programme\Nero\Update\NASvc.exe (Nero AG)
PRC - D:\COMODO\COMODO Internet Security\cfp.exe (COMODO)
PRC - D:\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
PRC - C:\Windows\System32\conhost.exe (Microsoft Corporation)
PRC - d:\Secunia\PSI\psia.exe (Secunia)
PRC - d:\Secunia\PSI\sua.exe (Secunia)
PRC - D:\Secunia\PSI\psi_tray.exe (Secunia)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (Microsoft Corp.)
PRC - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
PRC - C:\Windows\explorer.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
PRC - C:\Windows\System32\taskhost.exe (Microsoft Corporation)
PRC - C:\Programme\Windows Sidebar\sidebar.exe (Microsoft Corporation)
PRC - D:\Unlocker\UnlockerAssistant.exe ()
PRC - C:\Windows\System32\atieclxx.exe (AMD)
PRC - C:\Windows\System32\atiesrxx.exe (AMD)
PRC - C:\Windows\System32\StkASv2K.exe (Syntek America Inc.)
========== Modules (No Company Name) ==========
MOD - d:\FileZilla FTP Client\fzshellext.dll ()
MOD - d:\Unlocker\UnlockerCOM.dll ()
MOD - D:\Unlocker\UnlockerHook.dll ()
MOD - D:\Unlocker\UnlockerAssistant.exe ()
========== Services (SafeList) ==========
SRV - (a2AntiMalware) -- C:\Programme\Emsisoft Anti-Malware\a2service.exe (Emsisoft GmbH)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (TuneUp.UtilitiesSvc) -- D:\TuneUp Utilities 2012\TuneUpUtilitiesService32.exe (TuneUp Software)
SRV - (UxTuneUp) -- C:\Windows\System32\uxtuneup.dll (TuneUp Software)
SRV - (AntiVirSchedulerService) -- D:\Avira\AntiVir Desktop\sched.exe (Avira Operations GmbH & Co. KG)
SRV - (AntiVirService) -- D:\Avira\AntiVir Desktop\avguard.exe (Avira Operations GmbH & Co. KG)
SRV - (CGVPNCliSrvc) -- d:\CyberGhost VPN\CGVPNCliService.exe (mobile concepts GmbH)
SRV - (SkypeUpdate) -- C:\Programme\Skype\Updater\Updater.exe (Skype Technologies)
SRV - (Freemake Improver) -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe (Freemake)
SRV - (WatAdminSvc) -- C:\Windows\System32\Wat\WatAdminSvc.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Programme\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.)
SRV - (NAUpdate) -- C:\Programme\Nero\Update\NASvc.exe (Nero AG)
SRV - (odserv) -- C:\Programme\Common Files\microsoft shared\OFFICE12\ODSERV.EXE (Microsoft Corporation)
SRV - (cmdAgent) -- D:\COMODO\COMODO Internet Security\cmdagent.exe (COMODO)
SRV - (Secunia PSI Agent) -- d:\Secunia\PSI\psia.exe (Secunia)
SRV - (Secunia Update Agent) -- d:\Secunia\PSI\sua.exe (Secunia)
SRV - (wlidsvc) -- C:\Programme\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.)
SRV - (CLPSLS) -- C:\Programme\COMODO\COMODO GeekBuddy\CLPSLS.exe (COMODO)
SRV - (WMPNetworkSvc) -- C:\Programme\Windows Media Player\wmpnetwk.exe (Microsoft Corporation)
SRV - (rpcapd) -- C:\Programme\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV - (AMD External Events Utility) -- C:\Windows\System32\atiesrxx.exe (AMD)
SRV - (SensrSvc) -- C:\Windows\System32\sensrsvc.dll (Microsoft Corporation)
SRV - (WinDefend) -- C:\Programme\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV - (Microsoft Office Groove Audit Service) -- C:\Programme\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (ose) -- C:\Programme\Common Files\microsoft shared\Source Engine\OSE.EXE (Microsoft Corporation)
SRV - (UleadBurningHelper) -- C:\Programme\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (Ulead Systems, Inc.)
SRV - (StkASSrv) -- C:\Windows\System32\StkASv2K.exe (Syntek America Inc.)
========== Driver Services (SafeList) ==========
DRV - (cpuz135) -- C:\Windows\TEMP\cpuz135\cpuz135_x32.sys File not found
DRV - (avipbb) -- C:\Windows\System32\drivers\avipbb.sys (Avira GmbH)
DRV - (avgntflt) -- C:\Windows\System32\drivers\avgntflt.sys (Avira GmbH)
DRV - (a2acc) -- C:\Programme\Emsisoft Anti-Malware\a2accx86.sys (Emsisoft GmbH)
DRV - (sptd) -- C:\Windows\System32\drivers\sptd.sys (Duplex Secure Ltd.)
DRV - (tap0901) -- C:\Windows\System32\drivers\tap0901.sys (The OpenVPN Project)
DRV - (avkmgr) -- C:\Windows\System32\drivers\avkmgr.sys (Avira GmbH)
DRV - (TuneUpUtilitiesDrv) -- D:\TuneUp Utilities 2012\TuneUpUtilitiesDriver32.sys (TuneUp Software)
DRV - (NBVol) -- C:\Windows\System32\drivers\NBVol.sys (Nero AG)
DRV - (NBVolUp) -- C:\Windows\System32\drivers\NBVolUp.sys (Nero AG)
DRV - (inspect) -- C:\Windows\System32\drivers\inspect.sys (COMODO)
DRV - (cmdGuard) -- C:\Windows\System32\drivers\cmdGuard.sys (COMODO)
DRV - (cmdHlp) -- C:\Windows\System32\drivers\cmdhlp.sys (COMODO)
DRV - (cmderd) -- C:\Windows\System32\drivers\cmderd.sys (COMODO)
DRV - (athr) -- C:\Windows\System32\drivers\athr.sys (Atheros Communications, Inc.)
DRV - (A2DDA) -- C:\Programme\Emsisoft Anti-Malware\a2ddax86.sys (Emsi Software GmbH)
DRV - (TsUsbFlt) -- C:\Windows\System32\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV - (WinUsb) -- C:\Windows\System32\drivers\winusb.sys (Microsoft Corporation)
DRV - (PSI) -- C:\Windows\System32\drivers\psi_mf.sys (Secunia)
DRV - (UnlockerDriver5) -- d:\Unlocker\UnlockerDriver5.sys ()
DRV - (ssmdrv) -- C:\Windows\System32\drivers\ssmdrv.sys (Avira GmbH)
DRV - (ISODrive) -- d:\UltraISO\drivers\ISODrive.sys (EZB Systems, Inc.)
DRV - (NPF) -- C:\Windows\System32\drivers\npf.sys (CACE Technologies, Inc.)
DRV - (atikmdag) -- C:\Windows\System32\drivers\atikmdag.sys (ATI Technologies Inc.)
DRV - (vwifimp) -- C:\Windows\System32\drivers\vwifimp.sys (Microsoft Corporation)
DRV - (SiSGbeLH) -- C:\Windows\System32\drivers\SiSGB6.sys (Silicon Integrated Systems Corp.)
DRV - (DgiVecp) -- C:\Windows\System32\drivers\DGIVECP.SYS (Samsung Electronics Co., Ltd.)
DRV - (SSPORT) -- C:\Windows\System32\drivers\SSPORT.SYS (Samsung Electronics)
DRV - (SNP2UVC) -- C:\Windows\System32\drivers\snp2uvc.sys ()
DRV - (MTsensor) -- C:\Windows\System32\drivers\ATKACPI.sys (ATK0100)
DRV - (Amusbprt) -- C:\Windows\System32\drivers\Amusbprt.sys (A4Tech Co.,Ltd.)
DRV - (Amfilter) -- C:\Windows\System32\drivers\Amfilter.sys (A4Tech Co.,Ltd.)
DRV - (StkAMini) -- C:\Windows\System32\drivers\StkAMini.sys (Syntek America Inc.)
DRV - (StkScan) -- C:\Windows\System32\drivers\StkScan.sys (Syntek America Inc.)
DRV - (PIXMCV) -- C:\Windows\System32\drivers\pixmcvc.sys (Pixela)
DRV - (PIXMCVV) -- C:\Windows\System32\drivers\pixmcvv.sys (Pixela)
DRV - (PIXMCVA) -- C:\Windows\System32\drivers\pixmcva.sys (Pixela)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = hxxp://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3579301558-145316735-1303683343-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.asus.com
IE - HKU\S-1-5-21-3579301558-145316735-1303683343-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
IE - HKU\S-1-5-21-3579301558-145316735-1303683343-1001\..\URLSearchHook: {40c3cc16-7269-4b32-9531-17f2950fb06f} - No CLSID value found
IE - HKU\S-1-5-21-3579301558-145316735-1303683343-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3579301558-145316735-1303683343-1001\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-3579301558-145316735-1303683343-1001\..\SearchScopes\{2B7531BE-C6A3-43D0-8DCE-78676A4E90B2}: "URL" = hxxp://de.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
IE - HKU\S-1-5-21-3579301558-145316735-1303683343-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
========== FireFox ==========
FF - prefs.js..browser.search.param.yahoo-fr: "chr-greentree_ff&type=937811&ilc=12"
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "about:home"
FF - user.js - File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_4_402_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: d:\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: d:\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: d:\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@innoplus.de/ino3DViewer: D:\3D-Viewer-innoPlus\npIno3DViewer.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.4.1: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.4.1: C:\Program Files\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeLive,version=1.5: C:\Program Files\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.11: d:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: d:\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: D:\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\xxx\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\xxx\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\xxx\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: d:\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012.04.09 13:32:43 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Components: D:\Mozilla Firefox\components [2012.08.10 23:30:35 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 8.0\extensions\\Plugins: D:\Mozilla Firefox\plugins [2011.04.30 21:08:48 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Components: D:\Mozilla Firefox\components [2012.08.10 23:30:35 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 14.0.1\extensions\\Plugins: D:\Mozilla Firefox\plugins [2011.04.30 21:08:48 | 000,000,000 | ---D | M]
[2011.03.29 20:54:32 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Extensions
[2012.09.18 19:31:10 | 000,000,000 | ---D | M] (No name found) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\tu00gy3s.default\extensions
[2012.08.29 18:07:47 | 000,000,000 | ---D | M] (WOT) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\tu00gy3s.default\extensions\{xxx}
[2011.03.30 19:31:57 | 000,000,000 | ---D | M] ("Free YouTube Download (Free Studio) Menu") -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\tu00gy3s.default\extensions\{xxx}
[2012.08.31 19:34:18 | 000,000,000 | ---D | M] (DoNotTrackPlus) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\tu00gy3s.default\extensions\donottrackplus@abine.com
[2012.09.08 19:23:59 | 000,000,000 | ---D | M] (Ghostery) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\tu00gy3s.default\extensions\firefox@ghostery.com
[2012.07.14 16:41:31 | 000,000,000 | ---D | M] (FoxyProxy Standard) -- C:\Users\xxx\AppData\Roaming\mozilla\Firefox\Profiles\tu00gy3s.default\extensions\foxyproxy@eric.h.jung
[2012.08.10 23:31:21 | 000,000,853 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\tu00gy3s.default\searchplugins\11-suche.xml
[2012.08.10 23:31:22 | 000,002,209 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\tu00gy3s.default\searchplugins\englische-ergebnisse.xml
[2012.08.10 23:31:21 | 000,010,506 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\tu00gy3s.default\searchplugins\gmx-suche.xml
[2012.08.10 23:31:21 | 000,002,368 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\tu00gy3s.default\searchplugins\lastminute.xml
[2012.08.10 23:31:21 | 000,005,489 | ---- | M] () -- C:\Users\xxx\AppData\Roaming\Mozilla\Firefox\Profiles\tu00gy3s.default\searchplugins\webde-suche.xml
[2012.06.06 14:42:45 | 000,138,614 | R--- | M] () (No name found) -- C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TU00GY3S.DEFAULT\EXTENSIONS\{xxx}.XPI
[2012.06.06 14:42:44 | 000,363,041 | R--- | M] () (No name found) -- C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TU00GY3S.DEFAULT\EXTENSIONS\CLIENT@ANONYMOX.NET.XPI
[2012.05.27 11:45:47 | 000,053,803 | ---- | M] () (No name found) -- C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TU00GY3S.DEFAULT\EXTENSIONS\EXTENSION@HIDEMYASS.COM.XPI
[2012.03.24 19:14:53 | 000,129,384 | ---- | M] () (No name found) -- C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TU00GY3S.DEFAULT\EXTENSIONS\SCILORSGROOVEUNLOCKER@SCILOR.COM.XPI
[2011.04.30 21:02:46 | 000,007,343 | ---- | M] () (No name found) -- C:\USERS\xxx\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\TU00GY3S.DEFAULT\EXTENSIONS\VLCPLAYLIST@HELGATAUSCHER.DE.XPI
[2012.04.09 13:32:43 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- D:\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2011.04.01 23:37:36 | 000,002,046 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\fcmdSrchddr.xml
========== Chrome ==========
CHR - homepage:
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = hxxp://www.google.com/search?q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&channel=fflb&q={searchTerms}&ie=utf-8&oe=utf-8&aq=t&channel=rcs
CHR - default_search_provider: suggest_url = hxxp://suggestqueries.google.com/complete/search?q={searchTerms}
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\yyy\AppData\Local\Google\Chrome\Application\20.0.1132.57\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\xxx\AppData\Local\Google\Chrome\Application\20.0.1132.57\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\xxx\AppData\Local\Google\Chrome\Application\20.0.1132.57\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_262.dll
CHR - plugin: Microsoft\\u00AE Windows Media Player Firefox Plugin (Enabled) = D:\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: Java Deployment Toolkit 7.0.40.255 (Enabled) = C:\Windows\system32\npDeployJava1.dll
CHR - plugin: Nero Kwik Media Helper (Enabled) = C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Microsoft Office Live Plug-in for Firefox (Enabled) = C:\Program Files\Microsoft\Office Live\npOLW.dll
CHR - plugin: Windows Live\\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\xxx\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\xxx\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\Windows\system32\Adobe\Director\np32dsw.dll
CHR - plugin: Zeon Plus (Enabled) = D:\Nuance\PDF Reader\bin\nppdf.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = d:\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: DivX Plus Web Player (Enabled) = d:\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: Picasa (Enabled) = d:\Picasa3\npPicasa3.dll
CHR - plugin: VLC Web Plugin (Enabled) = d:\VideoLAN\VLC\npvlc.dll
CHR - Extension: YouTube = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google-Suche = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: New tab for Chrome\u2122 = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg\1.0.0_0\
CHR - Extension: Mehr Leistung und Videoformate f\\u00FCr dein HTML5 \\u003Cvideo\\u003E = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.145_0\
CHR - Extension: Google Mail = C:\Users\xxx\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
O1 HOSTS File: ([2009.06.10 23:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (Windows Live ID Sign-in Helper) - {xxx} - C:\Programme\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (no name) - AutorunsDisabled - No CLSID value found.
O4 - HKLM..\Run: [ASUS Live Update] C:\Programme\ASUS\ASUS Live Update\ALU.exe ()
O4 - HKLM..\Run: [avgnt] D:\Avira\AntiVir Desktop\avgnt.exe (Avira Operations GmbH & Co. KG)
O4 - HKLM..\Run: [COMODO Internet Security] D:\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4 - HKLM..\Run: [emsisoft anti-malware] c:\program files\emsisoft anti-malware\a2guard.exe (Emsisoft GmbH)
O4 - HKLM..\Run: [UnlockerAssistant] D:\Unlocker\UnlockerAssistant.exe ()
O4 - HKU\S-1-5-21-3579301558-145316735-1303683343-1001..\Run: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe (Acresso Corporation)
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (Microsoft Corporation)
O4 - Startup: C:\Users\xxx\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\xxx\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O8 - Extra context menu item: Free YouTube Download - C:\Users\xxx\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm ()
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\xxx\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm ()
O8 - Extra context menu item: Nach Microsoft E&xel exportieren - C:\Programme\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Reg Error: Key error. File not found
O9 - Extra Button: An OneNote senden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : An OneNote s&enden - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Programme\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Programme\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Programme\Bonjour\mdnsNSP.dll (Apple Computer, Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Programme\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab (Java Plug-in 10.4.1)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://active.macromedia.com/flash2/cabs/swflash.cab (Shockwave Flash Object)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.178.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{4FEB9C1E-BEFE-486A-BAC8-AD06E06497DB}: DhcpNameServer = 192.168.178.1
O18 - Protocol\Handler\AutorunsDisabled - No CLSID value found
O18 - Protocol\Handler\AutorunsDisabled\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Programme\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O18 - Protocol\Handler\AutorunsDisabled\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\AutorunsDisabled\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\AutorunsDisabled\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Programme\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Programme\Windows Live\Messenger\msgrapp.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Programme\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\GTranslator\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Filter\AutorunsDisabled - No CLSID value found
O18 - Protocol\Filter\text/xml {807563E5-5146-11D5-A672-00B0D022E945} - C:\Programme\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - AppInit_DLLs: (C:\Windows\system32\guard32.dll) - C:\Windows\System32\guard32.dll (COMODO)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (systempropertiesperformance.exe) - C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O27 - HKLM IFEO\clpsla.exe: Debugger - D:\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\cyberghost.exe: Debugger - D:\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\dvd shrink 3.2 de (decss-frei).exe: Debugger - D:\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\excel.exe: Debugger - D:\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\infopath.exe: Debugger - D:\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\msaccess.exe: Debugger - D:\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\msoxmled.exe: Debugger - D:\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\mspub.exe: Debugger - D:\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\mstore.exe: Debugger - D:\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\onenote.exe: Debugger - D:\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\outlook.exe: Debugger - D:\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\powerpnt.exe: Debugger - D:\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\remotesupport.exe: Debugger - D:\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\skype.exe: Debugger - D:\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\unins000.exe: Debugger - D:\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\unins001.exe: Debugger - D:\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\Uninstall.exe: Debugger - D:\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O27 - HKLM IFEO\winword.exe: Debugger - D:\TuneUp Utilities 2012\TUAutoReactivator32.exe (TuneUp Software)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012.08.02 18:29:23 | 000,000,000 | ---D | M] - D:\Autorun-Starter -- [ NTFS ]
O33 - MountPoints2\{b309c423-6f29-11e0-a6a3-00248c114881}\Shell - "" = AutoRun
O33 - MountPoints2\{b309c423-6f29-11e0-a6a3-00248c114881}\Shell\AutoRun\command - "" = H:\iStudio.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2012.09.22 10:58:10 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
[2012.09.22 10:57:11 | 000,000,000 | ---D | C] -- C:\Program Files\Emsisoft Anti-Malware
[2012.09.22 10:57:11 | 000,000,000 | ---D | C] -- C:\Users\Andi\Documents\Anti-Malware
[2012.09.22 10:24:29 | 000,514,560 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\qdvd.dll
[2012.09.18 20:08:56 | 000,000,000 | ---D | C] -- C:\Users\Andi\AppData\Roaming\DVDFab
[2012.09.15 12:39:45 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d3d10level9.dll
[2012.09.15 12:34:01 | 000,240,496 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\netio.sys
[2012.09.15 12:34:01 | 000,187,760 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\FWPKCLNT.SYS
[2012.09.15 12:33:56 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\drivers\RNDISMP.sys
[2012.09.11 19:09:21 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\FRITZ!
[2012.09.11 19:09:21 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Local\FRITZ!
[2012.09.11 19:05:19 | 000,328,704 | ---- | C] (InstallShield Software Corporation ) -- C:\Windows\IsUn0407.exe
[2012.09.09 15:40:48 | 000,000,000 | R--D | C] -- C:\Users\xxx\Documents\Scanned Documents
[2012.09.09 15:40:47 | 000,000,000 | ---D | C] -- C:\Users\xxx\Documents\Fax
[2012.08.31 21:13:20 | 000,000,000 | ---D | C] -- C:\Program Files\Hosts_Anti_Adwares_PUPs
[2012.08.26 11:01:30 | 000,000,000 | ---D | C] -- C:\Program Files\Perion
[2012.08.24 20:42:56 | 000,000,000 | ---D | C] -- C:\Users\xxx\AppData\Roaming\AceBIT
[2008.09.09 20:44:16 | 001,942,824 | ---- | C] (Skype Technologies) -- C:\Users\xxx\AppData\Roaming\Skype4COM.dll
========== Files - Modified Within 30 Days ==========
[2012.09.22 15:07:19 | 001,474,832 | ---- | M] () -- C:\Windows\System32\drivers\sfi.dat
[2012.09.22 14:35:53 | 000,023,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012.09.22 14:35:53 | 000,023,568 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012.09.22 14:34:19 | 000,000,833 | ---- | M] () -- C:\Users\xxx\Desktop\OTL - Verknüpfung.lnk
[2012.09.22 14:27:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012.09.22 14:27:20 | 2415,345,664 | -HS- | M] () -- C:\hiberfil.sys
[2012.09.22 14:25:54 | 000,000,020 | ---- | M] () -- C:\Users\xxx\defogger_reenable
[2012.09.22 10:58:10 | 000,001,049 | ---- | M] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2012.09.21 23:58:08 | 000,000,624 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012.09.20 13:21:04 | 000,664,634 | ---- | M] () -- C:\Windows\System32\perfh007.dat
[2012.09.20 13:21:04 | 000,624,776 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012.09.20 13:21:04 | 000,134,770 | ---- | M] () -- C:\Windows\System32\perfc007.dat
[2012.09.20 13:21:04 | 000,110,414 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012.09.07 17:04:46 | 000,022,856 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys
[2012.08.31 19:55:15 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012.08.31 18:46:45 | 000,696,520 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerApp.exe
[2012.08.31 18:46:45 | 000,073,416 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2012.08.26 10:17:14 | 000,011,264 | ---- | M] () -- C:\Users\xxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
========== Files Created - No Company Name ==========
[2012.09.22 14:34:19 | 000,000,833 | ---- | C] () -- C:\Users\xxx\Desktop\OTL - Verknüpfung.lnk
[2012.09.22 14:25:06 | 000,000,020 | ---- | C] () -- C:\Users\xxx\defogger_reenable
[2012.09.22 10:58:10 | 000,001,049 | ---- | C] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2012.06.26 16:02:38 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2012.06.26 16:02:38 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2012.06.26 16:02:38 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2012.06.26 16:02:38 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2012.06.07 14:05:15 | 000,100,352 | ---- | C] () -- C:\Windows\System32\zlib1.dll
[2012.06.07 14:05:08 | 000,162,304 | ---- | C] () -- C:\Windows\System32\libpng13.dll
[2012.06.07 14:05:02 | 001,179,595 | ---- | C] () -- C:\Windows\unins002.exe
[2012.06.07 14:05:02 | 000,010,420 | ---- | C] () -- C:\Windows\unins002.dat
[2012.06.07 14:04:18 | 000,709,719 | ---- | C] () -- C:\Windows\unins001.exe
[2012.06.07 14:04:18 | 000,007,956 | ---- | C] () -- C:\Windows\unins001.dat
[2012.06.07 14:03:12 | 001,199,175 | ---- | C] () -- C:\Windows\unins000.exe
[2012.06.07 14:03:12 | 000,010,275 | ---- | C] () -- C:\Windows\unins000.dat
[2012.03.25 14:26:07 | 000,316,224 | ---- | C] () -- C:\Windows\System32\drivers\GrabsterSeries.X86.SYS
[2012.03.25 14:26:07 | 000,260,032 | ---- | C] () -- C:\Windows\System32\drivers\GrabsterSeries.C86.SYS
[2012.03.25 14:06:38 | 000,191,976 | ---- | C] () -- C:\Windows\cres1100.exe
[2012.03.25 14:06:38 | 000,099,672 | ---- | C] () -- C:\Windows\dibapi32.dll
[2012.03.25 14:06:38 | 000,036,352 | ---- | C] () -- C:\Windows\System32\Preview.dll
[2012.03.25 14:06:38 | 000,012,692 | ---- | C] () -- C:\Windows\System32\drivers\cresscan.sys
[2012.03.25 14:06:37 | 000,069,632 | ---- | C] () -- C:\Windows\System32\cresvfw.dll
[2012.01.25 14:26:49 | 000,338,432 | ---- | C] () -- C:\Windows\System32\sqlite36_engine.dll
[2011.11.01 21:06:28 | 000,000,196 | ---- | C] () -- C:\Windows\ulead32.ini
[2011.11.01 20:06:55 | 000,011,264 | ---- | C] () -- C:\Users\xxx\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011.08.06 18:35:58 | 000,000,193 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
[2011.07.23 17:36:02 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Drums
[2011.07.23 17:36:02 | 000,000,268 | RH-- | C] () -- C:\Users\xxx\AppData\Roaming\Distortion
[2011.07.23 17:36:02 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLck.DAT
[2011.07.23 17:36:02 | 000,000,012 | RH-- | C] () -- C:\ProgramData\MIDI Patch Names
[2011.07.23 17:35:57 | 000,000,268 | RH-- | C] () -- C:\ProgramData\Dynamic Library
[2011.07.23 17:35:57 | 000,000,268 | RH-- | C] () -- C:\Users\xxx\AppData\Roaming\Documentation
[2011.07.23 17:35:57 | 000,000,012 | RH-- | C] () -- C:\ProgramData\Mail
[2011.07.23 17:29:45 | 000,000,020 | -H-- | C] () -- C:\ProgramData\PKP_DLbx.DAT
[2011.07.19 21:30:18 | 000,000,017 | ---- | C] () -- C:\Users\xxx\AppData\Local\resmon.resmoncfg
[2011.07.17 14:38:28 | 000,000,000 | ---- | C] () -- C:\Windows\System32\dvdtest10024.dat
[2011.07.02 17:14:27 | 001,772,544 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2011.07.02 17:14:27 | 000,028,160 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2011.07.02 17:14:26 | 000,176,128 | ---- | C] ( ) -- C:\Windows\System32\csnp2uvc.dll
[2011.06.29 21:36:09 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini
[2011.05.14 17:14:35 | 000,110,080 | ---- | C] () -- C:\Windows\System32\advd.dll
[2011.05.14 17:14:35 | 000,023,040 | ---- | C] () -- C:\Windows\System32\auth.dll
[2011.05.14 17:14:34 | 000,237,568 | ---- | C] () -- C:\Windows\System32\lame_enc.dll
[2011.04.29 19:02:58 | 000,471,040 | ---- | C] () -- C:\Windows\ssndii.exe
[2011.03.29 21:00:11 | 001,474,832 | ---- | C] () -- C:\Windows\System32\drivers\sfi.dat
[2011.03.29 19:35:41 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
========== LOP Check ==========
[2012.08.11 11:05:50 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\1&1
[2011.04.29 19:55:22 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\ACD Systems
[2012.08.24 20:42:56 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\AceBIT
[2012.01.24 20:35:03 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\AquaSoft
[2012.08.02 18:44:03 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\ASCOMP Software
[2012.06.10 11:41:10 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Ashampoo
[2011.05.14 16:32:41 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Ashampoo Slideshow Studio Elements
[2012.01.14 15:08:59 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Audacity
[2011.04.02 21:37:23 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Avanquest
[2011.11.05 15:07:17 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\becker
[2012.08.02 19:17:58 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\calibre
[2011.06.18 16:04:08 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\concept design
[2012.01.08 17:31:12 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\DigitalDJ17
[2012.09.22 14:28:58 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Dropbox
[2012.09.18 20:08:56 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\DVDFab
[2012.07.29 10:13:15 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\DVDVideoSoft
[2012.07.29 10:13:15 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\DVDVideoSoftIEHelpers
[2012.04.17 19:29:47 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Engelmann Media
[2012.08.24 21:24:17 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\FileZilla
[2011.05.25 19:13:35 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Franzis
[2011.11.01 19:45:08 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\FreeVideoConverter
[2012.09.11 19:10:30 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\FRITZ!
[2011.06.08 20:03:51 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\GARMIN
[2011.11.05 20:33:07 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\GetRightToGo
[2012.07.14 18:08:56 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\GrabIt
[2012.02.03 17:40:17 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\HDX4 GmbH
[2012.01.04 19:30:48 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Lexware
[2012.05.31 21:59:43 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\LockHunter
[2012.03.01 21:31:31 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Luxand
[2012.01.25 15:04:15 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\MAGIX
[2012.07.27 19:52:42 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\MyPhoneExplorer
[2012.05.31 20:37:54 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\NeatImage SL 32
[2011.07.23 17:36:04 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Nikon
[2011.03.30 19:01:40 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Nuance
[2011.07.20 20:32:37 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Nvu
[2011.12.02 23:02:23 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Photo DVD Slideshow
[2012.07.27 19:07:44 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Samsung
[2012.06.01 19:36:22 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\ScreeNet iSaver
[2012.06.09 15:00:14 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Serif
[2012.06.24 15:41:41 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\TuneUp Software
[2012.03.31 10:09:41 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Ulead Systems
[2011.03.29 22:09:26 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Windows SideBar
[2012.01.23 20:00:24 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Xilisoft
[2011.06.18 20:04:56 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\xVideoServiceThief
[2011.03.29 21:51:16 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Zeon
[2012.01.26 19:40:45 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Zoner
[2012.01.05 13:53:14 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Lexware
[2012.03.01 21:31:31 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Luxand
[2011.05.22 09:49:05 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Nuance
[2011.12.11 19:19:40 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\TuneUp Software
[2011.03.30 18:24:17 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Windows SideBar
[2011.04.05 14:17:36 | 000,000,000 | ---D | M] -- C:\Users\xxx\AppData\Roaming\Zeon
[2012.03.10 18:09:36 | 000,000,902 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-xxx.job
[2012.03.10 18:09:36 | 000,000,924 | ---- | M] () -- C:\Windows\Tasks\FacebookUpdateTaskUserS-xxx.job
[2012.08.27 12:47:06 | 000,032,632 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
========== Purity Check ==========
< End of report > --- --- ---
OTL Logfile: Code:
OTL Extras logfile created on: 22.09.2012 15:07:50 - Run 4
OTL by OldTimer - Version 3.2.59.1 Folder = D:\Downloads
Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000407 | Country: Deutschland | Language: DEU | Date Format: dd.MM.yyyy
3,00 Gb Total Physical Memory | 1,94 Gb Available Physical Memory | 64,81% Memory free
6,00 Gb Paging File | 4,68 Gb Available in Paging File | 78,11% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 56,56 Gb Total Space | 15,01 Gb Free Space | 26,54% Space Free | Partition Type: NTFS
Drive D: | 151,19 Gb Total Space | 89,26 Gb Free Space | 59,04% Space Free | Partition Type: NTFS
Drive E: | 80,57 Gb Total Space | 24,47 Gb Free Space | 30,37% Space Free | Partition Type: NTFS
Computer Name: ANDI-PC | User Name: Andi | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
========== Extra Registry (SafeList) ==========
========== File Associations ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)
[HKEY_USERS\S-1-5-21-3579301558-145316735-1303683343-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [ACDSee Pro 3.Manage] -- "D:\ACD Systems\ACDSee Pro\3.0\ACDSeeQVPro3.exe" "%1" (ACD Systems International Inc.)
Directory [AddToPlaylistVLC] -- "d:\VideoLAN\VLC\vlc.exe" --started-from-file --playlist-enqueue "%1" ()
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OneNote.Open] -- C:\PROGRA~1\MICROS~2\Office12\ONENOTE.EXE "%L" (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
========== Security Center Settings ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]
========== Firewall Settings ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
========== Authorized Applications List ==========
========== Vista Active Open Ports Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{03C0288A-2C5D-4F80-A597-B160CF87F38E}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{15F825F3-1B7D-4DB1-8F74-514C7542C651}" = rport=445 | protocol=6 | dir=out | app=system |
"{16AA4ACD-4C5E-487A-8A1D-C702B1B6DD9B}" = lport=2869 | protocol=6 | dir=in | app=system |
"{1E7AB095-EBAA-4E49-80DA-433144B75AF9}" = rport=139 | protocol=6 | dir=out | app=system |
"{26894576-2397-4CB7-AFB6-47FF17229CE6}" = lport=445 | protocol=6 | dir=in | app=system |
"{2DE90418-DF05-4753-A73E-F77788F92434}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{3C93932C-F54E-42EB-834D-C9F37C12D2EB}" = lport=139 | protocol=6 | dir=in | app=system |
"{67F2839B-7C72-4511-86CF-D33B63463D11}" = rport=138 | protocol=17 | dir=out | app=system |
"{69075361-79A0-498B-8888-0EF79E59DDD0}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |
"{700A929B-EE63-4101-88E0-908B5B4126CC}" = rport=10243 | protocol=6 | dir=out | app=system |
"{78497173-A428-451C-B863-4C0AB1EF1952}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{7F4D818A-8D67-4749-8569-C38E8121686B}" = lport=138 | protocol=17 | dir=in | app=system |
"{8B45FE34-E77B-430A-B770-A0142BCFCF46}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{8C69543B-6939-4D8F-82DD-AEC3339BC9E5}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{91A9640D-A892-482A-90AB-2AC8AC8298B0}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{A927A77A-4ADE-48EE-BDA9-596FC17A8A1B}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{B9F6EF4B-37C1-476A-A10D-CD120B2765D9}" = lport=6004 | protocol=17 | dir=in | app=c:\program files\microsoft office\office12\outlook.exe |
"{BEB7D7B2-BD1A-4E12-ACA8-6846127D3991}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{C88457EB-6F8B-4178-AA58-AFAC65C27D85}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{C8E21791-8F3A-4798-A2FF-C3EC001FDE55}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CA4CE33F-5BD4-4171-A1F6-B3E2A79E8F88}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{CE4D260E-44F9-4FA2-8FA6-000AD87EF818}" = lport=137 | protocol=17 | dir=in | app=system |
"{D95D9DBA-409B-46F7-9DC9-5536CA913021}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{E1D22B2F-10C4-4A8C-97D1-20A5FB2AF924}" = rport=137 | protocol=17 | dir=out | app=system |
"{EA7E77DB-39F1-4FAE-B4AC-33E5FC82A695}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{FC399A66-D31E-45DA-8010-61B0D3EDFB5D}" = lport=10243 | protocol=6 | dir=in | app=system |
========== Vista Active Application Exception List ==========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{08311E98-DA4F-4846-B3D4-96C80A413FCF}" = protocol=17 | dir=in | app=c:\windows\system32\muzapp.exe |
"{0985F7AE-4FCD-4DC0-BC87-BF542F7C8B22}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{1CE45558-3B4D-4ED5-97F4-B5376FAA70F6}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{2B52F8D2-3451-4CCA-AF65-930C576E7175}" = protocol=17 | dir=in | app=f:\interface\contents\windowsturbostarter_18710\49967\files\solutoinstaller.exe |
"{2BA9C5AC-41E7-426A-937B-FA0B13101B70}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |
"{2DC2F8C1-AE36-4457-A35C-C2BB391CE043}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{3C27962D-06FA-4C37-9D0D-62E91F5A1943}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\onenote.exe |
"{4038729B-6C3E-4728-BC2D-90E95A44BDC5}" = protocol=17 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{421DB33F-5D7D-4325-890D-808C16B6B1C5}" = protocol=6 | dir=out | app=system |
"{5B375CC7-7830-431B-B10A-7C0D126C23BC}" = protocol=6 | dir=in | app=c:\users\xxx\appdata\roaming\dropbox\bin\dropbox.exe |
"{60B8192E-A54E-47E8-BC7F-A7F15DB850B2}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |
"{6419F771-E332-48FA-BBA3-035944BA7744}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{687C5487-0DE4-4E08-BC27-DAE4CE8DDA6E}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6A31F750-1B44-4F83-A167-BC31BDECAB07}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{6E81F509-C9D0-4916-B725-166C3034BD80}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |
"{715CBB43-B421-4C58-9A7A-27506404F7D5}" = dir=in | app=c:\users\xxx\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{73F396FC-53DD-4628-A640-92F178334A47}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{78805183-0212-49A6-BFD6-C1D389633D17}" = dir=in | app=c:\program files\windows live\messenger\msnmsgr.exe |
"{87317750-9062-4198-96D3-F13E498C91B2}" = protocol=6 | dir=in | app=f:\interface\contents\windowsturbostarter_18710\49967\files\solutoinstaller.exe |
"{8BBA2F86-7FA9-41D6-9804-AA1021D2DEA3}" = dir=in | app=c:\program files\skype\phone\skype.exe |
"{8EE90B53-0A77-4609-9F17-623BB5C3A9B1}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{9A0860EF-5335-4C9F-901A-42D826FB7B11}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{AF36E858-14CE-426A-A859-C0C98760DFA2}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{B5859535-8EFF-4F10-90CB-A7F0DE62390D}" = protocol=17 | dir=in | app=c:\users\xxx\appdata\roaming\dropbox\bin\dropbox.exe |
"{C75F19FE-1542-4C6E-B148-C920875113FF}" = protocol=6 | dir=in | app=c:\windows\system32\muzapp.exe |
"{D7F71506-4280-42C2-8D14-1BE30400B25A}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{D99A43C3-5B4E-4A62-8472-584123C4C4E7}" = dir=in | app=c:\program files\windows live\contacts\wlcomm.exe |
"{DDA2C91E-68B2-4E17-B51D-451770E04833}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{F4222857-475C-4025-819F-D5BF39A08EE9}" = protocol=6 | dir=in | app=c:\program files\microsoft office\office12\groove.exe |
"{FB44F5F0-A04F-4C24-936C-000167A9C038}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |
========== HKEY_LOCAL_MACHINE Uninstall List ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{0139DE0C-96E3-41BB-A512-C864A05FDE94}" = Cameo Grabster 200
"{034DCAF9-96E7-4936-9A07-712F80B5181E}" = Nero RescueAgent 11
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{068502DA-6979-4D9A-BBE1-C3AD0FF11F19}" = Ulead FilmBrennerei 2
"{0713D1F9-DD77-42C1-8C7D-54D479E2E743}" = Nero SoundTrax 11
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D7A4289-99CF-4B8D-B812-86BE50A54552}" = Nero Video 11
"{1111706F-666A-4037-7777-210328764D10}" = JavaFX 2.1.0
"{11D3EF85-63E1-4AE4-A7C1-9241BDB16B51}" = Nero ControlCenter 11
"{121634B0-2F4B-11D3-ADA3-00C04F52DD52}" = Windows Installer Clean Up
"{196467F1-C11F-4F76-858B-5812ADC83B94}" = MSXML 4.0 SP3 Parser
"{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}" = YouTube Downloader 3.5
"{1B280FAF-AE10-4E31-A41A-DB3917D651DC}" = ACDSee Pro 3
"{1BA1DBDC-5431-46FD-A66F-A17EB1C439EE}" = Windows Live Messenger
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1" = Allgemeine Runtime Files (x86)
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{26A24AE4-039D-4CA4-87B4-2F83216022FF}" = Java(TM) 6 Update 22
"{26A24AE4-039D-4CA4-87B4-2F83217004FF}" = Java(TM) 7 Update 4
"{2856F5EA-E98A-40E4-BAD6-8C644A4A3F3C}" = honestech VHS to DVD 2.0 SE
"{2CA7225D-CB12-462A-9DD1-50319E158BA5}" = Nero 11 PiP Effects Basic
"{2F8C10B2-46DA-46E1-A400-E11573F76702}" = GTranslator(Google Skype Translator)
"{32364CEA-7855-4A3C-B674-53D8E9B97936}" = TuneUp Utilities 2012
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{37B33B16-2535-49E7-8990-32668708A0A3}" = Windows Live UX Platform Language Pack
"{390757AA-8830-43DC-AEE0-4E5B6F8439EB}" = Nero SoundTrax 11 Help (CHM)
"{39AF5C9F-9673-438F-BBF9-47690B989F7F}" = QuickSteuer 2012
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{4162E4B4-DB62-4719-9921-A59B2671C1CB}" = Nero Recode 11
"{459F2CFC-D6E0-48EA-BF86-C6C9EE5F405F}" = Adobe Shockwave Player 11.6
"{47609E69-4C5E-48B1-A889-24C6B82B5C04}" = Vista Shortcut Manager
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4AA5B8A5-BEEF-4AD8-B11D-4443A042EA4F}" = Adobe Dreamweaver CS3
"{4BE43829-C099-4188-9700-67521E912184}_is1" = DSL-Turbo
"{4DFA6DA8-75D8-4F2B-A1A0-A5E7A3B779C8}" = ASUS Virtual Camera
"{4EAC98B8-478B-4043-A15E-3D41BFBD035B}" = MAGIX Video easy SE
"{537575D6-3B96-474C-BD8F-DFF667363DBD}" = Naviextras Toolbox Prerequesities
"{53F7746A-96AA-49A5-86B8-59989680DAC5}" = Nero Burning ROM 11 Help (CHM)
"{55C2143E-FBA5-442F-9AFA-726FF068F39D}" = Nero CoverDesigner 11 Help (CHM)
"{57F80ECF-E27C-4EEE-AB58-E971BACE2639}" = Nero Recode 11 Help (CHM)
"{5A212B2D-140D-46F4-B625-2D1CA5A00594}" = Nero 11 Kwik Themes Basic
"{5A3C1721-F8ED-11E0-8AFB-B8AC6F97B88E}" = Google Earth
"{5D4C60AA-84E6-4E1A-8A68-69970D387BE1}" = TuneUp Utilities Language Pack (de-DE)
"{5E1375CB-6792-4464-8715-CC3EC83D48FA}" = VirtualDJ Home FREE
"{5E98FDD6-3672-4DBE-AB8B-2C9A0BED1382}" = Nero 11 Disc Menus 3
"{624E54D0-E4F4-434F-9EF6-D4D066EE4348}" = Facebook Video Calling 1.1.1.1
"{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}" = Nero Update
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{68A35043-C55A-4237-88C9-37EE1C63ED71}" = Microsoft Visual J# 2.0 Redistributable Package
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6AB2427E-A18F-4809-9A12-29F5EBABBB3A}" = Nero BackItUp 11 Help (CHM)
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7D386596-0E80-4808-8AAE-C1DDA8212F7F}" = Adobe Setup
"{7DF2B5EE-2C16-4E86-9C71-8678068AD805}" = Nero 11 Disc Menus 2
"{8014FACB-1D1D-48C2-94AA-E29EE2E6B9CE}" = Nero WaveEditor 11
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}" = Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
"{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1" = DirectX 9.0c Extra Files (x86)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F8D9297-FDD2-405A-97E7-E52C7B2F97B3}" = Ulead VideoStudio SE DVD
"{90120000-0015-0407-0000-0000000FF1CE}" = Microsoft Office Access MUI (German) 2007
"{90120000-0015-0407-0000-0000000FF1CE}_ENTERPRISER_{xxx}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0016-0407-0000-0000000FF1CE}" = Microsoft Office Excel MUI (German) 2007
"{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISER_{xxx}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0018-0407-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (German) 2007
"{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISER_{xxx}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-0019-0407-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (German) 2007
"{90120000-0019-0407-0000-0000000FF1CE}_ENTERPRISER_{xxx}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (German) 2007
"{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISER_{xxx}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001B-0407-0000-0000000FF1CE}" = Microsoft Office Word MUI (German) 2007
"{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISER_{xxx}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-001F-0407-0000-0000000FF1CE}" = Microsoft Office Proof (German) 2007
"{90120000-001F-0407-0000-0000000FF1CE}_ENTERPRISER_{xxx}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISER_{xxx}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISER_{xxx}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-001F-0410-0000-0000000FF1CE}" = Microsoft Office Proof (Italian) 2007
"{90120000-001F-0410-0000-0000000FF1CE}_ENTERPRISER_{xxx}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
"{90120000-002C-0407-0000-0000000FF1CE}" = Microsoft Office Proofing (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (German) 2007
"{90120000-0044-0407-0000-0000000FF1CE}_ENTERPRISER_{xxx}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-006E-0407-0000-0000000FF1CE}" = Microsoft Office Shared MUI (German) 2007
"{90120000-006E-0407-0000-0000000FF1CE}_ENTERPRISER_{xxx}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00A1-0407-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (German) 2007
"{90120000-00A1-0407-0000-0000000FF1CE}_ENTERPRISER_{xxx}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90120000-00BA-0407-0000-0000000FF1CE}" = Microsoft Office Groove MUI (German) 2007
"{90120000-00BA-0407-0000-0000000FF1CE}_ENTERPRISER_{xxx}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{xxx}" = Microsoft Office 2007 Service Pack 3 (SP3)
"{9193490D-5229-4FC4-9BB9-A6D63C09574A}" = High-Definition Video Playback
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{933B4015-4618-4716-A828-5289FC03165F}" = VC80CRTRedist - 8.0.50727.6195
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95140000-007A-0407-0000-0000000FF1CE}" = Microsoft Office Outlook Connector
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{9D8491AD-D0D2-4B51-AA4A-A8B67795A553}" = Nero Burning ROM 11
"{A0F34849-D9AB-46DD-B1BE-BB0DB60B1FE8}" = Nero 11 Disc Menus 1
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2CDC001-F8B3-4C64-9E74-2E3FA0FAC9D9}" = Nero 11 Video Samples
"{A4F6BE36-4826-45BA-A396-04F265A3B61D}" = Nero 11 Kwik Themes 2
"{A7A0BF2E-31CC-49E3-9913-52C503EB969D}" = Nero Audio Pack 1
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AA721D14-CFE2-410E-B975-79FE5F82F99F}" = MSVCMergeModules
"{AB2BBC64-8AC8-4E66-BBF3-E22D5EACEECA}" = Nero BackItUp 11
"{AB67580-257C-45FF-B8F4-C8C30682091A}_is1" = SIW version 2011.07.07
"{B113D18C-67B0-4FB7-B329-E89B66194AE6}" = Windows Live Fotogalerie
"{B160A672-F326-4414-9BB0-A056C61B357C}" = Nero 11 Cliparts
"{B1F69AF3-B5B5-4CA5-ADC5-8A738EB6E574}" = Nero 11 Kwik Themes 1
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{B60BC366-98BF-448F-9981-617FE8BEB30B}" = AquaSoft Barbecue 3
"{B96DB037-DBEA-4186-9081-9CBD537F82E8}" = 3D-Viewer-innoplus
"{B9B1BA7F-7E07-49DD-A713-5B397A5BB66B}" = Nero Kwik Media Help (CHM)
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware
"{BE5F3842-8309-4754-92D5-83E02E6077A3}" = Adobe Extension Manager CS3
"{BE814218-3919-4EA3-868A-2F60BC135CB4}" = Nero Kwik Media
"{BEBEE34D-84A2-4EDD-8BEA-96CC54371263}" = Nero Core Components 11
"{C2AB7DC4-489E-4BE9-887A-52262FBADBE0}" = Windows Live Photo Common
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C6150D8A-86ED-41D3-87BB-F3BB51B0B77F}" = Windows Live ID Sign-in Assistant
"{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}" = Microsoft .NET Framework 1.1 SP1
"{CCE210DF-7EEF-4A76-A63C-3EB091FDB992}" = welcome
"{CE026CFE-73FE-4FED-9D5F-2C8D4DB512B0}" = TuneUp Utilities Language Pack (de-DE)
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D01CE99A-8802-483C-A79F-298B691EB432}" = Nero RescueAgent 11 Help (CHM)
"{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}" = SAMSUNG USB Driver for Mobile Phones
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{D2CBEFA4-F2D3-4E97-A171-8BFD6A31A5EC}" = Nero Express 11 Help (CHM)
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{D4D66270-9147-4BDF-9946-FCA2B303AA8F}" = Nero ControlCenter 11 Help (CHM)
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E10AAE4A-98B8-420A-BD93-E0520C23D624}" = Nero Express 11
"{E1E4A21F-3A61-4998-97CE-B593E41393CA}" = AquaSoft DiaShow Deluxe 6
"{E337B156-DF81-48D8-8977-B1574EE87BCF}" = USB2.0 Capture Device
"{E4E88B54-4777-4659-967A-2EED1E6AFD83}" = Windows Live Movie Maker
"{E51BC4B0-EA5E-49CC-AF3B-93B5C627EC22}" = Nero 11 Effects Basic
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}" = ASUS Live Update
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E78BFA60-5393-4C38-82AB-E8019E464EB4}" = Microsoft .NET Framework 1.1 German Language Pack
"{E8972F40-874D-4FA6-A6F4-52A8C99D8DDA}" = Serif PhotoPlus X3
"{E89BAE75-3446-43BA-B180-7F11692A9778}" = nero.prerequisites.msi
"{EB475D31-14C0-4DC3-8E0A-8AE1711399B3}" = Nero 11
"{EB8DED20-A887-4A9C-BB5A-F3E7523DFB44}" = Nero WaveEditor 11 Help (CHM)
"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.8
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F3743A2C-5D5F-4456-8F98-5DF36A954C50}" = Nero 11 Image Samples
"{F3C2ECAA-1B4D-4B75-9105-106B0D03EF02}" = Lexware Info Service
"{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}" = Microsoft Office Live Add-in 1.5
"{F49EF443-B2BD-4F10-8A46-87AFCDB90EDD}" = Nero 11 Disc Menus Basic
"{F750C986-5310-3A5A-95F8-4EC71C8AC01C}" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"{F8EF9B71-53E7-41F5-8E54-47B4C979CB38}" = Nero Backup Drivers
"{F95E4EE0-0C6E-4273-B6B9-91FD6F071D76}" = Windows Live Essentials
"{FAC3C37E-EDAB-4F3A-A173-A7C70CC88F09}" = Nero Video 11 Help (CHM)
"{FD66AF34-C18A-4cea-8421-2F3B39E9B07E}" = YouTube Downloader Toolbar v4.9
"{FD8E178D-8B4E-42DA-B434-EFF270329B1C}" = COMODO Internet Security
"{FDF7187F-3960-4BEC-916D-98C9A83E3A68}_is1" = DirectX for Managed Code
"{FF44BCE5-5A18-4051-85F0-BC172D7B4695}" = Nero CoverDesigner 11
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"1&1 SmartFax" = 1&1 SmartFax
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe_25db75244653b42cb93dc27939d1c0e" = Adobe Dreamweaver CS3
"AquaSoft Barbecue 3" = AquaSoft Barbecue 3
"AquaSoft DiaShow Deluxe 6" = AquaSoft DiaShow Deluxe 6
"Audacity 1.3 Beta (Unicode)_is1" = Audacity 1.3.12 (Unicode)
"AudibleManager" = AudibleManager
"Avira AntiVir Desktop" = Avira Free Antivirus
"CCleaner" = CCleaner
"CDex" = CDex - Open Source Digital Audio CD Extractor
"COMODO GeekBuddy" = COMODO GeekBuddy
"Content Manager 2" = Content Manager 2
"CyberGhost VPN_is1" = CyberGhost VPN Patch 4.7.19
"Digital DJ" = Digital DJ
"DivX Setup" = DivX-Setup
"DVD Shrink DE_is1" = DVD Shrink 3.2 deutsch (DeCSS-frei)
"DVDFab 8 Qt_is1" = DVDFab 8.1.5.9 (20/01/2012) Qt
"ENTERPRISER" = Microsoft Office Enterprise 2007
"Everything" = Everything 1.2.1.371
"FFmpeg for Audacity on Windows_is1" = FFmpeg for Audacity on Windows
"FileZilla Client" = FileZilla Client 3.5.3
"FormatFactory" = FormatFactory 2.70
"Free Studio_is1" = Free Studio version 5.6.3.706
"GrabIt_is1" = GrabIt 1.7.2 Beta 6 (build 1008)
"GRABSTER SERIES" = GRABSTER SERIES V1.0.0.65
"HDD-Booster_is1" = HDD-Booster v1.2
"HiDownload Platinum_is1" = HiDownloadPlatinum
"LADSPA_plugins-win_is1" = LADSPA_plugins-win-0.4.15
"LAME for Audacity_is1" = LAME v3.98.3 for Audacity
"Lidl-Fotos_is1" = Lidl-Fotos
"LockHunter_is1" = LockHunter 2.0 beta 2, 32 bit
"MAGIX_MSI_Video_easy_3_SE_PCGO" = MAGIX Video easy SE
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware Version 1.65.0.1400
"Microsoft .NET Framework 1.1 (1033)" = Microsoft .NET Framework 1.1 SP1
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Client Profile DEU Language Pack" = Microsoft .NET Framework 4 Client Profile DEU Language Pack
"Microsoft Visual J# 2.0 Redistributable Package" = Microsoft Visual J# 2.0 Redistributable Package
"Mozilla Firefox 8.0 (x86 de)" = Mozilla Firefox 8.0 (x86 de)
"MPE" = MyPhoneExplorer
"OpenAL" = OpenAL
"Picasa 3" = Picasa 3
"Revo Uninstaller" = Revo Uninstaller 1.94
"Samsung CLP-300 Series SmartPanel" = Samsung CLP-300 Series SmartPanel
"Secunia PSI" = Secunia PSI (2.0.0.3003)
"Synchredible_is1" = Synchredible v3.3
"TuneUp Utilities 2012" = TuneUp Utilities 2012
"UltraISO_is1" = UltraISO Premium V9.36
"Unlocker" = Unlocker 1.9.1
"USB2.0 UVC 1.3M WebCam" = USB2.0 UVC 1.3M WebCam
"Virtual DJ Home - Atomix Productions" = Virtual DJ Home - Atomix Productions
"VLC media player" = VLC media player 2.0.1
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.1
"WinRAR archiver" = WinRAR 4.00 (32-Bit)
"Wondershare DVD Slideshow Builder HD-Foto_is1" = Wondershare DVD Slideshow Builder HD-Foto(Build 6.1.3.46)
"Wondershare Video Converter Platinum Standard_is1" = Wondershare Video Converter Platinum Standard(Build 4.4.2.1)
"ZonerPhotoStudio14_DE_is1" = Zoner Photo Studio 14
========== HKEY_USERS Uninstall List ==========
[HKEY_USERS\S-1-5-21-3579301558-145316735-1303683343-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Dropbox" = Dropbox
"Google Chrome" = Google Chrome
"Mozilla Firefox 14.0.1 (x86 de)" = Mozilla Firefox 14.0.1 (x86 de)
"PhotoZoom Pro 3" = BenVista PhotoZoom Pro 3.1
========== Last 20 Event Log Errors ==========
[ Application Events ]
Error - 19.09.2012 02:31:41 | Computer Name = xxx | Source = Windows Search Service | ID = 7040
Description =
Error - 19.09.2012 02:31:42 | Computer Name = xxx | Source = Windows Search Service | ID = 7042
Description =
Error - 19.09.2012 02:31:42 | Computer Name = xxx | Source = Windows Search Service | ID = 9002
Description =
Error - 19.09.2012 02:31:42 | Computer Name = xxx | Source = Windows Search Service | ID = 3029
Description =
Error - 19.09.2012 02:31:43 | Computer Name = xxx | Source = Windows Search Service | ID = 3029
Description =
Error - 19.09.2012 02:31:43 | Computer Name = xxx | Source = Windows Search Service | ID = 3028
Description =
Error - 19.09.2012 02:31:43 | Computer Name = xxx | Source = Windows Search Service | ID = 3058
Description =
Error - 19.09.2012 02:31:43 | Computer Name = xxx | Source = Windows Search Service | ID = 7010
Description =
Error - 19.09.2012 02:35:23 | Computer Name = xxx | Source = MsiInstaller | ID = 11316
Description =
Error - 20.09.2012 07:18:17 | Computer Name = xxx | Source = MsiInstaller | ID = 11316
Description =
[ OSession Events ]
Error - 13.09.2011 12:24:53 | Computer Name = xxx | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6557.5001, Microsoft Office Version: 12.0.6425.1000. This session lasted 212
seconds with 0 seconds of active time. This session ended with a crash.
Error - 14.10.2011 11:08:36 | Computer Name = xxx | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6562.5003, Microsoft Office Version: 12.0.6425.1000. This session lasted 1584
seconds with 120 seconds of active time. This session ended with a crash.
Error - 12.12.2011 14:35:16 | Computer Name = xxx | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2342
seconds with 0 seconds of active time. This session ended with a crash.
Error - 10.02.2012 09:43:54 | Computer Name = xxx | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 186
seconds with 60 seconds of active time. This session ended with a crash.
Error - 10.02.2012 11:16:13 | Computer Name = xxx | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 95
seconds with 60 seconds of active time. This session ended with a crash.
Error - 11.02.2012 10:43:02 | Computer Name = xxx | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 6221
seconds with 0 seconds of active time. This session ended with a crash.
Error - 10.03.2012 14:45:29 | Computer Name = xxx | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 6, Application Name: Microsoft Office Outlook, Application Version:
12.0.6607.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 712
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 22.09.2012 03:28:24 | Computer Name = xxx | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 22.09.2012 03:28:28 | Computer Name = xxx | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Error - 22.09.2012 03:33:37 | Computer Name = xxx | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80070643 fehlgeschlagen: Skype 5.10 für Windows (KB2727727)
Error - 22.09.2012 04:25:50 | Computer Name = xxx | Source = Microsoft-Windows-WindowsUpdateClient | ID = 20
Description = Installationsfehler: Die Installation des folgenden Updates ist mit
Fehler 0x80070643 fehlgeschlagen: Skype 5.10 für Windows (KB2727727)
Error - 22.09.2012 04:28:39 | Computer Name = xxx | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 22.09.2012 04:28:39 | Computer Name = xxx | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 22.09.2012 04:28:43 | Computer Name = xxx | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
Error - 22.09.2012 08:27:32 | Computer Name = xxx | Source = atikmdag | ID = 52236
Description = CPLIB :: General - Invalid Parameter
Error - 22.09.2012 08:27:32 | Computer Name = xxx | Source = atikmdag | ID = 43029
Description = Display is not active
Error - 22.09.2012 08:27:39 | Computer Name = xxx | Source = Service Control Manager | ID = 7000
Description = Der Dienst "DgiVecp" wurde aufgrund folgenden Fehlers nicht gestartet:
%%20
< End of report > --- --- --- HTML-Code:
Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org
Datenbank Version: v2012.09.21.09
Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Andi :: xxx [Administrator]
24.09.2012 18:24:31
mbam-log-2012-09-24 (18-24-31).txt
Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 222310
Laufzeit: 14 Minute(n), 32 Sekunde(n)
Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)
Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)
Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)
Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)
(Ende) |